nerdexam
CompTIA

SY0-301 · Question #211

A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the security administrator

The correct answer is C. Shorten the password expiration period. Shortening the password expiration period limits the window of time during which a compromised or cracked weak password remains valid. Even if an attacker successfully guesses or cracks a weak password via an online attack, the password will expire sooner, reducing the potential

Security operations

Question

A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the security administrator implement to mitigate the risk of an online password attack against users with weak passwords?

Options

  • AIncrease the password length requirements
  • BIncrease the password history
  • CShorten the password expiration period
  • DDecrease the account lockout time

How the community answered

(59 responses)
  • A
    14% (8)
  • B
    8% (5)
  • C
    75% (44)
  • D
    3% (2)

Explanation

Shortening the password expiration period limits the window of time during which a compromised or cracked weak password remains valid. Even if an attacker successfully guesses or cracks a weak password via an online attack, the password will expire sooner, reducing the potential damage. Option A (increasing length) is itself a form of complexity/strength policy, which the company does not want. Option B (password history) only prevents reuse of old passwords, not weak ones. Option D (decreasing account lockout time) is counterproductive - it means locked accounts unlock faster, giving attackers more opportunities to retry.

Topics

#password policy#password expiration#online password attack#account security

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice