You've been asked to review a proposed security template to determine if it meets the organization's security needs. You've reviewed all security settings with the exception of the password policy, shown in Figure 8.4.
Figure 8.4 The proposed password policy
This activity reviews the password policy settings against the following requirements:
- Users must not be able to reuse a password for two years
- Passwords must be at least five characters long
- Passwords must be stored using only the securest format within Active Directory
- Passwords must contain a combination of lowercase letters, uppercase letters, numbers, or symbols to prevent easy determination of passwords
Taking into account these requirements and the proposed security template settings, answer the following questions. Answers can be found in the appendix.
- Is it possible for a user to reuse a password within a two–year period?
- What can you do to enforce the password reuse requirement?
- Does the security template meet the minimum password length requirement?
- If you implement the proposed security template, are passwords stored securely in Active Directory?
- Is the requirement for password construction met?
- Assuming that your proposed recommendations are accepted, where must you apply this security template to ensure that all DCs enforce the password policy?
Answers