Post on 29-Mar-2015
ReviewiClickers
Ch 1: The Importance of DNS
Security
How many times have attackers brought down the
RNS root?
A.Never
B.1 time
C.2 times
D.3-10 times
E. More than ten times
Which technique allows larger DNS packets?
A.DoS
B.Cache poisoning
C.DNSChanger
D.Packet amplification
E. EDNS
Which technique makes DoS attacks more effective?
A.DoS
B.Cache poisoning
C.DNSChanger
D.Packet amplification
E. EDNS
Which technique was used by the Kaminsky attack?
A.DoS
B.Cache poisoning
C.DNSChanger
D.Packet amplification
E. EDNS
Ch 2: DNS Overview: Protocol,
Architecture, and Applications
Which item contains data for a domain and its
subdomains?
A./etc/hosts
B.FQDN
C.TLD
D.Zone
E. Delegation
Which item was used for name resolution before
DNS?
A./etc/hosts
B.FQDN
C.TLD
D.Zone
E. Delegation
In a home network, a router is used as a DNS server.
What is its role?
A.Client
B.Caching Server
C.Resolver
D.Authoritative Server
E. None of the above
What item should be blocked on an SOA server?
A.Iterative query
B.Recursive query
C.Delegation
D.DNSSEC
E. TCP
Which record contains an email server's name?
A.A
B.AAAA
C.MX
D.PTR
E. CNAME
Which record is used to block spam?
A.RRSIG
B.DS
C.SPF
D.NAPTR
E. SOA
Ch 3: DNS Vulnerabilities
Which security problem makes your DNS server a
hazard to others?A.Single point of failure
B.Exposure of internal information
C.Open resolver
D.Unprotected zone transfers
E. Server running in privileged mode
Which security problem is caused by Microsoft
products querying blackhole servers?
A.Single point of failure
B.Exposure of internal information
C.Open resolver
D.Unprotected zone transfers
E. Server running in privileged mode
Which security problem can be mitigated with source
port randomization?
A.Predictable Transaction ID
B.CNAME chaining
C.Cache poisoning
D.MITM
E. Packet amplification
Which security problem can be mitigated with DNSSEC?
A.Predictable Transaction ID
B.CNAME chaining
C.Single point of failure
D.MITM
E. Packet amplification
Ch 4: Monitoring and Detecting Security
Breaches
Which monitoring technique requires a SPAN port?
A.Log data
B.Network flow data
C.Packet data
D.Application level metadata
E. None of the above
Which monitoring technique stores one record for each
TCP or UDP session?
A.Log data
B.Network flow data
C.Packet data
D.Application level metadata
E. None of the above
Which monitoring technique contains layer 7 data in a
convenient form?
A.Log data
B.Network flow data
C.Packet data
D.Application level metadata
E. None of the above
You see a lot of large DNS requests on your network,
exceeding 300 bytes. What's going on?
A.Transient domains
B.Fast flux
C.Phantom domains
D.DNS Changer
E. Tunneling
Ch 5: Prevention, Protection and
Mitigation of DNS Service Disruption
Which technique uses BGP to spread out attacks?
A.Geographically distributed
B.Network distributed
C.Caching acceleration
D.Anycast
E. Direct Delegation
Which technique requires you to trust another
company, because if they go down, your site is down?
A.Geographically distributed
B.Network distributed
C.Caching acceleration
D.Anycast
E. Direct Delegation
Which device is used temporarily, only during an
attack?
A.Failover
B.Firewall
C. IDS
D.IPS
E. Scrubber
Which entity has a self-signed DNSSEC key?
A..
B..org
C. ietf.org
D.More than one of the above
E. None of the above
Which protection does DNSSEC provide?
A.Confidentiality and integrity
B.Confidentiality and availability
C.Authenticity and availability
D.Authenticity and integrity
E. None of the above
Ch 6: DNSSEC and Beyond
What prevents MITM attacks in DNSSEC?
A.Trusted root
B.CA
C.Shared secret
D.Nothing
E. None of the above
Which item allows authenticated denial of
existence, but exposes host names?
A.DS
B.NSEC
C.NSEC3
D.RRSIG
E. Glue records
Which item conceals host names with hashing?
A.DS
B.NSEC
C.NSEC3
D.RRSIG
E. Glue records
Which item renders DNS requests confidential?
A.DNSCurve
B.DNSSEC
C.NSEC3
D.DS
E. RR
Which item makes attacks possible on the target's
LAN?A.DS Record
B.Lack of Protection Between User Devices and Resolvers
C.Lack of Protection of Glue Records
D.Key Changes Don't Propagate
E. NSEC3 DoS
Which attack is possible when a server changes
hosting providers?A. Re-Addressing Replay Attack
B. NSEC3 Offline Dictionary Attack
C. No Protection of DNS or Lower Layer Header Data
D.DNSSEC Data Inflate Zone Files and DNS Packet Sizes
E. DNSSEC Increases Computational Requirements