What is NTP crucial for?
A.
Clock
B.
Routing Updates
C.
Validating Certificates
D.
Time Zone
E.
Accurate Logging
F.
Kerberos Tickets
Explanation:
NTP (Network Time Protocol) is a protocol designed to synchronize the clocks of computers over a network. NTP version 3 is an internet draft standard, formalized in RFC 1305. NTP version 4 is a significant revision of the NTP standard, and is the current development version, but has not been formalized in an RFC. Simple NTP (SNTP) version 4 is described in RFC 2030.Answer A is correct
NTP synchronizes timekeeping among a set of distributed time servers and clients. This synchronization allows events to be correlated when system logs are created and other time- specific events occur.
http://www.cisco.com/en/US/tech/tk648/tk362/tk461/tsd_technology_support_sub- protocol_home.html
C is correct
Proper validation of certificates typically requires checking toensure the certificate has not yet expired. If devices have areal-time clock, they SHOULD verify the certificate validity dates. If no real-time clock is available, the device SHOULD attempt todetermine the current time using NTP prior to certificatevalidation. If neither is available, devices SHOULD verify thatthe start validity date of its peer’s certificate is less than its own certificate’s expiration date, and its peer’s expiration dateis greater than its own start date. Note that failure to check acertificate’s temporal validity can make a device vulnerable toman-in-the-middle attacks launched using compromised, expired certificates, and therefore devices should make every effort toperform this validation.
E is correct
Kerberos time sensitivity
Time is a critical service in Windows 2000 and Windows Server 2003. Timestamps are needed for directory replication conflict resolution, but also for Kerberos authentication. Kerberos uses timestamps to protect against replay attacks. Computer clocks that are out of sync between clients and servers can cause authentication to fail or extra authentication traffic to be added during the Kerberos authentication exchange.
explanation has different ans as correct
yes , Fixed . thanks
I think F also is right
Kerberos Tickets:
Kerberos has strict time requirements, which means the clocks of the involved hosts must be synchronized within configured limits. The tickets have a time availability period and if the host clock is not synchronized with the Kerberos server clock, the authentication will fail. The default configuration per MIT requires that clock times are no more than five minutes apart. In practice Network Time Protocol daemons are usually used to keep the host clocks synchronized.
cORRECT ANSWER IS
Option:- C E F