A security audit uncovers multiple user sessions coming from unexpected locations. The team suspects an account is being used by external parties. Which tactic disrupts the misuse and secures access?
Add system logs to a central server for review while retaining existing tokens for full investigation
Revoke tokens issued to the account, assign updated secrets, and prompt affected users to confirm identity
Expand network segmentation settings to isolate only suspect traffic from unknown IP addresses
Install new patches on hosts and prioritize container orchestration updates for vulnerability scanning
Revoking tokens and enforcing new keys ensures unauthorized sessions lose access while users receive updated methods for authentication. Other methods do not invalidate compromised access or require new verification, leaving the environment susceptible to ongoing misuse.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are tokens and how are they used for authentication?
Open an interactive chat with Bash
What does it mean to ‘assign updated secrets’ in a security context?
Open an interactive chat with Bash
Why is confirming user identity important after revoking tokens?