CompTIA Cloud+ Practice Test

Which measures should an IT security department implement to resolve user account management issues in a SaaS environment?

• A. Network intrusion prevention system
• B. Multifactor authentication
• C. VPN to SaaS providers
• D. IPSec tunnel to the SaaS providers

The correct answer is: Multifactor authentication

In a SaaS (Software as a Service) environment, user account management issues often revolve around identity verification and protecting user accounts from unauthorized access. Implementing multifactor authentication (MFA) significantly enhances security by requiring users to provide two or more verification factors to gain access to their accounts. This means that, in addition to a password, users must provide another piece of information, such as a temporary code sent to their mobile device or a biometric scan. The use of MFA helps mitigate risks associated with compromised passwords because even if a password is stolen, the additional factor makes it much more difficult for an attacker to access the account. This is crucial in a SaaS context where sensitive data may be managed and stored. By integrating MFA into the user account management strategy, the organization can strengthen its security posture and reduce the likelihood of unauthorized access. While other measures mentioned, like network intrusion prevention systems, VPNs, and IPSec tunnels, are important components of overall network security, they do not directly address the user account management issues as effectively as multifactor authentication does. These options focus more on securing the network and communication channels rather than ensuring that the individual user accounts themselves are protected during the authentication process. Therefore, multifactor authentication is the most appropriate