A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and
a client side certificate. Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication
factors are in use by the VPN system?

A.
1

B.
2

C.
3

D.
4

Explanation:
Three different types of authentication factors have been used in this question:
Something you know username and password.
Something you have – client side certificate.
Somewhere you are – authentication to the VPN is only allowed from the U.S. territory.
Incorrect Answers:
A: This option refers to single factor authentication, which only makes use of one authentication factor.
B: This option refers to two-factor authentication, which makes use of two different authentication factors.
D: This option refers to four-factor authentication, which makes use of four different authentication factors.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 280, 282.