You have a workgroup computer named Computer1 that runs Windows 10. You need to configure Windows Hello for sign-in to Computer1 by using a physical security key. What should you use?
A.
a USB 3.0 device that supports BitLocker Drive Encryption (BitLocker)
B.
a USB device that supports FIDO2
C.
a USB 3.0 device that has a certificate from a trusted certification authority (CA)
FIDO2 is the latest specification of the non-commercial FIDO Alliance (Fast Identity Online), which was created with the aim of developing open and license-free standards for secure, worldwide authentication on the World Wide Web.
FIDO2 provides the option of using two-factor authentication, in which the usual username password login is supplemented by an encryption with FIDO2 keys as well as an additional FIDO2 token (hardware), or a completely password-free authentication.
Answer: B. a USB device that supports FIDO2.
Explanation:
To use a physical security key for Windows Hello sign-in, the key must support the FIDO2 standard, which enables strong authentication using public key cryptography. The FIDO2 standard is supported by several popular security keys, including the YubiKey and the Feitian BioPass. Once the security key is connected to the computer, you can set up Windows Hello to use the key for sign-in by going to Settings > Accounts > Sign-in options and selecting "Windows Hello FIDO2 Security Key" as the sign-in method.
INCORRECT:
Answer A (a USB 3.0 device that supports BitLocker Drive Encryption) is incorrect because BitLocker is a drive encryption tool, not a tool for enabling Windows Hello.
Answer C (a USB 3.0 device that has a certificate from a trusted certification authority) is incorrect because having a certificate from a trusted CA is not a requirement for using Windows Hello with a security key.
Answer D (a USB device that supports RSA SecurID) is incorrect because RSA SecurID is a two-factor authentication solution, not a tool for enabling Windows Hello.
B. is correct.
"We currently support several designs and providers of security keys using the Fast Identity Online (FIDO) (FIDO2) passwordless authentication protocols."
This section is not available anymore. Please use the main Exam Page.MD-100 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Anthony_2770
Highly Voted 4 years, 5 months agoPChi
3 years, 2 months agoJoenardAF
Highly Voted 4 years, 6 months agoBuruguduystunstugudunstuy
Most Recent 2 years, 2 months agoBuruguduystunstugudunstuy
2 years, 2 months agomikl
3 years, 5 months agoMerma
4 years, 1 month agoMD4439
4 years, 3 months ago