Internet Security

Question 1

What is an internet protocol?

Answer 1

= set of rules that governs the communication and exchange of data over the internet
- both sender/receiver should be following the same protocol to be able to communicate
- usually not secure by default

Question 2

What is the usual Internet traffic path from your computer to Webserver?

Answer 2

• you
• modem
• Internet Service Provider (ISP)
• Internet Exchange Points (IXP)
• Webserver

Question 3

Where in the traffic path is the VPN placed? What exactly does it do?

Answer 3

• right before Webserver
• you encrypt data locally and only decrypt it at VPN provider => others cannot see your data (only VPN)

Question 4

What is the role of secure protocols and standards? (3)

Answer 4

• Interoperability - diff systems can communicate
• Baseline security - standards establish min level of security
• Regulatory Compliance - prot/standards are incorporated in legal/regulatory framework => ensures that orgs actually implement security

Question 5

Name the internet security protocols? what do they do?

Answer 5

• SSL (Secure Sockets Layer)
• TLS (Transport Layer Security)
• gives S to HTTPS
• encrypt, secure, authenticate by adding security to transport layer

Question 6

Compare HTTP and HTTPS

Answer 6

HTTP : no id verification
HTTPS: verifies that ip address belongs to domain

HTTP: all data sent in plain-text
HTTPS: sets up end-to-end encryption between client and server

Question 7

What is DNS poisoning?

Answer 7

• DNS uses a recursive resolver to contact root/TLD/Authoritative nameservers to get Domain Name
• Malicious party sends their own malicious IP to rr
• rr sends bad ip to client

Question 8

How does DNSSEC work?

Answer 8

• uses public key cryptography
• Each DNS zone has a public-private key pair
• The private key is used to sign DNS data
• creates chain of trust to a root server

Question 9

What are the cons of DNSSEC?

Answer 9

• since more material is included in DNS response => response > request => open to amplification attacks

Question 10

What are the 3 common protocols for email traffic?

Answer 10

• POP - oneway, downloads emails from server
• IMAP - two-way, synchs emails between client-server
• SMTP - responsible for transfer of emails between clients and servers

-usually unsecure, secured by adding SSL/TLS on top (BUT!! encrypts between servers, not you and recipient)

Question 11

Describe Email Spoofing

Answer 11

• SMTP allows users to send email with any source address
• bad guy can send spam from any email address
• bad guy can impersonate someone

Question 12

What is the Sender Policy Framework?

Answer 12

• SPF allows domain owners to specify which servers (IP addresses) are allowed to send mail using the domain

Question 13

What is DomainKey Identified Mail?

Answer 13

• SPF validates sender, not content
• DKIM signs email on domain-level and distribute key via DNS
• if email is modified in transit, we can find out