Question: A security analyst is doing a vulnerability assessment on a database server. A scanning tool returns the following information: Database: CustomerAccess1 Column: Password Data type:

A security analyst is doing a vulnerability assessment on a database server. A scanning tool returns the following information:

Database: CustomerAccess1

Column: Password

Data type: MD5 Hash

Salted?: No

There have been several security breaches on the web server that accesses this database. The security team is instructed to mitigate the impact of any possible breaches. The security team is also instructed to improve the security on this database by making it less vulnerable to offline attacks. Which of the following would BEST accomplish these goals? (Select TWO).

  • Start using salts to generate MD5 password hashes

  • Generate password hashes using SHA-256

  • Force users to change passwords the next time they log on

  • Limit users to five attempted logons before they are locked out

  • Require the web server to only use TLS 1.2 encryption

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

Hello I need help answering these 4 multi-part questions for Information Security 1. This case pertains to a Lenovo Exploit in which the attacker creates a buffer in the memory containing exploit...

Q:

1. Which of the following principles describes how a security analyst should communicate during an incident? A. The communication should be limited to trusted parties only. B. The communication...

Q:

This policy will be reviewed no later than 5 years of its authorisation date. At this point it will need to be re-authorised by the relevant authority at Xxz Financial Services Version Published...

Q:

can someone solve this Modern workstations typically have memory systems that incorporate two or three levels of caching. Explain why they are designed like this. [4 marks] In order to investigate...

Q:

CREDIT CARD HEIST AT THE HEARTBREAK CAF By Galen Collins (2012), Journal of Hospitality and Tourism Cases Volume 2, Issue 1 ABSTRACT Tom Petrov, the owner and operator of four restaurants, grapples...

Q:

Chapter 10 Network Naming 1. How does NetBIOS identify a computer system on the network? A. By using the Web address B. By using a NetBIOS name C. By using the IP address D. By using a port number 2....

Q:

Please help me answer this question Background Veronese 81 Tiffany Inc. is a medium-sized business located in Elmira, Ontario. It sells designerjewelry to specialty stores through Canada as well as...

Q:

Confidential This report is intended solely for use by management of CTP, its user entities, and the independent auditors of such user entities. 1 INDEPENDENT SERVICE AUDITORS' REPORT Cardinals...

Q:

Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial Explain both low-tech and high-tech methods...

Q:

HO ME F EA T U R ES Q &A BLO G FO R U M NEW S EV ENT S P A P ER S Subscribe to APMdigest E-mail Address: SEARCH THIS SITE: Search HO T TO PICS APM BSM 15 Ways to Bridge the Gap Between IT and...

Q:

The company is considering three nut mixes for inclusion in the new product line: Regular Mix, Deluxe Mix, and Holiday Mix. Each mix is made from 5 nuts in different combinations: The Regular Mix...

Q:

How important is for your professional and personal life to have good managerial skills in order to fulfill your projects. Talk about how you see yourself as present or potential project manager and...

Q:

Investment advisors charged performance fees are: Multiple Choice Not allowed except for clients who have a net worth of $ 2 , 0 0 0 , 0 0 0 or $ 1 , 0 0 0 , 0 0 0 . 0 0 under the management of the...

Q:

Problem 21-2 Leasing Cash Flows You work for a nuclear research laboratory that is contemplating leasing a diagnostic scanner (leasing is a common practice with expensive, high-tech equipment). The...

Q:

(Appendices) Select a commonly used product, such as gasoline or milk, and track the prices of this product over a 20-year period by creating a line graph. Explain price increases and decreases based...

Q:

(Appendices) Search magazines, newspapers, and the Internet for advertisements. Collect or print out ads that offer the following: (a) something for nothing, (b) bonus for early reply, (c) offers of...

Q:

(Appendices) Brandon, age 32, is married and has a son, age one. Six months ago, Brandon purchased an individual health insurance policy covering the entire family. His son was recently diagnosed...