You need to ensure mat users cannot reao passwards extracted irom the database

You use Microsoft Visual Studio 2010 and Microsoft .NET Framework 4 to create an application. The
apphcation connects to a Microsoft SQL Server database. The application stores user names and
passwords in the database. You need to ensure mat users cannot reao passwards extracted irom the
database. What should you do?

You use Microsoft Visual Studio 2010 and Microsoft .NET Framework 4 to create an application. The
apphcation connects to a Microsoft SQL Server database. The application stores user names and
passwords in the database. You need to ensure mat users cannot reao passwards extracted irom the
database. What should you do?

A.
Encrypt stored passwords by using the RC2CryptoServiceProvider class.

B.
Encrypt stored passwords by using the TripleDESCryptoServiceProvider class.

C.
Append a salt to the password by using the RNGCryptoServiceProvider class.
Encrypt stored passwords by using the RijndaelManaged class.

D.
Append a salt to the password by using the RNGCryptoServiceProvider class.
Hash stored passwords by using the SHA1CryptoServiceProvider class.

Explanation:

SHA1CryptoServiceProvider Class Computes the SHA1 hash value for the input data using the
implementation provided by the cryptographic service provider (CSP). This class cannot be inherited.
SHA1CryptoServiceProvider Class
(http://msdn.microsoft.com/enus/library/system.security.cryptography.sha1cryptoserviceprovider.aspx)
CHAPTER 8 Developing Reliable Applications
Lesson 3: Protecting Your Data
Hashing and Salting (page 550-551)



Leave a Reply 0

Your email address will not be published. Required fields are marked *