n3tw0rk3r wrote: » So I was taking a practice exam and I happened to come across the following question... Q: Company A deploys Kerberos on the network. What does Kerberos need to function properly? (Choose TWO) A. Kerberos requires a key distribution center B. Kerberos requires POP3 C. Kerberos requires extranets D. Kerberos requires accurate network time E. Kerberos requires SSL/TLS Now, the practice exam said the correct answers were B & E. However, I don't think that's right as I have never seen anything relating those two protocols to Kerberos. I would have thought the correct answers would be A and D. Can anyone confirm this for me?
Gibson, Darril (2011-11-10). CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide (pp. 28-29) wrote: Kerberos includes several requirements in order for it to work properly. They are:A method of issuing tickets used for authentication. The Key Distribution Center (KDC) uses a complex process of issuing ticket-granting tickets, which are later presented to request tickets used to access objects. These tickets are sometimes referred to as tokens, but they are logical tokens, not a key-fob type of token discussed in the something you have factor of authentication.Time synchronization. Kerberos version 5 requires all systems to be synchronized and within five minutes of each other. The clock that provides the time synchronization is used to time-stamp tickets, ensuring they expire correctly. This helps prevent replay attacks. In a replay attack, a third party attempts to impersonate a client after intercepting data captured in a session. However, if an attacker intercepts a ticket, the time stamp limits the amount of time an attacker can use the ticket.A database of subjects or users. In a Microsoft environment, this is Active Directory, but it could be any database of users. Gibson, Darril (2011-11-10). CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide (pp. 28-29). . Kindle Edition.
