You have been asked to perform an evaluation of an application your company wants to implement. The application’s developers claim to have field-level encryption of every point of data in the database. As you investigate this claim, you realize that every column in the database, other than keys, is encrypted prior to being saved in the database using a symmetric key unique to each user. The application guarantees this uniqueness by creating a randomized salt that is hashed and then used as the key for that unique user.