During a routine log review, a security analyst finds a previously unknown script collecting hashed user secrets from system memory. The analyst suspects unauthorized data collection. Which measure best addresses this infiltration tactic to reduce exposure?
Restrict reading from processes that store hashed credentials
Configure advanced inbound blocking for all network ports
Increase user password length across the company
Implement shorter session timeouts to prompt more logins
Limiting direct access to processes that store authentication data reduces the possibility of an attacker copying hashed secrets from memory. Although measures like enforcing a firewall rule or increasing password length may strengthen security in other areas, they do not prevent reading sensitive information from live processes. Re-authentication policies help enforce session security but do not stop a script scanning active memory for data. Proper access restrictions can deny tools from interacting with memory where user secrets reside, curtailing the risk of exposure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are hashed credentials, and why are they stored in memory?
Open an interactive chat with Bash
How can process access restrictions secure hashed credentials in memory?
Open an interactive chat with Bash
Why wouldn't measures like increased password length or firewalls stop this threat?