🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional97 / 129
Question 97 of 129
A security engineer is redesigning how user passwords are stored in a web application database. The current design applies a single unsalted SHA-256 hash to each password. During a recent penetration test, the assessor recovered numerous passwords quickly using precomputed hash lookup tables. Which change most directly defeats the precomputed-table attack the assessor used?
Reviewed for accuracy · Report an issueNext question