CompTIA PenTest+ (PT1-002) — Question 97

User credentials were captured from a database during an assessment and cracked using rainbow tables. Based on the ease of compromise, which of the following algorithms was MOST likely used to store the passwords in the database?

Answer options

• A. MD5
• B. bcrypt
• C. SHA-1
• D. PBKDF2

Correct answer: A

Explanation

MD5 is known for its weaknesses and is relatively fast, making it easier to crack using rainbow tables. In contrast, bcrypt, SHA-1, and PBKDF2 provide stronger security features, such as salting and key stretching, which make them more resistant to such attacks.