Question

To secure an application after a large data breach, an e-commerce site will be resetting all

users' credentials.
Which of the following will BEST ensure the site's users are not compromised after the reset?
A. A password reuse policy
B. Account lockout after three failed attempts
C. Encrypted credentials in transit
D. A geofencing policy based on login history

Answer 1

The best measure to ensure users are not compromised after a credential reset is a password reuse policy. Other important security measures include account lockout, encrypted credentials in transit, and geofencing based on login history.

Step-by-step explanation:

The best measure to ensure users are not compromised after a credential reset following a large data breach is a password reuse policy. This policy would require users to create a new, unique password that they have not used for any other accounts. By doing so, even if their old credentials were compromised, the new password would not be vulnerable to reuse attacks.

Other options mentioned are also important for overall security:

- Account lockout after three failed attempts: This prevents brute-force attacks by locking out accounts after multiple failed login attempts.

- Encrypted credentials in transit: This ensures that user credentials, such as passwords, are securely transmitted over the network to protect them from interception.

- A geofencing policy based on login history: This policy restricts access to user accounts based on the location of login attempts and can help detect and prevent unauthorized access.