7-3 Flashcards
what 2 technologies to authenticate the user
EAP and CHAP ( challenge handshake authentication protocol
designed to work with PPtP and is meant to work as part of PPP authentication protocol.
EAP
is actuially a 3 part handshake. after connection is established the server sends bak a challenge, then the client responds with the hash.
SHAP
it supports EAP and SHAP, but supports a total of six methods include________
MS-CHAP
PAP
SPAP
Kerberos
created by Microsoft to authenticate remote windows workstations
MS-CHAP
most basic form of authentication. these passwords are stored encrypted , but transmitted unencrypted. the basic authentication is based upon HTTP protocol. not longer in user
PAP
proprietary version of PAP. considered more secure then PAP since both password and username are encrypted when sent.
SPAPor SHiva PAP
Well known, developed by MIT. works by sending messages back and forth between the client and the server. the actual password is never sent, making it impossible for someone to intercept,
kerberos
with kerberos, the user name is sent. the server then looks up the stored _____ of that password and uses that as an encryption key sending it back to the client. the client then takes the password the user entered and uses that to __________.
hash // decrypt the data
kerberos term — a server or client that kerberos can assign tickets to
Principal
kerberos term — service that authorizes the principal and connects them to the ticket granting server
authentication service AS
kerberos term — provides tickets
ticket granting system
kerberos term — a server that provides th einitial ticket and handles TGS requests. it often runs AS and TGS services
Key Distribution center (KDC)
kerberos term — a boundry withinan organization. each realm has its own AS and TGS
realm
kerberos term — a TGS in a remote realm
Remote ticket granting system RTGS
