CISSP-ISSAP · Question #20
An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?
The correct answer is C. Multi-factor. Multi-factor authentication (MFA) combines two or more distinct authentication factors: something you know (username/password), something you have (smart card), and/or something you are (biometrics). Using both a smart card and a username/password satisfies at least two of these
Question
An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?
Options
- AMutual
- BAnonymous
- CMulti-factor
- DBiometrics
How the community answered
(28 responses)- B4% (1)
- C89% (25)
- D7% (2)
Explanation
Multi-factor authentication (MFA) combines two or more distinct authentication factors: something you know (username/password), something you have (smart card), and/or something you are (biometrics). Using both a smart card and a username/password satisfies at least two of these categories, making option C correct.
Why the others are wrong:
- A. Mutual - Mutual authentication means both parties (client and server) verify each other's identity, which isn't what's described here.
- B. Anonymous - Anonymous authentication requires no credentials at all (e.g., guest access), the opposite of this scenario.
- D. Biometrics - Biometrics uses physical characteristics (fingerprint, retina scan) as a factor; neither smart cards nor passwords are biometric.
Memory tip: Think of MFA as needing items from at least two different "buckets" - Know/Have/Are. Smart card = have, password = know. Two buckets = multi-factor.
Topics
Community Discussion
No community discussion yet for this question.