A company wants to bolster its defenses against an attack that involves attempting a list of potential passwords. Which of the following measures would BEST mitigate this specific type of attack?
Restrict user login times to business hours only.
Increase the frequency of data backups.
Enforce a strong password policy that requires complexity.
Install and update antivirus software on all systems.