CompTIA Security+ (SY0-501) — Question 800

An organization requires three separate factors for authentication to sensitive systems. Which of the following would BEST satisfy the requirement?

Answer options

• A. Fingerprint, PIN, and mother's maiden name
• B. One-time password sent to a smartphone, thumbprint, and home street address
• C. Fingerprint, voice recognition, and password
• D. Password, one-time password sent to a smartphone, and text message sent to a smartphone

Correct answer: B

Explanation

Option B is correct because it includes three different authentication factors: something you have (one-time password sent to a smartphone), something you are (thumbprint), and something you know (home street address). The other options either rely on similar types of factors or include less secure elements, like a mother's maiden name which is often easily accessible.