Certified Ethical Hacker (CEH v12) — Question 307

Ethical hacker Jane Doe is attempting to crack the password of the head of the IT department of ABC company. She is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting.

What countermeasure is the company using to protect against rainbow tables?

Answer options

• A. Password key hashing
• B. Password salting
• C. Account lockout
• D. Password hashing

Correct answer: B

Explanation

The correct answer is B, Password salting, which adds random data to passwords before they are hashed, making rainbow tables ineffective. Options A and D relate to hashing methods but do not involve the additional complexity provided by salting. Option C, Account lockout, is a security measure that prevents further attempts after a certain number of failed logins, but does not specifically protect against rainbow table attacks.