nerdexam
(ISC)2

CISSP · Question #1281

A company wants to implement two-factor authentication (2FA) to protect their computers from unauthorized users. Which solution provides the MOST secure means of authentication and meets the criteria

The correct answer is D. Hardware token and password. Two-factor authentication (2FA) is a method of authentication that requires two independent factors to verify the identity of a user. The factors are usually classified into three categories: something you know (such as a password or a PIN), something you have (such as a hardware

Submitted by miguelv· Mar 5, 2026Identity and Access Management

Question

A company wants to implement two-factor authentication (2FA) to protect their computers from unauthorized users. Which solution provides the MOST secure means of authentication and meets the criteria they have set?

Options

  • AUsername and personal identification number (PIN)
  • BFingerprint and retinal scanners
  • CShort Message Services (SMS) and smartphone authenticator
  • DHardware token and password

How the community answered

(40 responses)
  • A
    3% (1)
  • B
    13% (5)
  • C
    5% (2)
  • D
    80% (32)

Explanation

Two-factor authentication (2FA) is a method of authentication that requires two independent factors to verify the identity of a user. The factors are usually classified into three categories: something you know (such as a password or a PIN), something you have (such as a hardware token or a smart card), and something you are (such as a fingerprint or a retinal scan). A hardware token and a password provide the most secure means of authentication among the given options, as they belong to different categories and are less susceptible to theft, duplication, or compromise. A username and a PIN are both something you know, and thus do not constitute 2FA. A fingerprint and a retinal scanner are both something you are, and thus do not constitute 2FA. A Short Message Service (SMS) and a smartphone authenticator are both something you have, and thus do not constitute 2FA. Moreover, SMS is not a secure channel for transmitting authentication codes, as it can be intercepted or spoofed by attackers.

Topics

#Two-factor authentication#Multi-factor authentication#Hardware token#Authentication security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice