Final answer:
The answer is true; customers must answer the security question in addition to providing their name and two tokens for account verification. This is part of a comprehensive security protocol to prevent identity theft.
Step-by-step explanation:
The customer authenticated name, and 2 tokens (last 4 of SSN and DOB). They still need to correctly answer the security question if it is on the account in PAS. The answer to whether this is required is true. When accessing sensitive information, such as that in a PAS (Personal Account System), additional layers of security are crucial to protect against identity theft or true-name fraud. These security measures typically include something you know (e.g., a password or security question), something you have (e.g., a token or phone), and something you are (e.g., biometric data). Correctly answering a security question, even after presenting tokens like the last four digits of a Social Security number and a date of birth, serves as another layer to ensure that the person accessing the information is indeed the rightful account owner. This practice is part of a comprehensive security protocol to prevent unauthorized access and ensure customer protection.