Certified Chief Information Security Officer (CCISO) — Question 16

Which of the following best describes an access control process that confirms the identity of the entity seeking access to a logical or physical area?

Answer options

• A. Identification
• B. Authorization
• C. Authentication
• D. Accountability

Correct answer: C

Explanation

The correct answer is C, Authentication, as it specifically refers to the process of verifying the identity of an entity. Identification (A) is simply stating who the entity is, Authorization (B) determines what the entity is allowed to do, and Accountability (D) tracks actions taken by entities, which does not involve identity verification.