CS6250 Module 10 Practice Exam 2026 Guide, Exams of Computer Networks

CS6250 Computer Networks CS6250 Module 10 Practice Exam 2026 Guide

Typology: Exams

2025/2026

Available from 04/05/2026

Fortis-In-Re
Fortis-In-Re 🇺🇸

4.2

(5)

5.4K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS6250 Module 10 Practice Exam 2026
Guide
1
/
5
1.
What is DNS censorship?
Large
scale
network
traflc
filtering
strategy
to
suppress
material
which
they
deem
as
objec-
tionable.
2.
What are the properties of GFW (Great
Firewall of China)?
1)
Locality of GFW nodes - majority view is
that GFW censorship nodes are present at the
edge.
2)
Centralized management - blocklists ob-
tained from two distinct GFW locations show
a high possibility of a central GFW manage-
ment entity that orchestrates blocklists.
3)
Load balancing - GFW load balances be-
tween processes based on source and desti-
nation IP address.
3.
Censorship
Technique
1:
DNS
injection
For
DNS
requests
that
are
blocked
by
the
GFW, the GFW will respond with a fake DNS
record to prevent the client from reaching the
requested content.
4.
3
steps
of
DNS
injection
1)
DNS
probe
is
sent
to
a
DNS
resolver
2)
The
probe
is
checked
against
the
blocklist
3)
A fake DNS A record response is sent back
if the request matches the blocklist. The direct
domain can be blocked, or specific domain
keywords can be blocked.
5.
How many DNS Censorship Techniques 5
are there?
pf3
pf4
pf5

Partial preview of the text

Download CS6250 Module 10 Practice Exam 2026 Guide and more Exams Computer Networks in PDF only on Docsity!

CS 6250 Module 10 Practice Exam 2026

Guide

  1. What is DNS censorship? Large scale network traflc filtering strategy to suppress material which they deem as objec- tionable.
  2. What are the properties of GFW (Great Firewall of China)?
  1. Locality of GFW nodes - majority view is that GFW censorship nodes are present at the edge.

  2. Centralized management - blocklists ob- tained from two distinct GFW locations show a high possibility of a central GFW manage- ment entity that orchestrates blocklists.

  3. Load balancing - GFW load balances be- tween processes based on source and desti- nation IP address.

  1. Censorship Technique 1: DNS injection For DNS requests that are blocked by the GFW, the GFW will respond with a fake DNS record to prevent the client from reaching the requested content.
  2. 3 steps of DNS injection 1) DNS probe is sent to a DNS resolver
  1. The probe is checked against the blocklist

  2. A fake DNS A record response is sent back if the request matches the blocklist. The direct domain can be blocked, or specific domain keywords can be blocked.

  1. How many DNS Censorship Techniques 5 are there?

CS 6250 Module 10 Practice Exam 2026

Guide

    1. Packet dropping all network traflc going to a set of specific IP addresses is discarded

Pros: (easy to implement, low cost) Cons: (maintain a long blocklist, overblock- ing)

    1. DNS Poisoning When a DNS receives a query for resolving hostname to IP address - if there is no answer returned or an incorrect answer is sent to redirect or mislead the user request

Pros: (No overblocking) Cons: (Blocks the entire domain)

    1. Content inspection all traflc traverses a proxy and is inspect- ed for objectionable content, if matches -> dropped

Pros: (precise censorship, flexible) Cons: (not scalable)

    1. Blocking with reset sends a TCP (RST) to block individual connec- tions that contain requests with objectionable content.
    1. Immediate reset suspends traflc coming from a source imme- diately, for a short period of time
  1. What is overblocking? If two websites share the same IP address and the intention is to only block one of them, there's a risk of blocking both

What metrics does Iris use to identify DNS manipulation once data annotation is complete? Describe the metrics. Un- der what condition, do we declare the re- sponse as being manipulated?

  1. How is it possible to achieve connectivi- ty disruption using routing disruption ap- proach?
  2. How is it possible to achieve connectiv- ity disruption using packet filtering ap- proach?
  1. Consistency metrics

  2. Independent verifiability metrics

If neither of these metrics are satisfied, the response is said to be manipulated

Withdrawing previously advertised prefixes or re-advertising them with ditterent properties using BGP

Block packets meeting a certain criteria dis- rupting the normal forwarding action.

  1. IP ID Assigned a unique 16-bit IP identifier ("IP ID"), which the destination host can use to reassemble a fragmented packet. This IP ID should be ditterent for the packets that are generated by the same host.
  2. 2 mechanisms used by Augur 1) Probing: a mechanism to monitor the IP ID of a host over time.
  1. Perturbation: mechanism which forces a host to increment its IP ID counter by sending traflc from ditterent sources such that the host generates a response packet.
  1. Explain a scenario of connectivity disrup- tion detection in case when no filtering occurs.

When no filtering occurs, the measurement machine will see an increase of 2 in the IP ID

  • this means the two hosts communicated

Explain a scenario of connectivity disrup- tion detection in case of the inbound blocking.

  1. Explain a scenario of connectivity disrup- tion detection in case of the outbound blocking.

Traflc from the reflector to the site containing objectionable data is blocked. Thus, the IP ID only increases by 1 because the SYN-ACK from the site never reaches the reflector.

Outbound reset packets from the reflector do not reach the site. The site will continue to send SYN-ACK packets until it receives an ACK, causing the reflector's IP ID to increase by 2 each time.