A user attempting to log on to a workstation for the first time is prompted for the following
information before being granted access: username, password, and a four-digit security pin that
was mailed to him during account registration. This is an example of which of the following?
A.
Dual-factor authentication
B.
Multifactor authentication
C.
Single factor authentication
D.
Biometric authentication
Explanation:
multifactor is two or more forms of validation so the answer is B. (multifactor authentiation) pg 24
0
0
Factors of authentication refer to:
Things you know (Passwords, etc.)
Things you have (ID cards, etc.)
Things you are (Retina scans, fingerprints, etc.)
Multi-factor only applies when it involves two or more of these.
Passwords, PINs and Usernames are things that you “know” and therefore, only count as “single factor authentication”.
1
0
Should be B. Multifactor
0
0
Nope, single factor.
Username is something you know. Password is something you know, and pin is also something you know.
Now, if you were given a card that displays a pin when you push a button (like a token, or maybe an MFA code like google authenticator) it would be something you have.
The pin was given to you in advance, it is something you know now.
0
0
Multifactor. The PIN was mailed to the user, therefor it is something he “has”. If he is reading the pin, it is something “had” and not known.
Stupid question.
0
0
This is from the book p133 cert guide:
When taking the Security+ exam, keep in mind the number of authentica- tion factors in each type. For example, using a smart card and a password is two-factor authentication. However, using a password and a PIN is one- factor authentication because both involve “something you know.”
0
0
The answer is SINGLE-FACTOR (C).
You ‘know’ (read:learned and remember) your password as well as your PIN. Dual-factor will involve something else that is ‘NOT LEARNED’, such as something that makes you, you, i.e., BIOMETRICS, or something that you carry around and use, such as a SMART-CARD.
Factors of authentication:
1. Something that you know – A learned ‘secret’
2. Something that you are – Makes you, you, e.g., fingerprints, iris pattern or voice pattern (aka biometrics)
3. Something that you have – Smart-card with chip, RSA Secure-ID token, etc.
0
0
Dual factor. username/password is something you know. The pin is something you have. 2 factors.
0
0
A pin is something you know, not something you have. Just because it was provided to you doesn’t mean anything. What if your user name was emailed to you? Does that change from something you know to something you have?
Something you have would be a token, because you can’t “know” the token number as it is generated on the spot. Or a smart card. If you can memorize it, it’s something you know. If you can hold it in your hand, something you have. If it’s part of your body, something you are.
0
0
Correction.. just realized that I can’t hold my RSA token in my hand. It’s an application on my computer, not a physical token, so scratch that part.. but you get the idea 🙂
0
0