CERTIFIED-IN-CYBERSECURITY · Question #322
CERTIFIED-IN-CYBERSECURITY Question #322: Real Exam Question with Answer & Explanation
The correct answer is D: To enforce the use of strong, complex passwords and periodic password changes. A password policy helps ensure that users follow the best password creation and management practices, reducing the risk of unauthorized access due to weak or compromised passwords (see ISC2 Study Guide, Chapter 5, Module 3). A password policy's primary purpose is to enforce stron
Question
What is the primary purpose of a password policy?
Options
- ATo require users to write down their passwords for easy retrieval
- BTo ensure users have a unique password for every system
- CTo allow users to share passwords for convenience
- DTo enforce the use of strong, complex passwords and periodic password changes
Explanation
A password policy helps ensure that users follow the best password creation and management practices, reducing the risk of unauthorized access due to weak or compromised passwords (see ISC2 Study Guide, Chapter 5, Module 3). A password policy's primary purpose is to enforce strong, complex passwords and periodic password changes. Ensuring users have a unique password for every system is an important security measure, but it is not the primary purpose of a password policy. Allowing users to share passwords conveniently is not recommended, as it can lead to weak passwords and unauthorized access. Requiring users to write down their passwords for easy retrieval is also not recommended, as it can lead to passwords being compromised.
Topics
Community Discussion
No community discussion yet for this question.