GIAC
GCIH · Question #355
GCIH Question #355: Real Exam Question with Answer & Explanation
The correct answer is C: Rainbow Tables cannot be used to crack the password. Linux and Unix facilitate using salts that are unique to each user and used as a seed during the password hashing process. The salt assures that password hashes are unique and prevents any form of pre-created encryption dictionaries (e.g. Rainbow Tables) being used to crack the
Vulnerability Exploitation & Privilege Escalation
Question
What is the value of salting password hashes?
Options
- AFull encryption in the SAM database
- BStrong encryption algorithms are enforced
- CRainbow Tables cannot be used to crack the password
- DDictionary password guessing attacks can't be used
Explanation
Linux and Unix facilitate using salts that are unique to each user and used as a seed during the password hashing process. The salt assures that password hashes are unique and prevents any form of pre-created encryption dictionaries (e.g. Rainbow Tables) being used to crack the
Topics
#password salting#rainbow tables#credential attacks#password hashing
Community Discussion
No community discussion yet for this question.