CISM Certified Information Security Manager – Question0850

An information security manager learns that the root password of an external FTP server may be subject to brute force attacks. Which of the following would be the MOST appropriate way to reduce the likelihood of a successful attack?

A.
Block the source IP address of the attacker.
B. Lock remote logon after multiple failed attempts.
C. Disable access to the externally facing server.
D. Install an intrusion detection system (IDS).

Correct Answer: B