PT0-002 · Question #406
PT0-002 Question #406: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-002 to reveal the answer and full explanation for question #406. The question stem and answer options stay visible for context.
Question
A penetration tester discovered a code repository and noticed passwords were hashed before they were stored in the database with the following code: salt = 'saltl23' hash = hashlib.pbkdf2_hmac('sha256', plaintext, salt, 10000) The penetration tester recommended the code be updated to the following: salt = os.urandom(32) hash = hashlib.pbkdf2_hmac('sha256', plaintext, salt, 10000) Which of the following steps should the penetration tester recommend?
Options
- AChanging passwords that were created before this code update
- BKeeping hashes created by both methods for compatibility
- CRehashing all old passwords with the new code
- DReplacing the SHA-256 algorithm to something more secure
Unlock PT0-002 to see the answer
You've previewed enough free PT0-002 questions. Unlock PT0-002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.