Register
You are the IT security administrator for a small corporate network that has a single Active Directory domain named CorpNet.local. You are working on increasing the authentication security of the domain.
221k views
3 votes
You are the IT security administrator for a small corporate network that has a single Active Directory domain named CorpNet.local. You are working on increasing the authentication security of the domain. In this lab, your task is to configure the Kerberos policy settings in the Default Domain Policy using Group Policy Management with the following settings:

Security Setting
Value
Maximum lifetime for service ticket
180 minutes
Maximum lifetime for user ticket
3 hours
Maximum lifetime for user ticket renewal
3 days
Maximum tolerance for computer clock synchronization
1 minute

What are the Kerberos policy settings that need to be configured in the Default Domain Policy using Group Policy Management?
1) Maximum lifetime for service ticket: 180 minutes
Maximum lifetime for user ticket: 3 hours
Maximum lifetime for user ticket renewal: 3 days
Maximum tolerance for computer clock synchronization: 1 minute
2) Maximum lifetime for service ticket: 180 minutes
Maximum lifetime for user ticket: 3 hours
Maximum lifetime for user ticket renewal: 3 days
3) Maximum lifetime for service ticket: 180 minutes
Maximum lifetime for user ticket: 3 hours
Maximum tolerance for computer clock synchronization: 1 minute
4) Maximum lifetime for service ticket: 180 minutes
Maximum lifetime for user ticket renewal: 3 days
Maximum tolerance for computer clock synchronization: 1 minute

User Lonare
by
7.9k points

1 Answer

4 votes

Final answer:

The required Kerberos policy settings in the Default Domain Policy are: a maximum lifetime for service ticket of 180 minutes, a user ticket lifetime of 3 hours, user ticket renewal of 3 days, and a clock synchronization tolerance of 1 minute.

Step-by-step explanation:

The Kerberos policy settings that need to be configured in the Default Domain Policy using Group Policy Management for a small corporate network are as follows:

  • Maximum lifetime for service ticket: 180 minutes
  • Maximum lifetime for user ticket: 3 hours
  • Maximum lifetime for user ticket renewal: 3 days
  • Maximum tolerance for computer clock synchronization: 1 minute

These settings help improve the authentication security of the domain by setting reasonable expiration periods for both service tickets and user tickets, which are part of the Kerberos authentication protocol. The clock synchronization tolerance is crucial to prevent replay attacks due to time discrepancies.

User Davids
by
7.7k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!