CompTIA Security+ (SY0-501) — Question 707

A security analyst discovers that a company's username and password database was posted on an Internet forum. The username and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?

Answer options

• A. Create DLP controls that prevent documents from leaving the network
• B. Implement salting and hashing.
• C. Configure the web content filter to block access to the forum.
• D. Increase password complexity requirements.

Correct answer: B

Explanation

Implementing salting and hashing (option B) would protect stored passwords by making them unreadable even if accessed, thus mitigating the impact of data breaches. The other options, while helpful, do not directly address the security of stored passwords: DLP controls (A) and web filtering (C) help prevent data exfiltration but do not secure the passwords if they are compromised, and increasing password complexity (D) does not protect already stored passwords in plain text.