Account Use Policies
Configure features related to account use like login attempt lockouts, specific login times, etc.
Techniques Addressed by Mitigation
Set account lockout policies after a certain number of failed login attempts to prevent passwords from being guessed. Too strict a policy may create a denial of service condition and render environments un-usable, with all accounts used in the brute force being locked-out.