Which of the following is implemented through scripts or smart agents that replays the users multiple log-ins against authentication servers to verify a user's identity which permit access to system services?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
SSO can be implemented by using scripts that replay the users multiple log-ins against authentication servers to verify a user's identity and to permit access to system services.
Single Sign on was the best answer in this case because it would include Kerberos.
When you have two good answers within the 4 choices presented you must select the BEST one.The high level choice is always the best.When one choice would include the other one that would be the best as well.
Reference(s) used for this question: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 40.
The option that best matches the description given is D. Kerberos.
Kerberos is a network authentication protocol that works on the basis of tickets to provide secure communication over a non-secure network. It uses a client-server model and operates by means of a trusted third party, called the Key Distribution Center (KDC).
When a user attempts to access a service, the client sends a request to the KDC. The KDC then authenticates the client's credentials, generates a ticket-granting ticket (TGT), and sends it back to the client. The TGT contains a secret key that can be used to authenticate the user to the KDC in the future. The client then uses the TGT to request a service ticket for the desired service from the KDC. The KDC sends the service ticket to the client, which the client then presents to the service to prove its identity.
The authentication process in Kerberos involves replaying a user's multiple log-ins against the authentication server to verify the user's identity. This helps to prevent attacks such as replay attacks and man-in-the-middle attacks.
In contrast, Single Sign-On (SSO) is a different authentication mechanism that allows users to log in once and gain access to multiple systems or services without the need to re-enter their credentials each time. This is typically implemented using a centralized authentication server that provides authentication services to multiple systems.
Dynamic Sign-On is not a commonly used term in the field of information security, and it is unclear what is meant by it.
Smart cards are a type of authentication token that can be used to store digital certificates, encryption keys, and other credentials. They provide a secure way of authenticating users and can be used in conjunction with other authentication mechanisms such as Kerberos.