CompTIA Security+ SY0-701 Practice Question
Your company has recently updated its information security policy to include more robust requirements for user authentication. You are tasked with ensuring that password management adheres to the new standards, which include regular password changes and complexity requirements. What is an acceptable method to enforce these updated policies?
Implement a policy that mandates password changes only following a confirmed security incident.
Allow users to reuse the same password with incremental changes, such as adding a number to the end each time.
Enforce a password history policy that prevents the reuse of the last 24 passwords.
Email users their new passwords monthly to ensure they are regularly updated.
Encourage users to write down their passwords and store them securely in their desk drawers.
Avoid informing users about the complexity requirements to ensure they choose passwords that are easy for them to remember.