[CCCure CISSP] Qs3 Access Control: cccure QuizEngn doubts

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Qs3 Access Control: cccure QuizEngn doubts

Amlan Deb
Hello everyone,
 
I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them. Request you to please provide a quick reply as I need to appear for the exam in the month of July.
 
Thanks,
Amlan
 

Doubt#3
========

154. 

1.     Question: 976 | Difficulty: 5/5 | Relevancy: 3/3

Which of the following statements pertaining to Kerberos is false?

o      The Key Distribution Center represents a single point of failure.

o      Kerberos manages access permissions.

o     Kerberos uses a database to keep a copy of all users' public keys.

o      Kerberos uses symmetric key cryptography.

You did not provide any answer to this question. Please review details below.

Kerberos is a trusted, credential-based, third-party authentication protocol that uses symmetric (secret) key cryptography to provide robust authentication to clients accessing services on a network. One weakness of Kerberos is its Key Distribution Center (KDC), which represents a single point of failure. The KDC contains a database that holds private, not public, keys for all users.


Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page40).

Contributor: Christian Vezina

Covered topic: <A title="Kerberos - A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, peer entity authentication service and access control service distributed in a client-server n" href="javascript:void(0)">Kerberos

 

 My doubt: Please explain how Kerberos manages access permissions?

 

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org