ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-003 All Questions

View all questions & answers for the CV0-003 exam
Go to Exam

Exam CV0-003 topic 1 question 313 discussion

Actual exam question from CompTIA's CV0-003
Question #: 313
Topic #: 1
[All CV0-003 Questions]

A company’s website is continuously being brute forced, and its users have reported multiple account intrusions in the last few months. All users are using passwords that are at least 12 characters long. The systems administrator needs to implement a control that will mitigate this issue without negatively affecting the user experience. Which of the following should the administrator implement to achieve the objective?

  • A. Account lockout
  • B. Progressive login delay
  • C. Reduced password complexity
  • D. Increased password length
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Pongsathorn at Sept. 14, 2023, 7:54 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pongsathorn
Highly Voted 1 year, 8 months ago
Selected Answer: B
B. **Progressive login delay** Progressive login delay, also known as rate limiting or login throttling, is a security control that can help mitigate brute force attacks on user accounts. It works by introducing a delay or slowing down the login process after a certain number of failed login attempts. This delay increases with each subsequent failed attempt, making it increasingly difficult for an attacker to conduct a brute force attack. Implementing a progressive login delay can help protect user accounts from unauthorized access without significantly impacting the user experience for legitimate users, especially when combined with other security measures like account lockout and account recovery options. It's an effective way to thwart automated password-guessing attacks while allowing legitimate users to log in without excessive hindrance.
upvoted 5 times
...
BigM
Most Recent 2 months, 2 weeks ago
Selected Answer: B
Explanation: A progressive login delay slows down repeated login attempts by introducing increasing time delays after each failed login attempt. This makes brute force attacks significantly less effective without negatively impacting legitimate users. ✔ Mitigates brute force attacks by exponentially increasing response time after multiple failed attempts. ✔ Does not lock out users permanently, reducing frustration and support tickets. ✔ Maintains security without requiring more complex passwords or affecting user experience.
upvoted 1 times
...
54a6b25
10 months ago
B. Progressive login delay: This method gradually increases the delay between login attempts after each failed attempt, making brute force attacks significantly more time-consuming and less feasible, without locking out users or requiring them to change their behavior.
upvoted 3 times
...
Dretheone
1 year ago
Selected Answer: A
I thought A would be more effective, it doesn't let the attacker attempt to login again without the account being unlocked. This stops the attacker from attempting to brute force after a certain amount of attempts and it doesn't effect user experience as the user can simply ask the help desk to unlock the account and reset the password if they forgot it.
upvoted 1 times
Dretheone
1 year ago
Progressive login delay is a better option after doing some research.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago