Which of the following could be used as a second component of multifactor authentication if a user has an RSA token?
Which of the following could be used as a second component of multifactor authentication if a user has an RSA token?
A retina scan could be used in conjunction with an RSA token because it is a biometric factor, representing 'something you are'. This complements the RSA token, which is 'something you have.' For multifactor authentication to be effective, it requires combining different types of authentication factors. An access card, USB thumb drive, and RFID are all examples of 'something you have,' and thus would not provide the second, distinct type of authentication factor needed.
C. Retina scan
I would argue that stealing two things I have might be harder than stealing something I have and something I know...
The RSA token is something you have, a retinal scan means something you ARE not something you KNOW... Answer is 100% correct unless you can tell me how you yourself 'KNOW' your own eye?
Multifactor authentication (MFA) requires two or more factors from different categories: Something You Have → RSA token, smart card, security key Something You Know → Password, PIN Something You Are → Biometrics (fingerprint, retina scan, facial recognition) Since an RSA token falls under "Something You Have", the second component must come from a different category. A retina scan is "Something You Are", making it a valid second factor. Why Not the Others? A. Access card → Also "Something You Have," which does not meet MFA’s requirement for a different factor. B. USB thumb drive → Considered "Something You Have," similar to an RSA token. D. RFID → Usually associated with an access card, which is still "Something You Have."