Hello! Thanks for clarifying this. For NTLMv2 three-step process, the video states "User sends" and "Client responds". The user is the person requesting access and the client is the directory? I know Kerberos has its own server, does NTLM have one too that is separate from the directory?
Christian, thank you very much for your excellent question! In NTLM there is a three way handshake between the user and the server. First, the user contacts the server to initiate the connection and establish the connection parameters. Second, the server responds with a challenge to the user, which asks for authentication information. The user will then respond with the appropriate credential (a password). The authentication information is stored within the Active Directory (AD). So, the server in this example is the server that houses the AD. A nonce is a number used only once. A 16 bit nonce is generated by the server and send as the challenge to the user. This is the second step in the NTLM authentication process. These authentication protocols can be pretty confusing. I hope this helps clear things up! For the exam, I would focus on remembering the basics of NTLM. Just remember that it is a Windows based authentication method that used a three-way handshake.
Hi.. A few questions. You say what the values are but what is the purpose of LDAP? i beleive it is for authentication. or is it authorisation? Is LDAP the directory or the protocol to access a directory?
Fantastic questions! LDAP is the protocol used to access a directory. A directory is a type of database that stores information as a tree of entries. Relational databases, in contrast, store information in rows and columns. LDAP allows users to manipulate data within these directories known as "entities". LDAP is very lightweight and flexible as most directory servers support LDAP. In regards to authentication and authorization, LDAP can absolutely be used for authentication. Users would submit credentials to the directory using the LDAP protocol. Authorization is the process of granting access to resources for authenticated users. Access privileges would be assigned to users, usually based on their role within an organization. Much of the confusion with LDAP comes from the fact that LDAP is used to describe the protocol as well as a type of directory supported by LDAP. In our Comprehensive Security+ Course, we go into LDAP in much more detail. You can check out the course here: cyberkrafttraining.com/security-plus-sp/ I hope I was able to answer your questions!
