A security administrator is implementing hardening measures on a critical server to reduce the risk of compromise. The administrator's primary concern is preventing an attacker who has successfully phished a user's password from gaining administrative access. Which of the following controls would be the MOST effective mitigation for this specific threat?
Enforcing multifactor authentication (MFA) on all administrative accounts
Enforcing a strong password complexity and rotation policy
Applying the latest security patches to the operating system
Implementing a host-based firewall to restrict network traffic
The most effective control in this scenario is multifactor authentication (MFA). MFA requires more than just a password to authenticate, so even if an attacker steals a user's password, they cannot access the account without the second factor (e.g., a token, biometric scan, or push notification). A strong password policy is a good practice, but it is defeated once the password is stolen. Applying the latest security patches is crucial for preventing vulnerability exploitation but does not stop an attacker from using valid, stolen credentials. A host-based firewall controls network access but does not prevent a legitimate-looking authentication attempt with a stolen password from a permitted location.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are examples of multifactor authentication methods?
Open an interactive chat with Bash
Why is requiring multifactor authentication especially important for accounts with elevated permissions?
Open an interactive chat with Bash
What are the risks of not using multifactor authentication?