SY0-301 · Question #211
A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the security administrator
The correct answer is C. Shorten the password expiration period. Shortening the password expiration period limits the window of time during which a compromised or cracked weak password remains valid. Even if an attacker successfully guesses or cracks a weak password via an online attack, the password will expire sooner, reducing the potential
Question
A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the security administrator implement to mitigate the risk of an online password attack against users with weak passwords?
Options
- AIncrease the password length requirements
- BIncrease the password history
- CShorten the password expiration period
- DDecrease the account lockout time
How the community answered
(59 responses)- A14% (8)
- B8% (5)
- C75% (44)
- D3% (2)
Explanation
Shortening the password expiration period limits the window of time during which a compromised or cracked weak password remains valid. Even if an attacker successfully guesses or cracks a weak password via an online attack, the password will expire sooner, reducing the potential damage. Option A (increasing length) is itself a form of complexity/strength policy, which the company does not want. Option B (password history) only prevents reuse of old passwords, not weak ones. Option D (decreasing account lockout time) is counterproductive - it means locked accounts unlock faster, giving attackers more opportunities to retry.
Topics
Community Discussion
No community discussion yet for this question.