PrepAway - Latest Free Exam Questions & Answers

Which of the following would BEST mitigate this risk?

The systems administrator notices that many employees are using passwords that can be easily guessed
or are susceptible to brute force attacks. Which of the following would BEST mitigate this risk?

PrepAway - Latest Free Exam Questions & Answers

A.
Enforce password rules requiring complexity.

B.
Shorten the maximum life of account passwords.

C.
Increase the minimum password length.

D.
Enforce account lockout policies.

Explanation:
Password complexity often requires the use of a minimum of three out of four standard character types
for a password. The more characters in a password that includes some character complexity, the more
resistant it is to brute force attacks.
Incorrect Answers:
B: Reducing the maximum life of account passwords will require passwords to be changed at the end of
that period. This will not make the new passwords less susceptible to brute force attacks.
C: Increasing the password length will not make the new passwords less susceptible to brute force
attacks.
D: Account lockout automatically disables an account due to repeated failed log on attempts. It will not
make the new passwords less susceptible to brute force attacks.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 292, 293


Leave a Reply