Authentication is obviously a major part of any security system on a network, or a computer, and so there's a number of things that have developed over the years, a number of technologies and protocols that have to do with authentication. And we're all trying to get to the same place, and that is find some rock solid way of making sure that we know who is on our systems and that we're protecting the data that's being authenticated as well as making the authentication take place. Now there's three types of authentication that we're using currently. The first one is the standard give me a username and a password and I'll check it against a database. The next one is a Smart Card. A Smart Card is where we have a number of different devices. Some of them generate numbers that we have to put in at a certain time, some of them generate information. We have to put in that information and then a PIN that we have, some of these we have to insert into the machine, and then of course, there's biometrics. It can read fingerprints, retinas, facial recognition, hand prints, all kinds of things. Well, there's four authentication Protocols that are predominant on the Network+ exam that you need to be aware of and I'm going to give you some basics on these. And again, I think I'm giving you enough here to be able to choose the correct answers, but I would strongly recommend, for the real world, that you go out and read each one on these, just read up on them, and kind of deepen and widen your knowledge on them. The first one is EAP, the next one is CHAP, then MS-CHAP, and then Kerberos. Now let's talk about each one of these, and give you just a little information on them. First of all EAP is the Extensible Authentication Protocol. Now this is actually a Protocol that is a framework standard for building authentication systems. It allows you to create your own plugin modules and use them for current and even future solutions, and the idea was that authentication and encryption, and so forth, is going to continue to need to change going forward. And so EAP promised that it would allow us to extend our functionalities as the world changed around us and as technology changed. As it turns out, this was used quite a bit in the early Windows networks for things like dial up connections, virtual private networking, and site-to-site connections. The next one you need to be aware of is something called CHAP, and this is the Challenge Handshake Authentication Protocol. This was really hot stuff. This was really a big deal back in the 2000's, early 2000's, late 90's, around in there. And this was a challenge response type Authentication Protocol. Again, notice we're talking about a Protocol here. And in this one the password is never actually sent over the network. What happens is a one-way hash of the password is created and it is sent over the network. And so on the server side, it has the password, it does a one-way hash of the password that it has, and it compares the two hashes. If the hashes are identical then obviously the password the user entered is the same one we had on file on the server. And so that's a really cool way of storing these things. Now MS-CHAP is the Microsoft Challenge Handshake Authentication Protocol, and this again, is an extension of CHAP. It was a Challenge Response Authentication Protocol, the password again, never sent over the network. It provided an authenticator-controlled password change functionality that was different from CHAP and that extended the useability of it. It also provided for an authenticator-controlled retry mechanism. And so this just kind of extended some of the functionality and it got a lot of attention, but as you can see, MS-CHAP's not really used that much anymore, rarely, and MS-CHAP2 is the current version that gets the attention. Now Kerberos is one that I need to mention because you will see this on the exam. Kerberos is the default authentication method for all of Microsofts Windows systems since Windows 2000, OK? And we're talking about on the server side, so when we're talking about their Active Directory implementations, all of the authentication works on the Kerberos, I think it's version 5 Protocol. Now this provides not only authentication of the user logging in, but it provides mutual authentication even of the machines involved. The servers and the clients verify each other's identity to make sure that we know who everybody is on the network. Now here's the thing you really need to remember about Kerberos. Kerberos issues tickets. They call them tickets, they're really kind of like little signatures, but these are, it's called a ticket granting system, and what happens when you authenticate into Kerberos, it grants you a ticket and this ticket has a specified lifetime, kind of like a TTL on a packet on a network. But this ticket grants you access to the server, to the system, for a specified period of time, and then you'll have to get a new ticket. Now this prevents you from getting logged on and just staying logged on, or from coming back and reusing something that you hacked. And so again, any time you see ticket granting, or a ticket-based system, if you get any of those questions on the exam, they're talking about Kerberos, OK? So that's some of the basics on authentication, but I really can't stress enough that you need to look over these, familiarize yourself with them. They tend, on these questions on the exam, to ask you little things about various predominant aspects about these Authentication Protocols, and you just need to be able to pick them out based on the descriptions of the functionalities of these Protocols.
