Q: 5
An engineer is setting up two-factor authentication so users can access a company's human
resources system. Which of the following should the engineer require users to do?
Options
Discussion
Makes sense to pick A here.
H imo, ad something like this in a mock. It's A since a mobile authenticator app actually gives you the extra "something you have" factor needed for 2FA. The others are just about network access or jump hosts, not true 2FA. Pretty confident but open to discussion.
Maybe A makes sense because a mobile authenticator app is literally used for something you have in 2FA. The others are just about network or systems access, not a second authentication factor. I think A is right but let me know if you see it differently.
C or D? I think connecting through the VPN (C) should count since VPNs require login and can be set up to ask for extra credentials. Isn't that basically like 2FA if done right? Not totally sure though, somebody correct me if I'm off.
I don't think it's D. Bastion servers are about restricting access paths, not adding another authentication factor. VPN (C) or Wi-Fi connectivity (B) control access to the network but don’t meet the 2FA requirement either. A (mobile authenticator app) actually supplies that second authentication factor. Pretty sure it's A, unless I’m missing something subtle in the question.
A , bastion server is for network security but doesn’t give you true two-factor. Mobile authenticator app is classic 2FA method.
Pretty sure it's A here, since using a mobile authenticator app gives that extra factor (something you have) on top of the password. VPN or connecting to Wi-Fi doesn’t really count as a second authentication factor. Saw similar questions in official practice-mobile app is always suggested for 2FA setups. Anyone see it differently?
Pretty sure the answer's A. Mobile authenticator app is classic 2FA, since it adds something you have to the mix, not just network access. The other options don't guarantee a second authentication factor. Correct me if you see a catch with this one.
Nah, I'd consider C since VPNs often ask for an extra factor to connect, and that feels like two-factor auth to me. Could be a trap though because VPN isn’t always true 2FA by itself. Pretty sure but open to being corrected.
I don’t think it’s B. Just being on the company's Wi-Fi doesn’t meet 2FA, while A (mobile authenticator) directly covers the second authentication factor, so A gets my vote here.
Be respectful. No spam.
