CompTIA Security Plus Mock Test Q965

Several employee accounts appear to have been cracked by an attacker. Which of the following should the security administrator implement to mitigate password cracking attacks? (Select TWO).

A. Increase password complexity
B. Deploy an IDS to capture suspicious logins
C. Implement password history
D. Implement monitoring of logins
E. Implement password expiration
F. Increase password length

Correct Answer: A,F
Section: Access Control and Identity Management

Explanation:
The more difficult a password is the more difficult it is to be cracked by an attacker. By increasing the password complexity you make it more difficult.
Passwords that are too short can easily be cracked. The more characters used in a password, combined with the increased complexity will mitigate password cracking attacks.

Incorrect Answers:
B: IDS (intrusion detection systems) can be implemented to capture suspicious logins, but that assumes that the passwords are already cracked.
C: Password history implementation is used to prevent users changing their password to the same value as the old one, or to one that they used the last time around, this might also
be used by some crackers to hack passwords and thus is not mitigating password attacks.
D: Monitoring the logins is part of auditing and does not mitigate the password cracking attacks.
E: Password expiration refers to the period of validity of passwords. Some crackers will even make use of these expiry periods to crack passwords.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 139-140