During a review, an IS auditor discovers that corporate users are able to access cloud-based applications and data from any Internet-connected web browser.
Which of the following is the auditor's BEST recommendation to help prevent unauthorized access?
Implementing multi-factor authentication (MFA) is the best recommendation to prevent unauthorized access to cloud-based applications and data. MFA adds an additional layer of security by requiring users to provide more than one form of verification before accessing a system or application. This could include a combination of something the user knows (like a password), something the user has (like a smartphone for a verification code), or something the user is (like a biometric factor). By requiring multiple forms of verification, MFA significantly reduces the likelihood that an unauthorized individual could gain access, even if they obtain a user's primary credentials.
D is true...
Multi-factor authentication (MFA) adds an extra layer of security by requiring users to provide multiple forms of authentication before gaining access to the system. This could include something the user knows (like a password), something the user has (like a smartphone for receiving a verification code), or something the user is (like a fingerprint or facial recognition). By implementing MFA, even if an attacker manages to obtain a user's password, they would still need additional authentication factors to access the cloud-based applications and data.
yes, bcos the question is about prevention of unauthorsied access and not data modification after access .