Exam Premium CompTIA

CompTIA exam questions

☰
  • CompTIA A+ Core 1
  • CompTIA A+ Core 2
  • CompTIA Network+
  • CompTIA Security+
  • CompTIA CASP+
  • Home
  • Blog
  • Account recovery

CompTIA Security+ Question K-16

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access.
Which of the following is the BEST approach to implement this process?

A. Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site.
B. Require the customer to physically come into the company’s main office so that the customer can be authenticated prior to their password being reset.
C. Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password.
D. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login.

Answer: D

Explanation:
People tend to forget their passwords, thus you should have a password recovery system for them that will not increase risk exposure. Setting a temporary password will restrict the time that the password is valid and thus decrease risk; and in addition forcing the customer to change it upon first login will make the password more secure for the customer.

Tagged with 
Account recovery Password recovery Two-factor authentication
 

CompTIA Security+ Question G-94

During an audit, the security administrator discovers that there are several users that are no longer employed with the company but still have active user accounts. Which of the following should be performed?

A. Account recovery
B. Account disablement
C. Account lockouts
D. Account expiration

Answer: B

Explanation:
Account Disablement should be implemented when a user will be gone from a company whether they leave temporary or permanently. In the case of permanently leaving the company the account should be disabled. Disablement means that the account will no longer be an active account.

Tagged with 
Account disablement Account recovery User Accounts
 

CompTIA Security+ Question E-29

An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the following is the BEST approach to implement this process?

A. Employee is required to share their password with authorized staff prior to leaving the firm
B. Passwords are stored in a reversible form so that they can be recovered when needed
C. Authorized employees have the ability to reset passwords so that the data is accessible
D. All employee data is exported and imported by the employee prior to them leaving the firm

Answer: C

Explanation:
Since a user’s password isn’t stored on most operating systems (only a hash value is kept), most operating systems allow the administrator (or authorized person in this case) to change the value then the information/files/documents can be accessed. This is the safest way of recovery by an authorized person and is not dependent on those who leave the firm.

Tagged with 
Account recovery
 
Affiliated Sites
  • PMP Exam Questions
  • Cisco CCNA Exam Questions
  • CompTIA A+ Core 1
  • CompTIA A+ Core 2
  • CompTIA Network+
  • CompTIA Security+
  • CompTIA CASP+
Copyright © 2026 Exam Premium CompTIA
×Close