Certified Information Systems Auditor (CISA) — Question 923

Which of the following MOST effectively reduces the probability of a brute force attack being successful?

Answer options

• A. Establishing an account lockout policy
• B. Establishing account activity timeouts
• C. Increasing password change frequency
• D. Requiring minimum password length

Correct answer: A

Explanation

An account lockout policy is highly effective in preventing brute force attacks as it locks out users after a certain number of failed login attempts, thereby stopping further attempts. The other options, while they may enhance security, do not directly prevent repeated login attempts in the same way that locking an account does.