PrepAway - Latest Free Exam Questions & Answers

Which of the following reduces help-desk call volume, but is also criticized for the ease with which a hacker

There are several types of password management approaches used by identity management systems. Which of the following reduces help-desk call volume, but is also criticized for the ease with which a hacker could gain access to multiple resources if a password is compromised?

PrepAway - Latest Free Exam Questions & Answers

A.
Management password reset

B.
Self-service password reset

C.
Password synchronization

D.
Assisted password reset

Explanation:
C: Password synchronization is designed to reduce the complexity of keeping up with different passwords for different systems. Password synchronization technology can allow
users to maintain a single password across multiple systems by transparently synchronizing the password to other systems and applications. This reduces help-desk call volume. One
criticism of this approach is that since only one password is used to access different resources, now the hacker only has to figure out one credential set to gain unauthorized access to
all resources.
A is incorrect because there is no such thing as a management password reset. This answer is a distracter. The most common password management approaches are password
synchronization, self-service password reset, and assisted password reset.
B is incorrect because self-service password reset does not necessarily deal with multiple passwords. However, it does help reduce the overall volume of password-related help
desk calls. In the case of self-service password reset, users are allowed to reset their own passwords. For example, when a user forgets his password, he may be prompted to answer
questions that he identified during the registration process. If the answer he gives matches the information he provided during registration, then he is granted the ability to change his
password.
D is incorrect because assisted password reset does not necessarily deal with multiple passwords. It reduces the resolution process for password issues by allowing the help desk
to authenticate a user before resetting her password. The caller must be identified and authenticated through the password management tool before the password can be changed.
Once the password is updated, the system that the user is authenticating to should require the user to change her password again. This would ensure that only she (and not she and
the help-desk person) knows her password. The goal of an assisted password reset product is to reduce the cost of support calls and ensure that all calls are processed in a uniform,
consistent, and secure fashion.


Leave a Reply