Exam SY0-601 topic 1 question 645 discussion

The Q is stupid, StumTIA type

The something you can do authentication factor refers to actions you can take such as gestures on a touch screen. As an example, Microsoft Windows 10 supports picture passwords. Users first select a picture, and then they can add three gestures as their picture password. Gestures include tapping in specific places on the picture, drawing lines between items with a finger, or drawing a circle around an item such as someone’s head. After registering the picture and their gestures, users repeat these gestures to log on again later. -Security+ SY0-601 Get Certified Get Ahead by Darril Gibson

=B

Had a similar question to this in bootcamp: specific gesture is “Something you know” we have to assume that isn’t the answer because it isn’t an option, and the same goes with this only being single factor. If you argue that B applies to gesture lock, then if you combine the gesture with the username and password, making it two factors of authentication

I'm seriously confused about what the question is asking for. Is CompTIA asking about the drawing ONLY? Then the answer is "Something that you can do." Is CompTiA asking about the username/password and the drawing all together? Then the answer is "2F authentication"

D is the correct answer, Two-factor authentication (2FA): This involves using two different types of authentication factors. In this case, the username and password (something you know) and the gesture (something you can do) qualify as two distinct factors. Also, which of the following demonstrates what the administrator is PROVIDING? that is two-factor authentication.

This is why I hate CompTIA questions. But, knowing that, it's always a case of "pick the best/most correct answer" not pick the correct answer from a list that contains only 1 correct answer.

B. Something you can do

The action of drawing a gesture on a touch screen after entering a username and password demonstrates: B. Something you can do. In multifactor authentication (option A), the user provides two or more different authentication factors to verify their identity. Biometrics (option C) involves using physiological or behavioral characteristics, such as fingerprints or voice recognition, for authentication. Two-factor authentication (option D) typically involves using two different types of authentication factors, such as a password and a one-time code sent to a mobile device. However, in the scenario described, the action of drawing a gesture on a touch screen is not an additional authentication factor like biometrics or a one-time code. Instead, it is an action or behavior that the user can perform, similar to entering a password. Therefore, the correct answer is option B: Something you can do.

toddler question tbh

In the new 701 Training Guide from Dion Training - MFA now has "something you do" - Its B

I am quite perplexed by this question and answer choices because username/password combos and swipe patterns are BOTH something you know. MFA, 2FA, and biometrics would then be eliminated as options. Furthermore, "something you do" is mentioned by CompTIA, however it is described in conjunction with something you are (see excerpt below). Therefore, I am not inclined to pick any of the answers listed. God forbid this is on any of our exams, but if I had to choose, I guess I'd go with C? "Something You Are/Do Authentication A biometric factor uses either physiological identifiers, such as a fingerprint, or behavioral identifiers, such as the way someone moves (gait). The identifiers are scanned and recorded as a template. When the user authenticates, another scan is taken and compared to the template."

Gents I believe you're over thinking this. It's clearly multifactor authentication, you're just arguing about the details. ChatGPT says it to.

The main difference between 2FA and MFA is that 2FA requires you to use one authentication method in addition to your username and password, whereas MFA requires one or more additional authentication methods to your username and password.

draw a gesture on a touch screen. This is sounds familiar, after entering a username and a password, another factor is required. In this case is the Pattern you draw on a touch screen.

"administrator must draw a gesture on a touch screen " - maybe the system is asking for proof that the administrator is human, not for logging authentication. For me is "something you can go"

The scenario described, where an administrator enters a username and password and then draws a gesture on a touch screen, demonstrates: A. Multifactor authentication Multifactor authentication (MFA) involves using multiple methods or factors to verify a user's identity. In this case, the factors include: Knowledge factor: Something the user knows (username and password). Inherence factor: Something the user has or is (drawing a gesture on a touch screen). Combining these factors enhances the security of the authentication process. If it were only a username and password, it would be considered two-factor authentication (2FA), but the addition of the gesture on the touch screen adds an extra layer, making it a form of multifactor authentication.