CompTIA CySA+ (CS0-001) — Question 148

A cybersecurity analyst was hired to resolve a security issue within a company after it was reported that many employee account passwords had been compromised. Upon investigating the incident, the cybersecurity analyst found that a brute force attack was launched against the company.
Which of the following remediation actions should the cybersecurity analyst recommend to senior management to address these security issues?

Answer options

• A. Prohibit password reuse using a GPO.
• B. Deploy multifactor authentication.
• C. Require security awareness training.
• D. Implement DLP solution.

Correct answer: B

Explanation

The correct answer is B, as deploying multifactor authentication adds an additional layer of security that can significantly reduce the risk of unauthorized access, even if passwords are compromised. Option A, prohibiting password reuse, is helpful but does not stop brute force attacks; option C, requiring security awareness training, addresses user behavior but not the immediate issue; and option D, implementing a DLP solution, focuses on data loss prevention rather than securing user accounts.