Exam SY0-701 topic 1 question 157 discussion

Salting is the correct answer because it involves adding a random string to a password before hashing to strengthen security. This technique effectively prevents precomputed hash attacks, making it a critical component of modern password protection strategies.

Salting Adds a random string of characters, called a "salt", to a password before hashing it. This makes each password unique and prevents attackers from: Using dictionary lookups to see how popular passwords are hashed Guessing the hash function to unlock a database of passwords Key stretching Lengthens the password by iterating the hash of the salted password. This makes it much more difficult for attackers to crack passwords using brute-force or precomputed tables.

D. Salting Explanation: Salting involves adding a random string (called a salt) to a password before it is hashed to prevent attackers from using precomputed hash databases (like rainbow tables) to crack the password. The random string (in this case, 36 characters) is unique and makes the password significantly harder to guess because it ensures that even if two users have the same password, their hashes will be different.

Key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources it takes to test each possible key. Salting does not add to the length of the password and does not stop attackers from brute-forcing the key as the salt is added after the password is submitted. Tokenization and Data masking will not prevent brute-force attacks for the same reason. They are processes that don't alter a weak password.

D. Salting