Because all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to:
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Since all the secret keys are held and authentication is performed on the Kerberos TGS and the authentication servers, these servers are vulnerable to both physical attacks and attacks from malicious code.
Because a client's password is used in the initiation of the Kerberos request for the service protocol, password guessing can be used to impersonate a client.
Source: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 42.
Kerberos is a network authentication protocol that is designed to provide secure authentication in a client-server communication environment. It works by using a shared secret key between the client and the server to authenticate the user. The Kerberos protocol consists of three main components: the client, the authentication server (AS), and the ticket-granting server (TGS).
The authentication server and the ticket-granting server are both vulnerable to attacks from malicious code and physical attacks. Malicious code can be introduced into the server's operating system or software through malware or hacking. Physical attacks can involve an attacker gaining physical access to the server and stealing the secret keys or damaging the server hardware.
The authentication server is responsible for authenticating the client's credentials and issuing a ticket-granting ticket (TGT). The TGT is encrypted with a secret key known only to the authentication server and the client. The ticket-granting server is responsible for issuing a service ticket to the client that allows the client to access a specific network service.
If an attacker gains access to the authentication server, they can steal the secret keys or issue fraudulent tickets, allowing them to access network services without proper authentication. If the ticket-granting server is compromised, the attacker can issue fraudulent service tickets, allowing them to access network services without proper authentication.
Therefore, option C is the correct answer: both physical attacks and attacks from malicious code can compromise the authentication server and the ticket-granting server.