A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?
A.
Password history
B.
Password logging
C.
Password cracker
D.
Password hashing
Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Password-cracking tools
compare hashes from potential passwords with the hashes stored in the accounts database. Each potential password is hashed, and that hash value is compared
with the accounts database. If a match is found, the password- cracker tool has discovered a password for a user account.
Incorrect Answers:
A: Password History tracks previous passwords so as to prevent password reuse. It does not check password complexity.
B: Password logging will not check password complexity.
D: Passwords are usually stored in a hashed format. It does not check password complexity.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 292, 318.