An organizations’ security policy requires that users change passwords every 30 days. After a security audit, it
was determined that users were recycling previously used passwords. Which of the following password
enforcement policies would have mitigated this issue?
![PrepAway - Latest Free Exam Questions & Answers](https://www.briefmenow.org/img/pa5.jpg)
A.
Password history
B.
Password complexity
C.
Password length
D.
Password expiration
Explanation:
Password history determines the number of previous passwords that cannot be used when a user changes his
password. For example, a password history value of 5 would disallow a user from changing his password to any
of his previous 5 passwords. However, without a minimum password age setting, the user could change his
password six times and cycle back to his original password.