It says a successful social engineering, which means the attack is in place. The only answer here is B to reduce the risk of the credential attack. A is the best to prevent the attack.
B.) Implement two-factor authentication, (Another question may say multi-factor authentication)
A.) Helps to prevent social engineering attacks, not really helpful in a successful attack because at this point the security awareness training failed for this user.
C.) Block access to social media (Not helpful)
D.) Enforce role based access control (Yes helpful), their access would be restricted but they would still have access. (With B, the Attacker still has to succeed in completing the multifactor authentication process). This options reduces the risk over the others.
Attack is already successful, security awareness training is preventative, B 2FA would help reduce risk if social engineering attack is successful to get helpdesk password.
Question is asking about reducing the risks after a successful attack. It is the next step
upvoted 1 times
...
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Raven89
2 weeks, 6 days ago03allen
6 months, 1 week agoexamdj101j
7 months, 1 week agoAgamennore
1 year, 2 months agoAaronS1990
1 year, 3 months agoSaisharan
1 year, 4 months agoCrackyPatch
1 year, 4 months agochanke
1 year, 4 months agorichck102
1 year, 4 months agoSecHodler
1 year, 7 months agoDravidian
1 year, 6 months agoSalilgen
8 months, 3 weeks ago