An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select
TWO).

A.
Password Complexity

B.
Password Expiration

C.
Password Age

D.
Password Length

E.
Password History

Explanation:
Passwords should have the strength to avoid discovery through attack, but it should also be easy enough for the user to remember. The length and complexity of a
password combined are vital factors in defining a password’s strength.
Incorrect Answers:
B, C: It is common practice for passwords to automatically expire after a specified period so as to compel users to change passwords. However, if it is a strong
password, it can remain static.
E: Password History tracks previous passwords so as to prevent password reuse.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 292, 293.