Exam Professional Cloud Security Engineer topic 1 question 55 discussion

A is the answer.

https://cloud.google.com/blog/products/g-suite/protecting-you-against-phishing

Ans: A. Implementing MFA helps mitigate the risk posed by phishing attacks by adding an additional barrier to unauthorized access to employee credentials.

"A" Encrypting emails (D) does not prevent or protect against phishing. Phishing leads to attacker getting a user's password. In order to protect against the "impact" of phishing, requiring a second factor would prevent the attacker from logging in using only the password once stolen.

The question is asking how to PROTECT employees credentials, NOT how to best protect against phishing. MFA does that in case a user's credentials is compromised by have 2FV. It's another defense in layer approach.

MFA itself doesn't really protect user's credentials from beaing leaked. It makes it harder (or nigh impossible) to log in even if they get leaked but they may still leak. Encrypting emails would be of more help, although in case of phishing email it'd be best to educate users and add some filters that will flag external emails as suspicious.

A. Multifactor Authentication

Multi-factor authentication will prevent employee credentials

A for sure

This question has been taken from the GCP book.

A https://cloud.google.com/blog/products/g-suite/7-ways-admins-can-help-secure-accounts-against-phishing-g-suite

https://www.duocircle.com/content/email-security-services/email-security-in-cryptography#:~:text=Customer%20Login-,Email%20Security%20In%20Cryptography%20Is%20One%20Of%20The%20Most,Measures%20To%20Prevent%20Phishing%20Attempts&text=Cybercriminals%20love%20emails%20the%20most,networks%20all%20over%20the%20world. The answer should be D.

Logically if i think even if i have not read about cloud answer is A

Ans - A

The answer is A. https://cloud.google.com/blog/products/identity-security/protect-users-in-your-apps-with-multi-factor-authentication

Should be A