A SaaS implementation is multi-tenant and aims to prevent password replay attacks. Which measure would BEST mitigate this risk?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the CompTIA Cloud+ Exam with our comprehensive test. Enhance your skills with multiple choice questions, detailed hints, and explanations. Ace your test!

Multiple Choice

A SaaS implementation is multi-tenant and aims to prevent password replay attacks. Which measure would BEST mitigate this risk?

Explanation:
Two-factor authentication adds a second requirement beyond the password, typically a one-time code from an authenticator, a push approval, or a hardware token. If an attacker captures a password and tries to replay it, the second factor is still needed at login, and those codes or approvals are time-bound or unique per session. That means the stolen credential alone cannot grant access, which directly mitigates password replay attacks. In a multi-tenant SaaS setup, this protection applies across all tenants, making unauthorized reuse far less likely. The other options don’t provide the same level of protection against replay. Destination resources authentication doesn’t introduce a true second factor. Removing admin privileges on laptops reduces potential damage but doesn’t prevent the credential itself from being replayed. A card/token approach can be MFA, but it’s less flexible and not as universally applicable as standard two-factor authentication for cloud sign-ins.

Two-factor authentication adds a second requirement beyond the password, typically a one-time code from an authenticator, a push approval, or a hardware token. If an attacker captures a password and tries to replay it, the second factor is still needed at login, and those codes or approvals are time-bound or unique per session. That means the stolen credential alone cannot grant access, which directly mitigates password replay attacks. In a multi-tenant SaaS setup, this protection applies across all tenants, making unauthorized reuse far less likely.

The other options don’t provide the same level of protection against replay. Destination resources authentication doesn’t introduce a true second factor. Removing admin privileges on laptops reduces potential damage but doesn’t prevent the credential itself from being replayed. A card/token approach can be MFA, but it’s less flexible and not as universally applicable as standard two-factor authentication for cloud sign-ins.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy