CompTIA Security+ (SY0-601) — Question 81

Against the recommendation of the IT security analyst, a company set all user passwords on a server as `P@55w0rD`. Upon review of the /etc/passwd file, an attacker found the following: alice:a8df3b6c4fd75f0617431fd248f35191df8d237f bob:2d250c5b2976b03d757f324ebd59340df96aa05e chris:ea981ec3285421d014108089f3f3f997ce0f4150
Which of the following BEST explains why the encrypted passwords do not match?

Answer options

• A. Perfect forward secrecy
• B. Key stretching
• C. Salting
• D. Hashing

Correct answer: C

Explanation

The correct answer is C, Salting, because it adds unique random data to each password before hashing, resulting in different encrypted outputs even for identical passwords. The other options, such as Perfect forward secrecy and Key stretching, do not directly relate to the reason for differing encrypted outputs in this context, while Hashing refers to the process itself rather than the method of producing unique encrypted passwords.