A bank is evaluating two models of one-time password tokens for multi-factor authentication. Both models have a button, an LCD, volatile memory, and a battery, but no keypad. Model A uses a non-replaceable battery, while the battery of Model B must be replaced in three minutes if the low battery. Which of the following token types is most likely implemented by Model B? (Source: Wentz QOTD)
A. Static password token
B. Synchronous dynamic password token
C. Asynchronous password token
D. Challenge-response token
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. Synchronous dynamic password token.
Please refer to the QOTD, CISSP PRACTICE QUESTIONS – 20200703, for detail.
Reference
- One-time password
- Security token
- FIPS 140-2 Certification and Common Criteria: Why It Matters…
- An Introduction to FIPS 140-2 and Common Criteria
- FIPS 140
- FIPS 140-2
- FIPS 140-3
- One-Time Password (OTP) Hardware Token FAQs
- Keypad Token
- SECURITY TOKEN
- HSBC Bank Security Dongle
- HSBC Security key
- OTP Token C200
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.