Comprehensive and Detailed Explanation From Exact Extract:
The immediate goal is to improve password security and enforce the change due to a recent event. This is done through the Google Workspace Admin console, which controls the identity provider for Google Cloud users.
Improve Password Security: The most effective control is to Enforce strong password policy, which requires users to use long, complex, and unguessable passwords, addressing the core security weakness.
Immediate Enforcement: Checking the option to Enforce password policy at the next sign-in ensures that all current users are immediately prompted to change their weak passwords to ones that meet the new strong policy requirements.
Option C is based on the outdated security practice of frequent password expiration, which often leads to users choosing weaker, predictable passwords (e.g., Spring2025 -> Summer2025). The modern recommendation is strong passwords and multi-factor authentication, not frequent expiration.
Option A is a detective control, not a preventative measure to improve password strength.
Extracts:
"In the Google Workspace Admin console, you can require users to use passwords that meet a strong password policy. A strong password must meet minimum complexity requirements, such as a minimum length and a mix of characters." (Source 6.1)
"After changing the password policy, you can select the option to Require all users to change their password at the next sign-in. This is the fastest way to enforce the new policy immediately across the organization." (Source 6.2)
"Google Cloud's recommended security best practice for identity is to prioritize strong passwords and Multi-Factor Authentication (MFA) over frequent password expiry." (Source 6.3)
