SY0-701 · Question #233
SY0-701 Question #233: Real Exam Question with Answer & Explanation
The correct answer is C: Identity proofing. To prevent the issuance of an MFA bypass code to an attacker posing as an employee, implementing identity proofing would be most effective. Identity proofing involves verifying the identity of individuals before granting access or providing sensitive information. Identity proofin
Question
During a recent breach, employee credentials were compromised when a service desk employee issued an MFA bypass code to an attacker who called and posed as an employee. Which of the following should be used to prevent this type of incident in the future?
Options
- AHardware token MFA
- BBiometrics
- CIdentity proofing
- DLeast privilege
Explanation
To prevent the issuance of an MFA bypass code to an attacker posing as an employee, implementing identity proofing would be most effective. Identity proofing involves verifying the identity of individuals before granting access or providing sensitive information. Identity proofing: Ensures that the person requesting the MFA bypass is who they claim to be, thereby preventing social engineering attacks where attackers pose as legitimate employees. Hardware token MFA: Provides an additional factor for authentication but does not address verifying the requester's identity. Biometrics: Offers strong authentication based on physical characteristics but is not related to the process of issuing MFA bypass codes. Least privilege: Limits access rights for users to the bare minimum necessary to perform their work but does not prevent social engineering attacks targeting the service desk.
Community Discussion
No community discussion yet for this question.