CyberArk Defender – Access — Question 4

A user's account information required for multi-factor authentication is not set up properly and is preventing the user from logging in.
What should you do?

Answer options

• A. Use the MFA Unlock command in the Admin Portal to suspend multifactor authentication for 10 minutes.
• B. Delete the user's account and create a new one.
• C. Ask the user to delete all browser cookies, then try again.
• D. Change the user's directory source from Active Directory to LDAP for authentication.

Correct answer: A

Explanation

The correct answer is A because using the MFA Unlock command allows temporary suspension of the multi-factor authentication, providing the user immediate access. Option B is not advisable as deleting the account could result in data loss and additional setup time. Option C might not resolve the underlying issue with MFA settings, and D is unnecessary as changing the directory source does not directly address the MFA configuration problem.