Due to a security breach initiated from South America, the Chief Security Officer (CSO) instructed a team to design and implement an appropriate security control to prevent such an attack from reoccurring. The company has sales and consulting teams across the United States that need access to company resources. The security manager implemented a location-based authentication to prevent non-US-based access to the company networks. Three months later, the same incident reoccurred with an attack originating from a country in Asia. Which of the following security design defects could be the cause?

A. The team did not account for the VPN access and did not ensure non-repudiation

B. The company just replaced a firewall that had a DDoS vulnerability

C. The sales and supports are reusing the same passwords for their personal accounts, such as banking and email

D. The hackers left a backdoor within the company networks that was not cleaned successfully








 

Suggested Answer: A





This question is in CS0-001 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.