CompTIA Cloud+ (CV0-003) — Question 317

A company’s website is continuously being brute forced, and its users have reported multiple account intrusions in the last few months. All users are using passwords that are at least 12 characters long. The systems administrator needs to implement a control that will mitigate this issue without negatively affecting the user experience. Which of the following should the administrator implement to achieve the objective?

Answer options

• A. Account lockout
• B. Progressive login delay
• C. Reduced password complexity
• D. Increased password length

Correct answer: B

Explanation

Implementing a Progressive login delay increases the time required between login attempts after a failed login, making brute force attacks less effective without negatively impacting user experience. Account lockout could frustrate users if they are locked out after multiple attempts, while reduced password complexity and increased password length do not directly address the brute force issue.