When Ann an employee returns to work and logs into her workstation she notices that, several desktop
configuration settings have changed. Upon a review of the CCTV logs, it is determined that someone
logged into Ann’s workstation. Which of the following could have prevented this from happening?
A.
Password complexity policy
B.
User access reviews
C.
Shared account prohibition policy
D.
User assigned permissions policy
Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which
are changed regularly. Since changes were made to Ann’s desktop configuration settings while she was
not at work, means that her password was compromised.
Incorrect Answers:
B: User access reviews are performed to conclude whether users have been performing their work tasks
correctly or if there have been failed and/or successful attempts at violating company policies or the law.
It would not have prevented Ann’s password being compromised.
C: Shared account prohibition aids in providing user accountability. It would not have prevented Ann’s
password being compromised.
D: User assigned permissions can be assigned by the user. Since Ann’s workstation was accessed using
her password, the intruder would also have her permissions.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 292, 294