Microsoft MCSA 70-290 Exam Prep

Category - 70-290

Start a Study Session Sign up for Question of the Day

Your company configures a new security policy that requires that the user account of any user who enters an invalid password more than twice in one day must be locked out. You need to configure the domain account policy settings to enforce this new security policy. Which of the following should you do?

Set the minimum password age to one day and change the Enforce password history setting to three passwords remembered.
Set the maximum password age to one day and change the Account lockout duration setting to 1440 minutes.
Change the Enforce password history setting to three passwords remembered and change the Account lockout duration setting to 1440 minutes.
Change the Account lockout threshold setting to three invalid logon attempts and change the Reset account lockout counter after setting to 1440 minutes.

Explanation

Answer - D - You should change the Account lockout threshold setting to three invalid logon attempts and change the Reset account lockout counter after setting to 1440 minutes.

Key Takeaway: This security setting determines the number of minutes a locked-out account remains locked out before automatically becoming unlocked. The available range is from 0 minutes through 99,999 minutes. If you set the account lockout duration to 0, the account will be locked out until an administrator explicitly unlocks it. If an account lockout threshold is defined, the account lockout duration must be greater than or equal to the reset time.

Previous Next

Was this helpful? Upvote!

Start a Study Session Sign up for Question of the Day

Microsoft MCSA 70-290 Exam Prep

Top questions

Related questions

Most popular on PracticeQuiz

Ad-Blocker not supported

Microsoft MCSA 70-290 Exam Prep

Top questions

Related questions

Most popular on PracticeQuiz