An organization wants to reduce the likelihood that employees will reach spoofed login pages that harvest credentials. Which of the following controls would BEST achieve this goal by automatically blocking requests for domains that appear on threat-intelligence blocklists?
Deploy data loss prevention (DLP) to inspect outbound network traffic.
Require multifactor authentication for all user logins.
Enforce complex passwords that must be changed every 90 days.
Implement a DNS/domain-filtering service that blocks look-ups for known malicious domains.
Deploying a DNS or domain-filtering service stops browsers from resolving the hostnames of known malicious or suspicious sites, so users never reach the credential-harvesting page. While strong password policies, DLP, and MFA are valuable security measures, they do not directly prevent a user's web request from reaching a phishing site. DNS/domain filtering therefore provides the most effective and immediate protection in this scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a DNS/domain-filtering service?
Open an interactive chat with Bash
How does threat intelligence contribute to domain-filtering services?
Open an interactive chat with Bash
Why are password policies or MFA not enough to block spoofed login pages?