What is a potential risk when password guessing triggers failed-login thresholds on a system?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What is a potential risk when password guessing triggers failed-login thresholds on a system?

Explanation:
When a system enforces a failed-login threshold, it will typically lock the user’s account or impose a cooldown after enough unsuccessful attempts. This is a defensive measure to slow down brute-force guessing, but it creates a real risk: legitimate users can be blocked from accessing their accounts, leading to denial of service and potential administrative work to unlock or reset accounts. Attackers can also use lockouts to disrupt service or infer that a username exists if they observe which accounts get locked. Immediate password resets aren’t automatic outcomes of a threshold, and authentication bypass isn’t caused by standard threshold failures.

When a system enforces a failed-login threshold, it will typically lock the user’s account or impose a cooldown after enough unsuccessful attempts. This is a defensive measure to slow down brute-force guessing, but it creates a real risk: legitimate users can be blocked from accessing their accounts, leading to denial of service and potential administrative work to unlock or reset accounts. Attackers can also use lockouts to disrupt service or infer that a username exists if they observe which accounts get locked. Immediate password resets aren’t automatic outcomes of a threshold, and authentication bypass isn’t caused by standard threshold failures.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy