GCIH · Question #763
A security examiner has been given permission by senior management to conduct a password audit. What should the examiner ensure after the process completes?
The correct answer is A. Pot files are removed from cracking systems. After a password audit, pot files storing cracked credentials must be securely deleted from cracking systems to prevent unauthorized access to sensitive plaintext passwords.
Question
A security examiner has been given permission by senior management to conduct a password audit. What should the examiner ensure after the process completes?
Options
- APot files are removed from cracking systems
- BAcceptability rules are defined following the audit
- CUsers can change passwords at their discretion
- DCracked passwords are stored on a single system
How the community answered
(28 responses)- A96% (27)
- B4% (1)
Why each option
After a password audit, pot files storing cracked credentials must be securely deleted from cracking systems to prevent unauthorized access to sensitive plaintext passwords.
Password cracking tools such as Hashcat and John the Ripper store cracked hash-to-plaintext mappings in pot files (e.g., hashcat.potfile, john.pot) during an audit. These files accumulate sensitive credential data and must be securely removed upon completion to comply with data handling requirements and ensure cracked passwords cannot be accessed beyond the authorized audit scope.
Defining password acceptability rules is a policy-level activity that should occur before or independently of the audit, not a post-audit cleanup step for removing cracking artifacts.
Whether users may change passwords at their discretion is a general access control policy decision unrelated to the cleanup of sensitive cracking tool artifacts after an audit.
Consolidating cracked passwords onto a single system still leaves sensitive credential data exposed and at risk; the correct post-audit action is complete removal of cracked credential artifacts, not centralization.
Concept tested: Post-audit cleanup of password cracking pot files
Topics
Community Discussion
No community discussion yet for this question.