CompTIA CASP+ (CAS-004) — Question 181

A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:
✑ Must have a minimum of 15 characters
✑ Must use one number
✑ Must use one capital letter
✑ Must not be one of the last 12 passwords used
Which of the following policies should be added to provide additional security?

Answer options

• A. Shared accounts
• B. Password complexity
• C. Account lockout
• D. Password history
• E. Time-based logins

Correct answer: C

Explanation

The correct answer is C, Account lockout, as it helps prevent brute-force attacks by temporarily locking an account after a specified number of failed login attempts. The other options either do not directly address brute-force vulnerabilities or are already implied by the current policy settings.