Flashcards in Kerberos and LDAP Deck (10):
How does Kerberos help prevent MitM and replay attacks?
With mutual authentication and time synchronization (or expiration) with tickets
In which environments is Kerberos used?
Unix and Windows AD
Which part in Kerberos issues ticket-granting-tickets and other tickets?
The Key Distribution Center (KDC) or TGT server
In Kerberos, why is time synchronization important?
In Kerberos, systems must be synchronized within five minutes of each other in order to timestamp tickets to ensure that they expire correctly.
This helps prevent a replay attack, as an attacker has a limited amount of time to use a ticket.
How does a user in Kerberos receive a resource ticket?
The user uses his/her ticket-granting-ticket to receive a ticket to access each resource.
What is the function of LDAP?
Lightweight Directory Access Protocol specifies formats and methods to query directories.
If an object is identified as "CN=Users," or "DC=GetCertifiedGetAhead," which protocol are you using?
You need to secure LDAP transmissions. Which protocol do you use?
Secure LDAP (establishes connections with TLS)
Which LDAP standard is current?