A software developer wants to prevent stored passwords from being easily decrypted. When the
password is stored by the application, additional text is added to each password before the password is
hashed. This technique is known as:
A.
Symmetric cryptography.
B.
Private key cryptography.
C.
Salting.
D.
Rainbow tables.
Explanation:
Salting can be used to strengthen the hashing when the passwords were encrypted. Though hashing is a
one-way algorithm it does not mean that it cannot be hacked. One method to hack a hash is though
rainbow tables and salt is the counter measure to rainbow tables. With salt a password that you typed inand that has been encrypted with a hash will yield a letter combination other than what you actually
types in when it is rainbow table attacked.
Incorrect Answers:
A: Symmetric cryptography refers to symmetric algorithms require both ends of an encrypted message to
have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be
protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isn’t
disclosed to people who aren’t authorized to use the encryption system. The disclosure of a private key
breaches the security of the encryption system.
B: Private Key cryptography is also known as symmetric cryptography.
D: Rainbow tables can be used to break a hash. A rainbow table attack focuses on identifying a stored
value. By using values in an existing table of hashed phrases or words (think of taking a word and hashing
it every way you can imagine) and comparing them to values found.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 249-250, 256