CompTIA Security Plus Mock Test Q480

A security administrator would like to ensure that system administrators are not using the same password for both their privileged and non-privileged accounts. Which of the following security controls BEST accomplishes this goal?

A. Require different account passwords through a policy
B. Require shorter password expiration for non-privileged accounts
C. Require shorter password expiration for privileged accounts
D. Require a greater password length for privileged accounts

Correct Answer: A
Section: Compliance and Operational Security

Explanation:
A password policy aka account policy enforcement can be configured in such a way so as to make sure that system administrators make use of different passwords for different accounts.

Incorrect Answers:
B: Password expiration does not enforce the use of different passwords for different accounts. It is used as a disablement tool.
C: Shorter password expiration is still just a disablement tool and will not enforce the use of different passwords for different accounts.
D: Password length serves to make it more complex so as to strengthen the password and not to enforce the use of different passwords for different accounts.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 291, 293