GIAC
GCFA · Question #184
GCFA Question #184: Real Exam Question with Answer & Explanation
Sign in or unlock GCFA to reveal the answer and full explanation for question #184. The question stem and answer options stay visible for context.
Question
Adam works as a Security Administrator for Umbrella Technology Inc. He reported a breach in security to his senior members, stating that "security defenses has been breached and exploited for 2 weeks by hackers." The hackers had accessed and downloaded 50,000 addresses containing customer credit cards and passwords. Umbrella Technology was looking to law enforcement officials to protect their intellectual property. The intruder entered through an employee's home machine, which was connected to Umbrella Technology's corporate VPN network. The application called BEAST Trojan was used in the attack to open a "back door" allowing the hackers undetected access. The security breach was discovered when customers complained about the usage of their credit cards without their knowledge. The hackers were traced back to Shanghai, China through e-mail address evidence. The credit card information was sent to that same e-mail address. The passwords allowed the hackers to access Umbrella Technology's network from a remote location, posing as employees. Which of the following actions can Adam perform to prevent such attacks from occurring in future?
Options
- AApply different security policy to make passwords of employees more complex.
- BReplace the VPN access with dial-up modem access to the company's network.
- CDisable VPN access to all employees of the company from home machines.
- DAllow VPN access but replace the standard authentication with biometric authentication.
Unlock GCFA to see the answer
You've previewed enough free GCFA questions. Unlock GCFA for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.