Certified Administrative Professional (CAP) Practice Exam 2026 – Your All-in-One Guide to Exam Mastery!

Level 3 of FIPS 140-2 encryption is the correct answer because it specifically mandates identity-based authentication as part of its security requirements. This level not only enhances the physical security of cryptographic modules but also requires mechanisms that ensure that access to the cryptographic keys is strictly controlled through identity verification processes. By implementing identity-based authentication, systems can ensure that only authorized personnel have access to sensitive information or cryptographic operations, which is crucial for maintaining security integrity.

In contrast, other levels such as Level 1 and Level 2 do not have the same stringent requirements for identity-based authentication. Level 1 allows for basic security with no specific requirement for physical security or identity verification, while Level 2 introduces some additional physical security measures, but still does not require identity-based auth. Level 4 raises the bar further by addressing the highest level of security, which includes environmental controls and comprehensive physical security measures, but it is Level 3 where identity-based authentication becomes a formal requirement.