When Ann an employee returns to work and logs into her workstation she notices that, several desktop configuration settings have changed. Upon a review of the

CCTV logs, it is determined that someone logged into Ann’s workstation. Which of the following could have prevented this from happening?

A.
Password complexity policy

B.
User access reviews

C.
Shared account prohibition policy

D.
User assigned permissions policy

Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Since changes were made to
Ann’s desktop configuration settings while she was not at work, means that her password was compromised.
Incorrect Answers:
B: User access reviews are performed to conclude whether users have been performing their work tasks correctly or if there have been failed and/or successful
attempts at violating company policies or the law. It would not have prevented Ann’s password being compromised.
C: Shared account prohibition aids in providing user accountability. It would not have prevented Ann’s password being compromised.
D: User assigned permissions can be assigned by the user. Since Ann’s workstation was accessed using her password, the intruder would also have her
permissions.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 292, 294.