A security administrator is reviewing the following output from an offline password audit:
Which of the following should the systems administrator implement to BEST address this audit finding? (Choose two.)
A. Cryptoprocessor
B. Bcrypt
C. SHA-256
D. PBKDF2
E. Message authentication
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
No doubt B and D.
You should never use a hash to store passwords (subject to rainbowtable attacks).
Actually, bcrypt and PBKDF2 are being replaced by other algorithms, but for this question it is the best option.
i think B and D
C and D