nerdexam
CompTIA

SY0-301 · Question #788

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be

The correct answer is A. Biometrics. In a dual-factor (multi-factor) authentication system for sensitive, need-to-know environments, the goal is to uniquely and positively confirm the identity of the individual before granting access. Biometrics (something you ARE - fingerprint, retinal scan, etc.) serves as a stron

General security concepts

Question

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage?

Options

  • ABiometrics
  • BMandatory access control
  • CSingle sign-on
  • DRole-based access control

How the community answered

(28 responses)
  • A
    89% (25)
  • C
    7% (2)
  • D
    4% (1)

Explanation

In a dual-factor (multi-factor) authentication system for sensitive, need-to-know environments, the goal is to uniquely and positively confirm the identity of the individual before granting access. Biometrics (something you ARE - fingerprint, retinal scan, etc.) serves as a strong second authentication factor that cannot be easily shared, lost, or stolen. During the access-granting stage for high-security systems, biometrics ensures that the person physically present is the authorized individual. Role-based access control (D) defines what an authenticated user can access but is an authorization model, not an authentication factor. Mandatory access control (B) uses labels and clearances. Single sign-on (C) reduces authentication prompts but does not add a second factor.

Topics

#multi-factor authentication#biometrics#authorization#access control

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice