Examice

Exam IIA-CIA-Part3 All QuestionsBrowse all questions from this exam

Question 215

An internal auditor discusses user-defined default passwords with the database administrator. Such passwords will be reset as soon as the user logs in for the first time, but the initial value of the password is set as "123456." Which of the following are the auditor and the database administrator most likely discussing in this situation?

Whether it would be more secure to replace numeric values with characters.

What happens in the situations where users continue using the initial password.

What happens in the period between the creation of the account and the password change.

Whether users should be trained on password management features and requirements.

Correct Answer: C

When discussing user-defined default passwords, the primary concern would be security. Specifically, they would be discussing the potential risks during the period between the creation of the account and the initial password change. Setting a default password like '123456' could be a security risk if someone gains access to the account before the user changes it. Hence, the focus would be on what happens in that interim period.

Discussion

KonradKOption: B

Shouldn't it be B?