A security analyst notices repeated failed login attempts from an internal IP address on the domain controller. After enabling account lockout, the lockouts continue but the source IP changes. What is the best next step?
Select one:
The trap here is that candidates assume account lockout is sufficient and focus on tweaking lockout ...