Hashing, is the answer. Why? Because, with Hashing the tool can identify a credential without knowing the exact credential , by a mathematical method (ex: multiply the credential by a number, and all different credentials have different results). comparing the Hashing of the local credential with the Hashing of the web credentials the tool can extrapolate if the credential was compromised.
Hashing is a cryptographic technique that takes input data (in this case, passwords) and converts it into a fixed-size string of characters, which is the hash value. The hashing process is one-way, meaning it is not feasible to reverse the hash and obtain the original password from the hash value alone.
When monitoring tools need to compare values (such as passwords) to detect password leaks, they can hash the values and then compare the resulting hash values against a known database of leaked or compromised password hashes. If the hash of the user's password matches any entry in the database, it indicates that the password has been compromised without actually revealing the original password itself.
This approach is widely used in password security practices, especially in situations where it's essential to protect the actual credentials from exposure.
In conclusion, the most suitable option for a monitoring tool to compare values (passwords) and detect password leaks without providing the actual credentials is A. Hashing.
Security engineer just put a fence around the property. But I'm the property grounds keeper. And I'm trying to break into the R&D building. And his fence did zero to keep me out since I was already authorized to be on the property.
Hashing is a one-way mathematical function that takes an input (in this case, passwords) and produces a fixed-size string of characters, known as a hash value or hash code. The important property of hashing is that it is computationally infeasible to reverse-engineer the original input from the hash value
Because, with Hashing the tool can identify a credential without knowing the exact credential, by a mathematical method (ex: multiply the credential by a number, and all different credentials have different results). comparing the Hashing of the local credential with the Hashing of the web credentials the tool can extrapolate if the credential was compromised.
"Hashing is used to assure the authenticity of websites with which they may share personal and private information, in password storage applications (personal or used by entities they interact with online), and is likely used by the antivirus solution they trust to keep their devices free of malware." So if Hashing is used to validate the integrity of data, you can compare hashes to figure out if the data (password or whatever it is) was compromised
https://www.uscybersecurity.net/csmag/what-the-hash-data-integrity-and-authenticity-in-american-jurisprudence/
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Ribeiro19
Highly Voted 8 months, 2 weeks agoProtract8593
Highly Voted 8 months, 2 weeks agorussian
Most Recent 1 year, 1 month agolsalc
1 year, 5 months agokennyboy23
1 year, 6 months agoDirtyDann
1 year, 6 months agoAbdullxHanan
1 year, 10 months agoApplebeesWaiter1122
1 year, 11 months agoDALLASCOWBOYS
2 years, 4 months agoDeeppain90
2 years, 4 months agoxxxdolorxxx
2 years, 4 months agoFMMIR
2 years, 6 months agookay123
2 years, 6 months agoSultan1990
2 years, 9 months agoSultan1990
2 years, 9 months ago