Which of the following is a recommended mitigation for password attacks?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Get ready for the Cybersecurity and Digital Forensics Test with comprehensive multiple choice questions, flashcards, and detailed explanations. Enhance your skills and prepare for success in the digital security field!

Multiple Choice

Which of the following is a recommended mitigation for password attacks?

Explanation:
Multi-factor authentication adds a second form of verification to login, such as a code from a authenticator app, a hardware token, or a biometric factor, in addition to the password. This means that even if a password is compromised through phishing, guessing, or data breaches, the attacker still needs the second factor to gain access. The extra layer makes credential-only attacks much less likely to succeed because knowledge alone is no longer enough. Disabling password expiration policies reduces the incentive for users to rotate credentials and can allow compromised passwords to remain valid longer. Using simple, easily guessable passwords creates a weak foundation that is easily breached even with other protections in place. Disabling account lockout mechanisms removes a key safeguard against rapid guessing and brute-force attempts.

Multi-factor authentication adds a second form of verification to login, such as a code from a authenticator app, a hardware token, or a biometric factor, in addition to the password. This means that even if a password is compromised through phishing, guessing, or data breaches, the attacker still needs the second factor to gain access. The extra layer makes credential-only attacks much less likely to succeed because knowledge alone is no longer enough.

Disabling password expiration policies reduces the incentive for users to rotate credentials and can allow compromised passwords to remain valid longer. Using simple, easily guessable passwords creates a weak foundation that is easily breached even with other protections in place. Disabling account lockout mechanisms removes a key safeguard against rapid guessing and brute-force attempts.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy