220-1002 Question #584: Real Exam Question with Answer & Explanation

The correct answer is B: Screen lock timeouts. The correct answer is B. Smart card authentication secures the initial login, but once a user is authenticated and walks away from their workstation-potentially leaving the smart card inserted-the session remains open and accessible to anyone nearby. Screen lock timeouts automati

Question

A new policy requires all users to log on to their corporate workstations using smart card authentication. Which of the following best practices should be implemented to further secure access to workstations?

Options

AData encryption
BScreen lock timeouts
CRequired screensavers
DStrong passwords

Explanation

The correct answer is B. Smart card authentication secures the initial login, but once a user is authenticated and walks away from their workstation-potentially leaving the smart card inserted-the session remains open and accessible to anyone nearby. Screen lock timeouts automatically lock the workstation after a period of inactivity, requiring re-authentication to regain access, which directly addresses this physical access risk. Strong passwords (D) are largely redundant because smart cards replace passwords as the authentication factor. Data encryption (A) protects data at rest but does not prevent unauthorized access to an already unlocked, unattended session. Required screensavers (C) are weaker than screen lock timeouts because a screensaver does not necessarily enforce authentication to dismiss it; screen lock is the more secure and specific control.

Community Discussion

No community discussion yet for this question.

Full 220-1002 Practice