TERMS & CONDITIONS OF USE
BY SUBSCRIBING TO THIS SERVICE, YOU ARE CONSENTING TO BE BOUND BY AND ARE BECOMING A PARTY TO THIS AGREEMENT, THE TERMS AND CONDITIONS OF WHICH SHALL PREVAIL IN GOVERNING YOUR RIGHTS OF USE. BY CLICKING THE "BECOME A MEMBER" BUTTON, THE INDIVIDUAL OR ENTITY LICENSING THE PRODUCT ("YOU") IS CONSENTING TO BE BOUND BY AND IS BECOMING A PARTY TO THIS AGREEMENT. IF LICENSEE DOES NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THE BUTTON INDICATING "BECOME A MEMBER" MUST NOT BE SELECTED, AND LICENSEE MUST NOT INSTALL OR USE THE SOFTWARE.
"VTC" refers to Virtual Training Company,
"You" refers to the user or subscriber.
"Software" refers to the VTC training content and software.
2. LICENSE: VTC hereby grants to You a worldwide, non-royalty bearing, non-exclusive license to use the Software according to the provisions contained herein and subject to payment of the applicable subscription fees.
3. RESTRICTIONS: You may not do any of the following:
Save the Software to Your hard disk or other storage
medium; permit others to use the Software except as specified by addendum;
modify, reverse engineer, decompile, or disassemble the Software; make
derivative works based on the Software; publish or otherwise disseminate
the Software. VTC, Inc., VTC Online University, and the Virtual Training
Company site is owned and operated by VTC, Inc. as a corporation of
All materials on this site are the property of VTC unless otherwise specified. No material from these pages may be copied, reproduced, republished, downloaded, uploaded, posted, transmitted, or distributed in any way. Modification of the materials or use of the materials for any other purpose is a violation of U.S. copyright law and other proprietary rights. For purposes of this Agreement, the use of any such material on any other web site or networked computer environment is prohibited.
4. FEES: The rights granted under this Agreement
are effective only upon payment of the subscription fees, which are
strictly non-refundable other than as expressly provided herein. The
term "monthly subscription" is defined as any 30 day period.
The term "yearly subscription" is defined as one 365 day
period. A yearly subscription ends on the same numerical date as it
began (example July 28, 2004 to July 28, 2005).
The VTC Online University is access to every VTC training tutorial in our library. You pay a flat fee for access to these titles. You are billed according to your renewal selection below, and can renew monthly, yearly, or in any other increment offered. If you choose to be billed monthly, you will be billed every 30 days for the subscription until you request the subscription be cancelled. Our terms of service state that you must cancel a monthly subscription at least two business days before your renewal date. These two days give us enough time to ensure that you will not be charged again.
5. LIMITED WARRANTY: VTC warrants that the Software, if operated as directed, will substantially achieve the functionality described. VTC does not warrant, however, that Your use of the Software will be uninterrupted or that the operation of the Software will be error-free or secure. In addition, the security mechanisms implemented by the Software have inherent limitations, and You must determine that the Software sufficiently meets Your requirements. VTC also warrants that the media containing the Software, if provided by VTC, is free from defects in material from the date You acquired the Software. VTC's sole liability for any breach of this warranty shall be, in VTC's sole discretion: (i) to replace Your defective media or Software; or (ii) to advise You how to achieve substantially the same functionality with the Software as described; or (iii) if the above remedies are impracticable, to refund the subscription fee You paid for the Software. Only if You inform VTC of Your problem with the Software during the applicable subscription period will VTC be obligated to honor this warranty. VTC will use reasonable commercial efforts to repair, replace, advise, or refund pursuant to the foregoing warranty within thirty (30) days of being so notified. If any modifications are made to the Software by You during the warranty period; if the medium is subjected to accident, abuse, or improper use; or if You violate the terms of this Agreement, then this warranty shall immediately terminate. This warranty shall not apply if the Software is used on or in conjunction with hardware or software other than the unmodified version of hardware and software with which the Software was designed to be used as described.
