Ethical Hacking Essentials Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Ethical Hacking Essentials Test. Study with flashcards and multiple-choice questions, each exam includes hints and explanations. Get ready to ace your certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What can administrators do to protect their server from password cracking attempts?

  1. Disable account lockout

  2. Allow unlimited password attempts

  3. Enable account lockout following a certain number of invalid attempts

  4. Ask users to remember their passwords

The correct answer is: Enable account lockout following a certain number of invalid attempts

Enabling account lockout following a certain number of invalid attempts is an effective method for protecting servers from password cracking attempts. This security measure involves temporarily locking an account after a predefined number of consecutive failed login attempts. This approach significantly reduces the risk of automated attacks, such as brute force attacks, where an attacker systematically tries different password combinations to gain unauthorized access. By limiting the number of attempts, administrators can effectively slow down these attacks, as the account will become inaccessible after a few incorrect tries. This forces attackers to rethink their approach, as the time and resources needed to bypass the lockout become prohibitive. Furthermore, this tactic can be combined with alerts to notify administrators of potential unauthorized access attempts, enhancing overall security. It is important to balance the lockout duration and the maximum number of attempts to avoid inconveniencing legitimate users while still providing robust protection against malicious activities. In contrast to this practice, disabling account lockout, allowing unlimited password attempts, and simply asking users to remember their passwords do not provide adequate defenses against password cracking attempts, as they may leave accounts susceptible to exploitation without any barriers to automated attack methods.

More Questions Like This