CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Wednesday, April 17, 2019

Kerberos

KERBEROS

  • Kerberos is an authentication protocol
  • Kerberos provides SSO (Single Sign-On)
  • Uses Port 88 TCP or UDP
  • KDC (Key Distribution Center) uses 2 services: Authentication Service and a Ticket Granting Service
    • Authentication Service handles authenticating user login requests
    • The AS issues a TGT (Ticket Granting Ticket)
    • To access any resource within the domain the client quests a Service Ticket
    • The TGS (Ticket Granting Service) issues the Service Ticket to the client so they can access the resource
  • TGT's are uniques to Kerberos only
  • By default, the client and the Kerberos server have to be within a 5-minute window of each other for authentication to succeed. 
  • Kerberos provides mutual authentication as the server authenticates to the client.
  • Kerberos prevents eavesdropping and MITM attacks. (Man-In-The-Middle)

No comments:

Post a Comment