PrepAway - Latest Free Exam Questions & Answers

Which of the following statements are true about the Kerberos authentication scheme?

Kerberos is a computer network authentication protocol that allows individuals communicating over
a non-secure network to prove their identity to one another in a secure manner. Which of the
following statements are true about the Kerberos authentication scheme? Each correct answer
represents a complete solution. Choose all that apply.

PrepAway - Latest Free Exam Questions & Answers

A.
Kerberos requires continuous availability of a central server.

B.
Dictionary and brute force attacks on the initial TGS response to a client may reveal the
subject’s passwords.

C.
Kerberos builds on Asymmetric key cryptography and requires a trusted third party.

D.
Kerberos requires the clocks of the involved hosts to be synchronized.

Explanation:
Kerberos is a computer network authentication protocol that allows individuals
communicating over a non-secure network to prove their

identity to one another in a secure manner. Kerberos builds on symmetric key cryptography and
requires a trusted third party. Kerberos uses
as its basis the Needham-Schroeder protocol. It makes use of a trusted third party, termed a key
distribution center (KDC), which consists of
two logically separate parts:
Authentication Server (AS)
Ticket Granting Server (TGS)
Kerberos works on the basis of tickets, which serve to prove the identity of users. The KDC maintains
a database of secret keys; each entity
on the network, whether a client or a server, shares a secret key known only to itself and to the KDC.
Knowledge of this key serves to prove
an entity’s identity. For communication between two entities, the KDC generates a session key,
which they can use to secure their
interactions.


Leave a Reply