Pin, Password, Passphrases, Tokens, smart cards, and biometric devices are all items that can be used for Authentication.When one of these item listed above in conjunction with a second factor to validate authentication, it provides robust authentication of the individual by practicing which of the following?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
Once an identity is established it must be authenticated.
There exist numerous technologies and implementation of authentication methods however they almost all fall under three major areas.
There are three fundamental types of authentication: Authentication by knowledgesomething a person knows Authentication by possessionsomething a person has Authentication by characteristicsomething a person is Logical controls related to these types are called "factors." Something you know can be a password or PIN, something you have can be a token fob or smart card, and something you are is usually some form of biometrics.
Single-factor authentication is the employment of one of these factors, two-factor authentication is using two of the three factors, and three-factor authentication is the combination of all three factors.
The general term for the use of more than one factor during authentication is multifactor authentication or strong authentication.
Reference(s) used for this question: Hernandez CISSP, Steven (2012-12-21)
Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 2367-2379)
Auerbach Publications.
Kindle Edition.
The use of Pin, Password, Passphrases, Tokens, Smart Cards, and Biometric devices for authentication is to confirm the identity of a user attempting to access a resource or system.
Two-factor authentication (2FA) is the practice of using two separate forms of authentication to verify the identity of a user. When one of these items listed above is used in conjunction with a second factor, it provides two-factor authentication, making the authentication process more robust and secure.
For example, a user may be required to enter a password (something they know) and a one-time code sent to their phone (something they have) to access a system. This ensures that even if an attacker steals the user's password, they would still need access to the user's phone to successfully authenticate.
Therefore, the correct answer to the question is B. Two-factor authentication. This practice is commonly used to provide an extra layer of security in situations where a single form of authentication is not enough.