CompTIA Security Plus Mock Test Q998

A security administrator is tackling issues related to authenticating users at a remote site. There have been a large number of security incidents that resulted from either tailgating or impersonation of authorized users with valid credentials. The security administrator has been told to implement multifactor authentication in order to control facility access. To secure access to the remote facility, which of the following could be implemented without increasing the amount of space required at the entrance?

A. MOTD challenge and PIN pad
B. Retina scanner and fingerprint reader
C. Voice recognition and one-time PIN token
D. One-time PIN token and proximity reader


Correct Answer: C
Section: Access Control and Identity Management

Explanation:
Authentication systems or methods are based on one or more of these five factors:
Something you know, such as a password or PIN
Something you have, such as a smart card, token, or identification device
Something you are, such as your fingerprints or retinal pattern (often called biometrics)
Something you do, such as an action you must take to complete authentication
Somewhere you are (this is based on geolocation)
Multifactor authentication is authentication that uses two of more of the authentication factors listed above.
In this question, we can use voice recognition (something you are) and a one-time PIN token (something you have) to provide two factors of authentication. The one-time PIN token is
a small device that generates a one-time PIN to enable access.

Incorrect Answers:
A: MOTD stands for Message of the Day or Motto of the Day in UNIX. It is not generally used for authentication. However, if it was used for authentication, it would be ‘something you
know’. A PIN is also ‘something you know’. This is therefore not an example of multifactor authentication so this answer is incorrect.
B: A retina and a fingerprint are both examples of ‘something you are’. This is therefore not an example of multifactor authentication so this answer is incorrect.
D: A one-time PIN token is ‘something you have’. A proximity reader requires you to have a device (for example, an RFID tag) for the proximity reader to read. This would also be an
example of ‘something you have’. This is therefore not an example of multifactor authentication so this answer is incorrect.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 131