An organization wants to limit potential impact to its log-in database in the event of a breach. Which of the following options is the security team most likely to recommend?
An organization wants to limit potential impact to its log-in database in the event of a breach. Which of the following options is the security team most likely to recommend?
To limit potential impact to a log-in database in the event of a breach, the security team is most likely to recommend hashing. Hashing is the process of converting passwords into a fixed-size string of characters, which is designed to be irreversible. This means that even if an attacker gains access to the database, they cannot retrieve the original passwords from the hashed values. Hashing passwords protects the confidentiality of user credentials and ensures that they are not stored in plaintext, greatly reducing the risk to the organization if the database is breached.
Why not C? What if they do get the data? Data obfuscation is the process of disguising confidential or sensitive data to protect it from unauthorized access. Data obfuscation tactics can include masking, encryption, tokenization, and data reduction. Data obfuscation is commonly used to protect sensitive data such as payment information, customer data, and health records.
B. Hashing Hashing is the most likely recommendation for protecting a log-in database. By hashing passwords, the organization ensures that even if the database is breached, the actual passwords are not exposed in plaintext. Hashing converts passwords into a fixed-size string of characters, which is not reversible, thus protecting user credentials. Therefore, the correct answer is: B. Hashing
B. Hashing
If you said anything besides B, you need to go back and hit the books. Keyword in the question is "log-in". What do you use to login? ID and password right? So hashing your ID and password will turn them into a string of nondescript text that cannot be reversed or decoded. Hashing log-in passwords will limit potential impact.
I'm changing my answer. It should be A tokenization because after reading the question again, it says "log-in database" in the event of a breach. So the breach happened. How can they secure the log-in data information? By using tokenization to replace sensitive data with non-sensitive placeholder. For example, your password can be replaced with random letters or numbers.
A. Tokenization
D. Segmentation Segmentation involves dividing a network into smaller, isolated segments to limit the potential impact of a breach. By segmenting the network, the organization can contain the breach within a specific segment, preventing it from spreading to other parts of the network, including the log-in database. This approach helps to minimize the scope of the breach and reduce the likelihood of unauthorized access to sensitive data.