Which of the following are measures against password sniffing?
A.
Passwords must not be sent through email in plain text.
B.
Passwords must not be stored in plain text on any electronic media.
C.
You may store passwords electronically if it is encrypted.
D.
All of the choices.
Explanation:
Passwords must not be sent through email in plain text. Passwords must not be stored in plain text
on any electronic media. It is acceptable to store passwords in a file if it is encrypted with PGP or
equivalent strong encryption (once again depending on your organization policy). All vendor
supplied default passwords must be changed.