Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN. Recently, members of your organization have been targeted through a number of sophisticated phishing attempts and have compromised their system credentials. What action can you take to prevent the misuse of compromised credentials to change bank account information from outside your organization while still allowing employees to manage their bank information?
A) Turn off VPN access for users originating from outside the country
B) Force a change of all passwords
C) Enable monitoring on the VPN for suspicious activity
D) Block access to the Employee-Self Service application via VPN
Correct Answer:
Verified
Q191: Which type of scan is used on
Q192: Scenario: Your company has many encrypted telecommunications
Q193: Scenario: An organization has recently appointed a
Q194: Scenario: Critical servers show signs of erratic
Q195: Scenario: A CISO has several two-factor authentication
Q197: Scenario: A Chief Information Security Officer (CISO)
Q198: Scenario: An organization has made a decision
Q199: A consultant is hired to do physical
Q200: Scenario: The new CISO was informed of
Q201: A security manager has created a risk
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents