Home › BCA Cyber Security › cybersecurity › Cybersecurity Fundamentals › Which authentication method requires the user to…
Which authentication method requires the user to present at least TWO different categories of authentication factors?
ASingle-Factor Authentication (SFA)
BCaptcha challenge
CPassword-only authentication
DMulti-Factor Authentication (MFA)
Answer & Solution
Correct answer: D. Multi-Factor Authentication (MFA)
1. MULTI-FACTOR AUTHENTICATION (MFA): requires ≥2 of the three FACTOR categories:
• SOMETHING YOU KNOW (password, PIN)
• SOMETHING YOU HAVE (phone, hardware token, smartcard)
• SOMETHING YOU ARE (fingerprint, face scan, retina)
2. Example: password + SMS code = MFA. Password + security question = NOT MFA (both 'know' factors).
3. MFA mitigates the impact of password breaches — even with a stolen password, attacker needs the second factor.
4. Stronger forms: TOTP apps (Google Authenticator), FIDO2 hardware keys.
_Source: NIST CSF PR.AC-1 + NIST SP 800-63B (Digital Identity Guidelines)._
Related questions
A HASH FUNCTION (e.g. SHA-256) used for password storage should beWhich of the following is a TYPE of MALWARE that encrypts files and demands payment for thA SECURITY INCIDENT is BEST defined asDEFENSE IN DEPTH is a strategy thatPRINCIPLE OF LEAST PRIVILEGE states thatRisk is commonly expressed as a function ofWithin the RESPOND function, ANALYSIS of detected incidents and COMMUNICATIONS with stakehWhich NIST CSF function ensures that PLANS to RESTORE capabilities or services are execute