ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
While on call for an AWS-hosted production system, a technician receives a phone request from someone claiming to be the company's new cloud engineer. The caller states their hardware MFA token was lost while traveling and asks for an immediate MFA reset on their IAM user to push a critical fix. To prevent an impersonation-based social-engineering attack and still support genuine staff needs, what is the technician's best first action?
Provide a one-time code over the same call so the engineer can register a new virtual MFA token.
Disable the current MFA device and email new temporary credentials to the address the caller provides.
End the call and redial the engineer using the phone number listed in the company directory before completing any MFA reset.
Open a high-severity AWS Support case and ask support to reset the engineer's MFA immediately.
Impersonation callers often rely on urgency to bypass normal verification. The most effective and minimally disruptive countermeasure is to validate the caller's identity through an independent channel that the attacker cannot control. Hanging up and placing a return call to the phone number already recorded in the corporate directory (or obtained from HR records) uses information established before the incident and does not rely on data supplied by the caller. This confirms the individual's legitimacy before any privileged action-such as resetting MFA-occurs. Simply complying with the request, emailing credentials, or giving a one-time code over the same call all leave the technician vulnerable to a convincing impostor. Escalating directly to AWS Support does not address identity verification and delays resolution without actually preventing impersonation. Therefore, performing an out-of-band callback to a trusted number is the correct first response.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is verifying the caller's identity important in this scenario?
Open an interactive chat with Bash
What is an MFA token, and why is it critical for security?
Open an interactive chat with Bash
What does an 'out-of-band' verification process mean?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .