28 Sep Practice Test Question-Multi-factor Authentication
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Riley would like to improve the security of a current password-based authentication system. Which one of the following, if added to the current approach, would NOT allow her to describe the system as multi-factor authentication?
A. ID card scan
B. Retinal scan
C. Login confirmation on a smartphone app
D. Answering security questions pulled from her credit report
Correct Answer: D
Multifactor authentication requires mixing two factors. The existing password is a “something you know” factor, so we need to use factors from another category to achieve multifactor authentication. Now remember, you need to read these questions carefully. This question is asking you which one of these factors would NOT create multifactor authentication, so we’re going to eliminate the choices that WOULD create multifactor authentication. It would be appropriate to add a “something you are” factor, such as a retinal scan, so we can eliminate that choice. We could also use a “something you have” factor, such as an ID card or smartphone. On the other hand, adding another “something you know” factor, such as security questions, would not qualify as multifactor authentication, so that’s our correct answer here.
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments