220-1102 Question #30: Real Exam Question with Answer & Explanation

Question

The network was breached over the weekend. System logs indicate that a single user's account was successfully breached after 500 attempts with a dictionary attack. Which of the following would BEST mitigate this threat?

Options

• AEncryption at rest
• BAccount lockout
• CAutomatic screen lock
• DAntivirus

Explanation

To best mitigate a dictionary attack that successfully breached a user's account after numerous attempts, implementing account lockout is crucial.

Approach. Account lockout is a security mechanism that automatically locks an account after a specified number of consecutive failed login attempts, effectively stopping brute-force and dictionary attacks by making them impractical. This prevents attackers from continuously guessing passwords, thereby protecting the account from unauthorized access.

Common mistakes.

• A. Encryption at rest protects data stored on a device but does not prevent an account from being breached via a dictionary attack against a login prompt.
• C. Automatic screen lock secures a device when idle but does not protect against a dictionary attack on an active login session or service.
• D. Antivirus software primarily detects and removes malware, which is unrelated to mitigating a dictionary attack against user credentials.

Concept tested. Mitigating dictionary and brute-force attacks

Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/account-lockout-threshold

No community discussion yet for this question.