Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 5 Question 60 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 60
Topic #: 5
[All PT0-002 Questions]

A penetration tester uses Hashcat to crack hashes discovered during a penetration test and obtains the following output:

ad09cd16529b5f5a40a3e15344e57649f4a43a267a97f008af01af803603c4c8 : Summer2023 !!

7945bb2bb08731fc8d57680ffa4aefec91c784d231de029c610b778eda5ef48b:p@ssWord123

ea88ceab69cb2fb8bdcf9ef4df884af219fffbffab473ec13f20326dc6f84d13: Love-You999

Which of the following is the best way to remediate the penetration tester's discovery?

Show Suggested Answer Hide Answer
Suggested Answer: B

The penetration tester's discovery of passwords vulnerable to hash cracking suggests a lack of robust password policies within the organization. Among the options provided, implementing a blocklist of known bad passwords is the most effective immediate remediation. This measure would prevent users from setting passwords that are easily guessable or commonly used, which are susceptible to hash cracking tools like Hashcat.

Requiring passwords to follow complexity rules (Option A) can be helpful, but attackers can still crack complex passwords if they are common or have been exposed in previous breaches. Setting a minimum password length (Option C) is a good practice, but length alone does not ensure a password's strength against hash cracking techniques. Encrypting passwords with a stronger algorithm (Option D) is a valid long-term strategy but would not prevent users from choosing weak passwords that could be easily guessed before hash cracking is even necessary.

Therefore, a blocklist addresses the specific vulnerability exposed by the penetration tester---users setting weak passwords that can be easily cracked. It's also worth noting that the best practice is a combination of strong, enforced password policies, user education, and the use of multi-factor authentication to enhance security further.


by Tuyet at Jul 02, 2024, 10:09 AM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rocco
1 months ago
Ten characters? That's cute. These passwords are so bad, I'd just lock everyone out and start over. B is the only way to go.
upvoted 0 times
...
Elenore
1 months ago
Haha, 'Love-You999'? Seriously? That's just asking to be hacked. B is the obvious choice here.
upvoted 0 times
...
Alton
1 months ago
Requiring complex passwords is a good start, but a blocklist is really the only way to ensure those terrible passwords don't get used. B is the way to go.
upvoted 0 times
Tracey
5 days ago
B: Setting a minimum password length is important too, but a blocklist can really help in this situation.
upvoted 0 times
...
Charolette
12 days ago
A: I agree, using a blocklist of known bad passwords is crucial to prevent weak passwords from being used.
upvoted 0 times
...
Ettie
15 days ago
C: Setting the minimum password length to ten characters could also help strengthen security.
upvoted 0 times
...
Dexter
16 days ago
B: I agree, implementing a blocklist of known bad passwords is crucial in this situation.
upvoted 0 times
...
Edison
23 days ago
A: Requiring complex passwords is a good start, but a blocklist is really the only way to ensure those terrible passwords don't get used.
upvoted 0 times
...
...
Man
1 months ago
Encrypting the passwords with a stronger algorithm is a good idea, but it won't stop people from choosing bad passwords in the first place. I'd go with B.
upvoted 0 times
Kasandra
8 days ago
D: Encrypting the passwords with a stronger algorithm
upvoted 0 times
...
Sonia
10 days ago
C: Setting the minimum password length to ten characters
upvoted 0 times
...
Barrett
15 days ago
B: Implementing a blocklist of known bad passwords
upvoted 0 times
...
Rickie
25 days ago
User 2: Yeah, that way even if they choose a weak password, it won't be accepted.
upvoted 0 times
...
Thora
30 days ago
User 1: I agree, implementing a blocklist of known bad passwords is a good first step.
upvoted 0 times
...
Ben
1 months ago
A: Requiring passwords to follow complexity rules
upvoted 0 times
...
...
Bronwyn
2 months ago
I see your point, Joaquin, but I still think option A is the most practical solution.
upvoted 0 times
...
Joaquin
2 months ago
But wouldn't encrypting with a stronger algorithm be more secure?
upvoted 0 times
...
Irma
2 months ago
Wow, those passwords are so weak! B definitely seems like the best option to prevent these common passwords from being used.
upvoted 0 times
Mitsue
1 months ago
User 2: Yeah, it's important to prevent users from using easily guessable passwords.
upvoted 0 times
...
Alexia
2 months ago
User 1: I agree, using a blocklist of known bad passwords would definitely help.
upvoted 0 times
...
...
Emeline
2 months ago
I agree with Refugia, complex passwords are important.
upvoted 0 times
...
Refugia
2 months ago
I think option A is the best choice.
upvoted 0 times
...

Save Cancel