CompTIA Security+ (SY0-501) — Question 661

The Chief Information Officer (CIO) has decided to add two-factor authentication along with the use of passwords when logging on to the network. Which of the following should be implemented to BEST accomplish this requirement?

Answer options

• A. Require users to enter a PIN
• B. Require users to set complex passwords
• C. Require users to insert a smart card when logging on
• D. Require the system to use a CAPTCHA

Correct answer: C

Explanation

The correct answer is C, as using a smart card in conjunction with a password constitutes a true two-factor authentication method, combining something the user knows (the password) with something the user has (the smart card). Options A and B do not provide two-factor authentication as they rely solely on knowledge-based measures, while option D involves a challenge-response system that does not factor in user identity verification.