A security audit uncovers multiple user sessions coming from unexpected locations. The team suspects an account is being used by external parties. Which tactic disrupts the misuse and secures access?
Expand network segmentation settings to isolate only suspect traffic from unknown IP addresses
Install new patches on hosts and prioritize container orchestration updates for vulnerability scanning
Add system logs to a central server for review while retaining existing tokens for full investigation
Revoke tokens issued to the account, assign updated secrets, and prompt affected users to confirm identity
Revoking tokens and enforcing new keys ensures unauthorized sessions lose access while users receive updated methods for authentication. Other methods do not invalidate compromised access or require new verification, leaving the environment susceptible to ongoing misuse.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is revoking tokens an effective tactic when securing a compromised account?
Open an interactive chat with Bash
What are authentication tokens, and how are they used in user sessions?
Open an interactive chat with Bash
How do users confirm their identity after tokens are revoked?