U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA CAS-005 Exam - Topic 2 Question 31 Discussion

A security architect is mitigating a vulnerability that previously led to a web application data breach. An analysis into the root cause of the issue finds the following:An administrator's account was hijacked and used on several Autonomous System Numbers within 30 minutes.All administrators use named accounts that require multifactor authentication.Single sign-on is used for all company applications.Which of the following should the security architect do to mitigate the issue?
B) Enable context-based authentication when network locations change on administrator login attempts.
A) Configure token theft detection on the single sign-on system with automatic account lockouts.
C) Decentralize administrator accounts and force unique passwords for each application.
D) Enforce biometric authentication requirements for the administrator's named accounts.

CompTIA CAS-005 Exam - Topic 2 Question 31 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 31
Topic #: 2
[All CAS-005 Questions]

A security architect is mitigating a vulnerability that previously led to a web application data breach. An analysis into the root cause of the issue finds the following:

An administrator's account was hijacked and used on several Autonomous System Numbers within 30 minutes.

All administrators use named accounts that require multifactor authentication.

Single sign-on is used for all company applications.Which of the following should the security architect do to mitigate the issue?

Show Suggested Answer Hide Answer
Suggested Answer: B

The hijacked administrator account was used across multiple ASNs (indicating different network locations) in a short time, despite MFA and SSO. This suggests a stolen session or token misuse. Let's analyze:

A . Token theft detection with lockouts:Useful for detecting stolen SSO tokens, but it's reactive and may not prevent initial misuse across networks.

B . Context-based authentication:This adds real-time checks (e.g., geolocation, IP changes) to verify login attempts. Given the rapid ASN changes, this proactively mitigates the issue by challenging suspicious logins, aligning with CAS-005's focus on adaptive security.

C . Decentralize accounts:This removes SSO, increasing complexity and weakening MFA enforcement, which isn't practical or secure.


Contribute your Thoughts:

0/2000 characters

Currently there are no comments in this discussion, be the first to comment!


Save Cancel