COMPUTER THREATS SECURITY
COMPUTER SECURITY POLICIES EXAMPLES
|
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
|
Request a password reset
|
|
|
Change their passwords
|
|
|
Log on by using their passwords
|
|
|
Set their own password expiration
|
Detailed explanation-1: -The Minimum password age policy setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow password changes immediately by setting the number of days to 0.
Detailed explanation-2: -The rationale behind minimum password age is to prevent users from reverting to their old password immediately after an enforced password change. This policy is best used together with “password history” policy (prevent users from re-using their last X number of previous passwords). Save this answer.
Detailed explanation-3: -It is normally used in conjunction with a setting to prevent re-use of X number of previous passwords-the minimum password age is intended to discourage users from cycling through their previous passwords to get back to a preferred one.
Detailed explanation-4: -Enforce password history-Default is 24. This setting specifies the number of unique passwords users must create before reusing an old password. Keeping the default value is recommended to reduce the risk of users having passwords that have been compromised. Maximum password age-Default is 42.
Detailed explanation-5: -User accounts created on Red Hat Enterprise Linux (RHEL) servers are by default assigned 99, 999 days until their password expires. The Center for Internet Security (CIS) provides some advice on controls for hardening systems, and one of these is setting password expirations to 365 days or less.