CompTIA SecurityX (CAS-005) — Question 78

A developer needs to improve the cryptographic strength of a password-storage component in a web application without completely replacing the crypto-module. Which of the following is the most appropriate technique?

Answer options

• A. Key splitting
• B. Key escrow
• C. Key rotation
• D. Key encryption
• E. Key stretching

Correct answer: E

Explanation

Key stretching is the correct choice because it involves increasing the computational work required to guess passwords, thus enhancing security without replacing the entire crypto-module. The other options, such as key escrow and key rotation, do not directly improve password storage security, while key encryption is focused on protecting data rather than strengthening password storage.