Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
After entering a username and password, an administrator must draw a gesture on a touch screen. Which of the following demonstrates what the administrator is providing?
The something you can do authentication factor refers to actions you can take such as gestures on a touch screen. As an example, Microsoft Windows 10 supports picture passwords. Users first select a picture, and then they can add three gestures as their picture password. Gestures include tapping in specific places on the picture, drawing lines between items with a finger, or drawing a circle around an item such as someone’s head. After registering the picture and their gestures, users repeat these gestures to log on again later.
-Security+ SY0-601 Get Certified Get Ahead by Darril Gibson
This is why I hate CompTIA questions.
But, knowing that, it's always a case of "pick the best/most correct answer" not pick the correct answer from a list that contains only 1 correct answer.
The action of drawing a gesture on a touch screen after entering a username and password demonstrates:
B. Something you can do.
In multifactor authentication (option A), the user provides two or more different authentication factors to verify their identity. Biometrics (option C) involves using physiological or behavioral characteristics, such as fingerprints or voice recognition, for authentication. Two-factor authentication (option D) typically involves using two different types of authentication factors, such as a password and a one-time code sent to a mobile device.
However, in the scenario described, the action of drawing a gesture on a touch screen is not an additional authentication factor like biometrics or a one-time code. Instead, it is an action or behavior that the user can perform, similar to entering a password. Therefore, the correct answer is option B: Something you can do.
I am quite perplexed by this question and answer choices because username/password combos and swipe patterns are BOTH something you know. MFA, 2FA, and biometrics would then be eliminated as options. Furthermore, "something you do" is mentioned by CompTIA, however it is described in conjunction with something you are (see excerpt below). Therefore, I am not inclined to pick any of the answers listed. God forbid this is on any of our exams, but if I had to choose, I guess I'd go with C?
"Something You Are/Do Authentication
A biometric factor uses either physiological identifiers, such as a fingerprint, or behavioral identifiers, such as the way someone moves (gait). The identifiers are scanned and recorded as a template. When the user authenticates, another scan is taken and compared to the template."
The main difference between 2FA and MFA is that 2FA requires you to use one authentication method in addition to your username and password, whereas MFA requires one or more additional authentication methods to your username and password.
draw a gesture on a touch screen. This is sounds familiar, after entering a username and a password, another factor is required. In this case is the Pattern you draw on a touch screen.
"administrator must draw a gesture on a touch screen " - maybe the system is asking for proof that the administrator is human, not for logging authentication.
For me is "something you can go"
There is NO something you can do...don't fall for Comptia Bullsh*t
Something you know - Like a password, or a memorized PIN.
Something you have - Like a smartphone, or a secure USB key.
Something you are - Like a fingerprint, or facial recognition.
Those are the 3 factors of MFA, there are 4 attributes as well, check out this video.
https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/multi-factor-authentication-5/#:~:text=Those%20three%20factors%20are%20something,exhibit%2C%20and%20someone%20you%20know.
The scenario described, where an administrator enters a username and password and then draws a gesture on a touch screen, demonstrates:
A. Multifactor authentication
Multifactor authentication (MFA) involves using multiple methods or factors to verify a user's identity. In this case, the factors include:
Knowledge factor: Something the user knows (username and password).
Inherence factor: Something the user has or is (drawing a gesture on a touch screen).
Combining these factors enhances the security of the authentication process. If it were only a username and password, it would be considered two-factor authentication (2FA), but the addition of the gesture on the touch screen adds an extra layer, making it a form of multifactor authentication.
Username and password are one ONE factor (something you know). So username and password is 1FA.
In order for it to be 2FA you'd need to add a different factor.
2-factor authentication (2FA) is a security process in which a user provides two different authentication factors to verify their identity. In this scenario, the username and password represent one factor, while the gesture drawn on the touch screen serves as the second factor, making it a form of 2FA.
This question is simply incorrect.
Password: something you know
Username: Something you know
Pattern: Something you know
The concept "something you can do" does not exist in any official literature.
There are only three:
"Something you know"
"Something you are"
"Something you have"
Therefore, I assume it might be "something you can do," but again, THIS CONCEPT DOES NOT EXIST IN CYBERSECURITY.
So, I don't know, as all the other answers are also incorrect.
in the exam objectives it lists
- Factors
- Something you know
- Something you have
- Something you are
- Attributes
- Somewhere you are
- Something you can do
- Something you exhibit
- Someone you know
i was also confused because i didn't know that even existed
I fully agree this is a bad question.
There seem to be two ways of understanding the gesture.
If it's an good old school gesture, it is the same as password ("something you know").
In such a case the answer can't be 2FA/MFA (one being a special case of the other), since it's the same factor (knowledge) as password.
Another option is a dynamic gesture (biometrics). There's a lot of research and articles about it.
If that's the case, however, MFA, 2FA and biometrics are all correct (biometrics being the most specific).
In either case it's not "something you can do".
BTW, not all people can stand on their head. Would that be considered MFA?
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ComPCertOn
Highly Voted 6 months, 1 week agoLeonardSnart
Highly Voted 8 months, 3 weeks agoSecNoob27639
Most Recent 1 week, 5 days agoshady23
2 weeks, 2 days agoGeronemo
3 weeks, 2 days agorussian
3 weeks, 5 days ago_deleteme_
1 month, 1 week agoslapster
2 months, 4 weeks agoslapster
2 months, 4 weeks agocannon
3 months, 1 week ago[Removed]
3 months, 1 week agomaggie22
4 months agomaggie22
4 months agoPeshokp
5 months, 3 weeks agoMortG7
3 months, 3 weeks agosubaie503
2 months, 3 weeks agokonami007
6 months, 1 week agoDeKardinal
5 months, 1 week agoganymede
4 months agoLuckyAro
6 months, 2 weeks agodamianUY
6 months, 3 weeks ago[Removed]
4 months agofryderyk
6 months, 2 weeks agofryderyk
2 months agominx98
7 months, 3 weeks agoLost_Memo
7 months, 3 weeks ago