PrepAway - Latest Free Exam Questions & Answers

Which of the following password enforcement policies wo…

An organizations’ security policy requires that users change passwords every 30 days. After a security audit, it
was determined that users were recycling previously used passwords. Which of the following password
enforcement policies would have mitigated this issue?

PrepAway - Latest Free Exam Questions & Answers

A.
Password history

B.
Password complexity

C.
Password length

D.
Password expiration

Explanation:
Password history determines the number of previous passwords that cannot be used when a user changes his
password. For example, a password history value of 5 would disallow a user from changing his password to any
of his previous 5 passwords. However, without a minimum password age setting, the user could change his
password six times and cycle back to his original password.


Leave a Reply