A security administrator is reviewing the below output from a password auditing tool:
P@ss.
@pW1.
S3cU4
Which of the following additional policies should be implemented based on the tool’s output?

A.
Password age

B.
Password history

C.
Password length

D.
Password complexity

Explanation:
The output shows that all the passwords are either 4 or 5 characters long. This is way too short, 8
characters are shown to be the minimum for password length.