nerdexam
(ISC)2

CISSP-ISSAP · Question #50

Which of the following schemes is used by the Kerberos authentication?

The correct answer is C. Private key cryptography. Kerberos relies on symmetric (private/shared) key cryptography, using a trusted third party called the Key Distribution Center (KDC) to issue encrypted tickets that prove identity without ever transmitting passwords over the network. Public key cryptography (A) is used by protoco

Identity and Access Management (IAM) Architecture

Question

Which of the following schemes is used by the Kerberos authentication?

Options

  • APublic key cryptography
  • BOne time password
  • CPrivate key cryptography
  • DOPIE

How the community answered

(43 responses)
  • A
    5% (2)
  • C
    93% (40)
  • D
    2% (1)

Explanation

Kerberos relies on symmetric (private/shared) key cryptography, using a trusted third party called the Key Distribution Center (KDC) to issue encrypted tickets that prove identity without ever transmitting passwords over the network. Public key cryptography (A) is used by protocols like TLS/SSL and PKI systems, not Kerberos - though Kerberos PKINIT is an extension that adds it optionally. One-time passwords (B) and OPIE (D, which stands for One-time Passwords In Everything) are OTP schemes designed to prevent replay attacks, but they are distinct authentication mechanisms unrelated to Kerberos's ticket-based design.

Memory tip: Think "Kerberos = KDC = shared Key" - the three-headed dog guards a single shared secret, not a public/private key pair.

Topics

#Kerberos#Symmetric key cryptography#Authentication protocol

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSAP Practice