CompTIA SecurityX (CAS-005) — Question 210

A security architect is mitigating a vulnerability that previously led to a web application data breach. An analysis into the root cause of the issue finds the following:

• An administrator’s account was hijacked and used on several Autonomous System Numbers within 30 minutes.
• All administrators use named accounts that require multifactor authentication.
• Single sign-on is used for all company applications.

Which of the following should the security architect do to mitigate the issue?

Answer options

• A. Configure token theft detections on the single sign-on system with automatic account lockouts.
• B. Enable context-based authentication when network locations change on administrator login attempts.
• C. Decentralize administrator accounts and force unique passwords for each application.
• D. Enforce biometric authentication requirements for the administrator’s named accounts.

Correct answer: B

Explanation

The correct answer is B because enabling context-based authentication helps ensure that login attempts from unusual network locations trigger additional verification steps, which can prevent unauthorized access. Option A focuses on detection and response rather than prevention, while C unnecessarily complicates account management and D introduces additional hardware requirements that may not enhance security effectively.