CompTIA Security Plus Mock Test Q948

The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

A. Account Disablements
B. Password Expiration
C. Password Complexity
D. Password Recovery


Correct Answer: D
Section: Access Control and Identity Management

Explanation:
People tend to forget their own passwords and because a user’s password in not stored on the operating system, only a hash value is kept and most operating systems allows the
administrator to change the value meaning that the password can then be recovered. If you allow end users to reset their own accounts then the password recovery process is helped
along.

Incorrect Answers:
A: Account disablements is akin to locking an account when users may be going on leave, or leave the company, etc. this is not aided in any way when you allow end users to reset
their own accounts.
B: Password expiration is a practice that should be implemented to mitigate security risks since the longer a password is in use, the easier it can be broken. This has nothing to do with
resetting account passwords.
C: Password complexity refers to the difficulty degree in the password. The more difficult/complex, the more difficult is will be for miscreant to guess the passwords. This is not allowing
end users to reset their own accounts.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 139-140