CompTIA PenTest+ (PT0-002) — Question 354

During a penetration test, a team discovers that the Windows hosts share the same local administrator account password. Which of the following is the best remediation recommendation?

Answer options

• A. Using a multifactor authentication solution
• B. Giving a team or person the responsibility of managing unique passwords per host
• C. Creating a new local administration account with a different name
• D. Using a technical solution to randomize the password per host

Correct answer: D

Explanation

Using a technical solution to randomize the password per host (option D) effectively addresses the security vulnerability by ensuring each system has a unique password, reducing the risk of lateral movement in case one password is compromised. Options A, B, and C do not directly resolve the issue of shared passwords and may still leave the systems vulnerable to attacks.