CISSP Question #713: Real Exam Question with Answer & Explanation

Question

Which of the following will accomplish Multi-Factor Authentication (MFA)?

Options

• AIssuing a smart card with a user-selected Personal Identification Number (PIN)
• BRequiring users to enter a Personal Identification Number (PIN) and a password
• CPerforming a palm and retinal scan
• DIssuing a smart card and a One Time Password (OTP) token

Explanation

Issuing a smart card and a One Time Password (OTP) token will accomplish Multi-Factor Authentication (MFA). MFA is a method of authentication that requires users to present two or more factors of different types to prove their identity. The factors are usually classified into three something you know, something you have, and something you are. A smart card is a physical device that contains a microchip that stores cryptographic keys or certificates. A smart card is an example of something you have. An OTP token is a physical or software device that generates a random password that is valid for a short period of time. An OTP token is also an example of something you have. By combining two factors of the same type, the authentication process becomes more secure and resistant to attacks. The other options will not accomplish MFA, as they only involve one factor of one type. A user-selected Personal Identification Number (PIN) is an example of something you know. A password is also an example of something you know. A palm scan and a retinal scan are examples of something you are.

No community discussion yet for this question.