Company A deploys Kerberos on the network. What does Kerberos need to function proper
(a) Kerberos requires a Single-sign on server
(b) Kerberos requires POP3
(c) Kerberos requires extranets
(d) Kerberos requires accurate network time
(e) Kerberos requires SSL/TLS
I know someone posted a similar question but there was no conclusion and the options available are different. I thought it would be (a), but someone thinks that it's (e). Can anybody verified?
Thanks!
(b) Kerberos requires POP3
(c) Kerberos requires extranets
(d) Kerberos requires accurate network time
(e) Kerberos requires SSL/TLS
I know someone posted a similar question but there was no conclusion and the options available are different. I thought it would be (a), but someone thinks that it's (e). Can anybody verified?
Thanks!
Comments
-
unandig
Member Posts: 25 ■□□□□□□□□□
(d) it requires very accurate network time. To keep the severs in snyc or the tickets will fail to validate. -
rscrt
Member Posts: 62 ■■□□□□□□□□
Well, lets eliminate the wrong questions first.
(a) - Kerbores IS a SSO server, this does not make sense to me
(b) - I think Kerberos does not need to receive e-mails
(c) - extranet provides access from the outside, it does not influence Kerberos functionality at all
(d) and (e) is left. SSL/TLS uses certificates and is often used to encrypt web communication.
Seems like the right one is indeed (d). You need to know how Kerberos works, it uses hashing and timestamps. And synchronized time on the network is crucial for the timestamp mechanism to work properly