ExpertMedium1 markMultiple Choice
CPA · Question 56 · Area II: Security
A company stores customer passwords in a database. To enhance security, they add a random string of characters to each password before hashing it. This technique is known as:
A company stores customer passwords in a database. To enhance security, they add a random string of characters to each password before hashing it. This technique is known as:
Answer options:
A.
Peppering
B.
Salting
C.
Masking
D.
Tokenization
How to approach this question
Identify the term for adding random data to hashes.
Full Answer
B.Salting✓ Correct
Salting ensures that even if two users have the same password, their hashes are different.
Common mistakes
Confusing Salting with Key stretching.
Practice the full CPA ISC Practice Exam 2
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll platform where clients access the software ...MediumQ02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...HardQ03During a walkthrough of the change management process, an auditor observes that developers have w...MediumQ04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...HardQ05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium