nerdexam
CompTIA

SY0-301 · Question #806

A system administrator has concerns regarding their users accessing systems and secured areas using others' credentials. Which of the following can BEST address this concern?

The correct answer is C. Implement biometric readers on laptops and restricted areas.. Biometric authentication ties identity verification to a person's unique physical characteristics, making it technically impossible to share credentials with another user.

Security architecture

Question

A system administrator has concerns regarding their users accessing systems and secured areas using others' credentials. Which of the following can BEST address this concern?

Options

  • ACreate conduct policies prohibiting sharing credentials.
  • BEnforce a policy shortening the credential expiration timeframe.
  • CImplement biometric readers on laptops and restricted areas.
  • DInstall security cameras in areas containing sensitive systems.

How the community answered

(25 responses)
  • A
    8% (2)
  • B
    4% (1)
  • C
    88% (22)

Why each option

Biometric authentication ties identity verification to a person's unique physical characteristics, making it technically impossible to share credentials with another user.

ACreate conduct policies prohibiting sharing credentials.

A conduct policy is an administrative control that relies on user compliance and cannot technically prevent credential sharing from occurring.

BEnforce a policy shortening the credential expiration timeframe.

Shortening expiration reduces the window of exposure if credentials are shared but does not prevent the sharing behavior itself.

CImplement biometric readers on laptops and restricted areas.Correct

Biometric readers - such as fingerprint scanners or facial recognition on laptops and door access systems - authenticate based on who you are, not what you know or have. Because biometric traits are inherently personal and non-transferable, implementing them directly eliminates the ability of one user to present another user's credentials. This makes biometrics the strongest technical control against credential sharing compared to policy or procedural controls.

DInstall security cameras in areas containing sensitive systems.

Security cameras are a detective control that may deter or identify sharing after the fact but do not technically prevent it.

Concept tested: Biometric authentication as a preventive access control

Source: https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview

Topics

#biometrics#authentication#physical access control#credential management

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice