NIST Password Storage Guidelines

Questions and Answers

What is the main reason for implementing strong database security?

• To prevent weak passwords
• To prevent buffer overflow attacks
• To prevent SQL injection attacks
• To prevent unauthorized access to stored passwords (correct)

What is the main concern of Slavik Markovich regarding database configuration?

• Frequency of buffer overflow attacks
• Lack of security in database setup (correct)
• Insufficient hashing of user passwords
• Weak passwords used by administrators

What is the primary purpose of hashing users' passwords?

• To protect administrators' credentials
• To secure databases from common attacks
• To prevent password database breaches
• To protect users' passwords in case of a breach (correct)

According to NIST guidelines, who should have access to password storage databases?

Only essential personnel (B)

What is a common method used by attackers to gain access to systems?

Exploiting insecure database setup (B)

What happened to Patreon's databases in 2015?

They were breached and user passwords were stolen (D)

Why is it important to secure administrators' authentication credentials?

To prevent unauthorized access to databases (C)

What is the main benefit of hashing users' passwords?

It protects users' passwords in case of a breach (D)

What is a common weakness in database configuration?

Initial setup of the database (A)

Why is it important to follow NIST guidelines for password storage?

To protect users' passwords in case of a breach (B)

What is the primary goal of securing password storage databases?

To protect users' passwords in case of a breach (D)