Which of the following would be the BEST way to handle this request?

You are working as a technician at AIOTestKing.com. One of Certkiller ‘s users is unable to log in to the domain as she has forgotten her password. AIOTestKing.com has a security policy that says the last four digits of the employees identification number must be verified before performing a password reset. This rule exists in order to protect the company against social engineering attacks. The user is not able to provide that information over the telephone call. Which of the following would be the BEST way to handle this request?

You are working as a technician at AIOTestKing.com. One of Certkiller ‘s users is unable to log in to the domain as she has forgotten her password. AIOTestKing.com has a security policy that says the last four digits of the employees identification number must be verified before performing a password reset. This rule exists in order to protect the company against social engineering attacks. The user is not able to provide that information over the telephone call. Which of the following would be the BEST way to handle this request?

A.
Perform the reset and tell the user to write down the last four digits so they wont forget it again.

B.
Inform the user that the last four digits must be verified and that they should call back when they can provide the needed information.

C.
Ask the user to call back and discuss the issue with the technicians supervisor.

D.
Perform the password reset for the user because the technician recognizes the users voice.



Leave a Reply 0

Your email address will not be published. Required fields are marked *