FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 4: Key Distribution and User Authentication

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 1

Short Answer

Review LaterAdd Note

Review Later

A __________ indicates the length of time for which a ticket is valid (e.g., eight hours).

Correct Answer

verified

Show Answer

Question 2

Short Answer

Review LaterAdd Note

Review Later

A __________ is a set of managed nodes that share the same Kerberos database which resides on the Kerberos master computer system that is located in a physically secure room.

Correct Answer

verified

Abstract S...

View Answer

Show Answer

Question 3

True/False

Review LaterAdd Note

The principal underlying standard for federated identity is the Security Assertion Markup Language (SAML) which defines the exchange of security information between online business partners. 1.A _________ is a key used between entities for the purpose of distributing session keys.

Rather than building elaborate authentication protocols at each server, _________ provides a centralized authentication server whose function is to authenticate users to servers and servers to users.

__________ defines a framework for the provision of authentication services by the X.500 directory to its users and defines alternative authentication protocols based on the use of public-key certificates.

It is not necessary for a certification authority to maintain a list of certificates issued by that CA that were not expired but were revoked.

The technical deficiencies of Kerberos version 4 are: double encryption, PCBC encryption, session keys and __________ .

The automated key distribution approach provides the flexibility and dynamic characteristics needed to allow a number of users to access a number of servers and for the servers to exchange data with each other.

The strength of any cryptographic system rests with the _________ technique, a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key.

The _________ exentsion is used only in certificates for CAs issued by other CAs and allows an issuing CA to indicate that one or more of that issuer's policies can be considered equivalent to another policy used in the subject CAs domain.

It is not required for two parties to share a secret key in order to communicate securely with conventional encryption.

After determining which systems are allowed to communicate with each other and granting permission for the two systems to establish a connection, the _________ provides a one-time session key for that connection.

A _________ consists of a public key plus a user ID of the key owner, with the whole block signed by a trusted third party which is typically a CA that is trusted by the user community.

Kerberos relies exclusively on asymmetric encryption and makes use of public key encryption.

For symmetric encryption to work the two parties to an exchange must share the same key, and that key must be protected from access by others.

If an opponent captures an unexpired service granting ticket and tries to use it they will be denied access to the corresponding service.

A __________ server issues tickets to users who have been authenticated to the authentication server.

The ticket-granting ticket is encrypted with a secret key known only to the authentication server and the ticket granting server.

X.509 is based on the use of public-key cryptography and digital signatures.

Federated identity management is a concept dealing with the use of a common identity management scheme across multiple enterprises and numerous applications and supporting many thousands, even millions, of users.