CISSP · Question #572
CISSP Question #572: Real Exam Question with Answer & Explanation
The correct answer is C: One-time Password (OTP) token. A One-time Password (OTP) token best improves both confidentiality and integrity of a home banking system by providing strong authentication that prevents unauthorized access to sensitive financial data.
Question
A security architect is responsible for the protection of a new home banking system. Which of the following solutions can BEST improve the confidentiality and integrity of this external system?
Options
- AIntrusion Prevention System (IPS)
- BDenial of Service (DoS) protection solution
- COne-time Password (OTP) token
- DWeb Application Firewall (WAF)
Explanation
A One-time Password (OTP) token best improves both confidentiality and integrity of a home banking system by providing strong authentication that prevents unauthorized access to sensitive financial data.
Common mistakes.
- A. An IPS primarily focuses on detecting and blocking network-level attacks and intrusions, but it does not directly address user authentication or ensure confidentiality and integrity of the application data at the user level.
- B. A DoS protection solution focuses on maintaining availability of the system by mitigating volumetric and application-layer denial-of-service attacks, but it does not address confidentiality or integrity.
- D. A WAF protects against web application attacks such as SQL injection and cross-site scripting, primarily addressing integrity and availability, but it does not comprehensively address confidentiality through user authentication the way an OTP token does.
Concept tested. Authentication controls for external-facing banking systems
Reference. https://csrc.nist.gov/publications/detail/sp/800-63b/final
Topics
Community Discussion
No community discussion yet for this question.