Which of the following is NOT a recommended phishing mitigation?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the SAI Member-in-Training Exam. Test your knowledge with flashcards and various questions, each offering hints and explanations. Ensure success in your SAI journey!

Multiple Choice

Which of the following is NOT a recommended phishing mitigation?

Explanation:
Defending against phishing works best with layered controls that both reduce exposure and limit what happens if credentials are stolen. Training and awareness prime users to recognize suspicious messages, risky links, and spoofed domains, lowering the chance of a successful phishing attempt. Email filtering and URL checking act as gates that block many phishing emails and destinations before users even see them. Multi-factor authentication adds a second form of verification, so even if a password is captured through phishing, the attacker still can’t easily access the account without the additional factor. Enabling only single-factor authentication relies entirely on a password. If that password is phished, the attacker gains access directly, defeating the protection offered by phishing-resistant controls. That’s why single-factor authentication is not recommended as a mitigation.

Defending against phishing works best with layered controls that both reduce exposure and limit what happens if credentials are stolen. Training and awareness prime users to recognize suspicious messages, risky links, and spoofed domains, lowering the chance of a successful phishing attempt. Email filtering and URL checking act as gates that block many phishing emails and destinations before users even see them. Multi-factor authentication adds a second form of verification, so even if a password is captured through phishing, the attacker still can’t easily access the account without the additional factor.

Enabling only single-factor authentication relies entirely on a password. If that password is phished, the attacker gains access directly, defeating the protection offered by phishing-resistant controls. That’s why single-factor authentication is not recommended as a mitigation.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy