CompTIA Security+ (SY0-601) — Question 172

A security analyst discovers that a company's username and password database was posted on an Internet forum. The usernames and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?

Answer options

• A. Create DLP controls that prevent documents from leaving the network.
• B. Implement salting and hashing.
• C. Configure the web content filter to block access to the forum.
• D. Increase password complexity requirements.

Correct answer: B

Explanation

Implementing salting and hashing helps secure passwords by transforming them into a non-reversible format, making it difficult for attackers to retrieve the original passwords even if they gain access to the database. The other options focus on preventing data loss or enhancing security measures but do not directly address the issue of storing passwords securely.