FC0-U61 · Question #186
A website locks a user's account after three unsuccessful login attempts. This precaution prevents which of the following?
The correct answer is D. Password cracking. Locking a user's account after multiple failed login attempts is a security measure designed to prevent password cracking attempts, such as brute-force or dictionary attacks.
Question
A website locks a user's account after three unsuccessful login attempts. This precaution prevents which of the following?
Options
- AShoulder surfing
- BPhishing
- CSpam
- DPassword cracking
How the community answered
(32 responses)- A3% (1)
- C3% (1)
- D94% (30)
Why each option
Locking a user's account after multiple failed login attempts is a security measure designed to prevent password cracking attempts, such as brute-force or dictionary attacks.
A (Shoulder surfing) involves observing someone's screen or keyboard directly, which an account lockout does not prevent.
B (Phishing) is a social engineering attack to trick users into revealing credentials, which an account lockout does not directly address.
C (Spam) refers to unsolicited bulk electronic messages, unrelated to login attempts or account security.
D (Password cracking) is prevented by account lockout policies because these policies limit the number of login attempts, making it computationally infeasible for attackers to guess passwords through automated trial-and-error methods like brute-force or dictionary attacks. Once the account is locked, further attempts are blocked, halting the cracking process.
Concept tested: Account lockout policy purpose
Source: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/account-lockout-threshold
Topics
Community Discussion
No community discussion yet for this question.