Security Fundamentals — Question 7

Humongous Insurance is an online healthcare insurance company. During an annual security audit a security firm tests the strength of the company's password policy and suggests that Humongous Insurance implement password history policy.
What is the likely reason that the security firm suggests this?

Answer options

• A. Past passwords were easily cracked by the brute force method.
• B. Past passwords of users contained dictionary words.
• C. Previous password breaches involved use of past passwords.
• D. Past passwords lacked complexity and special characters.

Correct answer: B

Explanation

The correct answer is B because if past passwords contained dictionary words, they are more susceptible to being guessed or cracked. The other options do not specifically address the need for a password history policy in relation to dictionary words, which are a significant risk factor in password security.