Which of the following is true about Kerberos?

Which of the following is true about Kerberos?
A .  It utilizes public key cryptography.
B .  It encrypts data after a ticket is granted, but passwords are exchanged in plain text.
C .  It depends upon symmetric ciphers.
D .  It is a second party authentication system.

Answer: C

Explanation: Kerberos depends on secret keys (symmetric ciphers). Kerberos is a third party authentication protocol. It was designed and developed in the mid 1980’s by MIT. It is considered open source but is copyrighted and owned by MIT. It relies on the user’s secret keys. The password is used to encrypt and decrypt the keys.

The following answers are incorrect: It utilizes public key cryptography. Is incorrect because Kerberos depends on secret keys (symmetric ciphers).

It encrypts data after a ticket is granted, but passwords are exchanged in plain text. Is incorrect because the passwords are not exchanged but used for encryption and decryption of the keys.

It is a second party authentication system. Is incorrect because Kerberos is a third party authentication system, you authenticate to the third party (Kerberos) and not the system you are accessing.

References: MIT http://web.mit.edu/kerberos/ Wikipedi

http://en.wikipedia.org/wiki/Kerberos_%28protocol%29 OIG CBK Access Control (pages 181 – 184) AIOv3 Access Control (pages 151 – 155)

Latest CISSP Dumps Valid Version with 981 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments