Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam SY0-601 topic 1 question 9 discussion

Actual exam question from CompTIA's SY0-601
Question #: 9
Topic #: 1
[All SY0-601 Questions]

A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfiltrated. The report also indicates that users tend to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the exfiltrated credentials?

  • A. MFA
  • B. Lockout
  • C. Time-based logins
  • D. Password history
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Ribeiro19 at Aug. 30, 2022, 9:06 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Ribeiro19
Highly Voted 1 year, 8 months ago
Selected Answer: A
is the only one that obligate to have more info than a password to login in the system
upvoted 31 times
Papee
1 year, 6 months ago
Prevent users from using the exfiltrated account. MFA would better security not prevent.
upvoted 13 times
Skymaster8182
6 months, 1 week ago
You can’t “use” the account if you can’t log into it without the 2nd part of authentication. The problem with this question that I really hate is it leads to 2 different answers because it says prevent use but yet also talks about “policy”. Password History won’t do anything to prevent stolen credentials unless the policy being implemented instantly forces everyone to change their password “right now” which password history normally just means you can’t reuse the same password again after you are forced to change it be it a 30 days or 60 days later. MFA may not be a policy but it insantly prevents the issue of stolen credentials being used to log in after MFA has been enabled. It’s a stupid catch 22 question because MFA would fix the stolen credentials problem instantly. The moment the thieves use the password, a prompt for a Token digit (or whatever the 2nd authentication is) will be requested. MFA would definitely prevent.
upvoted 10 times
...
...
...
STODDY69
Highly Voted 8 months, 3 weeks ago
Selected Answer: D
CompTIA Sec+ Objectives 3.7 Account policies: - Password complexity - Password history - Password reuse - Network location - Geofencing - Geotagging - Geolocation - Time-based logins - Access policies - Account permissions - Account audits - Impossible travel time/risky login - Lockout - Disablement 2FA is not an account policy, has to be D
upvoted 27 times
...
shady23
Most Recent 1 week, 2 days ago
Selected Answer: A
A. MFA
upvoted 1 times
...
thea_smith
1 week, 2 days ago
Selected Answer: A
A is the clear choice. Get all questions at [email protected]
upvoted 1 times
...
JackyCIT
2 weeks, 2 days ago
Answer: MFA "The report also indicates that users tend to choose the same credentials on different systems and applications." Even with password history in place, if users continue to reuse the same password across different systems and applications, it still poses a significant security risk. Implementing MFA would be the best option to mitigate the risk, since it adds an extra layer of authentication beyond just the password.
upvoted 2 times
...
russian
2 weeks, 3 days ago
Selected Answer: D
Honestly its either one but I think its D because you can't use exfiltrated credentials
upvoted 1 times
...
AspiringNerd
2 weeks, 4 days ago
Selected Answer: A
MFA is the only answer that adds something other than just the password. Lockout is only applied if the password is wrong. Password history will only matter if you require a password change.
upvoted 1 times
...
JustJess
1 month, 3 weeks ago
If you see me pop up with explanations... I use MS Copilot.. I have friends who have used it to with Comptia tests
upvoted 2 times
...
JustJess
1 month, 3 weeks ago
unless you can choose both A and D Recommendation: MFA should ideally be implemented before enforcing password history. Start by enabling MFA to enhance security immediately. Then, introduce password history to prevent users from reverting to previously compromised passwords.
upvoted 1 times
...
ZiareKing
2 months ago
Selected Answer: D
I think a good way to approach answering this questions would be, which would you implement first? (A) MFA (D) Password history They're both correct answers. Me I would remove the threat of the credentials ever being a threat again first (D) Password history. For an additional layer of protection I would implement (A) MFA... It's (D) Password History for me...
upvoted 1 times
...
Drosk5
2 months ago
Selected Answer: A
"prevent someone from using the exfiltrated credentials"
upvoted 1 times
...
Marcelmikael
2 months ago
Answr is D. The key word to note here is PREVENT the use of exfiltrated credentials. How to do that is through the password history. Offers an extra layer of access, so the credentials can still be used but the you need to confirm that you are the legitimate user. With password history, it is not even possible to pass the first stage.
upvoted 1 times
...
Sareena13
2 months ago
Selected Answer: A
MFA can only prevent someone from using the exfiltrated credentials.
upvoted 1 times
...
subaie503
2 months, 1 week ago
Selected Answer: D
dont overthink it
upvoted 1 times
...
TrueKiwi
2 months, 1 week ago
Password history is a red herring. The question does not ask about it at all.
upvoted 3 times
...
thea_smith
2 months, 3 weeks ago
Selected Answer: D
D is correct If you want full PDF you can get at [email protected]
upvoted 1 times
...
Grahamtb
2 months, 3 weeks ago
Selected Answer: D
This question is so dumb and if it actually appears on the exam, that’s ridiculous. The obvious ACTUAL corrective action would be to implement MFA. However, since they included the word “Policy” and not in the sense that the CISO would like to create a “corporate policy” i.e. “from now on when utilizing our servers we will” but an account policy, now the “correct” answer is Password History. Just ignorance honestly.
upvoted 4 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel