CompTIA Security+ (SY0-501) — Question 441

A company has migrated to two-factor authentication for accessing the corporate network, VPN, and SSO. Several legacy applications cannot support multifactor authentication and must continue to use usernames and passwords. Which of the following should be implemented to ensure the legacy applications are as secure as possible while ensuring functionality? (Choose two.)

Answer options

• A. Privileged accounts
• B. Password reuse restrictions
• C. Password complexity requirements
• D. Password recovery
• E. Account disablement

Correct answer: C, E

Explanation

Implementing password complexity requirements (C) ensures that the passwords used for legacy applications are strong enough to resist common attacks, while account disablement (E) can prevent unauthorized access by disabling accounts that are no longer needed. The other options, such as privileged accounts (A) and password recovery (D), do not directly enhance the security of the usernames and passwords used in legacy applications.