Prev Question
Next Question

Users are issued security tokens to be used in combination with a PIN to access the corporate
virtual private network (VPN). Regarding the PIN, what is the MOST important rule to be included
in a security policy?

Users should not leave tokens where they could be stolen

Users must never keep the token in the same bag as their laptop computer

Users should select a PIN that is completely random, with no repeating digits

Users should never write down their PIN

If a user writes their PIN on a slip of paper, an individual with the token, the slip of paper, and the
computer could access the corporate network. A token and the PIN is a two-factor authentication
method. Access to the token is of no value with out the PIN; one cannot work without the other.
The PIN does not need to be random as long as it is secret.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *