Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CS6520 Test 3 > Test Prep #3 Questions/Answers > Flashcards

Test Prep #3 Questions/Answers Flashcards

1
Q

Control or data plane: IS-IS

A

Control - used to calculate routes that allow routers to later forward data packets, but does not carry data for any application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Control or data plane: IP

A

Data - actual IP packets that are forwarded by routers are the packets that contain application data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Control or data plane: UDP

A

Data - UDP packets contain application data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Control or data plane: DHCP

A

Control - used to automatically assign IP addresses to end hosts. DHCP messages do not contain any application data themselves

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Control or data plane: 802.11 (Wi-Fi)

A

Data - link laker protocol that carries data for applications or higher level protocols (considered “data” by the link layer)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

flood()

A

Returns one packet per local port on the network spanning tree

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

match(dstip=’10.0.0.8’)&raquo_space; fwd(12)

A

Any packet bound for IP 10.0.0.8 and forwards it along port 12. This effectively filters out all traffic not bound for IP 10.0.0.8.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

match(dstip=’10.0.0.1’)&raquo_space; ( match(srcip=’10.0.0.15’)&raquo_space; drop() + match(srcip=’10.0.0.25’)&raquo_space; modify(dstip=’10.0.0.30’) )

A

All traffic not bound for IP 10.0.0.1 is filtered. Any packets bound for 10.0.0.1 is then subject to parallel composition. If the packet is from IP 10.0.0.15, it is dropped. If the packet is from 10.0.0.25, it is returned, with the destination IP rewritten to 10.0.0.30.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the advantages of using a Jellyfish topology over a traditional hierarchical data center topology?

A
  • Network load balancing
  • Higher capacity
  • Shorter paths
  • Incremental expansion
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Drawbacks of Jellyfish

A
  • Does not handle heterogeneous switch devices well

- Long cable runs between random switch pairs may be necessary, but are inconvenient and difficult to install

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If you are trying to detect TCP SYN flooding attacks and want to raise an alarm when there are 1048576 (i.e., 1024^2) attack packets using a /12 subnet as the telescope, how many backscatter packets do you need to observe to detect the attack?

A

2^20 = 1048576. 1048576/2048576 = 1 packet to observe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

3 categories of attackers against DNS

A

Off-path adversaries: can’t observe DNS queries and responses. Trigger DNS lookups, but must generate numerous packets in hopes of matching the request the resolver will accept as they must guess the transaction ID and other entropy.

On-path adversaries: passively observe the actual lookups and can directly forge DNS replies

In-path adversaries: can both block and modify packets and can block the legitimate packet. Hold-on can’t help here as the legitimate packets can be blocked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS6520 Test 3 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions