In Synchronous dynamic password tokens:

A.
The token generates a new password value at fixed time intervals (this password could be based on the
time of day encrypted with a secret key).

B.
The token generates a new non-unique password value at fixed time intervals (this password could be
based on the time of day encrypted with a secret key).

C.
The unique password is not entered into a system or workstation along with an owner’s PIN.

D.
The authentication entity in a system or workstation knows an owner’s secret key and PIN, and the entity
verifies that the entered password is invalid and that it was entered during the invalid time window.

Explanation:
Synchronous dynamic password tokens generate new passwords at specific time intervals that are synched
with the main system. Passwords are only valid for a specific time period.
Incorrect Answers:
B: With synchronous dynamic password tokens, a timer is used to rotate through various combinations
produced by a cryptographic algorithm. Therefore the password will be unique.
C: With synchronous dynamic password tokens, the user enters the generated value and a user ID (this could
be a PIN) into the computer, which then passes them to the server running the authentication service.
D: This is incorrect as the time value on the token device and a secret key is used to create the one-time
password, which the authentication service decrypts and compares to the value it expected.

http://www.informit.com/guides/content.aspx?g=security&seqNum=146
https://en.wikipedia.org/wiki/Security_token
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 196