CompTIA Security Plus Mock Test Q978

A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?

A. Identification
B. Authorization
C. Access control
D. Authentication

Correct Answer: A
Section: Access Control and Identity Management

Identification is defined as the claiming of an identity and only has to take place once per authentication or access process. A login process typically consists of an identification such
as a username or email address and an authentication which proves you are who you say you are.

Incorrect Answers:
B: Authorization occurs after authentication, and ensures that the requested activity or object access is possible given the rights and privileges assigned to the authenticated identity.
Authorization indicates who is trusted to perform specific operations. An email address is not an example of authorization. Therefore, this answer is incorrect.
C: Access Control is defined as the control and management of users and their privileges and activities in a secure environment. An email address is not an example of Access
Control. Therefore, this answer is incorrect.
D: Authentication is a mechanism to prove an identity. There are many authentication methods such as passwords or biometrics. An email address alone (without the password) is not
an example of Authentication. Therefore, this answer is incorrect.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 278-284.