A security audit recently revealed that an administrator is using the same password of C1$c0448845217 for his personal account across multiple systems. What must be implemented by the company to reduce the chances of this happening again?
A security audit recently revealed that an administrator is using the same password of C1$c0448845217 for his personal account across multiple systems. What must be implemented by the company to reduce the chances of this happening again?
To reduce the chances of administrators using the same password across multiple systems, the implementation of strict password policies is crucial. Strong password policies can enforce the creation and use of unique, complex passwords for each account. Policies may include rules like minimum length, use of special characters, no repeated passwords, and regular password changes. These measures can significantly mitigate the risks associated with password reuse. Additionally, implementing multi-factor authentication (MFA) can further secure accounts by adding an extra layer of verification.
Answer is correct, you cant cure dumbness, need to get them to sign on training
Not sure how A, B or D will help, as they are all corporate solutions. This is an issue with them using their personal password everywhere.
Would have to agree with Brain_Power as the best possible answer here is Option D. Implementing strong password policies should be the FIRST LINE OF DEFENSE against a scenario like this occurring. According to DigiCert: “ A strong password isn’t just about ONE password, it’s important that you guarantee strong passwords for EACH ACCOUNT that you access through your computer. When you are utilizing a corporate network, the network administrator may encourage you to use a strong password.” Option C isn’t entirely wrong either though – this is also another crucial step in terms of spreading awareness and making known best practices…..but, I see it as a complimentary or supplemental step IN ADDITION TO utilizing strong password policies, and not necessarily as your first step to take. Source: Creating Strong Password Policy Best Practices | DigiCert.com
https://www.digicert.com/blog/creating-password-policy-best-practices
A) Move from local accounts to centralized will prevent having local accounts & solve the situation
Your suggested answer would simplify user management and potentially enforce password policies, but it would NOT address the root issue of password reuse - which is the objective of this question.
C correct - security awareness training - only possible. A - centalized dont prevent the use of same password B - Role base did not prevent passwords , just a authorization method D - strict Password policies did not prevent same password across multiples platform, just in one
D. strict password policies "Implementing strong password policies is essentail to prevent administrators from reusing the same passwords for multiple accounts." - Cisco Secure Access Principles "When audits reveal that administrators are using the same passwords across systems, the company should immediately mandate and enforce strict new password policies" - Cisco Identity Services Engine Deployment Guide "If security reviews found that administrators are repeating passwords for accounts, the highest priority should beto require complex, unique passwords per policy." - Cisco TrustSec and Identity Services
Whenever you quote/provide answers to questions, please post the link
I have not been able to find a single source for any of the three claimed statements. Everything looks like AI-generated answers that interpret the documents according to Brain_Power's intentions/questions.
I would say A as a technical person. But from a company standpoint, I can see how C is an easier approach.
Centralized user authentication will still give the user access to all his application through the use of same login credentials. So C is the only good option from the list