1 / 36

Review

Review. iClickers. Ch 1: The Importance of DNS Security. How many times have attackers brought down the RNS root?. Never 1 time 2 times 3-10 times More than ten times. Which technique allows larger DNS packets?. DoS Cache poisoning DNSChanger Packet amplification EDNS.

blaise
Download Presentation

Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Review iClickers

  2. Ch 1: The Importance of DNS Security

  3. How many times have attackers brought down the RNS root? • Never • 1 time • 2 times • 3-10 times • More than ten times

  4. Which technique allows larger DNS packets? • DoS • Cache poisoning • DNSChanger • Packet amplification • EDNS

  5. Which technique makes DoS attacks more effective? • DoS • Cache poisoning • DNSChanger • Packet amplification • EDNS

  6. Which technique was used by the Kaminsky attack? • DoS • Cache poisoning • DNSChanger • Packet amplification • EDNS

  7. Ch 2: DNS Overview: Protocol, Architecture, and Applications

  8. Which item contains data for a domain and its subdomains? • /etc/hosts • FQDN • TLD • Zone • Delegation

  9. Which item was used for name resolution before DNS? • /etc/hosts • FQDN • TLD • Zone • Delegation

  10. In a home network, a router is used as a DNS server.What is its role? • Client • Caching Server • Resolver • Authoritative Server • None of the above

  11. What item should be blocked on an SOA server? • Iterative query • Recursive query • Delegation • DNSSEC • TCP

  12. Which record contains an email server's name? • A • AAAA • MX • PTR • CNAME

  13. Which record is used to block spam? • RRSIG • DS • SPF • NAPTR • SOA

  14. Ch 3: DNS Vulnerabilities

  15. Which security problem makes your DNS server a hazard to others? • Single point of failure • Exposure of internal information • Open resolver • Unprotected zone transfers • Server running in privileged mode

  16. Which security problem is caused by Microsoft products querying blackhole servers? • Single point of failure • Exposure of internal information • Open resolver • Unprotected zone transfers • Server running in privileged mode

  17. Which security problem can be mitigated with source port randomization? • Predictable Transaction ID • CNAME chaining • Cache poisoning • MITM • Packet amplification

  18. Which security problem can be mitigated with DNSSEC? • Predictable Transaction ID • CNAME chaining • Single point of failure • MITM • Packet amplification

  19. Ch 4: Monitoring and Detecting Security Breaches

  20. Which monitoring technique requires a SPAN port? • Log data • Network flow data • Packet data • Application level metadata • None of the above

  21. Which monitoring technique stores one record for each TCP or UDP session? • Log data • Network flow data • Packet data • Application level metadata • None of the above

  22. Which monitoring technique contains layer 7 data in a convenient form? • Log data • Network flow data • Packet data • Application level metadata • None of the above

  23. You see a lot of large DNS requests on your network, exceeding 300 bytes. What's going on? • Transient domains • Fast flux • Phantom domains • DNS Changer • Tunneling

  24. Ch 5: Prevention, Protection and Mitigation of DNS Service Disruption

  25. Which technique uses BGP to spread out attacks? • Geographically distributed • Network distributed • Caching acceleration • Anycast • Direct Delegation

  26. Which technique requires you to trust another company, because if they go down, your site is down? • Geographically distributed • Network distributed • Caching acceleration • Anycast • Direct Delegation

  27. Which device is used temporarily, only during an attack? • Failover • Firewall • IDS • IPS • Scrubber

  28. Which entity has a self-signed DNSSEC key? • . • .org • ietf.org • More than one of the above • None of the above

  29. Which protection does DNSSEC provide? • Confidentiality and integrity • Confidentiality and availability • Authenticity and availability • Authenticity and integrity • None of the above

  30. Ch 6: DNSSEC and Beyond

  31. What prevents MITM attacks in DNSSEC? • Trusted root • CA • Shared secret • Nothing • None of the above

  32. Which item allows authenticated denial of existence, but exposes host names? • DS • NSEC • NSEC3 • RRSIG • Glue records

  33. Which item conceals host names with hashing? • DS • NSEC • NSEC3 • RRSIG • Glue records

  34. Which item renders DNS requests confidential? • DNSCurve • DNSSEC • NSEC3 • DS • RR

  35. Which item makes attacks possible on the target's LAN? • DS Record • Lack of Protection Between User Devices and Resolvers • Lack of Protection of Glue Records • Key Changes Don't Propagate • NSEC3 DoS

  36. Which attack is possible when a server changes hosting providers? • Re-Addressing Replay Attack • NSEC3 Offline Dictionary Attack • No Protection of DNS or Lower Layer Header Data • DNSSEC Data Inflate Zone Files and DNS Packet Sizes • DNSSEC Increases Computational Requirements

More Related