CompTIA Security+ (SY0-501) — Question 543

While reviewing system logs, a security analyst notices that a large number of end users are changing their passwords four times on the day the passwords are set to expire. The analyst suspects they are cycling their passwords to circumvent current password controls. Which of the following would provide a technical control to prevent this activity from occurring?

Answer options

• A. Set password aging requirements.
• B. Increase the password history from three to five.
• C. Create an AUP that prohibits password reuse.
• D. Implement password complexity requirements.

Correct answer: A

Explanation

Setting password aging requirements is effective because it forces users to change their passwords at regular intervals, thus minimizing the chances of them cycling through passwords to avoid expiration. Increasing password history and implementing complexity requirements help improve security but do not directly address the issue of users changing passwords multiple times to circumvent expiration. An AUP is important for policy but does not provide a technical control to prevent the behavior.