- Why is MFA significantly more secure than a password alone?
- Explain Role-Based Access Control (RBAC) and how it helps enforce the principle of least privilege.
- What are the security risks associated with not deactivating employee accounts immediately after they leave the company?
Answer
1. Why MFA is more secure than a password alone
Multi-Factor Authentication (MFA) is more secure because it requires multiple forms of verification, such as something you know (password), something you have (OTP or phone), or something you are (biometrics). Even if a password is stolen, attackers still cannot access the account without the additional authentication factor, greatly reducing unauthorized access.
2. Role-Based Access Control (RBAC) and least privilege
Role-Based Access Control (RBAC) is a security model where access permissions are assigned based on a user’s role within an organization. Each role only receives the permissions necessary to perform specific tasks. This supports the principle of least privilege by ensuring users can access only what they need, minimizing the risk of accidental or malicious misuse of sensitive data.
3. Risks of not deactivating employee accounts after they leave
If employee accounts are not immediately deactivated after they leave the company, former employees or attackers could still access company systems and sensitive information. This can lead to data theft, unauthorized changes, security breaches, or system sabotage, making it a serious organizational security risk.
Status: 100%
Keterangan: Telah dikerjakan sebaik mungkin.
![]()
