ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 458 discussion

Actual exam question from ISC's CISSP
Question #: 458
Topic #: 1
[All CISSP Questions]

A security architect is implementing an authentication system for a distributed network of servers. This network will be accessed by users on workstations that cannot trust the identity of the user. Which solution should the security architect use to have the users trust one another?

  • A. One-way authentication
  • B. Kerberos
  • C. Mutual authentication
  • D. Single session software tokens
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by yottabyte at Feb. 3, 2023, 10:41 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yottabyte
Highly Voted 2 years, 1 month ago
Selected Answer: C
Mutual authentication should be used for communication between servers and workstations if the user identity cannot be trusted. For example: Mutual authentication is authentication between servers and workstations with the help of CA and certificates issued for workstations. If the workstations are used by multiple staff, then the workstation should be verified by checking the certificate on the workstation. If trust should be established through the workstation for a user, then it could be via single session software tokens by MFA but this question is about trust between server and workstation.
upvoted 9 times
jackdryan
1 year, 10 months ago
C is correct
upvoted 1 times
...
...
celomomo
Most Recent 5 months, 1 week ago
Selected Answer: B
Kerberos works for untrusted authentication
upvoted 1 times
...
Skittle4710
9 months ago
Selected Answer: B
Answer should be B, Kerberos... C. Mutual authentication is the concept where both parties in a communication session verify each other's identities, which is indeed crucial for ensuring trust between users in a distributed network. B. Kerberos specifically implements mutual authentication among its features. Therefore, while mutual authentication (C) is the principle, Kerberos (B) is the practical implementation of that principle.
upvoted 1 times
...
hoho2000
1 year ago
Selected Answer: B
I dont understand what I just read, the last statement says, "Which solution should the security architect use to have the users trust one another?". Does this mean how to get users to trust each other instead of users trusting the servers??? If its the latter, B should be more correct as B uses methods in C as well which contains public key exchange.
upvoted 1 times
...
gjimenezf
1 year, 1 month ago
Selected Answer: C
Users trust one another: Mutual authentication
upvoted 1 times
...
Soleandheel
1 year, 2 months ago
C. Mutual authentication Mutual authentication, also known as two-way authentication, is a security mechanism in which both the server and the client (users in this case) authenticate each other. This means that not only does the server verify the identity of the user (workstation), but the user (workstation) also verifies the identity of the server. This mutual trust helps ensure that both parties are legitimate and can trust each other.
upvoted 1 times
...
cyber_master
1 year, 5 months ago
B Kerberos is the answer
upvoted 1 times
...
Rollingalx
2 years ago
I go with B. Kerberos is a network authentication protocol that provides mutual authentication between clients and servers in a distributed network.
upvoted 4 times
Rollingalx
1 year, 11 months ago
I rectify, the correct answer is C. The question is about the user trust
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago