CISSP Introduction Module

CISSP Module 01

CISSP Module 02

CISSP Module 03

CISSP Module 04

CISSP Module 05

CISSP Module 06

CISSP Module 07

CISSP Module 08

CISSP Module 09

Part 08 – SSO and Kerberos

Invite Friends
Facebook Twitter Google+ LinkedIn Email
Virtual Practice Lab
Practice Test
Part 08 – SSO and Kerberos

In this section we examine single sign-on, the pros and cons associated with it, and a standard that implements it called Kerberos. Kelly presents a wonderful “carnival” analogy for Kerberos that is very helpful in understanding its operation!

The challenge facing any large organization is how to manage user accounts securely. In peer-to-peer networking situations, it’s a chore to create and disable multiple user accounts without any centralized means. A solution is to move to a client/server architecture or the implementation a domain controller. Several standards for this are LDAP, which is used by Active Directory, Sesame, KryptoKnight, and Kerberos.

We next discuss the pros and cons of single sign-on. Pros consist of ease of use for end users, centralized control and ease of administration. On the flip side, cons consist of a single point of failure, the necessity for standards, and with convenience, comes potentially giving away the “keys to the kingdom.”

Kerberos is covered next and is a standard that has been around for a long. It was originally developed by MIT. It uses symmetric cryptography and its core security feature is that it never puts passwords on the network. This is vital for preventing replay attacks.

Kelly then presents her carnival analogy to explain the inner workings of Kerberos. Concepts such as the realm, wrist bands, and ride tickets are presented. You should find this way of viewing things very helpful in understanding Kerberos!

Finally, concerns and weaknesses with Kerberos are discussed, and though Kerberos is not perfect, it’s still a pretty good solution for single sign-on.

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.


Upcoming Industry Events

Get more out of Cybrary
Reach an audience of 1,500,000+ IT and cyber professionals, including the world's top companies
Create impact at a scale by reaching a global audience
Build your personal brand
Supplement or replace your income (average instructor makes ~$1,000 - $2,000/month)
Access the world's largest talent pool of cyber security professionals, and receive candidates with pre-assessed technical skills
Eliminate the pain and costs of technical vetting
Receive candidate skill profiles highlighting knowledge and technical proficiency
Reach active and passive candidates; and, fill your pipeline with pre-vetted, qualified cyber professionals
Get a Job
Work with a dedicated mentor to help you select the career that's right for you, and get a job at one of the world's top companies.
Receive all the training and assessments you need to prepare for the job
Work with a dedicated Mentor
Get placed through Cybrary for jobs earning average salaries of $116,000/yr

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?