CompTIA CASP+ (CAS-004) — Question 266

An organization offers SaaS services through a public email and storage provider. To facilitate password resets, a simple online system is set up. During a routine check of the storage each month, a significant increase in use of storage can be seen. Which of the following techniques would remediate the attack?

Answer options

• A. Including input sanitization to the logon page
• B. Configuring an account lockout policy
• C. Implementing a new password reset system
• D. Adding MFA to all accounts

Correct answer: C

Explanation

The correct answer is C because a new password reset system can help address vulnerabilities that may be exploited during the reset process. Options A and B do not directly address the password reset issue, and while D adds security, it does not resolve the specific problem identified with the current password reset system.