CompTIA
SY0-301 · Question #659
SY0-301 Question #659: Real Exam Question with Answer & Explanation
The correct answer is A: Account expiration. Account expiration ensures that a former employee's credentials automatically become invalid after a set date, preventing use of those credentials to access the network.
Question
Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a company network by using a former employee's credential?
Options
- AAccount expiration
- BPassword complexity
- CAccount lockout
- DDual factor authentication
Explanation
Account expiration ensures that a former employee's credentials automatically become invalid after a set date, preventing use of those credentials to access the network.
Common mistakes.
- B. Password complexity strengthens passwords against guessing but does not help if the former employee already knows their password, which they set themselves.
- C. Account lockout triggers on repeated failed login attempts; it does not prevent a former employee who knows their correct credentials from successfully authenticating on the first try.
- D. Dual factor authentication adds a second verification step but does not mitigate the risk if the former employee still possesses both factors, such as their password and a registered mobile device.
Concept tested. Account expiration to revoke former employee access
Community Discussion
No community discussion yet for this question.