How do GPOs determine password policies?

• A. By encryption methods only
• B. By establishing requirements for password length, reuse rules, and other criteria
• C. By user prompts
• D. By default settings

Answer: (B)

Group Policy Objects control password policy by specifying the criteria that passwords must meet, such as minimum length, reuse restrictions, and other rules. These settings are configured under security settings and applied to all accounts within the scope of the GPO, ensuring consistent enforcement across the domain. In practice, a GPO defines concrete requirements like how long a password must be, whether complexity is required, how many previous passwords cannot be reused, and how often passwords must be changed. This makes it the best answer because it describes the actual rules GPOs enforce, not how passwords are stored or how users are prompted. The other options mischaracterize GPOs: encryption methods relate to storage, not policy criteria; user prompts imply interactive behavior rather than centralized enforcement; and default settings imply no explicit policy, whereas GPOs provide defined, enforceable rules.