Exam 350-701 topic 1 question 556 discussion

C is my choice because B is RBAC, nothing to with password. A & C goes hand in hand so can't pick one w/o the other.

To reduce the chances of an administrator using the same password across multiple systems, the company should implement strict password policies. These policies can enforce rules such as minimum password complexity, uniqueness, regular password changes, and prohibiting the reuse of previous passwords. Implementing such policies helps ensure that users create strong, unique passwords for different accounts, thereby enhancing overall security.

I would opt for C. The question states "for his <<personal>> account" No matter what password policies you have, those won't do anything for his personal accounts. So, I would assume, the "admin" would not be aware of the dangers and as such, he needs more training, lol.

Would have to agree with Brain_Power as the best possible answer here is Option D. Implementing strong password policies should be the FIRST LINE OF DEFENSE against a scenario like this occurring. According to DigiCert: “ A strong password isn’t just about ONE password, it’s important that you guarantee strong passwords for EACH ACCOUNT that you access through your computer. When you are utilizing a corporate network, the network administrator may encourage you to use a strong password.” Option C isn’t entirely wrong either though – this is also another crucial step in terms of spreading awareness and making known best practices…..but, I see it as a complimentary or supplemental step IN ADDITION TO utilizing strong password policies, and not necessarily as your first step to take. Source: Creating Strong Password Policy Best Practices | DigiCert.com

A) Move from local accounts to centralized will prevent having local accounts & solve the situation

C correct - security awareness training - only possible. A - centalized dont prevent the use of same password B - Role base did not prevent passwords , just a authorization method D - strict Password policies did not prevent same password across multiples platform, just in one

Answer is correct, you cant cure dumbness, need to get them to sign on training

Not sure how A, B or D will help, as they are all corporate solutions. This is an issue with them using their personal password everywhere.

D. strict password policies "Implementing strong password policies is essentail to prevent administrators from reusing the same passwords for multiple accounts." - Cisco Secure Access Principles "When audits reveal that administrators are using the same passwords across systems, the company should immediately mandate and enforce strict new password policies" - Cisco Identity Services Engine Deployment Guide "If security reviews found that administrators are repeating passwords for accounts, the highest priority should beto require complex, unique passwords per policy." - Cisco TrustSec and Identity Services

I would say A as a technical person. But from a company standpoint, I can see how C is an easier approach.