A one-time password (OTP) is a unique, temporary password that is valid for a single login session or transaction. It is commonly used in multi-factor authentication (MFA) systems to enhance security.
Correct Answer (D - When an Employee Uses a Key Fob to Produce a Token)
Key fobs generate a time-sensitive one-time password (OTP), which is used in conjunction with a traditional password to enhance security.
These devices are part of two-factor authentication (2FA) or multi-factor authentication (MFA) methods.
The IIA GTAG 9: Identity and Access Management discusses OTP tokens as a strong security control to prevent unauthorized access.
Why Other Options Are Incorrect:
Option A (When an employee accesses an online digital certificate):
Digital certificates authenticate users or devices, but they do not generate one-time passwords.
Option B (When an employee's biometrics have been accepted):
Biometric authentication (e.g., fingerprint, facial recognition) grants access based on biological traits, not an OTP.
Option C (When an employee creates a unique digital signature):
Digital signatures authenticate documents and transactions, but they are not time-sensitive one-time passwords.
IIA GTAG 9: Identity and Access Management – Covers OTP tokens as a security measure.
IIA Practice Guide: Auditing IT Security Controls – Recommends OTPs as part of secure authentication.
Step-by-Step Explanation:IIA References for Validation:Thus, D is the correct answer because key fobs generate one-time passwords for secure authentication.
