CompTIA Security+ (SY0-501) — Question 953

An auditor has identified an access control system that can incorrectly accept an access attempt from an unauthorized user. Which of the following authentication systems has the auditor reviewed?

Answer options

• A. Password-based
• B. Biometric-based
• C. Location-based
• D. Certificate-based

Correct answer: B

Explanation

The correct answer is B, as biometric-based systems can sometimes fail to correctly identify individuals, allowing unauthorized access. Password-based systems rely on user knowledge, which can also be insecure, but they typically don't involve physical traits. Location-based and certificate-based systems have different mechanisms that generally do not lead to false acceptance of unauthorized users in the same way.