Which technology should be used to help prevent an attacker from stealing usernames and passwords of users within an organization?
Which technology should be used to help prevent an attacker from stealing usernames and passwords of users within an organization?
Multifactor authentication (MFA) is a security technology that requires multiple forms of verification to prove identity, making it more difficult for attackers to steal usernames and passwords. Even if an attacker manages to acquire the credentials, they would still need the second form of verification (e.g., a code sent to a user's phone) to gain access.
Within the organisation. I go for DAI. C
ok, it makes sense. But if non-username/password authentication goes first, man in the middle will never got to credentials either (as well putting aside that it will be encrypted and he will see nothing anyway). So again - thank you Cisco, hope they are marking both answers if selected as correct, otherwise the exams are becoming quite shitty
B relates to OS detection D relates to mitigating unauthorised access and you'll likely already have the correct username and password i.e. it doesn't help prevent an attacker stealing credentials.
Answer is C. MFA doesn't prevent stealing, it prevents to get a benefit from/after stealing.
Answer is D.
Attacker can't use randomly generated password from MFA device.
Correct answer D Checked in securytytut
DAI, protect against man in the middle attack.
A or D