In Kerberos, the Ticket Granting Ticket (TGT) is used for which of the following?
A.
Identification
B.
Authorization
C.
Authentication
D.
Multifactor authentication
Explanation:
An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication
model to begin the authentication process. When the client receives an authentication ticket, the client sends the ticket back to the server along with additional
information verifying the client’s identity. The server then issues a service ticket and a session key (which includes a form of password), completing the
authorization process for that session.
In the Kerberos model, all tickets are time-stamped and have limited lifetimes. This minimizes the danger that hackers will be able to steal or crack the encrypted
data and use it to compromise the system. Ideally, no authentication ticket remains valid for longer than the time an expert hacker would need to crack the
encryption. Authentication tickets are session-specific, further improving the security of the system by ensuring that no authentication ticket remains valid after a
given session is complete.
Incorrect Answers:
A, B: The Ticket Granting Ticket (TGT) is used for authentication and not for identification or authorization.
D: Multifactor authentication pools two or more independent credentials:
What the user knows (password)
What the user has (security token)
What the user is (biometric verification).http://searchenterprisedesktop.techtarget.com/definition/authentication-ticket http://searchsecurity.techtarget.com/definition/multifactor-authentication-MFA