CISA Certified Information Systems Auditor – Question1650

Which of the following is the BEST way to satisfy a two-factor user authentication?

A.
A smart card requiring the user's PIN
B. User ID along with password
C. Iris scanning plus fingerprint scanning
D. A magnetic card requiring the user's PIN

Correct Answer: A

Explanation:

Explanation:
A smart card addresses what the user has. This is generally used in conjunction with testing what the user knows, e.g., a keyboard password or personal identification number (PIN). An ID and password, what the user knows, is a single-factor user authentication. Choice C is not a two- factor user authentication because it is only biometric. Choice D is similar to choice A, but the magnetic card may be copied; therefore, choice A is the best way to satisfy a two-factor user authentication.