CompTIA Security+ (SY0-601) — Question 92

The new Chief Information Security Officer at a company has asked the security team to implement stronger user account policies. The new policies require:

* Users to choose a password unique to their last ten passwords
* Users to not log in from certain high-risk countries

Which of the following should the security team implement? (Choose two.)

Answer options

• A. Password complexity
• B. Password history
• C. Geolocation
• D. Geofencing
• E. Geotagging
• F. Password reuse

Correct answer: B, D

Explanation

The correct answers are B and D. 'Password history' ensures that users cannot reuse any of their last ten passwords, adhering to the policy requirement. 'Geofencing' allows the organization to restrict access based on geographical locations, thus preventing logins from specified high-risk countries. The other options do not directly address both aspects of the new policies.