CompTIA Security+ Question I-18

A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate.
Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system?

A. 1
B. 2
C. 3
D. 4

Answer: C

Three different types of authentication factors have been used in this question: Something you know – username and password. Something you have – client side certificate. Somewhere you are – authentication to the VPN is only allowed from the U.S. territory.