ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your company must enforce multi-factor authentication (MFA) for all AWS Management Console logins. Compliance mandates that each user present credentials from at least two different factor categories: something they know, something they have, or something they are. Which of the following sign-in mechanisms satisfies this requirement?
Insert a smart card and digitally sign an on-screen challenge with the certificate stored on the same card.
Pass a face recognition scan and then place a fingerprint on a USB fingerprint reader.
Provide a password and then correctly answer three personal knowledge-based security questions.
Enter a username and password, then type a six-digit TOTP code generated by an authenticator app on the user's smartphone.
MFA requires two independent factors drawn from different categories. Supplying a username and password is a knowledge factor, while entering a TOTP code generated by an authenticator app on a registered smartphone is a possession factor. Combining those two satisfies the requirement for distinct categories.
Inserting a smart card and using it to sign a cryptographic challenge both rely on the same physical card (possession only). Answering security questions after entering a password relies solely on knowledge factors. Using face recognition followed by a fingerprint scan relies only on biometric (inherence) factors. Therefore, only the combination of password plus smartphone-generated TOTP fulfills the compliance mandate.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is multi-factor authentication (MFA)?
Open an interactive chat with Bash
What is a TOTP code and how does it work?
Open an interactive chat with Bash
Why do MFA factors need to be from different categories?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Access Controls
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .