Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN. Recently, members of your organization have been targeted through a number of sophisticated phishing attempts, resulting in compromised credentials. What action can you take to prevent external misuse of compromised credentials while still allowing employees to manage their bank information? A. Turn off VPN access for users originating from outside the country B. Remove VPN access for all employees except for senior management C. Enable monitoring on the VPN for suspicious activity D. Block access to the Employee-Self Service application via VPN Â Suggested Answer: D This question is in 712-50 EC-Council Certified CISO (CCISO) Exam For getting EC-Council Certified CISO (CCISO) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by EC-Council. Trademarks, certification & product names are used for reference only and belong to EC-Council. The website does not contain actual questions and answers from EC-Council's Certification Exam.
Please login or Register to submit your answer