SY0-301 Question #250: Real Exam Question with Answer & Explanation

The correct answer is B: Account lockout. The hacker is exploiting the Account Lockout policy. This security feature is designed to prevent brute-force password attacks by automatically locking an account after a defined number of consecutive failed login attempts. The attacker's script deliberately submits incorrect cre

Question

A hacker has discovered a simple way to disrupt business for the day in a small company which relies on staff working remotely. In a matter of minutes the hacker was able to deny remotely working staff access to company systems with a script. Which of the following security controls is the hacker exploiting?

Options

ADoS
BAccount lockout
CPassword recovery
DPassword complexity

Explanation

The hacker is exploiting the Account Lockout policy. This security feature is designed to prevent brute-force password attacks by automatically locking an account after a defined number of consecutive failed login attempts. The attacker's script deliberately submits incorrect credentials for employee accounts, intentionally triggering the lockout threshold for each account. Once accounts are locked, legitimate remote workers cannot authenticate - effectively denying them access without the attacker ever needing the correct passwords. This turns a defensive security control into a weapon for disruption. While the end result resembles a DoS (A), DoS refers to flooding a service with traffic to make it unavailable - the underlying mechanism here is account lockout abuse. Password Recovery (C) and Password Complexity (D) are other account security controls but are not what is being exploited in this scenario.

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice