DNS Security and Secure Communications Quiz

Questions and Answers

What is the term for redirecting victims to a malicious site by corrupting name resolution?

Pharming (correct)

DNS Spoofing

DDoS Attacks

Domain Hijacking

Which protocol enables clients to request files from a server on port 80?

FTP

SMTP

HTTPS

HTTP (correct)

What is the purpose of SSL/TLS accelerators?

Encrypting URLs

Routing email between servers

Providing remote access to servers

Offloading cryptographic calculations (correct)

Which approach assigns concrete values to risk factor likelihood and impact?

Quantitative approach

What term describes the period that a function can be unavailable?

Maximum Tolerable Downtime (MTD)

Which of the following is used for authentication and key exchange in a secure communications context?

IKE

What describes the method of keeping data private while transiting a public network?

Secure tunnel

What describes a situation where a company takes over a domain name that is similar to its own?

Cybersquatting

Study Notes

Domain Name System (DNS) Security

• Resolves host names and domain labels to IP addresses
• DNS server cache poisoning exploits weak transaction ID generation in DNS servers to spoof responses to queries
• Pharming redirects victims to a malicious site by corrupting name resolution
• Cybersquatting involves taking over a company’s legitimate domain
• Typosquatting registers domains that are very similar to the victim domain

Secure Communications

• Hyper Text Transport Protocol (HTTP) enables clients to request files from a server on port 80
• Secure Sockets Layer/Transport Layer Security (SSL/TLS) is a protocol used with TCP applications (notably HTTPS over port 443)
• PKI digital certificates are used to identify a host during authentication
• SSL/TLS accelerators offload cryptographic calculations to a dedicated processor.
• SSH FTP (SFTP) runs FTP over SSH on port 22

Risk Management

• Maximum Tolerable Downtime (MTD) is the period during which a function can be unavailable
• Recovery Time Objective (RTO) is the time taken to bring a system back online
• Risk mitigation is the process of reducing exposure to or the effects of risk factors
• A quantitative approach assigns concrete values to risk factor likelihood and impact

Virtual Private Network (VPN)

• A VPN creates a secure tunnel to keep data private when transiting the public network
• Site-to-site VPN connects two private networks by VPN routers across the Internet
• Internet Protocol Security (IPSec) provides network-layer security that is application-independent
• Tunnel mode encrypts the original IP header and replaces it with another
• Internet Key Exchange (IKE) handles authentication and key exchange/agreement (Security Associations)
• VPN concentrators are positioned at the network edge, protected by firewall/DMZ configuration
• Split tunnel allows the client to access the Internet directly using its native IP configuration and DNS servers

Other Key Concepts

• Secure Shell (SSH) enables remote administration with public key cryptography security
• Simple Mail Transfer Protocol (SMTP) is used to route mail between servers
• A media gateway allows VoIP calls to be placed to the telephone network
• Sites can be categorized as hot, warm, or cold
• Rogue Virtual Machines (VMs) are a result of system sprawl and undocumented assets
• Cloud computing is an IT infrastructure that provides on-demand resources over the network/Internet

Description

Test your knowledge on the intricacies of DNS security, secure communication protocols, and risk management strategies. Explore topics such as DNS server vulnerabilities, SSL/TLS usage, and risk assessment measures in this comprehensive quiz.