Question

Marta's organization is concerned with the vulnerability of a user's account being vulnerable for an extended period of time if their password was compromised. Which of the following controls should be configured as part of their password policy to minimize this vulnerability?

Options are :
A. Minimum password length
B. Password history
C. Password expiration
D. Password complexity

Answer 1

The correct answer is option C. Password expiration is a control that should be configured as part of a password policy to minimize the vulnerability of a user's account being compromised for an extended period of time.

Step-by-step explanation:

The correct answer is option C. Password expiration.

Password expiration is a control that should be configured as part of Marta's organization's password policy to minimize the vulnerability of a user's account being compromised for an extended period of time. With password expiration, users are required to change their passwords regularly, typically every 30, 60, or 90 days.

This control helps to limit the time window during which an attacker can use a compromised password to gain unauthorized access to an account. By periodically prompting users to change their passwords, even if their password has been compromised, the organization can reduce the risk of prolonged unauthorized access.