CompTIA CySA+ (CS0-003) — Question 387

An organization wants to implement an identity and access management technology that is resistant to phishing attacks. Which of the following is the best technology to implement?

Answer options

• A. Federation
• B. Privileged access management
• C. Passwordless authentication
• D. Single sign-on

Correct answer: C

Explanation

Passwordless authentication is the optimal choice as it eliminates the reliance on passwords, which are often targeted in phishing attacks. Other options like Federation, Privileged access management, and Single sign-on still involve some form of password usage, making them more vulnerable to phishing attempts.