CREST Practitioner Security Analyst (CPSA) Practice

Disable ads (and more) with a membership for a one time $2.99 payment

Master the CREST Practitioner Security Analyst Exam. Prepare with quizzes and comprehensive study guides that include tips and explanations. Excel in your certification journey!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What does 'secret 5' refer to in Cisco password encryption methods?

  1. Crappy SHA256

  2. Salted MD5

  3. PBKDF2

  4. scrypt

The correct answer is: Salted MD5

The term 'secret 5' in Cisco password encryption methods specifically refers to the use of Salted MD5 hashing as a way to secure passwords. This method enhances the basic MD5 hashing algorithm by employing a salt—a random value added to passwords before hashing. The purpose of using a salt is to make predetermined hash tables (often referred to as rainbow tables) ineffective, increasing the security of stored passwords significantly. In the context of network devices, where strong password protection is vital to prevent unauthorized access, Salted MD5 is a significant improvement over previous methods because it mitigates some vulnerabilities associated with basic MD5. Passwords hashed with this method are more resistant to brute-force attacks, and the inclusion of the unique salt value for each password ensures that even identical passwords will have different hash outputs, further enhancing security. While other hashing algorithms like PBKDF2 and scrypt provide strong password hashing solutions, 'secret 5' specifically designates the Salted MD5 approach within Cisco's password encryption framework. Understanding this distinction is crucial for anyone working with Cisco networking devices and striving to secure access effectively.

More Questions Like This