CompTIA Security+ (SY0-601) — Question 20

A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfiltrated. The report also indicates that users tend to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the exfiltrated credentials?

Answer options

• A. MFA
• B. Lockout
• C. Time-based logins
• D. Password history

Correct answer: A

Explanation

The correct answer is MFA (Multi-Factor Authentication), which adds an extra layer of security beyond just a password, making it more difficult for attackers to use stolen credentials. The other options, such as Lockout, Time-based logins, and Password history, do not directly address the issue of preventing the use of exfiltrated credentials as effectively as MFA does.