Exam CISSP topic 1 question 207 discussion

Something you are Something you know Something you have

Types 1 to 3, AIO

A password is not a typical PACS.

D. Type 1, 2 & 3. All in one.

The combination of access controls provides multiple factors of authentication, including something the user is (biometrics), something the user knows (password), and something the user has (badge) makes it much harder for an unauthorized person to gain access to a secure area or system. Although a password may not be necessary in a physical access control scenario where biometrics and a badge reader are already present (biometrics and a badge reader alone can provide a strong physical access control mechanism), however, the addition of a password as a third factor of authentication can further increase security and may be required in some high-security environments. Sine the question emphasizes "strongest" physical access control, option D is correct.

A password is not a typical PACS.

Please Read the question carefully is asking for physical! That's the keyword a password is not considered physical because it is a piece of information that is stored electronically or in a person's memory. Physical access controls refer to measures that use physical objects or devices to restrict access, such as badges, keys, or biometric readers.

Selected Answer: C Badges, identification cards, and security IDs are forms of physical identification and/or access to electronic control devices. CISSP 9th Edition pg 456 kindle reader

PIN is not strongest physical control, D combination would be the strongest

It's c. Hint - physical access control, not logical.

A password is not "physical" access control. So "C" is the most correct answer.

Why not C? Its' asking for physical access control.