Kerberos on CISSP

SirkassadSirkassad Member Posts: 43 ■■■□□□□□□□
I was wondering, from those of you that have sat for the test, what depth of kerberos knowledge is needed? I have some high level notes, but then I just sat through a video that goes into detail about each message that is sent between the user and the AS, what gets encrypted and with what key, then the messages that get sent back, then the messages that get sent to the TGS, then more messages encrypted with other keys, then messages that go to the end resource and how they are encrypted, etc..

Are we expected to be able to regurgitate all these messages, or are we expected to just know the basic facts that comprise what kerberos is?


  • Options
    lucky0977lucky0977 Member Posts: 218 ■■■■□□□□□□
    Just know that it's the 3 headed dog that guards the gates of the underworld (almost every book mentions this for some reason).

    All kidding aside, just have a high-level overview of all the technologies mentioned in your studies. I forgot where I got this hint from but it was either from Kelly Handerhan (Cybrary) or Adam Gordon (ISC2) "You don't need to know what goes on under the hood of Kerberos".
    Bachelor of Science: Computer Science | Hawaii Pacific University
    CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
  • Options
    BlackBeretBlackBeret Member Posts: 683 ■■■■■□□□□□
    Know the basics, have a general idea of what it does in the sense that it has a 3rd party server, issues tickets, know in general the steps but you shouldn't have to recall what every message is.
  • Options
    dhay13dhay13 Member Posts: 580 ■■■■□□□□□□
    ^^ what they said!
Sign In or Register to comment.