Certified in Risk and Information Systems Control (CRISC) — Question 145

Which of the following controls would BEST decrease exposure if a password is compromised?

Answer options

• A. Passwords have format restrictions
• B. Passwords are masked
• C. Password changes are mandated
• D. Passwords are encrypted

Correct answer: C

Explanation

Mandating password changes ensures that any compromised passwords are quickly rendered useless, thus minimizing exposure. While encrypting passwords and masking them can provide some level of security, they do not directly prevent the use of a compromised password. Format restrictions may help in creating stronger passwords, but they do not address the issue of an already compromised password.