Exam XK0-006 Topic 1 Question 75 Discussion
Actual exam question for CompTIA's XK0-006 exam
Question #: 75
Topic #: 1
Question #: 75
Topic #: 1
Which of the following is a reason multiple password changes on the same day are not allowed?
Suggested Answer: C Vote an answer
Password policy enforcement is a critical component of system security covered in the CompTIA Linux+ V8 objectives. One common control implemented in Linux systems is restricting how frequently users can change their passwords, often referred to as minimum password age enforcement.
The primary reason multiple password changes within a short time frame are not allowed is to prevent password cycling attacks. Without this restriction, a user could repeatedly change their password in quick succession to bypass password history controls and eventually reuse a previously compromised or weak password. Option C accurately describes this scenario and aligns directly with Linux+ V8 security guidance.
Linux systems enforce this behavior through tools such as chage and PAM (Pluggable Authentication Modules). Administrators can configure minimum password age values to ensure users must wait a defined period before changing passwords again. This ensures that password history requirements are effective and meaningful.
The other options are incorrect. Option A confuses password expiration with brute-force mitigation, which is typically addressed through account lockout policies. Option B refers to password complexity, which is enforced through character requirements rather than change frequency. Option D is unrelated, as password expiration policies do not enforce multifactor authentication.
Linux+ V8 documentation emphasizes layered access controls, and preventing password reuse through enforced timing restrictions is a core principle of secure authentication design.
Therefore, the correct answer is C.
The primary reason multiple password changes within a short time frame are not allowed is to prevent password cycling attacks. Without this restriction, a user could repeatedly change their password in quick succession to bypass password history controls and eventually reuse a previously compromised or weak password. Option C accurately describes this scenario and aligns directly with Linux+ V8 security guidance.
Linux systems enforce this behavior through tools such as chage and PAM (Pluggable Authentication Modules). Administrators can configure minimum password age values to ensure users must wait a defined period before changing passwords again. This ensures that password history requirements are effective and meaningful.
The other options are incorrect. Option A confuses password expiration with brute-force mitigation, which is typically addressed through account lockout policies. Option B refers to password complexity, which is enforced through character requirements rather than change frequency. Option D is unrelated, as password expiration policies do not enforce multifactor authentication.
Linux+ V8 documentation emphasizes layered access controls, and preventing password reuse through enforced timing restrictions is a core principle of secure authentication design.
Therefore, the correct answer is C.
by Rae at Apr 08, 2026, 09:16 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).