nerdexam
ExamsGCIHQuestions#90
GIAC

GCIH · Question #90

GCIH Question #90: Real Exam Question with Answer & Explanation

The correct answer is A: Brute force. Account lockout policies after a set number of failed attempts directly counter brute force attacks, which rely on trying many password combinations until one succeeds.

Vulnerability Exploitation & Privilege Escalation

Question

You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux- based server. Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?

Options

  • ABrute force
  • BReplay
  • CXSS
  • DCookie poisoning

Explanation

Account lockout policies after a set number of failed attempts directly counter brute force attacks, which rely on trying many password combinations until one succeeds.

Common mistakes.

  • B. A replay attack captures and retransmits valid authentication messages rather than guessing passwords repeatedly, so lockout policies do not address it.
  • C. Cross-site scripting (XSS) exploits web application output encoding flaws and is unrelated to repeated failed login attempts.
  • D. Cookie poisoning involves tampering with cookie values to manipulate application behavior, not iterating through password guesses.

Concept tested. Brute force attack prevention via account lockout

Reference. https://owasp.org/www-community/controls/Blocking_Brute_Force_Attacks

Topics

#brute force attack#account lockout#password policy#authentication

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice