nerdexam
(ISC)2

CISSP · Question #587

What is the best way for mutual authentication of devices belonging to the same organization?

The correct answer is B. Certificates. Mutual authentication between devices within an organization is best achieved using digital certificates, which allow both parties to verify each other's identity cryptographically without human interaction.

Submitted by viktor_hu· Mar 5, 2026Identity and Access Management (IAM)

Question

What is the best way for mutual authentication of devices belonging to the same organization?

Options

  • AToken
  • BCertificates
  • CUser ID and passwords
  • DBiometric

How the community answered

(25 responses)
  • A
    4% (1)
  • B
    88% (22)
  • D
    8% (2)

Why each option

Mutual authentication between devices within an organization is best achieved using digital certificates, which allow both parties to verify each other's identity cryptographically without human interaction.

AToken

Tokens are typically used for user-based authentication sessions and are not well-suited for automated, persistent mutual authentication between devices at scale.

BCertificatesCorrect

Digital certificates, issued by a trusted internal Certificate Authority (CA), enable mutual TLS (mTLS) authentication where both devices present and validate each other's certificates cryptographically. This is scalable, automated, and does not require human intervention, making it ideal for machine-to-machine authentication within an organization. PKI-based certificates provide strong identity assurance tied to the organization's trust hierarchy.

CUser ID and passwords

User IDs and passwords are designed for human authentication, are difficult to manage securely across many devices, and do not natively support the mutual (two-way) authentication model required between devices.

DBiometric

Biometric authentication requires a human biological trait as input and cannot be applied to device-to-device authentication scenarios where no human is present.

Concept tested: PKI certificate-based mutual device authentication

Source: https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-x509ca-overview

Topics

#Mutual authentication#Device authentication#Certificates

Community Discussion

No community discussion yet for this question.

Full CISSP Practice