ExpertMedium1 markMultiple Choice
CPA · Question 56 · Area II: Security
A company stores customer passwords in a database. To enhance security, they add a random string of characters to each password before hashing it. This technique is known as:
A company stores customer passwords in a database. To enhance security, they add a random string of characters to each password before hashing it. This technique is known as:
Answer options:
A.
Peppering
B.
Salting
C.
Masking
D.
Tokenization
How to approach this question
Identify the term for adding random data to hashes.
Full Answer
B.Salting✓ Correct
Salting
Salting ensures that even if two users have the same password, their hashes are different.
Common mistakes
Confusing Salting with Key stretching.
Practice the full CPA ISC Practice Exam 2
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll platform where clients access the software ...MediumQ02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...HardQ03During a walkthrough of the change management process, an auditor observes that developers have w...MediumQ04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...HardQ05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium