Q: 2
Which of the following policies would be BEST to deter a brute-force login attack?
Options
Discussion
Option A lots of practice exams point to password complexity as a brute-force deterrent. Official guide covers it under authentication hardening.
C isn’t right for this, A is better. Password complexity would slow down brute-force since easy passwords are way easier to guess.
It’s D since account lockout stops brute-force attempts by limiting the number of failed logins. The other options don’t directly prevent repeated guessing. Pretty sure on this one but let me know if you disagree.
Be respectful. No spam.
