CompTIA ITF+ (FC0-U61) — Question 167

A web developer wants to ensure that a new web application is not vulnerable to brute-force attacks. Which of the following best practices is MOST useful to meet this goal?

Answer options

• A. Input validation
• B. System updates
• C. Password lockout
• D. Login auditing

Correct answer: C

Explanation

The correct answer is C, Password lockout, as it prevents multiple failed login attempts by locking the account after a certain number of failures, effectively mitigating brute-force attacks. The other options, while important for overall security, do not specifically address the prevention of brute-force attacks in the same direct manner.