KT-IAS Authentication

A help desk ticket reports repeated lockouts for one user after they traveled. Logs show failed logins from two countries within minutes. What is the BEST first response?

Multiple choice — select one answer

Answer choices

  1. a. Ignore lockouts if the user confirms they remember their password, without security or identity team coordination per policy.
  2. b. Disable the account permanently without investigation, without security or identity team coordination per policy.
  3. c. Share the user's password hash with the manager to verify identity, without security or identity team coordination per policy.
  4. d. Treat as potential credential compromise: force password reset, revoke sessions, and verify MFA enrollment

Architectural breakdown & explanation

Impossible-travel patterns suggest stolen credentials; reset and session revocation limit abuse while MFA reduces replay risk.

Correct answer(s): d. Treat as potential credential compromise: force password reset, revoke sessions, and verify MFA enrollment

Exam domain: Authentication (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Identity & Access Security bank. Run a full timed practice exam with domain-weighted random questions in your browser.