Weekly CISSP Exam Questions
When developing an application, what’s the best practice for handling sensitive user input like passwords?
A. Encrypt before storage
B. Store in plaintext, but securely
C. Hash and salt before storage
D. Mask with base64
Correct Answer: C
Explanation:
Handling sensitive user data securely is crucial, especially when it comes to passwords. Here's a breakdown of each option:
Encrypt before storage: While encryption is a secure method for storing sensitive data, it is not the best practice for passwords. Encryption is reversible, meaning if someone gains access to the encryption key, they can decrypt the passwords.
Store in plaintext, but securely: Storing passwords in plaintext, even in a 'secure' manner, is a severe security risk and should never be done.
Hash and salt before storage: This is the best practice for storing passwords. Hashing converts the password into a fixed-length string of characters, which appears random. Adding a "salt" (random data) before hashing adds another layer of security by making it more difficult for attackers to use precomputed tables (rainbow tables) to crack the passwords.
Mask with base64: Base64 is not a secure method of storing passwords. It's merely an encoding scheme and can be easily reversed.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
