• Certs
    • A+
      • Dave’s A+ 220-1101 & 220-1102 Page
      • Errata: A+ 220-1101/220-1102
      • Errata: A+ 220-1000 Series
    • Security+
      • SY0-501 Study Page
      • Security+ Articles & Videos
      • Errata – Security+ Cert Guide SY0-501
  • Contact Me
Search
Monday, March 27, 2023
D Pro Computer D Pro Computer
  • Certs
    • A+
      • Dave’s A+ 220-1101 & 220-1102 Page
      • Errata: A+ 220-1101/220-1102
      • Errata: A+ 220-1000 Series
    • Security+
      • SY0-501 Study Page
      • Security+ Articles & Videos
      • Errata – Security+ Cert Guide SY0-501
  • Contact Me
Home Security+ Articles & Videos Security+ QOTD: DON’T PANIC, but this user should be cutoff at some...

Security+ QOTD: DON’T PANIC, but this user should be cutoff at some point…

December 21, 2016
2038

Security+ Question of the day: A consultant (Douglas) will be working at your company for three months. Your company has a policy stating that user passwords must be changed every 42 days. What are the two most important issues that you see in the figure? (Click the figure to enlarge)
(see answer below and video response.)

server-2012




Answer

First of all, the most glaring issue is that the “Password never expires” checkbox is selected. The company has a 42 day change policy, and should also have a policy stating that a user cannot re-use the same password (usually for at least a year, if not forever).  So that needs to be deselected, and possibly, we should review our policies and make sure that this account (and its group) have said policies applied to it.

More importantly, the consultant (Douglas 🙂 ) will only be working at the company for three months. We need to set an account expiration date for that user account. This way, the user will not be able to log on to the domain after the consulting period has ended. In the video I show how to re-configure this within Active Directory Users and Computer in Windows Server 2012.

Video answer:


D. Prowse

RELATED ARTICLESMORE FROM AUTHOR

Security+ SY0-501 Study Page

Key Stretching and Salting (Security+)

PRNGs (Security+) – Is Chance Predetermined?

Security+ Books & Videos

Want to pass the SY0-501 exam? Check out the Security+ Cert Guide!

ShowCover
Available on Pearson and Amazon

Now in its 4th edition, this book has been revised for the SY0-501 exam. It includes:

  • 800 pages of security content.
  • Three 80-question practice exams – (one in the book and two located at the companion web page.)
  • Over 400 additional chapter-end questions, answers, and explanations.
  • Custom practice test engine. (Can be run locally or run within a web browser when connecting to www.pearsontestprep.com.)
  • Over 50 real-world scenarios with supporting video solutions and simulations (also located at the companion web page).
  • 10% off exam coupon

Note: All of my books and videos are also available on the O’Reilly Platform. If you are not a member, consider joining. You also get access to my webinars and lots of other great authors.

Sign up here.

Get your O'Reilly Membership Today!

If you like video training check out the Security+ LiveLessons by Sari Greene.

 

  • Contact
  • Home
© Copyright D Pro Computer
Edit with Live CSS
Save
Write CSS OR LESS and hit save. CTRL + SPACE for auto-complete.