Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSNA Exam - Topic 5 Question 70 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 70
Topic #: 5
[All GSNA Questions]

You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. You have been assigned the task to

design the authentication system for the remote users of the company. For security purposes, you want to issue security tokens to the

remote users. The token should work on the one-time password principle and so once used, the next password gets generated. Which of the

following security tokens should you issue to accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: B

An event-based token, by its nature, has a long life span. They work on the one-time password principle and so once used, the next

password is generated. Often the user has a button to press to receive this new code via either a token or via an SMS message. All

CRYPTOCard's tokens are event-based rather than time-based.

Answer C is incorrect. Bluetooth tokens are often combined with a USB token, and hence work in both a connected and a disconnected

state. Bluetooth authentication works when closer than 32 feet (10 meters). If the Bluetooth is not available, the token must be inserted into

a USB input device to function.

Answer A is incorrect. Virtual tokens are a new concept in multi-factor authentication first introduced in 2005 by security company

Sestus. Virtual tokens work by sharing the token generation process between the Internet website and the user's computer and have the

advantage of not requiring the distribution of additional hardware or software. In addition, since the user's device is communicating directly

with the authenticating website, the solution is resistant to man-in-the-middle attacks and similar forms of online fraud.

Answer D is incorrect. Single sign-on software tokens are used by the multiple, related, but independent software systems. Some

types of single sign-on (SSO) solutions, like enterprise single sign-on, use this token to store software that allows for seamless authentication

and password filling. As the passwords are stored on the token, users need not remember their passwords and therefore can select more

secure passwords, or have more secure passwords assigned.


by Odette at May 02, 2025, 06:28 AM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Blondell
5 months ago
Virtual tokens are pretty solid too, don’t sleep on them!
upvoted 0 times
...
Theodora
5 months ago
Wait, are Bluetooth tokens even secure enough for this?
upvoted 0 times
...
Joaquin
6 months ago
I think event-based tokens are the way to go for OTPs.
upvoted 0 times
...
Edda
6 months ago
Single sign-on sounds convenient, but is it really safe?
upvoted 0 times
...
Ozell
6 months ago
Totally agree, they generate a new password every time!
upvoted 0 times
...
Rory
6 months ago
Bluetooth tokens seem less relevant for this scenario; I recall they’re more about proximity rather than generating one-time passwords.
upvoted 0 times
...
Merilyn
6 months ago
I practiced a similar question about security tokens, and I feel like virtual tokens could also work, but I'm not confident about their implementation.
upvoted 0 times
...
Bambi
7 months ago
I think event-based tokens might be the right choice since they generate a new password based on specific events, but I need to double-check that.
upvoted 0 times
...
Alonso
7 months ago
I remember studying about different types of tokens, but I'm not entirely sure which one fits the one-time password principle best.
upvoted 0 times
...
Laticia
7 months ago
I think the event-based tokens are the answer here. They generate a new password each time, which is exactly what the question is asking for in terms of the one-time password principle. Feels like a straightforward choice to me.
upvoted 0 times
...
Antonio
7 months ago
I'm not entirely sure about the differences between the token types. Maybe I should quickly review the key features of each one to make sure I select the right option that meets the one-time password requirement. Don't want to get this wrong on the exam.
upvoted 0 times
...
Annamaria
8 months ago
Okay, I've got this. The event-based tokens are the way to go since they generate a new password each time the user logs in, providing that extra layer of security. I'll make sure to select that option on the exam.
upvoted 0 times
...
Cammy
8 months ago
Hmm, I'm a bit confused by the different types of tokens mentioned. I'll need to review the differences between virtual, event-based, and Bluetooth tokens to make sure I understand which one is the best fit for the one-time password requirement.
upvoted 0 times
...
Ocie
8 months ago
This seems like a straightforward question about one-time password security tokens. I think the event-based tokens are the way to go here since they generate a new password each time, which meets the requirement of the question.
upvoted 0 times
...
Izetta
12 months ago
Hah, can you imagine if they went with Bluetooth tokens? The IT team would be chasing down lost tokens all day!
upvoted 0 times
Devorah
11 months ago
C) Bluetooth tokens
upvoted 0 times
...
Alica
11 months ago
B) Event-based tokens
upvoted 0 times
...
Trevor
11 months ago
A) Virtual tokens
upvoted 0 times
...
...
Doyle
12 months ago
I prefer single sign-on software tokens as they provide convenience along with security.
upvoted 0 times
...
Chaya
12 months ago
I believe event-based tokens could also work well for generating unique passwords.
upvoted 0 times
...
Jaclyn
12 months ago
Single sign-on software tokens could be a good choice. Saves the users from having to remember a ton of passwords.
upvoted 0 times
...
Selma
12 months ago
Hmm, I'm not sure about Bluetooth tokens. Seems like they could be a bit of a hassle for remote users.
upvoted 0 times
...
Jutta
12 months ago
I think Virtual tokens would be the best option here. They're easy to use and integrate with Windows.
upvoted 0 times
Rex
12 months ago
User 2: Event-based tokens could also be a good option for added security measures.
upvoted 0 times
...
Kelvin
12 months ago
User 1: I agree, Virtual tokens are convenient and secure for remote users.
upvoted 0 times
...
...
Felix
1 year ago
I agree with Bea, virtual tokens would be the best option for one-time passwords.
upvoted 0 times
...
Bea
1 year ago
I think we should issue virtual tokens for security.
upvoted 0 times
...
Edna
1 year ago
Event-based tokens seem like the way to go. That one-time password thing is really secure.
upvoted 0 times
Sage
1 year ago
C) Bluetooth tokens
upvoted 0 times
...
Carole
1 year ago
B) Event-based tokens
upvoted 0 times
...
Chauncey
1 year ago
A) Virtual tokens
upvoted 0 times
...
...

Save Cancel