An organization's policy requires users to create passwords with an uppercase letter, lowercase letter, number, and symbol. This policy is enforced with technical controls, which also prevents users from using any of their previous 12 passwords. The quantization does not use single sign-on, nor does it centralize storage of passwords. The incident response team recently discovered that passwords for one system were compromised. Passwords for a completely separate system have NOT been compromised, but unusual login activity has been detected for that separate system. Account login has been detected for users who are on vacation. Which of the following BEST describes what is happening?
A) Some users are meeting password complexity requirements but not password length requirements.
B) The password history enforcement is insufficient, and old passwords are still valid across many different systems.
C) Some users are reusing passwords, and some of the compromised passwords are valid on multiple systems.
D) The compromised password file has been brute-force hacked, and the complexity requirements are not adequate to mitigate this risk.
Correct Answer:
Verified
Q867: A manager makes an unannounced visit to
Q868: The network information for a workstation is
Q869: A systems administrator has installed a new
Q870: Which of the following is an example
Q871: Which of the following provides PFS?
A) AES
B)
Q873: A systems administrator is increasing the security
Q874: A security administrator is implementing a secure
Q875: A security administrator receives alerts from the
Q876: A technician is required to configure updates
Q877: Which of the following is a security
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents