CompTIA Security+ (SY0-501) — Question 581

A security team has downloaded a public database of the largest collection of password dumps on the Internet. This collection contains the cleartext credentials of every major breach for the last four years. The security team pulls and compares users' credentials to the database and discovers that more than 30% of the users were still using passwords discovered in this list. Which of the following would be the BEST combination to reduce the risks discovered?

Answer options

• A. Password length, password encryption, password complexity
• B. Password complexity, least privilege, password reuse
• C. Password reuse, password complexity, password expiration
• D. Group policy, password history, password encryption

Correct answer: C

Explanation

The correct choice, C, addresses the issues of password reuse and complexity, along with implementing a password expiration policy, which encourages users to change their passwords regularly, reducing the risk of using compromised passwords. Options A, B, and D do not effectively target the core issues of password reuse and expiration, which are critical in this scenario.