A
company named Money Builders Inc., hires you to provide consultancy for setting up their Windows
network. The company’s server room will be in a highly secured environment. You are required to
suggest an authentication method for it. The CFO of the company wants the server to use thumb
impressions for authentication. Which of the following authentication methods will you suggest?
A.
Certificate
B.
Smart card
C.
Two-factor
D.
Biometrics
Explanation:
Biometrics is a method of authentication that uses physical characteristics, such as
fingerprints, scars, retinal patterns, and other forms of
biophysical qualities to identify a user. Nowadays, the usage of biometric devices such as hand
scanners and retinal scanners is becoming
more common in the business environment.
Answer option B is incorrect. A smart card is a credit card-sized device used to securely store
personal information such as certificates, public
and private keys, passwords, etc. It is used in conjunction with a PIN number to authenticate users.
In Windows, smart cards are used to
enable certificate-based authentication. To use smart cards, Extensible Authentication Protocol
(EAP) must be configured in Windows.
Answer option A is incorrect. A certificate is a set of data that completely identifies an entity. It is a
digitally signed statement that binds the
value of a public key to the identity of a person. It can be issued to perform a number of functions
such as Web server authentication, secure
e-mail, etc. A certificate is valid only for the period of time specified within it. Moreover, a user can
set the duration for a certificate’s validity.
After the validity period, the certificate becomes invalid. A certificate also eliminates the need for
hosts to maintain a set of passwords for
individuals who are required to be authenticated.
Answer option C is incorrect. When two or more access methods are included as part of the
authentication process, it implements a multifactor
system. A system that uses smart cards and passwords is referred to as a two-factor authentication
system.