🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional55 / 129
Question 55 of 129
A financial services firm keeps suffering account takeovers despite mandating SMS one-time passcodes as a second factor. Attackers use convincing proxy phishing sites that capture the user's password and relay the OTP in real time. The security architect is asked to select an authentication method that will structurally defeat this real-time relay (adversary-in-the-middle) technique. Which approach best meets the requirement?
Reviewed for accuracy · Report an issueNext question