Which element is essential to Kerberos authentication?

• A. A Firewall routes Kerberos traffic
• B. A certificate authority signs user certificates
• C. A Key Distribution Center issues tickets used for authentication
• D. A malware scanner verifies credentials

Answer: (C)

Kerberos authentication hinges on a centralized, trusted authority that issues time-limited tickets. The Key Distribution Center plays this role, offering two main services: the Authentication Service, which issues a ticket-granting ticket after you verify your credentials, and the Ticket-Granting Service, which issues service tickets for access to specific resources. With a valid ticket, you prove your identity to a service without sending your password over the network, and you can do so repeatedly within the ticket’s lifetime. This ticket-based approach is what makes Kerberos secure and scalable. Other items—like a firewall, certificate authorities, or malware scanners—don’t form the core mechanism of Kerberos authentication: a firewall protects network boundaries, PKI with certificates operates outside Kerberos’ ticket-based model, and malware scanners aren’t involved in issuing or validating authentication tickets.