Ethical hacker Jane Doe is attempting to crack the password of the head of the IT department of ABC Company. She is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting. What countermeasure is the company using to protect against rainbow tables?

A. Salting
B. Hashing
C. Encryption
D. Tokenization

ABC Company is protecting against rainbow tables by using salting, which adds random characters to each password before it's hashed. This makes every user’s password hash unique and renders precomputed hash tables ineffective.

Explanation:

The countermeasure that ABC Company is using to protect against rainbow table attacks is salting. When Jane Doe enters a password and observes that extra characters are added, it indicates that the company has implemented a salt to each user’s password before it is hashed. This means that even if two users have the same password, the addition of a unique salt makes their hashes different. Salting requires an attacker to generate a new table for every password, which makes precomputed tables like rainbow tables ineffective.

Using a salt is a common and effective security practice to combat the use of precomputed hashes (like rainbow tables) in cracking passwords. Rainbow tables can be an efficient technique for attackers because they use a list of precomputed hash values for a wide variety of possible passwords. By adding a unique salt to each password, it ensures that even if two passwords are the same, the resulting hash will be different, thus nullifying the effectiveness of precomputed hash tables in password-cracking attempts.