SY0-501 · Question #13
SY0-501 Question #13: Real Exam Question with Answer & Explanation
The correct answer is C: Password complexity. Password Policy Controls Explanation Password Complexity (C) directly combats weak passwords by technically enforcing that passwords contain a mix of uppercase, lowercase, numbers, and special characters - users simply cannot set a simple, weak password like "password123." Passwo
Question
Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Select TWO).
Options
- APassword expiration
- BPassword length
- CPassword complexity
- DPassword history
- EPassword lockout
Explanation
Password Policy Controls Explanation
Password Complexity (C) directly combats weak passwords by technically enforcing that passwords contain a mix of uppercase, lowercase, numbers, and special characters - users simply cannot set a simple, weak password like "password123." Password History (D) prevents password reuse by storing a record of previous passwords (typically the last 10–24) and blocking users from recycling old ones.
Why the distractors are wrong:
- Password Expiration (A) forces periodic changes but doesn't prevent users from picking weak or similar passwords when they do change
- Password Length (B) sets a minimum character count but alone doesn't stop a long weak password (e.g., "aaaaaaaaaaaa")
- Password Lockout (E) locks accounts after failed attempts, which addresses brute-force attacks - not the act of setting weak or reused passwords
🧠 Memory Tip: Think "C = Create strong, D = Don't repeat" - Complexity controls what the new password looks like, and History controls whether it's been used before. Together, they directly address both policy violations described in the question.
Topics
Community Discussion
No community discussion yet for this question.