G Professional Collaboration Engineer Practice Exam

What security measure can be applied to prevent unauthorized access when 2-Step verification is not enforced?

• A. Enable a strong password policy.
• B. Implement an employee ID login challenge.
• C. Decrease the maximum user session length.
• D. Revoke token authorizations to external applications.

The correct answer is: Implement an employee ID login challenge.

The choice of implementing an employee ID login challenge as a security measure is effective because it adds an additional layer of authentication that can help ensure that only authorized users are granted access. By requiring users to input a specific identifier that is unique to them, organizations can better verify the identity of individuals attempting to log in. This method stands in contrast to simply relying on passwords alone, which can be compromised or guessed. Security measures like this help mitigate risks associated with unauthorized access, especially in environments where 2-Step verification might not be feasible. It can enhance the overall security posture of the organization by creating a more complex authentication requirement that potential intruders would find difficult to overcome. A strong password policy can certainly bolster security by ensuring that passwords are complex and difficult to guess, but it may not be sufficient on its own without additional layers, particularly in the absence of 2-Step verification. Similarly, decreasing the maximum user session length can help control how long a user remains logged in but does not provide an extra verification step at the point of login itself, which is crucial for preventing unauthorized access. Revoking token authorizations to external applications is more about managing third-party access rather than strengthening individual user access security directly.