A cloud services administrator noticed multiple failed login attempts originating from an unfamiliar source, suggesting a potential brute force attack. What is the BEST immediate action to protect the system against this type of attack, while maintaining user access?
Change user passwords immediately
Enable multi-factor authentication (MFA) for user accounts
Increase the password complexity requirements
Implement geolocation-based blocking of IP addresses
Enabling multi-factor authentication (MFA) adds an additional layer of security beyond just the username and password. This can significantly impede a brute force attack, as the attacker would now require another form of identification which is much harder to obtain or guess, such as a temporary token or a biometric factor. Changing user passwords would not be the best immediate action and could disrupt service for legitimate users. Implementing geolocation-based blocking could be helpful but may also inadvertently block legitimate users. Modifying password complexity requirements is good practice but would not offer immediate protection for accounts that are currently under attack.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is multi-factor authentication (MFA)?
Open an interactive chat with Bash
How does a brute force attack work?
Open an interactive chat with Bash
Why is changing user passwords not the best immediate action during an attack?