Yes (I believe) that ability is there in ACS, but it does not help with the *offline* dictionary attack that is currently in the news.
With the offline dictionary attack the attacker passively observes the LEAP challenge/challenge response, and then (with knowledge of the LEAP algorithm), takes a dictionary of potential LEAP passwords and sees if any of the passwords in the dictionary produce the same challenge response.
This is an offline attack, and cannot be prevented by restricting the number of login attempts a user can make.
More information about dictionary attack on LEAP is available here;
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00801aa80f.shtml