CompTIA
220-802 · Question #659
220-802 Question #659: Real Exam Question with Answer & Explanation
The correct answer is A: Use biometrics instead of the RSA token.. Biometrics (such as fingerprints or facial recognition) satisfy the second authentication factor and cannot be physically lost or misplaced, directly solving the problem of users repeatedly losing RSA tokens.
Question
A company has decided that all remote users need to use two-factor authentication to increase security. Several remote users have reported losing the RSA token and have replaced it several times. Which of the following is the solution for these users?
Options
- AUse biometrics instead of the RSA token.
- BRemove the RSA token requirement for any user that has lost an RSA token.
- CGive the users with lost RSA tokens RFID badges instead.
- DAttach the RSA token to the lid of the laptop.
Explanation
Biometrics (such as fingerprints or facial recognition) satisfy the second authentication factor and cannot be physically lost or misplaced, directly solving the problem of users repeatedly losing RSA tokens.
Common mistakes.
- B. Removing the RSA token requirement for users who have lost tokens undermines the entire two-factor authentication policy and reduces security rather than improving it.
- C. RFID badges are still a physical possession factor and can be lost just as easily as an RSA token, not solving the underlying problem.
- D. Attaching the token to the laptop lid is a physical workaround that does not prevent loss - a user who loses the laptop also loses the token, and the token is still a separate losable physical item.
Concept tested. Replacing physical tokens with biometric two-factor authentication
Reference. https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mfa-howitworks
Community Discussion
No community discussion yet for this question.