After several attempts, an attacker was able to gain unauthorized access through a biometrics sensor using the attacker's actual fingerprint without exploitation. Which of the following is the MOST likely explanation of what happened?
A.
The biometric device is tuned more toward false positives.
B.
The biometric device is configured more toward true negatives.
C.
The biometric device is set to fail closed.
D.
The biometric device duplicated a valid user's fingerprint.
PenTest+ Practice Tests Book
A. - A false positive is when the system incorrectly accepts a biometric sample as being a match. Biometric sensors sometimes make mistakes for a number of reasons. The identification process compares a biometric, such as a fingerprint or iris scan that is presented to the system, against all entries in a database for a match. This is referred to as a one-to-many search. Live biometrics change due to age, climate, or a possible injury on a finger. Vendors refer to these threshold settings as false acceptance rates (FARs) and false rejection rates (FRRs).
This is a common usage of biometrics in physical engagements, Pentesters or attackers will keep retrying in hops of a false positive, or fail open.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mr_robot
Highly Voted 5 years agomiabe
Most Recent 2 years, 10 months agoCock
3 years, 2 months agoBill_nye_russian_guy
3 years, 9 months ago