100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
Previously searched by you
CS 6250 Test 3 Exam Questions and Answers (Internet Security, Internet Surveillance and Censorship, Applications (CDN and Overlay Networks)$10.49
Add to cart
CS 6250 Test 3 Exam Questions and Answers (Interne
CS 6250 Test 3 Exam Questions and Answers (Interne
CS 6250 Test 3 Exam Questions and Answers (Interne
All documents for this subject (1)
Seller
Follow
Victorious23
Reviews received
Content preview
CS 6250 Test 3 Exam Questions and
Answers (Internet Security, Internet
Surveillance and Censorship,
Applications (CDN and Overlay
Networks)
What are the properties of secure communication? - -Confidentiality
Integrity
Authentication
Availability
-How does Round Robin DNS (RRDNS) work? - -Used by large websites to
distribute the load of incoming requests to several servers at a single
physical location. It responds to requests with a lists of DNS A records, which
it then cycles through in a RR manner
-How does DNS-based content delivery work? - -Distribute the load amongst
servers at a single location as well as distributing servers across the world.
When accessing the name of the service using DNS, CDN computes and
returns 'nearest edge server' using network topology and link characteristics.
Content is 'closer' to DNS client leading to better responsiveness and
availability. Lower TTL than RRDNS.
-How do Fast-Flux Service Networks work? - -Extends RRDNS and CDN.
Lower TTL. Once TTL expires, it returns a different set of A records from
larger set of comprised machines. Comprised machines act as proxies
forming a robust one-hop overlay network.
-What are the main data sources to identify hosts that likely belong to rogue
networks, used by FIRE (FInding Rogue nEtworks system)? - -Botnet
command and control providers: 2 main types are IRC and HTTP. Hosted on
networks where they are unlikely to be taken down
Drive-by-download hosting providers: web pages with exploits for vulnerable
browsers
Phish house providers: contains URLs of servers that host phishing pages.
Hosted on compromised servers usually up for a short amount of time
-The design of ASwatch is based on monitoring global BGP routing activity to
learn the control plane behavior of a network. Describe 2 phases of this
system. - -Training phase: system learns control-plane behavior of
legitimate and bulletproof ASes.
, Operational phase: Given an unknown AS, it calculates a reputation score for
the AS. After several days with a low reputation score, it identifies it as
malicious.
-What are 3 classes of features used to determine the likelihood of a
security breach within an organization? - -Mismanagement symptoms:
misconfigurations in an organization's network
Malicious Activities
Security Incident Reports
-(BGP hijacking) What is the classification by affected prefix? - -Attacks on
IP prefixes advertised by the BGP. Include exact prefix hijacking, sub-prefix
hijacking, and squatting.
-(BGP hijacking) What is the classification by AS-Path announcement? - -
Illegitimate AS announces AS-path for prefix for which it doesn't own. Type-0
(above), Type-N (above to create fake path between ASes), and Type-U
(changes prefix but not path)
-(BGP hijacking) What is the classification by data plane traffic
manipulation? - -Manipulate the network traffic on its way to the receiving
AS. Dropping (black-hole attack), Eavesdropping or manipulating (man-in-
the-middle attack), or impersonating (imposture)
-What are the causes or motivations behind BGP attacks? - -Human Error
Targeted Attack
High Impact Attack
-Explain the scenario of prefix hijacking. - -Attacker uses a router to
announce a prefix belonging to another AS
Announcement causes conflict among ASes. They compare announcement
with RIB. If the announcement leads to a new best route, they believe the
announcement and update their routes.
Traffic meant for legit AS will be sent to attacker
-Explain the scenario of hijacking a path. - -Attacked manipulates an
advertisement and claims to have direct path to an AS (which it doesn't).
Other ASes adopt the fake path to the AS.
Traffic for the AS is routed through the attacker
-What are the key ideas behind ARTEMIS? - -ARTEMIS is a system run locally
to safeguard its own prefixes against malicious BGP hijack attacks. Key ideas
are:
Configuration file: Lists prefixes owned by the network
Mechanism for receiving BGP updates
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Victorious23. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.