This question focuses on the authentication method for online SwiftNet Security Officers (SOs), who manage security-related functions for a Swift user.
Step 1: Understand the Role of SwiftNet Security Officers
SwiftNet Security Officers are responsible for managing security settings, such as PKI certificates and user roles, within the Swift environment. Their authentication is critical to ensure secure access, as outlined inControl 2.3: System Access Controlof theCSCF v2024.
Step 2: Evaluate Each Option
A. Via their PKI certificatePKI certificates are used for securing message exchanges and connectivity within the SwiftNet environment (e.g., signing messages), but they are not the primary method for authenticating Security Officers when accessing SwiftNet services online (e.g., via swift.com). Security Officerstypically use a user account for such access, not a PKI certificate directly.Conclusion: This is incorrect.
B. Via their swift.com account and secure code cardSwiftNet Security Officers authenticate to swift.com using their swift.com account credentials combined with a secure code card (a physical token that generates one-time codes). This two-factor authentication method is standard for high-privilege roles like Security Officers, as detailed in theSwift Security Best PracticesandControl 2.3, which mandates multi-factor authentication for privileged users.Conclusion: This is correct.
C. Via their swift.com accountWhile a swift.com account is part of the authentication process, relying solely on the account (e.g., username and password) does not meet Swift’s security requirements for Security Officers. Multi-factor authentication, including a secure code card, is required for such roles.Conclusion: This is incorrect.
Step 3: Conclusion and Verification
The correct answer isB, as SwiftNet Security Officers are authenticated using their swift.com account and a secure code card, aligning with Swift’s multi-factor authentication requirements for privileged users.
References
Swift Customer Security Controls Framework (CSCF) v2024, Control 2.3: System Access Control.
Swift Security Best Practices, Section: Authentication for Security Officers.
Swift User Handbook, Section: Security Officer Authentication.
