Cyber AB CMMC-CCA Exam - Topic 4 Question 11 Discussion

Actual exam question for Cyber AB's CMMC-CCA exam

Question #: 11
Topic #: 4

During an assessment, the IT security engineers responsible for password policy for the OSC provided documentation that all passwords are protected using a one-way hashing methodology. As a result, which statement is true?

APasswords are protected in storage and in transit.

BPasswords are transmitted across the network as clear cipher-text.

CThe password protection allows access but not authorization to assets.

DThe transformation makes it impossible to re-convert the hashed password.

Show Suggested Answer

Suggested Answer: D

A one-way hash function is a cryptographic method used to store passwords securely. It is not reversible; hashed values cannot be converted back into the original password.

Extract from SC.L2-3.13.10:

''Store and transmit authentication information in a protected form by using one-way cryptographic transformations (e.g., hashing). One-way transformations cannot be reversed to reveal the original authentication secret.''

Thus, the correct statement is that the transformation makes it impossible to re-convert the hashed password.

by Patrick at Apr 05, 2026, 10:17 AM

Limited Time Offer

25%

Off

Get Premium CMMC-CCA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Kiley

1 day ago

I feel like I've seen a question like this before, and it was about how hashing protects passwords, but it doesn't necessarily mean they're safe in transit.

upvoted 0 times

...

Dominga

7 days ago

I'm not entirely sure, but I think hashed passwords are still vulnerable during transmission unless they're encrypted. So A might not be true?

upvoted 0 times

...

Dorathy

12 days ago

I remember discussing how one-way hashing means you can't easily revert to the original password, so maybe D is correct?

upvoted 0 times

...