Here’s the Answer to the Question posted on Facebook
Q. Homer called into the help desk and says he forgot his password. Which of the following choices is the BEST choice for what the help-desk professional should do?
A. Verify the user’s account exists
B. Look up the user’s password and tell the user what it is.
C. Disable the user’s account.
D. Reset the password and configure the password to expire after the first use.
Answer available until September 4, 2016.
|Get over 400 Security+ (SY0-401 questions here).|
Answer. D is correct. In this scenario, it’s best to create a temporary password that expires after first use, which forces the user to create a new password.
It’s not necessary to verify the user’s account exists, but the help-desk professional should verify the identity of the user.
Passwords should not be available in such a way that allows help-desk professionals to look them up.
It is not necessary to disable a user account to reset the password.
Objective: 5.3 Install and configure security controls when performing account management, based on best practices.
See Chapter 1 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.