CompTIA PenTest+ PT0-002 Practice Question

During a penetration test, you discover that the client's web application is storing user passwords in a database using a hashing algorithm without a salt. You need to report this finding and recommend an appropriate remediation strategy. Which recommendation enhances the security of password storage?

  • Convert existing hashes to MD5 with a dynamic salt for added security.

  • Implement bcrypt with a dynamic salt for hashing each user's password.

  • Store passwords using reversible AES encryption.

  • Use SHA-256 with a dynamic salt for hashing each user's password.

CompTIA PenTest+ PT0-002
Reporting and Communication
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot