CompTIA Security+ (SY0-701) — Question 269

An organization wants to improve the company's security authentication method for remote employees. Given the following requirements:

• Must work across SaaS and internal network applications
• Must be device manufacturer agnostic
• Must have offline capabilities

Which of the following would be the most appropriate authentication method?

Answer options

• A. Username and password
• B. Biometrics
• C. SMS verification
• D. Time-based tokens

Correct answer: D

Explanation

Time-based tokens are suitable as they can work across various applications, are not tied to specific device manufacturers, and can generate codes for offline use. In contrast, username and password are less secure, biometrics may not be device agnostic, and SMS verification relies on network connectivity, which contradicts the offline requirement.