CompTIA PenTest+ (PT0-002) — Question 331

In order to improve the security of a company, an information security officer decided to implement multifactor authentication (MFA) technology. The company currently requires badges to access its facilities. Which of the following additional types of physical controls should the security officer recommend to enforce MFA?

Answer options

• A. What you have
• B. Where you are
• C. What you know
• D. Who you are

Correct answer: D

Explanation

The correct answer is D, 'Who you are', as it refers to biometric authentication methods like fingerprint or facial recognition, which complement the badge system. Options A, B, and C represent other forms of authentication that do not directly relate to physical controls necessary for enforcing MFA in this context.