IBM C1000-130 Exam - Topic 3 Question 79 Discussion

In IBM Cloud Pak for Integration (CP4I) v2021.2, when integrating LDAP (Lightweight Directory Access Protocol) for authentication, an account lockout policy can be configured to enhance security.

The account lockout policy is designed to prevent brute-force attacks by temporarily or permanently restricting user access after multiple failed login attempts.

How the Account Lockout Policy Works:

If a user enters incorrect credentials multiple times, the account is locked based on the configured policy.

The lockout can be temporary (auto-unlock after a period) or permanent (admin intervention required).

This prevents attackers from guessing passwords through repeated login attempts.

Why Answer D is Correct?

The policy's main function is to restrict access after repeated failed attempts, ensuring security.

It helps mitigate brute-force attacks and unauthorized access.

LDAP enforces the lockout rules based on the organization's security settings.

Explanation of Incorrect Answers:

A . It warns the administrator if multiple login attempts fail. Incorrect

While administrators may receive alerts, the primary function of the lockout policy is to restrict access, not just warn the admin.

B . It prompts the user to change the password. Incorrect

An account lockout prevents login rather than prompting a password change.

Password change prompts usually happen for expired passwords, not failed logins.

C . It deletes the user account. Incorrect

Lockout disables access but does not delete the user account.

IBM Cloud Pak for Integration (CP4I) v2021.2 Administration Reference:

IBM Cloud Pak for Integration Security & LDAP Configuration

IBM Cloud Pak Foundational Services - Authentication & User Management

IBM Cloud Pak for Integration - Managing User Access

IBM LDAP Account Lockout Policy Guide