CISSP · Question #115
CISSP Question #115: Real Exam Question with Answer & Explanation
The correct answer is D: Introducing a delay after failed system access attempts. The best countermeasure to brute force login attacks is to introduce a delay after failed system access attempts. A brute force login attack is a type of attack that tries to guess the username and password of a system or account by using a large number of possible combinations,
Question
Which of the following is the BEST countermeasure to brute force login attacks?
Options
- AChanging all canonical passwords
- BDecreasing the number of concurrent user sessions
- CRestricting initial password delivery only in person
- DIntroducing a delay after failed system access attempts
Explanation
The best countermeasure to brute force login attacks is to introduce a delay after failed system access attempts. A brute force login attack is a type of attack that tries to guess the username and password of a system or account by using a large number of possible combinations, usually with the help of automated tools or scripts. A delay after failed system access attempts is a security mechanism that imposes a waiting time or a penalty before allowing another login attempt, after a certain number of unsuccessful attempts. This can slow down or discourage the brute force login attack, as it increases the time and effort required to find the correct credentials. Changing all canonical passwords, decreasing the number of concurrent user sessions, and restricting initial password delivery only in person are not the best countermeasures to brute force login attacks, as they do not directly address the frequency or speed of the login attempts or the use of automated tools or scripts.
Topics
Community Discussion
No community discussion yet for this question.