CompTIA Security+ (SY0-701) — Question 593

A security analyst is examining a penetration test report and notices that the tester pivoted to critical internal systems with the same local user ID and password. Which of the following would help prevent this in the future?

Answer options

• A. Implement centralized authentication with proper password policies
• B. Add password complexity rules and increase password history limits
• C. Connect the systems to an external authentication server
• D. Limit the ability of user accounts to change passwords

Correct answer: A

Explanation

Implementing centralized authentication with proper password policies would ensure that all user credentials are managed in a unified manner, reducing the risk of credential reuse across critical systems. The other options, while helpful in addressing password strength and management, do not directly tackle the centralization of authentication, which is key in preventing the reuse of the same local user ID and password.