nerdexam
(ISC)2

CISSP · Question #990

Why is authentication by ownership stronger than authentication by knowledge?

The correct answer is C. It is more difficult to duplicate.. Authentication by ownership is stronger than authentication by knowledge because it is more difficult to duplicate. Authentication by ownership is a type of authentication that relies on something that the user possesses, such as a smart card, a token, or a biometric feature. Aut

Submitted by thandi_sa· Mar 5, 2026Identity and Access Management

Question

Why is authentication by ownership stronger than authentication by knowledge?

Options

  • AIt is easier to change.
  • BIt can be kept on the user's person.
  • CIt is more difficult to duplicate.
  • DIt is simpler to control.

How the community answered

(28 responses)
  • A
    4% (1)
  • C
    89% (25)
  • D
    7% (2)

Explanation

Authentication by ownership is stronger than authentication by knowledge because it is more difficult to duplicate. Authentication by ownership is a type of authentication that relies on something that the user possesses, such as a smart card, a token, or a biometric feature. Authentication by knowledge is a type of authentication that relies on something that the user knows, such as a password, a PIN, or a security question. Authentication by ownership is more difficult to duplicate than authentication by knowledge, as it requires physical access, specialized equipment, or sophisticated techniques to copy or forge the authentication factor. Authentication by knowledge is easier to duplicate than authentication by ownership, as it may be guessed, cracked, or stolen by various methods, such as brute force, social engineering, or phishing. Authentication by ownership is not necessarily easier to change, simpler to control, or more convenient to keep on the user's person than authentication by knowledge, as these factors may depend on the specific implementation and context of the authentication system.

Topics

#authentication factors#ownership#knowledge#multi-factor authentication

Community Discussion

No community discussion yet for this question.

Full CISSP Practice