During the initial configuration of several new Windows laptops for a small office, a technician discovers that the built-in account named "Administrator" is still using the manufacturer's default credentials. To MOST effectively reduce the risk that an attacker could use publicly known credentials to gain full control of these systems, which of the following actions should the technician perform FIRST?
Create a separate standard user account for each employee.
Disable SSID broadcast on the office Wi-Fi access point.
Enable Remote Desktop Protocol and open TCP port 3389 in the firewall.
Rename the built-in Administrator account and set a unique, complex password.
Default administrator usernames and passwords are widely published and actively targeted by threat actors. Renaming the default Administrator account and assigning a strong, unique password eliminates an easy, well-known attack vector. Disabling SSID broadcast (B) affects only wireless discovery, not local account credentials. Creating standard user accounts (C) is good practice but does not secure the privileged default account. Enabling Remote Desktop and opening port 3389 (D) actually increases the attack surface. Therefore, option A is correct. [CISA warns that default passwords are easily found and exploited; organizations should change them immediately.]
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to change default credentials?
Open an interactive chat with Bash
What are some best practices for creating strong passwords?
Open an interactive chat with Bash
What are some common tools or methods attackers use to exploit default credentials?