CompTIA Security+ (SY0-501) — Question 304

During a lessons learned meeting regarding a previous incident, the security team receives a follow-up action item with the following requirements:
✑ Allow authentication from within the United States anytime
✑ Allow authentication if the user is accessing email or a shared file system
✑ Do not allow authentication if the AV program is two days out of date
✑ Do not allow authentication if the location of the device is in two specific countries
Given the requirements, which of the following mobile deployment authentication types is being utilized?

Answer options

• A. Geofencing authentication
• B. Two-factor authentication
• C. Context-aware authentication
• D. Biometric authentication

Correct answer: C

Explanation

The correct answer is Context-aware authentication because it considers various factors such as location, device status, and access type to determine if authentication should be allowed. Geofencing authentication only focuses on location, while two-factor and biometric authentication are based on user identity verification and do not account for the specific conditions outlined in the requirements.