CISSP Question of the Day – 5-31-2016

Getting You Prepped for the CISSP Exam ...One Question at a Time!

Today’s CISSP question topic: Authentication/Kerberos

Kerberos, a network authentication protocol developed at MIT in the 1990’s serves as the default authentication mechanism for Microsoft’s Active Directory. Kerberos has built-in protections against authentication replay attacks.  Which of the following mechanisms provide that protection? (Choose One Answer)

  1. Software Tokens
  2. SHA256 Hashes
  3. AES
  4. Time Stamps
  5. Pre-Shared Keys
  6. NTLMv2



Check Your Answer

Time Stamps

Kerberos authenticators use a timestamp to check to see if a packet is being replayed. This is frequently 5 minutes but can be set by the system administrator.
Supporting Links:

  1. http://windowsitpro.com/active-directory/understanding-how-kerberos-authentication-protects-against-replay-attacks



Co-workers, friends or colleagues studying for the CISSP exam, too? Share this question with them! Click an icon below to share to your preferred social media platform!

Posted in:
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.