Module Question 8
- Why is MFA significantly more secure than a password alone?
- Explain Role-Based Access Control (RBAC) and how it helps enforce the principle of least privilege.
- What are the security risks associated with not deactivating employee accounts immediately after they leave the company?
Status: 100% sudah tercapai
Keterangan: Saya sudah mengerjakan essay ini dengan baik dan benar
Bukti:
-
Multi-Factor Authentication (MFA) is significantly more secure than using a password alone because it adds extra layers of verification beyond just something you know (your password). Even if someone manages to steal or guess your password—through phishing, data leaks, or weak password practices—they still cannot access your account without the additional factor, such as a code sent to your phone, a fingerprint, or a face scan.
This means that MFA protects you from many common cyber threats. It reduces the risk of unauthorized access because an attacker would need to compromise multiple independent factors at the same time, which is much harder to do. In simple terms, MFA acts like having multiple locks on a door—making your account far more difficult to break into compared to relying on just one password.
-
Role-Based Access Control (RBAC) is a security approach where access to systems, data, or resources is granted based on a user’s role within an organization, rather than assigning permissions individually to each user. For example, an employee in the “HR role” may have access to employee records, while someone in the “Finance role” can access financial data. Each role is carefully defined with specific permissions, and users are assigned to roles based on their responsibilities.
RBAC helps enforce the principle of least privilege by ensuring that users only have access to what they truly need to perform their job—nothing more. Instead of giving broad or unnecessary permissions, organizations can tightly control access through roles. This reduces the risk of accidental mistakes, data leaks, or misuse of information, and also limits the damage if an account is compromised. In short, RBAC makes systems more secure, organized, and easier to manage.
-
Not deactivating employee accounts immediately after they leave the company can create serious security risks. One major risk is unauthorized access—former employees may still be able to log in and access sensitive company data, systems, or emails. This becomes even more dangerous if the departure was not on good terms, as there is a higher chance of intentional misuse, such as data theft or sabotage.
Another risk is that inactive accounts can become easy targets for cyber attackers. Hackers often look for unused or forgotten accounts because they are less likely to be monitored. If compromised, these accounts can be used to move داخل systems, steal information, or launch further attacks without being noticed. Additionally, keeping such accounts active violates security best practices and compliance standards. In short, failing to deactivate accounts quickly increases the risk of data breaches, financial loss, and damage to the company’s reputation.