THIS IS A LIMITED WARRANTY, AND IT IS THE ONLY WARRANTY MADE BY VTC OR ITS SUPPLIERS. VTC MAKES NO OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT OF THIRD PARTIES' RIGHTS. YOU MAY HAVE OTHER STATUTORY RIGHTS. HOWEVER, TO THE FULL EXTENT PERMITTED BY LAW, THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, SHALL BE LIMITED TO THE ABOVE LIMITED WARRANTY PERIOD. MOREOVER, IN NO EVENT WILL WARRANTIES PROVIDED BY LAW, IF ANY, APPLY UNLESS THEY ARE REQUIRED TO APPLY BY STATUTE NOTWITHSTANDING THEIR EXCLUSION BY CONTRACT. NO DEALER, AGENT, OR EMPLOYEE OF VTC IS AUTHORIZED TO MAKE ANY MODIFICATIONS, EXTENSIONS, OR ADDITIONS TO THIS LIMITED WARRANTY.
6. PROPRIETARY RIGHTS: VTC reserves all proprietary rights in and to the Software, is protected by copyright and other intellectual property laws and by international treaties. VTC, Inc.
Trademark Notice: VTC, Virtual Training Company,
Inc., The VTC Logo, and VTC Online University, are trademarks of VTC,
Inc. All other company and product names may be trademarks of their
The information contained herein is subject to change without notice. Copyright © 1995 - 2005 VTC, Inc. All rights reserved.
7. TERMINATION: This Agreement shall automatically terminate if You fail to comply with the restrictions described herein. Your obligations to pay outstanding subscription fees shall survive any termination of this Agreement.
8. LIMITATION OF LIABILITY: UNDER NO CIRCUMSTANCES
AND UNDER NO LEGAL THEORY, TORT, CONTRACT, OR OTHERWISE, SHALL VTC
OR ITS SUPPLIERS OR RESELLERS BE LIABLE TO YOU OR ANY OTHER PERSON
FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF
ANY CHARACTER, INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL,
WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER
COMMERCIAL DAMAGES OR LOSSES. IN NO EVENT WILL VTC BE LIABLE FOR ANY
DAMAGES IN EXCESS OF THE AMOUNT VTC RECEIVED FROM YOU FOR A LICENSE
TO THE SOFTWARE, EVEN IF VTC SHALL HAVE BEEN INFORMED OF THE POSSIBILITY
DAMAGES, OR FOR ANY CLAIM BY ANY OTHER PARTY. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM VTC'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU.
9. Links To Other Materials: Linked sites found at the VTC site are not under the control of VTC, and we are not responsible for the content of any linked site or any link contained in a linked site. VTC may change links based solely on our discretion, and we reserve the right to terminate any link or linking program at any time. VTC does not, by linking to sites, endorse companies or products to which it links and reserves the right to note as such on its web pages. If you decide to access any of the third party sites linked to this site, you do this entirely at your own risk.
Forums, and Chat are not always screened by VTC, and we are not responsible for the content of any public or open forum content at the site. VTC may change these public forums based solely on our discretion, and we reserve the right to terminate any forum at any time. VTC does not, by allowing these forums, endorse companies or products which may be mentioned in these forums, and reserves the right to note as such on its web pages. If you decide to access any of the public forums in this site, or linked to this site, you do this entirely at your own risk.
9. GOVERNING LAW & DISPUTE RESOLUTION: This Agreement is governed by Virginia law. All disputes between You and VTC shall be finally resolved through arbitration in Winchester, Virginia. This site is controlled by VTC from its offices within the United States of America. VTC makes no representation that materials in the site are appropriate or available for use in other locations, and access to them from territories where their content is illegal is prohibited. Those who choose to access this site from other locations do so on their own initiative and are responsible for compliance with applicable local laws. You may not use or export the Materials in violation of U.S. export laws and regulations. Any claim relating to the Materials shall be governed by the internal substantive laws of the Commonwealth of Virginia, USA.
VTC may revise these Terms at any time by updating this posting. You should visit this page from time to time to review the then-current Terms because they are binding on you. Certain provisions of these Terms may be superseded by expressly designated legal notices or terms located on particular pages at this Site.
If you have any questions regarding this policy,
or your information specifically,
you may email us at:firstname.lastname@example.org.