CompTIA Security Plus Mock Test Q945

Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?

A. A recent security breach in which passwords were cracked.
B. Implementation of configuration management processes.
C. Enforcement of password complexity requirements.
D. Implementation of account lockout procedures.

Correct Answer: A
Section: Access Control and Identity Management

Explanation:
A password only needs to be changed if it doesn’t meet the compliance requirements of the company’s password policy, or is evidently insecure. It will also need to be changed if it has
been reused, or due to possible compromise as a result of a system intrusion.

Incorrect Answers:
B: Configuration management provides visibility and control of a system’s performance, as well as its functional and physical attributes.
C: Password complexity normally requires a minimum of three out of four standard character types to be represented in the password. It would not require forcing expiration of all
company passwords by the close of business day.
D: Account lockout automatically disables an account due to repeated failed log on attempts. It would not require forcing expiration of all company passwords by the close of business
day.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 292, 293
http://en.wikipedia.org/wiki/Configuration_management