IIA-CIA-Part3 Exam - Question 90

Question

Which of the following authentication device credentials is the most difficult to revoke when an employee's access rights need to be removed?

Examice · Accepted Answer

The most difficult authentication device credential to revoke when an employee's access rights need to be removed is a biometric device. Biometric authentication relies on physical or behavioral characteristics such as fingerprints, iris patterns, or facial recognition, which are unique to each individual. Unlike keys, cards, or proximity devices which can be deactivated or retrieved, biometric data, once captured and stored, cannot be altered or revoked easily. This makes the process of revoking access rights for biometrics more complex compared to other devices.

Walewweeeed · Answer

Why not b

yomang · Answer

It's B.

Domiii · Answer

When it comes to revoking an employee's access rights, the most difficult authentication device credential to revoke would typically be a biometric device.

Biometric authentication relies on unique physical or behavioral characteristics of an individual, such as fingerprints, iris scans, or facial recognition. Once an employee's biometric data is enrolled and associated with their access rights, it becomes challenging to revoke that credential if the employee's access needs to be removed. Unlike other authentication methods, such as a traditional key lock or a card-key system, which can be physically collected or deactivated, biometric data cannot be easily changed or revoked.

ciacandidate · Answer

I think it's B too.

superman26 · Answer

proximity device is an RFID or electronic card, why this is difficult to revoke? why the answer, not a traditional lock, if an employee resigned and the key no returned? how to revoke the access? replaced a new lock and replacement of duplicate key I guess will quite troublesome.

Crazyhydra · Answer

Its A because it can be easily duplicated

IIA-CIA-Part3 Exam - Question 90

Discussion