Discover the most cost-effective method to improve SaaS email security without altering password policies. Learn about MFA, SSO, and other authentication options for CompTIA CV0-003 certification.
Table of Contents
Question
Users currently access SaaS email with five-character passwords that use only letters and numbers. An administrator needs to make access more secure without changing the password policy. Which of the following will provide a more secure way of accessing email at the lowest cost?
A. Change the email service provider.
B. Enable MFA with a one-time password.
C. Implement SSO for all users.
D. Institute certificate-based authentication.
Answer
The most secure and cost-effective solution to enhance SaaS email security without changing the password policy is:
B. Enable MFA with a one-time password.
Explanation
Multi-Factor Authentication (MFA) with a one-time password is the optimal choice for improving email security in this scenario for several reasons:
- Security Enhancement: MFA adds an extra layer of security beyond the basic password. Even if a malicious actor obtains the user’s password, they would still need the second factor (in this case, a one-time password) to gain access.
- Low Cost: Implementing MFA with one-time passwords is generally inexpensive. Many SaaS providers offer this feature at no additional cost or for a minimal fee.
- Ease of Implementation: MFA can be enabled without changing the existing password policy, meeting the requirement stated in the question.
- User-Friendly: One-time passwords are relatively easy for users to understand and use, often delivered via SMS or generated by an authenticator app.
Let’s examine why the other options are less suitable:
A. Change the email service provider: This would likely be costly and disruptive, and doesn’t necessarily improve security without additional measures.
C. Implement SSO for all users: While SSO can enhance security and user experience, it typically requires significant infrastructure changes and can be costly to implement.
D. Institute certificate-based authentication: This method is secure but often more complex and expensive to implement and manage, especially for a large user base.
In conclusion, enabling MFA with a one-time password provides the best balance of improved security, low cost, and minimal disruption to existing systems and policies. This solution aligns well with the requirements of the CompTIA CV0-003 certification exam, which emphasizes practical, cost-effective security solutions.
CompTIA CV0-003 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA CV0-003 exam and earn CompTIA CV0-003 certification.