CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

During a penetration test, you discover that the client's web application is storing user passwords in a database using a hashing algorithm without a salt. You need to report this finding and recommend an appropriate remediation strategy. Which recommendation enhances the security of password storage?

  • Store passwords using reversible AES encryption.

  • Implement bcrypt with a dynamic salt for hashing each user's password.

  • Convert existing hashes to MD5 with a dynamic salt for added security.

  • Use SHA-256 with a dynamic salt for hashing each user's password.

This question is for objective:
Reporting and Communication
Your Score:
Reporting and Communication
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Tools and Code Analysis
Planning and Scoping