During a brute force attack against an online service, the penetration tester is able to try 1000 passwords per second without any restrictions from the application. This scenario indicates that the application is not equipped with proper account lockout mechanisms.
True
False