A company has provided smartphones to their employees for business use. The IT administrator is required to enhance security on these devices. Which of the following would be the most effective way to upgrade security so that an employee must provide something they have in addition to something they know in order to access their device?
Setting up a system which requires a PIN code after entering their password.
Using a fingerprint as the sole authentication method without a password.
Disabling location services on the company-provided smartphones.
Installing a time-based one-time password application for access authentication.
The most effective upgrade to security, given the scenario, would be to implement a system that requires users to provide a second form of authentication in addition to their password (something they know). The use of a time-based one-time password (TOTP) app provides a dynamically changing code (something they have) and is a common approach for achieving two-factor authentication on mobile devices. A PIN code, while an additional security measure, would not constitute a second factor since it is another thing the user knows, not something they have. Similarly, a fingerprint alone does not fit the scenario's requirement for adding to the existing security measure (password) but would be used instead of a password. Disabling location services does not add a second authentication factor and thus does not enhance access security as described.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a time-based one-time password (TOTP) application?
Open an interactive chat with Bash
What are the benefits of two-factor authentication (2FA)?
Open an interactive chat with Bash
How does enabling a fingerprint scanner compare to using a TOTP for security?