Multi-factor authentication (MFA) significantly mitigates risks associated with compromised

credentials by requiring multiple verification factors, such as:

Something you know (password)

Something you have (authenticator app or token)

Something you are (biometric data)

Even if attackers obtain the password, they would still need additional factors, making unauthorized

access far more challenging.

Incorrect Options:

B . Social engineering: MFA does not directly protect against sophisticated social engineering attacks

where users are tricked into giving away all factors.

C . Malware: MFA does not prevent malware infections on the device.

D . Ransomware: Ransomware attacks typically bypass authentication mechanisms.

Exact Extract from CCOA Official Review Manual, 1st Edition:

Refer to Chapter 4, Section "Identity and Access Management," Subsection "Multi-Factor

Authentication" - MFA specifically addresses the risk of compromised credentials.