CISA Certified Information Systems Auditor – Question1460
In an online banking application, which of the following would BEST protect against identity theft? A. Encryption of personal password B. Restricting the user to a specific terminal C. Two-factor authentication D. Periodic review of access logs
Correct Answer: C
Explanation:
Explanation:
Two-factor authentication requires two independent methods for establishing identity and privileges. Factors include something you know, such as a password; something you have, such as a token; and something you are, which is biometric. Requiring two of these factors makes identity theft more difficult. A password could be guessed or broken. Restricting the user to a specific terminal is not a practical alternative for an online application. Periodic review of access logs is a detective control and does not protect against identity theft.
Please disable your adblocker or whitelist this site!