SY0-701 · Question #741
SY0-701 Question #741: Real Exam Question with Answer & Explanation
The correct answer is A: Implement centralized authentication with proper password policies. The penetration tester was able to pivot using the same local user ID and password, indicating that systems were using local authentication rather than a centralized authentication mechanism. Implementing centralized authentication (such as Active Directory, LDAP, or RADIUS) with
Question
A security analyst is examining a penetration test report and notices that the tester pivoted to critical internal systems with the same local user ID and password. Which of the following would help prevent this in the future?
Options
- AImplement centralized authentication with proper password policies
- BAdd password complexity rules and increase password history limits
- CConnect the systems to an external authentication server
- DLimit the ability of user accounts to change passwords
Explanation
The penetration tester was able to pivot using the same local user ID and password, indicating that systems were using local authentication rather than a centralized authentication mechanism. Implementing centralized authentication (such as Active Directory, LDAP, or RADIUS) with strong password policies would ensure that credentials are managed centrally, reducing the risk of credential reuse and lateral movement across systems. This approach also enables better monitoring and enforcement of security policies.
Community Discussion
No community discussion yet for this question.