Which of the following is the MOST appropriate method of ensuring password strength in a large
organization?
A.
Attempt to reset several passwords to weaker values
B.
Install code to capture passwords for periodic audit
C.
Sample a subset of users and request their passwords for review
D.
Review general security settings on each platform
Explanation:
Reviewing general security settings on each platform will be the most efficient method for
determining password strength while not compromising the integrity of the passwords. Attempting
to reset several passwords to weaker values may not highlight certain weaknesses. Installing code
to capture passwords for periodic audit, and sampling a subset of users and requesting their
passwords for review, would compromise the integrity of the passwords.