Free Isaca CCOA Exam Dumps

Multi-factor authentication (MFA) would have been the most effective control to prevent data compromise in this scenario:

Enhanced Security: MFA requires multiple authentication factors, such as a password (something you know) and a one-time code (something you have).

Mitigates Credential Theft: Even if a username and password are compromised, an attacker would still need the second factor to gain access.

SSO Integration: MFA can be seamlessly integrated with SSO to ensure robust identity verification.

Example: A user logs in with a password and then confirms their identity using an authenticator app.

Incorrect Options:

A . Challenge handshake: An outdated protocol for authentication, not as secure as MFA.

C . Token-based: Often used as part of MFA but alone does not mitigate password theft.

D . Single-factor: Only uses one method (e.g., a password), which is insufficient to protect against credential compromise.

Exact Extract from CCOA Official Review Manual, 1st Edition:

Refer to Chapter 4, Section 'Identity and Access Management,' Subsection 'Multi-Factor Authentication' - MFA is essential to prevent unauthorized access when credentials are compromised.