CompTIA Security Plus Mock Test Q940

A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?

A. Password history
B. Password logging
C. Password cracker
D. Password hashing

Correct Answer: C
Section: Access Control and Identity Management

Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Password-cracking tools compare hashes from
potential passwords with the hashes stored in the accounts database. Each potential password is hashed, and that hash value is compared with the accounts database. If a match is
found, the password-cracker tool has discovered a password for a user account.

Incorrect Answers:
A: Password History tracks previous passwords so as to prevent password reuse. It does not check password complexity.
B: Password logging will not check password complexity.
D: Passwords are usually stored in a hashed format. It does not check password complexity.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 292, 318