CREST Practitioner Security Analyst (CPSA) Practice

Disable ads (and more) with a membership for a one time $2.99 payment

Master the CREST Practitioner Security Analyst Exam. Prepare with quizzes and comprehensive study guides that include tips and explanations. Excel in your certification journey!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What is the command to list the password hashes in MySQL?

SELECT host,user,password FROM mysql.user
SELECT username,passwd FROM pg_shadow
SELECT * FROM information_schema.columns
SELECT name FROM sysobjects

The correct answer is: SELECT host,user,password FROM mysql.user

The command to list the password hashes in MySQL is accurately represented by the choice that states "SELECT host,user,password FROM mysql.user." This command queries the MySQL database, specifically the `mysql` schema, which contains user account information, including the password hashes. In MySQL, the `mysql.user` table holds essential metadata about all user accounts. The `host` and `user` fields indicate the account name and the host from which they can connect, while the `password` field stores the hashed version of each user's password. When executed, this command returns relevant information that can be useful for security analysis or audits, showing which accounts exist and their corresponding password hashes. The other options pertain to different database systems or contexts. For instance, the command that refers to `pg_shadow` is relevant to PostgreSQL, where it retrieves user account details but is not applicable to MySQL. Similarly, the command fetching columns from `information_schema.columns` provides metadata about table columns rather than user accounts, and the query involving `sysobjects` is aligned with SQL Server, which describes objects in the database rather than user authentication and password details.