CompTIA Security Plus Mock Test Q941

When Ann an employee returns to work and logs into her workstation she notices that, several desktop configuration settings have changed. Upon a review of the CCTV logs, it is determined that someone logged into Ann’s workstation. Which of the following could have prevented this from happening?

A. Password complexity policy
B. User access reviews
C. Shared account prohibition policy
D. User assigned permissions policy


Correct Answer: A
Section: Access Control and Identity Management

Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Since changes were made to Ann’s desktop
configuration settings while she was not at work, means that her password was compromised.

Incorrect Answers:
B: User access reviews are performed to conclude whether users have been performing their work tasks correctly or if there have been failed and/or successful attempts at violating
company policies or the law. It would not have prevented Ann’s password being compromised.
C: Shared account prohibition aids in providing user accountability. It would not have prevented Ann’s password being compromised.
D: User assigned permissions can be assigned by the user. Since Ann’s workstation was accessed using her password, the intruder would also have her permissions.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 292, 294