CompTIA Security+ (SY0-701) — Question 483
A security analyst needs to improve the company’s authentication policy following a password audit. Which of the following should be included in the policy? (Choose two.)
Answer options
- A. Length
- B. Complexity
- C. Least privilege
- D. Something you have
- E. Security keys
- F. Biometrics
Correct answer: A
Explanation
Including 'Length' and 'Complexity' in the authentication policy enhances password strength, making it harder for attackers to guess. Options like 'Least privilege', 'Something you have', 'Security keys', and 'Biometrics' are related to access control and authentication methods but do not directly address password characteristics.