A company wants to bolster its defenses against an attack that involves attempting a list of potential passwords. Which of the following measures would BEST mitigate this specific type of attack?
Install and update antivirus software on all systems.
Restrict user login times to business hours only.
Enforce a strong password policy that requires complexity.
Increase the frequency of data backups.