Exam AZ-800 All QuestionsBrowse all questions from this exam
Go to Exam
Question 60

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains a user named User1. User1 is a member of a group named Group1 and is in an organizational unit (OU) named OU1.

The domain has minimum password lengths configured as shown in the following table.

What is the minimum password length that User1 should use when changing to a new password?

    Correct Answer: A

    When determining the minimum password length for User1, the order of precedence for password policies is as follows: Password Settings object (PSO) applied directly to the user, PSO applied to the user's group, Group Policy linked to the user's organizational unit (OU), Default Domain Policy, and then Default Domain Controllers Policy. According to the table, User1 has a PSO applied directly with a minimum password length of 7 characters. Therefore, the minimum password length that User1 should use when changing to a new password is 7 characters.

Discussion
SIAMIANJIOption: A

When determining the minimum password length that User1 should use when changing to a new password, the following precedence order should be considered: Password Settings object applied directly to the user (User1). Password Settings object applied to the user's group (Group1). Group Policy linked to the user's organizational unit (OU1). Default Domain Policy. Default Domain Controllers Policy. Based on the precedence order and the configuration provided: Password Settings object applied to User1: 7 Password Settings object applied to Group1: 14 Group Policy linked to OU1: 8 Default Domain Policy: 10 Default Domain Controllers Policy: 12 User1's minimum password length will be determined by the Password Settings object applied directly to the user (User1), which specifies a minimum password length of 7 characters. Therefore, User1 should use a minimum password length of 7 characters when changing to a new password.

KatinTeam

I'd say this is correct. PSO applied to User (highest precedence) If no PSO applied to User, then PSO applied to Group If no PSO for User and Group, then GPO linked to OU Default Domain Policy Default Domain Controllers Policy Answer is A: 7

KrayzrOption: A

Seems to be correct

bpaccountOption: A

A is correct. Tested it.

IcEOption: E

User1 is apart of Group1. In AD, the most specific policy applies