While the company has implemented Single Sign-On (SSO) with strong passwords, additional security

controls are required to mitigate attacks such as LDAP injections, brute-force, whaling, and spear-

phishing. Two-factor authentication (2FA) provides an additional layer of security by requiring users

to provide two different forms of authentication (e.g., a password and a security token or a biometric

factor), reducing the likelihood of unauthorized access even if passwords are compromised. CASP+

emphasizes the importance of using multi-factor authentication mechanisms to strengthen access

control and protect against such attacks.

Reference:

CASP+ CAS-004 Exam Objectives: Domain 2.0 – Enterprise Security Operations (Access Control and

Multi-factor Authentication)

CompTIA CASP+ Study Guide: Implementing Two-Factor Authentication for System Access