What should you do?

Your organization is concerned with the increasing threat of phishing attacks that may impact users.

Leadership has declined to force-enable 2-Step verification. You need to apply a security measure to prevent unauthorized access to user accounts.

What should you do?
A . Enable Enforce Strong Password policy.
B . Enable Employee ID Login Challenge.
C . Decrease the Maximum User Session Length.
D . Revoke token authorizations to external applications.

Answer: A

Explanation:

If leadership has declined to force-enable 2-Step Verification, the next best step for enhancing account security against unauthorized access would be to enforce a strong password policy. This would require users to create complex passwords, making it more challenging for attackers to compromise accounts through techniques like brute-force attacks or password guessing.

Other options:

B. Enable Employee ID Login Challenge: While this could add an additional layer of security, it would also create a user experience barrier that might be comparable to 2-Step Verification, which leadership has already declined to implement.

C. Decrease the Maximum User Session Length: This would require users to sign in more frequently, which could add a minimal layer of security but could also lead to user frustration without significantly enhancing security against unauthorized access.

D. Revoke token authorizations to external applications: While revoking tokens can improve security, it doesn’t directly address the concern of unauthorized account access due to phishing attacks. It’s more about limiting what external applications can do once they have access and doesn’t improve the security of the login process itself.

Therefore, enforcing a strong password policy (Option A) is the most straightforward method to increase account security without implementing 2-Step Verification.