CISSP Question #587: Real Exam Question with Answer & Explanation

The correct answer is B: Certificates. Mutual authentication between devices within an organization is best achieved using digital certificates, which allow both parties to verify each other's identity cryptographically without human interaction.

Submitted by viktor_hu· Mar 5, 2026Identity and Access Management (IAM)

Question

What is the best way for mutual authentication of devices belonging to the same organization?

Options

AToken
BCertificates
CUser ID and passwords
DBiometric

Explanation

Mutual authentication between devices within an organization is best achieved using digital certificates, which allow both parties to verify each other's identity cryptographically without human interaction.

Common mistakes.

A. Tokens are typically used for user-based authentication sessions and are not well-suited for automated, persistent mutual authentication between devices at scale.
C. User IDs and passwords are designed for human authentication, are difficult to manage securely across many devices, and do not natively support the mutual (two-way) authentication model required between devices.
D. Biometric authentication requires a human biological trait as input and cannot be applied to device-to-device authentication scenarios where no human is present.

Concept tested. PKI certificate-based mutual device authentication

Reference. https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-x509ca-overview

Topics

#Mutual authentication#Device authentication#Certificates

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions