What replaces NTLM in Windows environments?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the CISSP Domain 5 Exam. Hone your skills with identity and access management questions including hints and expert explanations. Get exam ready!

Multiple Choice

What replaces NTLM in Windows environments?

Explanation:
Kerberos is the protocol that replaces NTLM (NT LAN Manager) in Windows environments. This transition is significant due to the enhanced security features that Kerberos offers compared to NTLM. Kerberos uses a ticket-based authentication system, which helps to mitigate several vulnerabilities associated with NTLM, such as replay attacks and the transmission of passwords over the network. Kerberos works by allowing users to authenticate once and receive a ticket that can be used to access various services within a network without the need to repeatedly enter credentials. This reduces the attack surface and enhances security by not exposing the user's credentials after the initial authentication. In contrast, while Active Directory is a directory service that uses Kerberos for authentication and LDAP (Lightweight Directory Access Protocol) for directory services, it is not a replacement for NTLM itself. NTFS (New Technology File System) is a file system used by Windows, and does not relate to authentication protocols at all. Thus, Kerberos stands out as the correct answer due to its role specifically designed for secure authentication in modern Windows environments.

Kerberos is the protocol that replaces NTLM (NT LAN Manager) in Windows environments. This transition is significant due to the enhanced security features that Kerberos offers compared to NTLM. Kerberos uses a ticket-based authentication system, which helps to mitigate several vulnerabilities associated with NTLM, such as replay attacks and the transmission of passwords over the network.

Kerberos works by allowing users to authenticate once and receive a ticket that can be used to access various services within a network without the need to repeatedly enter credentials. This reduces the attack surface and enhances security by not exposing the user's credentials after the initial authentication.

In contrast, while Active Directory is a directory service that uses Kerberos for authentication and LDAP (Lightweight Directory Access Protocol) for directory services, it is not a replacement for NTLM itself. NTFS (New Technology File System) is a file system used by Windows, and does not relate to authentication protocols at all. Thus, Kerberos stands out as the correct answer due to its role specifically designed for secure authentication in modern Windows environments.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy