nerdexam
(ISC)2

CISSP · Question #1285

A recent information security risk assessment identified weak system access controls on mobile devices as a high me In order to address this risk and ensure only authorized staff access company inform

The correct answer is B. Multi-factor authentication (MFA). Multi-factor authentication (MFA) is a method of authentication that requires two or more independent factors to verify the identity of a user, such as something you know, something you have, or something you are. MFA can help address the risk of weak system access controls on mo

Submitted by hassan_iq· Mar 5, 2026Identity and Access Management

Question

A recent information security risk assessment identified weak system access controls on mobile devices as a high me In order to address this risk and ensure only authorized staff access company information, which of the following should the organization implement?

Options

  • AIntrusion prevention system (IPS)
  • BMulti-factor authentication (MFA)
  • CData loss protection (DLP)
  • DData at rest encryption

How the community answered

(36 responses)
  • A
    3% (1)
  • B
    75% (27)
  • C
    8% (3)
  • D
    14% (5)

Explanation

Multi-factor authentication (MFA) is a method of authentication that requires two or more independent factors to verify the identity of a user, such as something you know, something you have, or something you are. MFA can help address the risk of weak system access controls on mobile devices, as it provides a higher level of security than a single factor, such as a password. MFA can prevent unauthorized access to company information, even if the mobile device is lost, stolen, or compromised. An intrusion prevention system (IPS) is a device or software that monitors and blocks network traffic based on predefined rules or signatures. An IPS can help protect the network from external attacks, but it does not address the system access controls on mobile devices. Data loss protection (DLP) is a system or tool that prevents the unauthorized disclosure, transfer, or leakage of sensitive data. DLP can help protect the company information from being exposed, but it does not address the system access controls on mobile devices. Data at rest encryption is a technique that encrypts the data that is stored on a device or a media. Data at rest encryption can help protect the company information from being accessed, even if the mobile device is lost, stolen, or compromised, but it does not address the system access controls on mobile devices.

Topics

#Multi-factor authentication#Mobile device security#Access control#Risk mitigation

Community Discussion

No community discussion yet for this question.

Full CISSP Practice