ExpertMedium1 markMultiple Choice
CPA · Question 81 · Area II: Security
A company uses 'Hashing' to store passwords. Why is this better than encryption?
A company uses 'Hashing' to store passwords. Why is this better than encryption?
Answer options:
A.
Hashing is reversible.
B.
Hashing uses a public key.
C.
Hashing is one-way; the original password cannot be retrieved from the hash.
D.
Hashing is slower.
How to approach this question
Hashing = One-way trip.
Full Answer
C.Hashing is one-way; the original password cannot be retrieved from the hash.✓ Correct
C
Hashing is a one-way mathematical function. If a hacker steals the database of hashed passwords, they cannot reverse the math to find the original passwords (unlike encryption, which can be decrypted with a key).
Common mistakes
Thinking Hashing is the same as Encryption.
Practice the full CPA ISC Practice Exam 3
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...MediumQ02During a review of a client's cloud governance structure, an auditor notes that the client uses a...MediumQ03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...HardQ04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...HardQ05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium