nerdexam
CompTIA

SY0-301 · Question #883

Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?

The correct answer is C. Account lockout settings. Account lockout settings lock an account after a defined number of failed attempts (e.g., 3 tries), making brute-forcing a 4-digit PIN (which has only 10,000 possible combinations) effectively impossible. Without lockout, an attacker could try all combinations. Account expiration

Threats, vulnerabilities, and mitigations

Question

Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?

Options

  • AAccount expiration settings
  • BComplexity of PIN
  • CAccount lockout settings
  • DPIN history requirements

How the community answered

(23 responses)
  • B
    4% (1)
  • C
    91% (21)
  • D
    4% (1)

Explanation

Account lockout settings lock an account after a defined number of failed attempts (e.g., 3 tries), making brute-forcing a 4-digit PIN (which has only 10,000 possible combinations) effectively impossible. Without lockout, an attacker could try all combinations. Account expiration (A) terminates accounts based on time, not failed attempts. PIN complexity (B) is irrelevant here because the format is already fixed to 4 digits - no complexity rules apply. PIN history (D) prevents reuse of old PINs but does nothing to stop an attacker from guessing the current one.

Topics

#account lockout#brute force#PIN security#authentication controls

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice