Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 3 Question 62 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 62
Topic #: 3
[All PT0-002 Questions]

A penetration tester uses Hashcat to crack hashes discovered during a penetration test and obtains the following output:

ad09cd16529b5f5a40a3e15344e57649f4a43a267a97f008af01af803603c4c8 : Summer2023 !!

7945bb2bb08731fc8d57680ffa4aefec91c784d231de029c610b778eda5ef48b:p@ssWord123

ea88ceab69cb2fb8bdcf9ef4df884af219fffbffab473ec13f20326dc6f84d13: Love-You999

Which of the following is the best way to remediate the penetration tester's discovery?

Show Suggested Answer Hide Answer
Suggested Answer: B

The penetration tester's discovery of passwords vulnerable to hash cracking suggests a lack of robust password policies within the organization. Among the options provided, implementing a blocklist of known bad passwords is the most effective immediate remediation. This measure would prevent users from setting passwords that are easily guessable or commonly used, which are susceptible to hash cracking tools like Hashcat.

Requiring passwords to follow complexity rules (Option A) can be helpful, but attackers can still crack complex passwords if they are common or have been exposed in previous breaches. Setting a minimum password length (Option C) is a good practice, but length alone does not ensure a password's strength against hash cracking techniques. Encrypting passwords with a stronger algorithm (Option D) is a valid long-term strategy but would not prevent users from choosing weak passwords that could be easily guessed before hash cracking is even necessary.

Therefore, a blocklist addresses the specific vulnerability exposed by the penetration tester---users setting weak passwords that can be easily cracked. It's also worth noting that the best practice is a combination of strong, enforced password policies, user education, and the use of multi-factor authentication to enhance security further.


by Olga at Jul 18, 2024, 03:48 PM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Chaya
5 days ago
Haha, 'Summer2023 !!' - that's a new one. I wonder if the 'Love-You999' guy has a thing for significant others and the number 9.
upvoted 0 times
...
Lynelle
8 days ago
Love-You999? Really? I could've guessed that one in my sleep. Definitely need to step up the password game here.
upvoted 0 times
...
Earlean
20 days ago
I believe option D would be the most secure solution.
upvoted 0 times
...
Margot
22 days ago
But wouldn't option C also help in this situation?
upvoted 0 times
...
Noelia
29 days ago
I agree with Casie, complex passwords are important.
upvoted 0 times
...
Cassandra
30 days ago
Encrypting the passwords is a good idea, but it won't stop people from using weak ones in the first place. Gotta address the root of the problem here.
upvoted 0 times
...
Britt
1 months ago
Yikes, those passwords are way too simple! Blocklisting known bad passwords is a must. And 10 characters minimum is a good start, but complexity rules would be even better.
upvoted 0 times
Judy
6 days ago
User 1: Those passwords are terrible!
upvoted 0 times
...
Eveline
8 days ago
User 3: Setting a minimum password length to ten characters is a good idea, but we should also require complexity rules.
upvoted 0 times
...
Ruth
20 days ago
User 2: I agree, we should definitely blocklist known bad passwords.
upvoted 0 times
...
Lindsey
26 days ago
User 1: Those passwords are terrible!
upvoted 0 times
...
...
Casie
1 months ago
I think option A is the best choice.
upvoted 0 times
...

Save Cancel