Question 19
Domain 3 — Privacy Architecture and Data Protection by DesignWhich of the following vulnerabilities is MOST effectively mitigated by enforcing multi-factor authentication to obtain access to personal information?
Correct answer: A
Explanation
Multi-factor authentication requires more than a password, so it reduces the risk from users who choose weak passwords. Even if a password is guessed or stolen, access to personal information still depends on the additional factor, which blocks simple password-only attacks.
Why each option is right or wrong
A. End users using weak passwords
Multi-factor authentication directly addresses password-only compromise by requiring at least two independent authentication factors, so a guessed, reused, or brute-forced password is no longer sufficient to reach personal information. In practice, this most effectively reduces the risk posed by end users selecting weak passwords, because the attacker would still need the second factor even if the password is known.
B. Organizations using weak encryption to transmit data
Weak encryption affects data in transit protection, not whether a user proves identity with multiple factors.
C. Vulnerabilities existing in authentication pages
Authentication page flaws are application security issues; MFA does not directly fix vulnerable page logic or code.
D. End users forgetting their passwords
Forgotten passwords are a usability and recovery problem, not a vulnerability mitigated by extra authentication factors.