CISSP · Question #587
What is the best way for mutual authentication of devices belonging to the same organization?
The correct answer is B. Certificates. Mutual authentication between devices within an organization is best achieved using digital certificates, which allow both parties to verify each other's identity cryptographically without human interaction.
Question
What is the best way for mutual authentication of devices belonging to the same organization?
Options
- AToken
- BCertificates
- CUser ID and passwords
- DBiometric
How the community answered
(25 responses)- A4% (1)
- B88% (22)
- D8% (2)
Why each option
Mutual authentication between devices within an organization is best achieved using digital certificates, which allow both parties to verify each other's identity cryptographically without human interaction.
Tokens are typically used for user-based authentication sessions and are not well-suited for automated, persistent mutual authentication between devices at scale.
Digital certificates, issued by a trusted internal Certificate Authority (CA), enable mutual TLS (mTLS) authentication where both devices present and validate each other's certificates cryptographically. This is scalable, automated, and does not require human intervention, making it ideal for machine-to-machine authentication within an organization. PKI-based certificates provide strong identity assurance tied to the organization's trust hierarchy.
User IDs and passwords are designed for human authentication, are difficult to manage securely across many devices, and do not natively support the mutual (two-way) authentication model required between devices.
Biometric authentication requires a human biological trait as input and cannot be applied to device-to-device authentication scenarios where no human is present.
Concept tested: PKI certificate-based mutual device authentication
Source: https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-x509ca-overview
Topics
Community Discussion
No community discussion yet for this question.