I have a requirement as follows;
The information system uses replay resistant authentication mechanisms for network access to non-privileged and privileged accounts.
I need the mechanisms and the supporting Microsoft page the validates the replay resistant aspects of Windows 2008. I know Kerberos is in effect, but you still have a (configurable) window. I know each user has a SID and each computer has a SID, but is the computer SID used in the process? I am open to other considerations.