Exam 400-007 topic 1 question 179 discussion

Correct A & E.

I think ans are A and E. Possession-based: This is authentication using something in the user's possession (e.g., smartphone, security token, card). Security is enhanced because the user is authenticated based on items the user physically possesses. Persona-based: This is authentication based on a user's personal characteristics or behavior. Examples include biometrics (fingerprints, facial recognition), which authenticates based on the user's individual characteristics.

A- Something you have B- Something you are

I would argue that push-based is just an implementation of possession-based 2FA. Below article suggests using the person‘s behaviour as additional source: https://www.biometricupdate.com/202002/behavioral-biometrics-and-persona-based-security-intelligence-as-a-key-fraud-prevention-layer

A. Possession-based authentication refers to verifying the user's possession of a physical token or device, such as a smart card, hardware token, or mobile phone. This factor adds an extra layer of security by requiring something the user physically possesses in addition to their username and password. C. Push-based authentication involves the delivery of an authentication request or notification to the user's registered device, such as a smartphone or tablet. The user must approve or verify the authentication request to gain access to the application or data. This factor provides an additional layer of security by requiring user interaction and confirmation.

https://www.techtarget.com/searchsecurity/definition/two-factor-authentication