CREST Practitioner Security Analyst (CPSA) Practice

The correct answer focuses on the enhancement in security provided by NTLM compared to the original LM hash. NTLM, or NT LAN Manager, improves upon the security of password storage by employing a more robust hashing algorithm. This enhancement addresses several vulnerabilities inherent to the LM hashing method.

The LM hash is significantly weaker due to its reliance on a simpler hashing algorithm and its limitations, such as converting the entire password to uppercase and restricting it to a maximum of 14 characters. In contrast, NTLM allows for the use of passwords that are not only longer but also preserve case sensitivity, thus increasing the complexity and strength of the hash. This makes it considerably more difficult for attackers to crack passwords, leading to enhanced protection against brute-force attacks.

In summary, NTLM offers better password security by utilizing a more advanced approach to hashing, which fundamentally improves the security posture of systems utilizing NTLM compared to those using LM hashes.