Joe notices there are several user accounts on the local network generating spam with embedded malicious
code. Which of the following technical control should Joe put in place to BEST reduce these incidents?
A.
Account lockout
B.
Group Based Privileges
C.
Least privilege
D.
Password complexity
Why A? Mentioned accounts already compromised. Account lockout occurs when certain count of incorrect password was trying to use. But these accounts are performing some malicious actions. Where is relationship here?
I will go Least privilege – C
Since you know what accounts are generating the spam you can lock them out. This is my guess.