Topic 1 Question 227
You are migrating your users to Google Cloud. There are cookie replay attacks with Google web and Google Cloud CLI SDK sessions on endpoint devices. You need to reduce the risk of these threats.
What should you do?
Configure Google session control to a shorter duration.
Set an organizational policy for OAuth 2.0 access token with a shorter duration.
Set a reauthentication policy for Google Cloud services to a shorter duration.
Configure a third-party identity provider with session management.
Enforce Security Key Authentication with 2SV.
ユーザの投票
コメント(8)
A and E
👍 4akg0012023/08/12B and E Set an organizational policy for OAuth 2.0 access token with a shorter duration is a good approach to reduce the time during which a stolen access token could be exploited. Shortening the access token duration helps mitigate the impact of cookie replay attacks. OAuth 2.0 access tokens are commonly used to authenticate API requests. By reducing their duration, you limit the time frame in which an attacker could potentially abuse a stolen token.
Enforce Security Key Authentication with 2SV adds strong authentication to user sessions. Security keys are hardware-based tokens that provide strong authentication and help prevent unauthorized access, including cookie replay attacks. By requiring Security Key Authentication with 2SV (Two-Step Verification), you enhance the security of user accounts.
👍 4ymkk2023/08/16- 正解だと思う選択肢: A
Correct anwers are A & E.
A. Configuring Google session control to a shorter duration reduces the time window in which an attacker can use a replayed cookie to gain unauthorized access, thereby enhancing security.
E. Enforcing Security Key Authentication with 2-Step Verification (2SV) adds an additional layer of security by requiring users to verify their identity using a physical security key, making it more difficult for attackers to gain unauthorized access even if they have a replayed cookie.
👍 4i_am_robot2023/09/24
シャッフルモード