On Windows, what is the default behavior of the built-in administrator account with respect to lockout?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

On Windows, what is the default behavior of the built-in administrator account with respect to lockout?

Explanation:
The main idea is that Windows treats the built-in local Administrator account as a special case for logon security. By default, this account is exempt from the account lockout policy, so it cannot be locked out due to failed logon attempts. This safeguards the most privileged account, ensuring you always have a way to recover or manage the system even if lockout settings would otherwise block access. You can still secure or disable/rename this account for security, but it won’t be locked out by default. In domain environments, domain accounts follow domain lockout rules, but the local built-in Administrator account remains protected from lockout by default.

The main idea is that Windows treats the built-in local Administrator account as a special case for logon security. By default, this account is exempt from the account lockout policy, so it cannot be locked out due to failed logon attempts. This safeguards the most privileged account, ensuring you always have a way to recover or manage the system even if lockout settings would otherwise block access. You can still secure or disable/rename this account for security, but it won’t be locked out by default. In domain environments, domain accounts follow domain lockout rules, but the local built-in Administrator account remains protected from lockout by default.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy