A technician wants to implement a dual factor authentication system that will enable the
organization to authorize access to sensitive systems on a need-to-know basis. Which of the
following should be implemented during the authorization stage?
A.
Biometrics
B.
Mandatory access control
C.
Single sign-on
D.
Role-based access control
Shouldn’t this be B.? Biometrics would apply to authentication stage and not authorization stage.
0
0
Confusing question…
Authentication = login + password (who you are)
Authorization = permissions (what you are allowed to do).. So it can’t be A.
IT can be B/D as both are authorization..
0
0
Ah this is a bit of tricky question, the correct answer is A. Granted it is a poorly worded question. If you carefully read the question its not asking about authorization at all. Its asking about dual factor authentication. Biometrics will provide dual factor authentication.
0
0
Biometric and another type of authentication.
0
0
A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis.
This is a statement followed by a period.
Which of the following should be implemented during the authorization stage? This a question, as it is followed by a question mark.
The “question” is very straight forward, when I carefully read it, it asks about the authorization stage.
“Which of the following should be implemented during the authorization stage?”
In chapter 2 of CompTIA Security+ SY0-401 Study Guide by Darril Gibson, “need to know” access is described under Mandatory Access Control, ans B
0
0
Also dual factor authentication is not limited to biometrics, it could just as easily be pin and smart card; something you know and something you have.
0
0
This is the worst question I’ve seen. Biometrics by itself is not dual factor authentication.
0
0