Company policy requires employees to change their passwords every 60 days. The security manager has
verified all systems are configured to expire passwords after 60 days. Despite the policy and technical
configuration, weekly password audits suggest that some employees have had the same weak passwords
in place longer than 60 days. Which of the following password parameters is MOST likely misconfigured?
A.
Minimum lifetime
B.
Complexity
C.
Length
D.
Maximum lifetime
D. Maximum lifetime It says weekly audits show the same password…nothing to do with complexity
0
0
P.S. Download that 1867q SY0-401 dumps for free here:
https://doc.co/FTT4SW
Good Luck!
0
0
Minimum lifetime. The users change to an approved password, but then go right back to their old, weak password.
0
0
Truth is that both minimum and maximum passwords would cause this problem. If they misconfigure max passwords, then you would have passwords older than 60 days. If they misconfigure min passwords, then you have people changing their passwords at 60 days and then resetting them immediately to the same old password.
The key to the question is some people. If the max password were the case, then it should be most if not all people. Since it is some people, then some people are trying to be slick and reset to their old passwords. The correct answer has to be minimum lifetime.
0
0
minimum password age.
0
0
the correct answer WOULD be Password History, so that employees can’t just reuse the same password they did on the last cycle. Also another good answer would be minimum password age.. but this does not work exactly because even with a correct password age in place, alone it does not keep employees from reusing the same password after the minimum password age is achieved. BUT Password History is NOT an option in the answers, so the only other obvious problem in that question states that they are using the same WEAK passwords. SO.. being a stupid question in the first place without the correct answer as an option… the only other answer that fits the WEAK password part is B. Complexity. tricky, and really not a good question.
0
0
I agree with vxg that it should be password history, but it isn’t here. I’m not sure what exactly its asking. How to keep the user from using the same password, or that the user is using a weak password. If password history, minimum lifetime, and maximum lifetime are all configured properly. Then a user shouldn’t be able to reuse a same password. But if password complexity is not enabled correctly they will continue to use weak passwords. Even if you were to have max and min lifetime, after the 60 days you could reuse the same weak password because there is no password history. Again this is assuming that there is no password history in place. Although if you implement password complexity, no matter how many passwords the user enters he won’t be able to have a weak password. Whether that weak password is the same, different, or similar; the password complexity rule will not allow it. He will be forced to use a strong password instead of a weak one.
0
0
I don’t know why this whole Q&A is so dump. Hope there is no unclear questions on the real exam.
0
0
Key word: Weak
This question is miss-leading. It does not say that the person has exactly the same password. It says that the password is still as weak as before.
So the answer is to increase the password COMPLEXITIY
0
0