nerdexam
CompTIA

XK0-004 · Question #405

Which of the following is commonly implemented in external devices to provide unique event- based two-factor authentication credentials when a system is already implementing username and password auth

The correct answer is E. PIN. A PIN is the second factor used with external hardware devices like smart cards or hardware tokens, adding a 'something you know' element to the physical device already in use.

Security

Question

Which of the following is commonly implemented in external devices to provide unique event- based two-factor authentication credentials when a system is already implementing username and password authentication?

Options

  • ATACACS+
  • BHOTP
  • CBiometrics
  • DLDAP
  • EPIN

How the community answered

(67 responses)
  • A
    1% (1)
  • C
    3% (2)
  • D
    6% (4)
  • E
    90% (60)

Why each option

A PIN is the second factor used with external hardware devices like smart cards or hardware tokens, adding a 'something you know' element to the physical device already in use.

ATACACS+

TACACS+ is a network AAA protocol used for centralizing device access control, not a mechanism for generating second-factor credentials on external hardware devices.

BHOTP

HOTP is the algorithm standard for generating event-based one-time passwords, but it describes the cryptographic method rather than the user-facing credential entered on an external device.

CBiometrics

Biometrics authenticate via physical characteristics and are not event-based credentials generated or entered through an external device.

DLDAP

LDAP is a directory access protocol for querying user and credential information, not a second-factor credential mechanism.

EPINCorrect

A PIN is commonly required to unlock an external authentication device such as a smart card or hardware token, serving as the second factor beyond the existing username and password. When tied to a physical external device, the PIN is unique to that device and is triggered as part of the authentication event, satisfying the two-factor requirement with something the user knows plus something the user has.

Concept tested: Two-factor authentication with external hardware devices

Source: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mfa-howitworks

Topics

#two-factor authentication#HOTP#OTP tokens#authentication methods

Community Discussion

No community discussion yet for this question.

Full XK0-004 Practice