A. Knowledge-based authentication
B. Dynamic knowledge-based authentication
C. Out-of-band identity proofing
D. Risk-based identity proofing
Scroll down for answer
The following books are highly recommended to progress your (ISC)2 SSCP Systems Security Certified Practitioner UK Studies.
(ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide £47.50 (Prices vary please follow link for more details)
SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition £28.59 (Prices vary please follow link for more details)
Identity proofing that relies on a type of verification outside the initial environment that required the verification is out-of-band identity proofing. This type of verification relies on the owner of the phone or phone number having control of it but removes the ability for attackers to use only Internet-based resources to compromise an account.
Knowledge-based authentication relies on answers to preselected information, whereas dynamic knowledge–based authentication builds questions using facts or data about the user.
Risk-based identity proofing uses risk-based metrics to determine whether identities should be permitted or denied access. It is used to limit fraud in financial transactions, such as credit card purchases. This is a valid form of proofing but does not necessarily use an out-of-band channel, such as SMS.
(ISC)2 SSCP Systems Security Certified Practitioner Official questions and answers.