You are a security administrator for your company. The network consists of a single Active Directory domain. Servers run either Windows Server 2003 or Windows 2000 Server. All client computers run Windows XP Professional.
The company’s written security policy states that user accounts must be locked if an unauthorized user attempts to guess the users, passwords. The current account policy locks out a user after two invalid password attempts in five minutes. The user remains locked out until the account is reset by an administrator. Users frequently call the help desk to have their account unlocked. Calls related to account lockout constitute 25 percent of help desk calls.
You need to reduce the number of help desk calls related to account lockout. What should you do?
A.
Modify the Default Domain Controllers Policy Group Policy object(GPO). Increase the maximum lifetime for service tickets.
B.
Modify the Default Domain Policy Group Policy object(GPO). Configure an account lockout threshold of 10.
C.
Modify the Default Domain Controllers Policy Group Policy object(GPO). Disable the enforcement of user logon restrictions.
D.
Modify the Default Domain Policy Group Policy object(GPO). Increase the minimum password age.