CompTIA SecurityX (CAS-005) — Question 79

A company wants to implement hardware security key authentication for accessing sensitive information systems. The goal is to prevent unauthorized users from gaining access with a stolen password. Which of the following models should the company implement to best solve this issue?

Answer options

• A. Rule-based
• B. Time-based
• C. Role-based
• D. Context-based

Correct answer: D

Explanation

The correct answer is D, Context-based, as it allows for dynamic access control based on various contextual factors, enhancing security against unauthorized access. Rule-based (A), Time-based (B), and Role-based (C) models do not adequately address the risks associated with stolen passwords and fail to provide the adaptive security measures needed in this scenario.