Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CS6250 Test 3 > Lesson 11.3 - DoS > Flashcards

Lesson 11.3 - DoS Flashcards

1
Q

What is DnS?

A

Attempt to exhaust resources

  • Network bandwidth
  • TCP connections
  • Server resources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 3 defenses against DoS?

A
  1. Ingress filtering
  2. uRPF checks
  3. Syn Cookies (TCP)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Ingress filtering

A

a technique used to ensure that incoming packets are actually from the networks from which they claim to originate.
+ Fool proof
+ works at edges
- doesn’t work in core

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is uRPF filtering?

A

Whenever your router receives an IP packet it will check if it has a matching entry in the routing table for the source IP address.
+ automatic
- require symmetric routing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the problem with 3-way handshake

A

Buffer allocation on the server if flooded with Syns and no Acts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SYn cookie solution to TCP

A

No buffer allocation. THe server instead keeps no state and then sends a sequence number a function of IPs and ports, and a random

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the advantages of TCP SYN Cookies?
A: Can be applied in the network “core”
B: Prevent server from exhausting state after TCP Syn
C: Defends against UDP Flooding attacks

A

B: Prevent server from exhausting state after TCP Syn

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS6250 Test 3 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions