ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your company manages AWS resources through IAM users who currently authenticate with complex passwords only. A recent audit demands implementation of multi-factor authentication that adds a "have" factor, while keeping costs low and avoiding additional hardware distribution. Which approach satisfies the requirement?
Restrict AWS Management Console logins to the corporate office's public IP address range.
Enable virtual MFA devices for each IAM user so they enter a time-based one-time password from an authenticator app during sign-in.
Configure security questions that users must answer after providing their password.
Enforce a password policy requiring 15-character passwords and mandatory rotation every 30 days.
Virtual MFA applications such as Google Authenticator or Authy generate time-based one-time passwords on a registered smartphone. Because the phone is in the user's possession, the OTP represents a possession ("have") factor that, when combined with the existing password, forms MFA. Enforcing a stronger password policy or rotation schedule still relies on a single "know" factor, so it does not meet MFA requirements. IP allow lists restrict where authentication can originate but do not add a second factor. Challenge questions only introduce another knowledge factor and can be easily guessed or mined from social media. Therefore, enabling virtual MFA devices for each IAM user is the only option that introduces the required "have" factor without purchasing and distributing hardware tokens.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is multi-factor authentication (MFA)?
Open an interactive chat with Bash
How do virtual MFA apps work?
Open an interactive chat with Bash
Why are security questions not considered MFA?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Access Controls
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .