System logs show that one employee account has two active sessions: one originating from New York, USA and another from Singapore only minutes apart-far too quickly for the user to have physically traveled. Which security concern does this situation most likely indicate?
Multiple active sessions from widely separated locations suggest that the same credentials are being used by more than one party at the same time. This indicator, known as concurrent session usage (or impossible travel), often points to stolen or shared credentials and should trigger an investigation or automatic mitigation steps such as step-up authentication or forced log-out. The other choices describe different attack types or symptoms that do not match simultaneous, geographically disparate logins.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are 'compromised user credentials' and how can they occur?
Open an interactive chat with Bash
What measures can organizations take to prevent account hijacking?
Open an interactive chat with Bash
What is the significance of monitoring system logs for security?