Kerberos is vulnerable to replay in which of the following circumstances?

CISSP 0 Comments

Kerberos is vulnerable to replay in which of the following circumstances?
A .  When a private key is compromised within an allotted time window.
B .  When a public key is compromised within an allotted time window.
C .  When a ticket is compromised within an allotted time window.
D .  When the KSD is compromised within an allotted time window.

Answer: C

Explanation: Replay can be accomplished on Kerberos if the compromised tickets are used within an allotted time window.

The security depends on careful implementation:enforcing limited lifetimes for authentication credentials minimizes the threat of of replayed credentials, the KDC must be physically secured, and it should be hardened, not permitting any non-kerberos activities.

Explanation:

Official ISC2 Guide to the CISSP, 2007 Edition, page 184

also see:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 42

Latest CISSP Dumps Valid Version with 981 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISSP PDF     CISSP Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments