Certified Information Security Manager (CISM) — Question 1114

Which of the following is the BEST defense against a brute force attack?

Answer options

• A. Discretionary access control
• B. Multi-factor authentication (MFA)
• C. Mandatory access control
• D. Time-of-day restrictions

Correct answer: B

Explanation

Multi-factor authentication (MFA) provides an additional layer of security that requires users to verify their identity through multiple methods, making it significantly harder for attackers to gain unauthorized access through brute force techniques. Other options like discretionary access control and mandatory access control focus on user permissions rather than enhancing authentication methods, while time-of-day restrictions limit access based on time but do not directly prevent brute force attempts.