Are you studying for the CEH certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which of the following could be implemented to prevent automated brute force attacks on passwords?
Require the user to input the password twice.
Change password to a default value after a specified number of incorrect login attempts.
Increase the response time each time an unsuccessful login attempt occurs. When the response time hits a max value, disable the account.
Delete a user account after a specified number of incorrect login attempts.
Increasing the response time after each login attempt would slow down and eventually disable an automated script attempting to brute force the password. For example, first login attempt response is immediate, second login attempt response has a 2 second wait, third login attempt responds after 4 seconds, etc. EDIT: The delayed response on real accounts could tell the attacker that they have a real user when the multiple failed attempts on the non-registered user would always return in the same amount of time. EDIT2: The delay is applied to the client, not the account.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.