You are a cybersecurity consultant advising a financial institution on user identification methods for online banking. Which form of identification should the institution prioritize to ensure secure customer access?1.0 MarksKnowledge-based authentication questionsHardware token with digital certificateSocial media login authenticationUsername and passwordSMS-based one-time password (OTP)
Question
You are a cybersecurity consultant advising a financial institution on user identification methods for online banking. Which form of identification should the institution prioritize to ensure secure customer access?1.0 MarksKnowledge-based authentication questionsHardware token with digital certificateSocial media login authenticationUsername and passwordSMS-based one-time password (OTP)
Solution
The financial institution should prioritize the use of a Hardware token with a digital certificate. This method is considered one of the most secure forms of user identification.
Here's why:
-
Knowledge-based authentication questions: While these can provide an additional layer of security, they are not the most secure method. The answers can often be guessed or found through social engineering.
-
Social media login authentication: This method is convenient for users, but it's not the most secure. If a user's social media account is compromised, their banking information could be at risk.
-
Username and password: This is the most basic form of authentication, but it's also the most vulnerable to attacks. Users often reuse passwords, which can lead to multiple accounts being compromised if one is breached.
-
SMS-based one-time password (OTP): This method is more secure than the previous ones, as it requires possession of the user's phone. However, it can be vulnerable to SIM swapping attacks.
-
Hardware token with digital certificate: This is the most secure option. The token is a physical device that the user must have in their possession in order to log in. The digital certificate is a form of identification that is difficult to forge. This method is less vulnerable to attacks as it requires both something the user knows (a password) and something the user has (the token).
Similar Questions
The following are the requirements and specifications of an online banking service. Which of the following can be categorized as (user) requirements? Select two.2 pointsA user shall be able to use the online banking system securely.Activate a login session when a user logs in, and maintain the session for 60 minutes unless the user who logged in had remained inactive for more than 120 seconds.At the time a query is made to check the current balance of a checking account, the owner of the checking account shall be logged in.The user shall be able to check the current balance of the checking accounts that he/she own.
Users log on with a username when accessing the company network from home. Management wants to implement a second factor of authentication for these users. They want a secure solution, but they also want to limit costs. Which of the following best meets these requirements?Group of answer choicesPersonal identification number (PIN)Authenticator appShort Message Service (SMS)Fingerprint scans
You are an IT security analyst responsible for implementing an access control system in your organization. Which method of identification provides the highest level of security?
After entering a user ID and password, an online banking user must enter a PIN that was sent as a text message to the user's mobile phone.Which of the following digital security methods is being used?answerSmart cardMultifactor authenticationFirewallDLP
Create a class for bank customer : Account number, phone number , name, Gender ( M/F). Create user name and password for online banking using following constraints.User name will be three upper case letters of bank name followed by last three digit of account number then last two character of name( upper case).For bank name : if account number starts with ‘2’ then Indian bank, if it starts with ‘3’ then state bankPass word id middle four digit of phone number preceded by three characters “INB” for “Indian bank and “ STB” for state bank , succeeded by “MA” for male or “ “FE” for female.Account number should be of five digit only ,else print “ Invalid Account Number”.Create three objects and display user name , password and how many accounts in each bank.Example :Input252349034493459MadhavMOutputUser name : IND234AVPass word : INB4493MAINDIAN BANK:1STATE BANK:0
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.