CISSP · Question #221
Which of the following is generally indicative of a replay attack when dealing with biometric authentication?
The correct answer is D. Exact match. In biometric authentication, a replay attack involves replaying a previously captured biometric sample, which produces a suspiciously exact match rather than the natural variation seen in legitimate live samples.
Question
Which of the following is generally indicative of a replay attack when dealing with biometric authentication?
Options
- AFalse Acceptance Rate (FAR) is greater than 1 in 100,000
- BFalse Rejection Rate (FRR) is greater than 5 in 100
- CInadequately specified templates
- DExact match
How the community answered
(43 responses)- B2% (1)
- C5% (2)
- D93% (40)
Why each option
In biometric authentication, a replay attack involves replaying a previously captured biometric sample, which produces a suspiciously exact match rather than the natural variation seen in legitimate live samples.
A False Acceptance Rate greater than 1 in 100,000 indicates the system's sensitivity or threshold is too permissive, which is a configuration or tuning issue rather than evidence of a replay attack.
A False Rejection Rate greater than 5 in 100 indicates the system is overly strict and is rejecting legitimate users too frequently, which reflects a threshold or template quality problem, not a replay attack.
Inadequately specified templates refer to poor enrollment quality or insufficient biometric data captured during setup, which is a provisioning or data quality issue rather than an indicator of a replay attack.
Legitimate biometric readings always contain minor variability due to environmental factors, sensor noise, and physiological changes, so an exact match between a stored template and a submitted sample strongly suggests a replayed or cloned digital copy of the original biometric data rather than a genuine live reading. This is a hallmark indicator of a replay attack, where an attacker captures and retransmits a previously authenticated biometric signal. Real biometric systems are designed to accept close matches within a tolerance threshold, not perfect duplicates.
Concept tested: Replay attacks in biometric authentication systems
Source: https://nvlpubs.nist.gov/nistpubs/ir/2006/nist.ir.7290.pdf
Topics
Community Discussion
No community discussion yet for this question.