# Risk-Based and Adaptive Authentication One-sentence definition: Dynamically adjust auth requirements based on context (IP reputation, device, geo, behavior). ## Key Facts - Signals: impossible travel, new device, TOR/VPN, velocity, time-of-day. - Outcomes: step-up to MFA, deny, or restrict session scope. - Requires telemetry, baselines, and privacy-aware data handling. - Beware bias; provide appeal/recovery paths. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Choose adaptive MFA to balance UX and security. **Mnemonic:** “**Risk** drives the **ask**.” ## Mini Scenario Q: Login from new country to admin portal—response? A: Step-up to phishing-resistant MFA or block. ## Revision Checklist - List 3 signals. - Step-up vs deny. - Data handling concern. ## Related [[Single Sign-On (SSO) Patterns]] · [[Authentication Factors and MFA]] · [[Passwordless and FIDO2 WebAuthn]] · [[OpenID Connect (OIDC) and JWT]] · [[Access Reviews and Certification (IGA)]] · [[Domain 5 - Index]]