Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1480 discussion

Actual exam question from Isaca's CISA
Question #: 1480
Topic #: 1
[All CISA Questions]

Which of the following MOST effectively reduces the probability of a brute force attack being successful?

  • A. Establishing an account lockout policy
  • B. Establishing account activity timeouts
  • C. Increasing password change frequency
  • D. Requiring minimum password length
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Sibsankar at Feb. 24, 2024, 11:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
RS66
3 months, 1 week ago
Selected Answer: A
A. Establishing an account lockout policy
upvoted 3 times
...
Sibsankar
5 months, 1 week ago
A is lock
upvoted 2 times
...
shalota2
5 months, 2 weeks ago
By locking an account after a certain number of unsuccessful login attempts, the probability of a brute force attack succeeding is significantly reduced. Attackers are limited in the number of attempts they can make before the account is locked, which makes brute force attacks impractical. I don't know how ISACA thinks about this but in reality and practice the answer is ALWASY A.
upvoted 2 times
...
Swallows
5 months, 3 weeks ago
Selected Answer: D
Requiring a minimum password length ensures that passwords are not easily guessable and increases the complexity of potential passwords, making them more resilient against brute force attacks. Longer passwords exponentially increase the time it would take for an attacker to successfully guess the correct combination, thus reducing the probability of a successful brute force attack. While an account lockout policy can deter attackers by limiting the number of login attempts, a strong password policy acts as a barrier against brute force attacks from the outset.
upvoted 1 times
...
mdh717
7 months, 2 weeks ago
Selected Answer: A
Establishing an account lockout policy (A) is the most effective method for reducing the probability of a brute force attack being successful. A brute force attack involves trying many passwords or passphrases with the hope of eventually guessing the correct one. An account lockout policy will lock the account after a certain number of failed login attempts, thereby preventing the attacker from continuing to try different password combinations. This policy directly interrupts the brute force attack process by not allowing the attacker unlimited attempts within a short period of time.
upvoted 2 times
2e1f774
6 months, 2 weeks ago
D ir right. It is a trick question. The probability that a brute force attack will be successful depends on the length of the password. Hence, it is important to set minimum password lenth as a requirement
upvoted 3 times
...
...
Sibsankar
8 months, 4 weeks ago
D is wrong, C is right
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel