CompTIA CySA+ (CS0-001) — Question 187

Due to a security breach initiated from South America, the Chief Security Officer (CSO) instructed a team to design and implement an appropriate security control to prevent such an attack from reoccurring. The company has sales and consulting teams across the United States that need access to company resources. The security manager implemented a location-based authentication to prevent non-US-based access to the company networks. Three months later, the same incident reoccurred with an attack originating from a country in Asia. Which of the following security design defects could be the cause?

Answer options

• A. The team did not account for the VPN access and did not ensure non-repudiation
• B. The company just replaced a firewall that had a DDoS vulnerability
• C. The sales and supports are reusing the same passwords for their personal accounts, such as banking and email
• D. The hackers left a backdoor within the company networks that was not cleaned successfully

Correct answer: A

Explanation

The correct answer is A because the location-based authentication may not cover access via VPN, allowing attackers to bypass the controls. Options B, C, and D, while potentially valid concerns, do not directly explain how the breach occurred again despite the location-based authentication being in place.