A company's security monitoring tools have flagged an escalating trend in unauthorized attempts targeting employee accounts on the corporate portal. Which countermeasure should be considered first by the security analyst to counteract this activity?
Increase the logging level of the portal access logs.
Renew all SSL certificates used by the company.
Implement a lockout policy.
Conduct a comprehensive network vulnerability scan.
The escalation in unauthorized account access attempts is indicative of a potential brute force attack. The most direct method to mitigate this type of attack is to implement an account lockout policy, which would temporarily block accounts after a certain number of failed login attempts, helping to prevent unauthorized access. Increasing the logging level would only increase the detail of the incident records but not prevent the attempts. Performing a network scan may identify vulnerabilities but would not address the ongoing access attempts. Renewing SSL certificates is a regular maintenance task and would not prevent account brute force attempts.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a lockout policy, and how does it work?
Open an interactive chat with Bash
What are brute force attacks, and how do they affect account security?
Open an interactive chat with Bash
Why is increasing the logging level insufficient as a primary countermeasure?