CompTIA PenTest+ (PT0-001) — Question 98

After several attempts, an attacker was able to gain unauthorized access through a biometrics sensor using the attacker's actual fingerprint without exploitation.
Which of the following is the MOST likely explanation of what happened?

Answer options

• A. The biometric device is tuned more toward false positives.
• B. The biometric device is configured more toward true negatives.
• C. The biometric device is set to fail closed.
• D. The biometric device duplicated a valid user's fingerprint.

Correct answer: A

Explanation

The correct answer is A because if the biometric device is overly sensitive to false positives, it may incorrectly accept unauthorized users. Option B is incorrect as being configured for true negatives would reduce the chance of unauthorized access. Options C and D do not align with the scenario where the attacker used their own fingerprint successfully.