Which of the following, in addition to a password, can be asked of a user for MFA?
Hard token can be asked of a user for MFA in addition to a password.
A hard token is a physical device that generates a time-sensitive code, providing an additional layer of security for multi-factor authentication (MFA). This method requires users to possess something tangible, in addition to knowing a secret, such as a password.
A Personal Identification Number (PIN) is often used as a single factor of authentication rather than an additional factor. While it may serve as a second form of verification in some systems, it is typically considered an alternative to a password rather than a distinct component of multi-factor authentication.
Asking for a favorite color is not a secure method for MFA because it is easily guessable or obtainable through social engineering. It does not provide the necessary security or complexity required for additional authentication, thus not meeting the standards of MFA.
A hard token is a physical device that generates a unique code for each login attempt, which must be entered alongside a password. This physical aspect ensures that even if a password is compromised, unauthorized access is prevented without the token, making it a legitimate second factor in the MFA process.
While a mother's maiden name can sometimes be used as a security question, it is generally not considered a strong form of MFA. Similar to a favorite color, it can be easily discovered or guessed, lacking the security necessary to effectively augment password protection.
Multi-factor authentication (MFA) enhances security by requiring multiple forms of verification. Among the options listed, a hard token stands out as a viable additional authentication method, as it involves possessing a physical device that generates unique codes. Other choices, such as a PIN or personal information, do not sufficiently enhance security when used alongside a password, which is essential for robust MFA practices.
Related Questions
View allWhich of the following objectives does an evil twin achieve?
A Linux server is running a log collector that needs to be hardened. A...
A company's network is experiencing high levels of suspicious network...
During a security audit, a consulting firm notices inconsistencies bet...
Which of the following disaster recovery concepts is calculated by div...
Related Quizzes
View allCompTIA A Plus Certification Exam
CompTIA A Plus Exam Questions
CompTIA A Plus 1001 Exams Practice
CompTIA A Plus Practice Exam
CompTIA CySA+ Cybersecurity Analyst Certification all in One Exam Guide
CompTIA Security Plus Exam Answers
Free CompTIA Security Plus Practice Test
CompTIA Security Plus Simulation Questions
CompTIA Security Plus 501 Practice Questions
CompTIA Security Plus Example Questions
- ✓ 500+ Practice Questions
- ✓ Detailed Explanations
- ✓ Progress Analytics
- ✓ Exam Simulations