CAP · Question #130
An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?
The correct answer is B. Multi-factor. Using both a smart card (something you have) and a username/password (something you know) constitutes multi-factor authentication because it combines two distinct authentication factors.
Question
An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?
Options
- AAnonymous
- BMulti-factor
- CBiometrics
- DMutual
How the community answered
(29 responses)- A7% (2)
- B90% (26)
- C3% (1)
Why each option
Using both a smart card (something you have) and a username/password (something you know) constitutes multi-factor authentication because it combines two distinct authentication factors.
Anonymous authentication involves no identity verification at all, which is the opposite of the described scenario requiring both a card and credentials.
Multi-factor authentication (MFA) requires a user to present two or more verification factors from different categories: something you know (password), something you have (smart card), or something you are (biometric). Combining a smart card with a username and password satisfies two separate factor categories, meeting the definition of MFA. This layered approach significantly reduces the risk of unauthorized access compared to single-factor methods.
Biometric authentication uses physical or behavioral characteristics such as fingerprints or retina scans, neither of which is present in this scenario.
Mutual authentication means both the client and the server verify each other's identity, which describes a two-way trust relationship rather than the number of factors a single user presents.
Concept tested: Multi-factor authentication factors and classification
Source: https://pages.nist.gov/800-63-3/sp800-63b.html
Topics
Community Discussion
No community discussion yet for this question.