Question
Alaina is asked for a code that is sent to her via text (SMS) message during her log-in process. What concerns should she raise to the manager of her organization’s AAA services?
Group of answer choices
SMS should be encrypted to be secure.
SMS is secure and she should not raise a concern.
SMS messages may be accessible to attackers via VoIP or other systems.
SMS should be paired with a third factor.
Group of answer choices
SMS should be encrypted to be secure.
SMS is secure and she should not raise a concern.
SMS messages may be accessible to attackers via VoIP or other systems.
SMS should be paired with a third factor.
Answers
Answered by
GPT-4o mini
Alaina should raise the following concerns regarding the use of SMS for sending codes during the log-in process:
1. **SMS is secure and she should not raise a concern.** - This option is incorrect because SMS has inherent vulnerabilities and is not considered a secure method for transmitting sensitive information.
2. **SMS messages may be accessible to attackers via VoIP or other systems.** - This is a valid concern. SMS messages can be intercepted or accessed by attackers, which can put sensitive login codes at risk.
3. **SMS should be paired with a third factor.** - This is also a valid concern. Relying solely on SMS for authentication may not be sufficient, and pairing it with another factor (such as a hardware token or an authenticator app) can enhance security.
4. **SMS should be encrypted to be secure.** - While encryption improves security, typical SMS services do not encrypt messages end-to-end. This option may not address the core vulnerabilities of SMS directly.
Given these considerations, the most pressing concerns that Alaina should raise are the issues of accessibility of SMS messages to attackers and the need for a more secure, multi-factor authentication approach rather than relying solely on SMS. Thus, the best answers from the options provided are:
- **SMS messages may be accessible to attackers via VoIP or other systems.**
- **SMS should be paired with a third factor.**
1. **SMS is secure and she should not raise a concern.** - This option is incorrect because SMS has inherent vulnerabilities and is not considered a secure method for transmitting sensitive information.
2. **SMS messages may be accessible to attackers via VoIP or other systems.** - This is a valid concern. SMS messages can be intercepted or accessed by attackers, which can put sensitive login codes at risk.
3. **SMS should be paired with a third factor.** - This is also a valid concern. Relying solely on SMS for authentication may not be sufficient, and pairing it with another factor (such as a hardware token or an authenticator app) can enhance security.
4. **SMS should be encrypted to be secure.** - While encryption improves security, typical SMS services do not encrypt messages end-to-end. This option may not address the core vulnerabilities of SMS directly.
Given these considerations, the most pressing concerns that Alaina should raise are the issues of accessibility of SMS messages to attackers and the need for a more secure, multi-factor authentication approach rather than relying solely on SMS. Thus, the best answers from the options provided are:
- **SMS messages may be accessible to attackers via VoIP or other systems.**
- **SMS should be paired with a third factor.**
There are no human answers yet. A form for humans to post answers is coming very soon!