Using a protocol analyzer, a security consultant was able to capture employee’s credentials.
Which of the following should the consultant recommend to the company, in order to mitigate the
risk of employees credentials being captured in the same manner in the future?
A.
Wiping of remnant data
B.
Hashing and encryption of data in-use
C.
Encryption of data in-transit
D.
Hashing of data at-rest
This should be C – the data is in transit, and encrypting the communications would secure the credentials.
1
0
Agreed. Hashing lets you know if the integrity of the file has been compromised. Encryption is about confidentiality. This is clearly data in transit.
1
0