ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An e-commerce company hosts its production workload on AWS. Developers sign in to the AWS Management Console using only individual usernames and complex passwords managed through AWS IAM; multi-factor authentication (MFA) is not enabled. According to SSCP best practices, which risk is the company MOST exposed to by relying on this single-factor authentication approach?
TLS downgrade attacks that strip encryption from API calls to AWS services
Credential brute-force and password spraying attacks that can result in unauthorized console access
Denial-of-service attacks against the VPC endpoints hosting the application
Insider misuse of privileged roles through existing session tokens
Single-factor authentication depends on just one type of credential-in this case, a password that the user knows. If that password is guessed, phished, reused from another site, or discovered through brute-force or password-spraying attacks, an attacker can gain full access. MFA significantly reduces this risk by adding a second factor an attacker is unlikely to possess. TLS downgrade attacks target protocol negotiation and are unrelated to how many authentication factors are required. Insider misuse involves authorization controls after authentication and is not specifically caused by single-factor logins. Denial-of-service attacks aim to exhaust resources, not to bypass authentication, so they are not a primary risk introduced by password-only sign-in.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is single-factor authentication?
Open an interactive chat with Bash
How does brute-force or password spraying work?
Open an interactive chat with Bash
Why is multi-factor authentication (MFA) a best practice?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Access Controls
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .