CISSP · Question #1107
A user's credential for an application is stored in a relational database. Which control protects the confidentiality of the credential while it is stored?
The correct answer is C. Use a salted cryptographic hash of the password.. A salted cryptographic hash of the password is a control that protects the confidentiality of the credential while it is stored in a relational database. A salt is a random value that is added to the password before hashing it, to make it more resistant to brute-force attacks and
Question
A user's credential for an application is stored in a relational database. Which control protects the confidentiality of the credential while it is stored?
Options
- AValidate passwords using a stored procedure.
- BAllow only the application to have access to the password field in order to verify user
- CUse a salted cryptographic hash of the password.
- DEncrypt the entire database and embed an encryption key in the application.
How the community answered
(14 responses)- A7% (1)
- B14% (2)
- C79% (11)
Explanation
A salted cryptographic hash of the password is a control that protects the confidentiality of the credential while it is stored in a relational database. A salt is a random value that is added to the password before hashing it, to make it more resistant to brute-force attacks and rainbow tables. A hash is a one-way function that transforms the password into a fixed-length output that is difficult to reverse. A salted hash makes it harder for an attacker to guess or crack the password, even if they have access to the database.
Topics
Community Discussion
No community discussion yet for this question.