"proximity badge" is both something you have AND somewhere you are. Because not only is it something you physically have, you are required to be at a specific location to use it.
Answer C : in multifactor authentication involve different types of factors (e.g., something you know and something you have) physical token= sth you have and secreet passcode=sth you know.
Answer is D: "Preventative controls are designed to be implemented prior to a threat event and reduce and/or avoid the likelihood and potential impact of a successful threat event. Examples of preventative controls include policies, standards, processes, procedures, encryption, firewalls, and physical barriers." https://www.sciencedirect.com/topics/computer-science/preventative-control
A one-time password token (OTP token) is a security hardware device you have but after you know the password it becomes something you knew and smart cards something you have
Well, First I thought it is very straight forward that it's C but when I read it again and again then now I am not sure here is my reasoning "A digital certificate on a physical token that is unlocked with a secret passcode." it says you need secret passcode to unlock that physical token which will be used to authenticate towards a system (let's say System A) now that is not multifactor as multifactor would be something like using two things or more to authenticate towards same system( System A). This is like you want to open the door but the keys are in a safe and so you need to know the passcode of that safe and then you can get the keys and open the door but multifactor would be having 2 separate locks to the door something like where 1 will open with key and another with your prints. But the fact that you need to know the passcode of the safe so you can access the key , I doubt if that can be considered multifactor ? Anyone have more views on this ??
Yes it is multifactor because if you have the physical token (something you have) without knowing the passcode (something you now), you will not enter. The only trick here is that the passcode keypad is not on the door but on the physical token. For you to open the door, you must (a) have the token and (b) know the passcode
The answer is D for a one time password token and a proximity badge. A password token demonstrates something you know while the proximity badge demonstrates both something you have AND somewhere you are (because proximity means a certain location).
Think of a proximity badge (contactless) as a smart card (contact-based) that you insert to get inside a building. You must HAVE this object to get inside the building.
Somewhere you are = mobile device with location services
Something you have = smart card
SOURCE: The Official CompTIA Security+ Study Guide
Ihttps://securitybytes.io/certificate-based-authentication-5390eb28871f I think D is correct knoweldge OTP Proximetery badege something you have + certificates cant be MFA according to this interesting link
Some implementations of MFA may not meet the principles spelled out in this guidance document and are therefore not providing the security benefit intended by multi-factor authentication, which is to prevent someone pretending to be a valid user from using a valid username and password to gain access to sensitive network resources and/or cardholder data. One of those principles is that MFA should be implemented so that authentication mechanisms are independent of each other. This means that access to one factor does not grant access to any other factor, and the compromise of one factor does not affect the integrity or confidentiality of any other factor.
https://blog.pcisecuritystandards.org/understanding-new-pci-guidance-on-mfa
Certificates might not be usable as a Second Factor.
Recent PCI guidance has clarified the the use of certificates as multifactor authentication and points out that a certificate-based second factor (something you have) doesn't properly function as a factor if it is protected by a username and password.
Just a reminder:
"Using two or more methods in the same factor of
authentication (such as a PIN and a password) is single-factor
authentication. Dual-factor (or two-factor) authentication uses two
different factors, such as using a hardware token and a PIN.
Multifactor authentication uses two or more factors." (Darril Gibson).
Answer C.
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
bcarr789
Highly Voted 4 years, 11 months agoQongo
4 years, 11 months agojordbro93
4 years, 11 months agowho__cares123456789___
4 years, 5 months agoBStub30
4 years, 5 months agoAerials
Highly Voted 4 years, 11 months agogoodmate
Most Recent 1 year, 9 months agoColorfingers
3 years, 7 months agoColorfingers
3 years, 7 months agofonka
3 years, 11 months agoComputerguy
4 years, 1 month agoAarongreene
4 years, 2 months agoaosroyal
4 years, 2 months agosimo77
4 years, 3 months agoYettiSpider
4 years, 1 month agobobthebuilder55110
4 years, 4 months ago[Removed]
3 years, 11 months agomcNik
4 years, 5 months agoBStub30
4 years, 5 months agoJeff35
4 years, 4 months agoHerbie1995
4 years, 5 months agoHerbie1995
4 years, 5 months agoHerbie1995
4 years, 5 months agolsy
4 years, 6 months agoDookyBoots
4 years, 8 months agoDookyBoots
4 years, 8 months agoHanzero
4 years, 9 months agoDaaio
4 years, 10 months ago