CompTIA PenTest+ (PT0-002) — Question 110

User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

Answer options

• A. MD5
• B. bcrypt
• C. SHA-1
• D. PBKDF2

Correct answer: A

Explanation

MD5 is known for its vulnerabilities and speed, making it susceptible to attacks such as rainbow table cracking. In contrast, bcrypt, SHA-1, and PBKDF2 are designed with stronger security measures, such as salting and increased computational time, which protect against such easy compromises.