A developer needs to improve the cryptographic strength of a password-storage component in a web application without completely replacing the crypto-module. Which of the following is the most appropriate technique?
❌ Why not the others?
A. Key splitting: Used to divide a key into parts, mainly for shared access or trust models, not password strength.
B. Key escrow: Involves storing keys with a third party for recovery—not related to password hashing.
C. Key rotation: Refers to changing encryption keys periodically, mostly for data encryption, not password hashing.
D. Key encryption: Encrypting keys with other keys—not related to strengthening password hashing.
✅ E. Key stretching
🔐 Explanation:
When storing passwords securely, it's essential to increase the time it takes to brute-force each password hash, especially when you can’t change the entire crypto module. That’s where key stretching comes in.
What is Key Stretching?
It's a technique used to enhance the security of weak or short cryptographic keys, like passwords.
It uses methods like PBKDF2, bcrypt, or scrypt to repeatedly hash a password, making brute-force attacks computationally expensive.
Ideal for upgrading existing password-storage mechanisms without rewriting the crypto module entirely.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CAS-005 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
vicbersong
1 month, 2 weeks agovicbersong
1 month, 2 weeks ago