Prev Question
Next Question

A firm is considering using biometric fingerprint identification on all PCs that access critical datA.
This requires:

that a registration process is executed for all accredited PC users.

the full elimination of the risk of a false acceptance.

the usage of the fingerprint reader be accessed by a separate password.

assurance that it will be impossible to gain unauthorized access to critical data.

The fingerprints of accredited users need to be read, identified and recorded, i.e., registered, before
a user may operate the system from the screened PCs. Choice B is incorrect, as the falseacceptance risk of a biometric device may be optimized, but will never be zero because this would
imply an unacceptably high risk of false rejection. Choice C is incorrect, as the fingerprint device
reads the token (the user’s fingerprint) and does not need to be protected in itself by a password.
Choice Dis incorrect because the usage of biometric protection on PCs does not guarantee that
other potential security weaknesses in the system may not be exploited to access protected data.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *