Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?

A.
Account expiration settings

B.
Complexity of PIN

C.
Account lockout settings

D.
PIN history requirements

Explanation:
Account lockout settings determine the number of failed login attempts before the account gets locked and how long the account will be locked out for. For
example, an account can be configured to lock if three incorrect passwords (or in this case PIN’s) are entered. The account can then be configured to automatically
unlock after a period of time or stay locked until someone manually unlocks it.
Incorrect Answers:
A: Account expiration settings determine when an account will expire. This is usually a time or date. An account configured with an expiration date will not prevent
an attacker trying to brute force a PIN as the attacker could make as many attempts as he wants until the time or date of the account expiration. Therefore, this
answer is incorrect.
B: Complexity of PIN: Password complexity determines what a password should include. For example, you could require a password to contain uppercase and
lowercase letters and numbers. The question states that access is gained by using a 4-digit PIN number. The “complexity” of the PIN is 4 numbers. There’s not
much you can do to make a 4 digit PIN more complex other than require that no numbers are repeated. You could only change the length of the PIN to make it
more difficult to guess. PIN complexity will not prevent an attacker trying to brute force a PIN.
Therefore, this answer is incorrect.
D: PIN history requirements are used when people change their PINs. PIN history requirements could state that you cannot use any of your five previously used
PINs. PIN history will not prevent an attacker trying to brute force a PIN. Therefore, this answer is incorrect.

https://technet.microsoft.com/en-us/library/cc757692%28v=ws.10%29.aspx