A security analyst is doing a vulnerability assessment on a database server. A scanning tool returns the following information:
There have been several security breaches on the web server that accesses this database. The security team is instructed to mitigate the impact of any possible breaches. The security team is also instructed to improve the security on this database by making it less vulnerable to offline attacks. Which of the following would BEST accomplish these goals? (Choose two.)
A. Start using salts to generate MD5 password hashes
B. Generate password hashes using SHA-256
C. Force users to change passwords the next time they log on
D. Limit users to five attempted logons before they are locked out E. Require the web server to only use TLS 1.2 encryption
How To Pass SY0-601 Exam?CompTIA SY0-601 PDF dumps.High quality SY0-601 pdf and software. VALID exam to help you pass. |
 |
I first answered A and B, even though I knew the wording of the answers meant I was probably wrong on one of them. My book notes say MD5 is legacy and crackable though, so I now think I was wrong and it B and C (C since it asks how to mitigate the impact of any possible breaches, and this would be one way to do that).
Is salted MD5 better than SHA normal? I think SHA normal would be better than salted MD5, right?