CompTIA Security+ SY0-601 – Question566

An attacker is attempting to harvest user credentials on a client's website. A security analyst notices multiple attempts of random usernames and passwords. When the analyst types in a random username and password, the logon screen displays the following message:
The username you entered does not exist.
Which of the following should the analyst recommend be enabled?


A.
Input valuation
B. Obfuscation
C. Error handling
D. Username lockout

Correct Answer: C