PrepAway - Latest Free Exam Questions & Answers

Which of the following policies should be enforced to prevent this from happening?

A recent review of accounts on various systems has found that after employees’ passwords are required
to change they are recycling the same password as before. Which of the following policies should be
enforced to prevent this from happening? (Select TWO).

PrepAway - Latest Free Exam Questions & Answers

A.
Reverse encryption

B.
Minimum password age

C.
Password complexity

D.
Account lockouts

E.
Password history

F.
Password expiration

Explanation:
E: Password history determines the number of previous passwords that cannot be used when a user
changes his password. For example, a password history value of 5 would disallow a user from changing his
password to any of his previous 5 passwords.
B: When a user is forced to change his password due to a maximum password age period expiring, he
could change his password to a previously used password. Or if a password history value of 5 is
configured, the user could change his password six times to cycle back round to his original password.
This is where the minimum password age comes in. This is the period that a password must be used for.
For example, a minimum password age of 30 would determine that when a user changes his password,
he must continue to use the same password for at least 30 days.
Incorrect Answers:
A: Storing encrypted passwords in a way that is reversible means that the encrypted passwords can be
decrypted. This will not prevent users from changing their passwords multiple times to cycle back to their
original passwords. Therefore, this answer is incorrect.
C: Password complexity determines what a password should include. For example, you could require a
password to contain uppercase and lowercase letters and numbers. It will not prevent users from
changing their passwords multiple times to cycle back to their original passwords. Therefore, this answer
is incorrect.
D: Account lockout settings determine the number of failed login attempts before the account gets
locked and how long the account will be locked out for. Account lockout settings will not prevent usersfrom changing their passwords multiple times to cycle back to their original passwords. Therefore, this
answer is incorrect.
F: Password expiration determines how long a password can be used for before it must be changed.
Password expiration will force users to change their passwords but it will not prevent users from changing
their passwords multiple times to cycle back to their original passwords. Therefore, this answer is
incorrect.

https://technet.microsoft.com/enus/library/cc757692%28v=ws.10%29.aspx#w2k3tr_sepol_accou_set_kuwh


Leave a Reply