For virtual private network (VPN) access to the corporate network, the information security
manager is requiring strong authentication. Which of the following is the strongest method to
ensure that logging onto the network is secure?

A.
Biometrics

B.
Symmetric encryption keys

C.
Secure Sockets Layer (SSL)-based authentication

D.
Two-factor authentication

Explanation:

Two-factor authentication requires more than one type of user authentication. While biometrics
provides unique authentication, it is not strong by itself, unless a PIN or some other authentication
factor is used with it. Biometric authentication by itself is also subject to replay attacks. A
symmetric encryption method that uses the same secret key to encrypt and decrypt data is not a

typical authentication mechanism for end users. This private key could still be compromised. SSL
is the standard security technology for establishing an encrypted link between a web server and a
browser. SSL is not an authentication mechanism. If SSL is used with a client certificate and a
password, it would be a two-factor authentication.