CISSP · Question #44
Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?
The correct answer is A. False Acceptance Rate (FAR). When security requires that no unauthorized individual must ever gain access, the False Acceptance Rate (FAR) is the critical metric to minimize, as it measures how often impostors are incorrectly granted entry.
Question
Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?
Options
- AFalse Acceptance Rate (FAR)
- BFalse Rejection Rate (FRR)
- CCrossover Error Rate (CER)
- DRejection Error Rate
How the community answered
(50 responses)- A72% (36)
- B8% (4)
- C16% (8)
- D4% (2)
Why each option
When security requires that no unauthorized individual must ever gain access, the False Acceptance Rate (FAR) is the critical metric to minimize, as it measures how often impostors are incorrectly granted entry.
FAR (False Acceptance Rate) measures the percentage of unauthorized users who are incorrectly accepted by the biometric system. When the priority is ensuring no unauthorized individual is admitted, FAR must be minimized to as close to zero as possible, even at the cost of inconveniencing legitimate users. This metric directly quantifies the system's vulnerability to unauthorized access.
FRR (False Rejection Rate) measures how often legitimate, authorized users are incorrectly denied access, which affects usability and convenience but does not address the security risk of unauthorized entry.
The Crossover Error Rate (CER) is the point where FAR and FRR are equal and is used to compare the overall accuracy of biometric systems, but it is a balanced metric rather than one optimized for preventing unauthorized access specifically.
'Rejection Error Rate' is not a standard or recognized biometric metric; the correct terms are FAR, FRR, and CER, making this choice technically invalid.
Concept tested: Biometric system FAR vs FRR security tradeoffs
Source: https://csrc.nist.gov/glossary/term/false_accept_rate
Topics
Community Discussion
No community discussion yet for this question.