A security team notices that users sometimes log in from unfamiliar networks or devices across different regions. They want a method to verify legitimate activity without frequently interrupting routine tasks. Which approach addresses this scenario adequately?
Prompt users for additional verification at a predictable interval during routine logins.
Allow user devices to maintain authenticated sessions for a limited duration before re-verification.
Trigger a user confirmation request when unfamiliar networks or devices are identified.
Require users to update their passwords periodically and on flagged logins.
Verifying user identity when questionable network or device changes occur focuses on suspicious anomalies rather than relying on a fixed timer or repeated password changes. Predictable intervals do not address unexpected device or location issues, maintaining authenticated sessions for a set duration ignores new threats, and periodic updates without clear triggers may not mitigate sudden malicious activity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is 'unfamiliar network or device' detection in cybersecurity?
Open an interactive chat with Bash
How does triggering a user confirmation request enhance security?
Open an interactive chat with Bash
Why are periodic password changes insufficient for addressing anomalous activity?