Answer-first summary for fast verification
Answer: Security key
The question specifically asks for protection against man-in-the-middle attacks using fake login pages (phishing). Security keys (A) provide the strongest protection because they use FIDO2/WebAuthn standards with cryptographic proof that verifies the authentic Google domain, making them immune to phishing. The private key never leaves the hardware device, and authentication requires physical possession. While Google Authenticator (D) is more secure than SMS/codes (C), it's still vulnerable to real-time phishing where attackers intercept and use the TOTP code. Google prompt (B) also lacks the same level of phishing resistance as security keys. The community discussion shows strong consensus for A (86% of answers), with multiple comments highlighting security keys' cryptographic protection against MITM attacks.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is concerned about unauthorized access to the Google Cloud environment via phishing pages that mimic the login. You need to implement a solution to protect against man-in-the-middle attacks.
Which security measure should you use?
A
Security key
B
Google prompt
C
Text message or phone call code
D
Google Authenticator application