Which policy changes would help prevent passwords from being cracked within six hours?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CCST Cybersecurity Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which policy changes would help prevent passwords from being cracked within six hours?

Explanation:
Preventing a cracked password from being used quickly hinges on layered defenses that require more than just a knowledge factor to authenticate. First, implementing 2FA or MFA adds a second factor the attacker would need to obtain or spoof, so even a stolen password often isn’t enough to gain access in a short window. This dramatically reduces the payoff of cracking a password. Second, using strong user passphrases increases the effort needed to guess or brute-force credentials. Longer, memorable phrases with proper entropy are far harder to crack quickly than short, simple passwords, making a successful compromise take much longer than six hours. Third, prohibiting reuse of old passwords and no reuse across applications minimizes the risk that a breach in one service leads to easy access on others. If stolen credentials can’t be reused, an attacker can’t immediately exploit a single leak across multiple sites. Why the other options don’t fit: changing passwords every 30 seconds is impractical and can lead to weaker practices; reusing the same password across apps creates a cascade of risk after any single breach; and disabling password changes removes the ability to rotate credentials after a suspected compromise, keeping access valid for longer.

Preventing a cracked password from being used quickly hinges on layered defenses that require more than just a knowledge factor to authenticate. First, implementing 2FA or MFA adds a second factor the attacker would need to obtain or spoof, so even a stolen password often isn’t enough to gain access in a short window. This dramatically reduces the payoff of cracking a password.

Second, using strong user passphrases increases the effort needed to guess or brute-force credentials. Longer, memorable phrases with proper entropy are far harder to crack quickly than short, simple passwords, making a successful compromise take much longer than six hours.

Third, prohibiting reuse of old passwords and no reuse across applications minimizes the risk that a breach in one service leads to easy access on others. If stolen credentials can’t be reused, an attacker can’t immediately exploit a single leak across multiple sites.

Why the other options don’t fit: changing passwords every 30 seconds is impractical and can lead to weaker practices; reusing the same password across apps creates a cascade of risk after any single breach; and disabling password changes removes the ability to rotate credentials after a suspected compromise, keeping access valid for longer.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy