Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam SSCP All Questions

View all questions & answers for the SSCP exam
Go to Exam

Exam SSCP topic 1 question 150 discussion

Actual exam question from ISC's SSCP
Question #: 150
Topic #: 1
[All SSCP Questions]

Which of the following is not a two-factor authentication mechanism?

  • A. Something you have and something you know.
  • B. Something you do and a password.
  • C. A smartcard and something you are.
  • D. Something you know and a password.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Something you know and a password fits within only one of the three ways authentication could be done. A password is an example of something you know, thereby something you know and a password does not constitute a two-factor authentication as both are in the same category of factors.
A two-factor (strong) authentication relies on two different kinds of authentication factors out of a list of three possible choice: something you know (e.g. a PIN or password), something you have (e.g. a smart card, token, magnetic card), something you are is mostly Biometrics (e.g. a fingerprint) or something you do (e.g. signature dynamics).
TIP FROM CLEMENT:
On the real exam you can expect to see synonyms and sometimes sub-categories under the main categories. People are familiar with Pin, Passphrase,
Password as subset of Something you know.
However, when people see choices such as Something you do or Something you are they immediately get confused and they do not think of them as subset of
Biometrics where you have Biometric implementation based on behavior and physilogical attributes. So something you do falls under the Something you are category as a subset.
Something your do would be signing your name or typing text on your keyboard for example.
Strong authentication is simply when you make use of two factors that are within two different categories.
Reference(s) used for this question:
Shon Harris, CISSP All In One, Fifth Edition, pages 158-159
by BD773 at Sept. 13, 2023, 11:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Stevovo123
1 year, 2 months ago
Selected Answer: D
Something you know and a password. Options A, B, and C all describe two-factor authentication (2FA) mechanisms
upvoted 1 times
...
BD773
1 year, 2 months ago
It is B The option "Something you do and a password" is not typically considered a two-factor authentication mechanism. Two-factor authentication (2FA) typically involves two of the following factors: Something you know (e.g., a password or PIN). Something you have (e.g., a smartcard, security token, or mobile device). Something you are (e.g., biometric data like fingerprints, facial recognition, or iris scans).
upvoted 1 times
swiggharo
10 months, 4 weeks ago
Something you do = Behavioral. So, the answer is 'D'. Because password is already 'something you know'. So, that makes it NOT 2FA,
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel