CompTIA Security+ (SY0-601) — Question 658

An administrator needs to protect user passwords and has been advised to hash the passwords. Which of the following BEST describes what the administrator is being advised to do?

Answer options

• A. Perform a mathematical operation on the passwords that will convert them into unique strings.
• B. Add extra data to the passwords so their length is increased, making them harder to brute force.
• C. Store all passwords in the system in a rainbow table that has a centralized location.
• D. Enforce the use of one-time passwords that are changed for every login session.

Correct answer: A

Explanation

The correct answer is A because hashing is a mathematical process that converts passwords into a fixed-length string, making them unique and secure. Options B and D describe methods to enhance password security but do not involve hashing, while option C suggests a method that is insecure and not aligned with password protection best practices.