CompTIA Security+ (SY0-501) — Question 172

Management wishes to add another authentication factor in addition to fingerprints and passwords in order to have three-factor authentication. Which of the following would BEST satisfy this request?

Answer options

• A. Retinal scan
• B. Passphrase
• C. Token fob
• D. Security question

Correct answer: C

Explanation

A token fob is a physical device that generates a one-time code, providing a third factor of authentication that is separate from something you know (password) and something you are (fingerprints). In contrast, a retinal scan is still a biometric measure, a passphrase is a knowledge-based factor, and a security question is also a knowledge-based factor, thus not fulfilling the requirement for three-factor authentication.