During a routine log review, a security analyst finds a previously unknown script collecting hashed user secrets from system memory. The analyst suspects unauthorized data collection. Which measure best addresses this infiltration tactic to reduce exposure?
Increase user password length across the company
Implement shorter session timeouts to prompt more logins
Restrict reading from processes that store hashed credentials
Configure advanced inbound blocking for all network ports
Limiting direct access to processes that store authentication data reduces the possibility of an attacker copying hashed secrets from memory. Although measures like enforcing a firewall rule or increasing password length may strengthen security in other areas, they do not prevent reading sensitive information from live processes. Re-authentication policies help enforce session security but do not stop a script scanning active memory for data. Proper access restrictions can deny tools from interacting with memory where user secrets reside, curtailing the risk of exposure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'hashed user secrets' mean?
Open an interactive chat with Bash
How can processes reading hashed secrets be restricted?
Open an interactive chat with Bash
Why don't firewall rules or longer passwords stop memory attacks?