SSCP Question #110: Real Exam Question with Answer & Explanation

The correct answer is C. Kerberos uses public key cryptography.. Standard Kerberos (without extensions such as PKINIT) relies entirely on symmetric key (secret key) cryptography - shared secret keys between clients, the KDC, and services. It does NOT use public key cryptography in its base form. The other statements are true: passwords can be

Submitted by chen.hong· Apr 18, 2026Cryptography

Question

Which of the following statements pertaining to using Kerberos without any extension is false?

Options

AA client can be impersonated by password-guessing.
BKerberos is mostly a third-party authentication protocol.
CKerberos uses public key cryptography.
DKerberos provides robust authentication.

Explanation

Standard Kerberos (without extensions such as PKINIT) relies entirely on symmetric key (secret key) cryptography - shared secret keys between clients, the KDC, and services. It does NOT use public key cryptography in its base form. The other statements are true: passwords can be guessed to impersonate a client (no mutual authentication of credentials at rest), Kerberos is a third-party authentication protocol (the KDC is the trusted third party), and it does provide robust authentication within its design scope.

Topics

#Kerberos#Authentication Protocols#Symmetric Cryptography

Community Discussion

No community discussion yet for this question.

Full SSCP Practice