CyberArk Defender – Access — Question 25
As part of compliance regulation, ACME Corporation is enforcing MFA for its critical business web-based application. To increase security and MFA compliance, CyberArk recommends selecting mechanisms from different categories. Within the authentication policy, ACME Corporation made the requirement to configure an authentication mechanism with "Something you know".
Which authentication mechanism meets this requirement?
Answer options
- A. Phone Call
- B. Security Question
- C. Text Message (SMS) Confirmation Code
- D. FIDO2 Authenticators
Correct answer: B
Explanation
The correct answer is B, Security Question, as it is a method that relies on information that only the user knows. Options A (Phone Call), C (Text Message), and D (FIDO2 Authenticators) do not fit the 'Something you know' criterion, as they involve external factors or devices rather than user knowledge.