Which of the following is the BEST approach to mitigate online brute-force attacks on user
accounts?
A.
Passwords stored in encrypted form
B.
User awareness
C.
Strong passwords that are changed periodically
D.
Implementation of lock-out policies
Explanation:
Implementation of account lock-out policies significantly inhibits brute-force attacks. In cases
where this is not possible, strong passwords that are changed periodically would be an
appropriate choice. Passwords stored in encrypted form w ill not defeat an online brute-force
attack if the password itself is easily guessed. User awareness would help but is not the best
approach of the options given.