A web developer wants to ensure that a new web application is not vulnerable to brute-force attacks. Which of the following best practices is MOST useful to meet this goal?
A web developer wants to ensure that a new web application is not vulnerable to brute-force attacks. Which of the following best practices is MOST useful to meet this goal?
To protect a web application from brute-force attacks, implementing password lockout is the most effective measure. This security practice temporarily locks out an account after a certain number of failed login attempts, preventing attackers from making unlimited attempts to guess the password. Input validation, system updates, and login auditing, while important for overall security, do not directly address the prevention of brute-force attacks.
I'm assuming they are talking about passwords brute force attacks so I'd say C then