Network Security Intro and DNS Flashcards

1
Q

What do we consider a “network adversary” ?

A

> can read messages addressed to it
can send spoof addresses to send arbitrary values
knows all protocol details

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the typical adversaries on the internet?

A

> single end-user computers
ISPs
Infected routers
Bot nets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the main function of DNS?

A

to map host names to IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are zones?

A

administrative spaces

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What server types are there in DNS?

A

primary, secondary, local name resolvers, forwarding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What port and protocol does zone transfer use?

A

TCP on port 53

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How do DNS servers sync with each other?

A

zone transfer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the name and value of a A/AAAA DNS record?

A

name is a hostname, value is the IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what is the name and value of a CNAME DNS record?

A

Name is an alias name for the canonical name

Value is a canonical name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the name and value of a NS DNS record?

A

Name is a domain, Value is the hostname of the authoritative name server it belongs to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the name and value of a HINFO DNS record?

A

Name is the hostname, Value is the host hardware and OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the name and value of a MX DNS record?

A

value is the name of the mail server associated with name.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the name and value of a PTR DNS record?

A

Value is the domain name associated with the IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does TTL stand for?

A

Time To Live

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do we distinguish multiple DNS requests?

A

Query IDs (QID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How big is a QID?

A

16 bits wide

17
Q

What is a cache poisoning attack?

A

placing a fake entry into a resolvers cache

18
Q

What is the goal of sending multiple spoofed answers in a cache poisoning attack?

A

to improve the success probability

19
Q

What is the main problem with DNS security?

A

its based on the unpredictability of QID

20
Q

What is RRSIG?

A

a digital signature on a resource record

21
Q

What is a DNSKEY?

A

public verification key used to check RRSIG records

22
Q

What is a DS?

A

Delegation Signer - reference to NS and DNSKEY