



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
CS6250 Computer Networks CS6250 Module 10 Practice Exam 2026 Guide
Typology: Exams
1 / 5
This page cannot be seen from the preview
Don't miss anything!




Locality of GFW nodes - majority view is that GFW censorship nodes are present at the edge.
Centralized management - blocklists ob- tained from two distinct GFW locations show a high possibility of a central GFW manage- ment entity that orchestrates blocklists.
Load balancing - GFW load balances be- tween processes based on source and desti- nation IP address.
The probe is checked against the blocklist
A fake DNS A record response is sent back if the request matches the blocklist. The direct domain can be blocked, or specific domain keywords can be blocked.
Pros: (easy to implement, low cost) Cons: (maintain a long blocklist, overblock- ing)
Pros: (No overblocking) Cons: (Blocks the entire domain)
Pros: (precise censorship, flexible) Cons: (not scalable)
What is overblocking? If two websites share the same IP address and the intention is to only block one of them, there's a risk of blocking both
What metrics does Iris use to identify DNS manipulation once data annotation is complete? Describe the metrics. Un- der what condition, do we declare the re- sponse as being manipulated?
Consistency metrics
Independent verifiability metrics
If neither of these metrics are satisfied, the response is said to be manipulated
Withdrawing previously advertised prefixes or re-advertising them with ditterent properties using BGP
Block packets meeting a certain criteria dis- rupting the normal forwarding action.
When no filtering occurs, the measurement machine will see an increase of 2 in the IP ID
Explain a scenario of connectivity disrup- tion detection in case of the inbound blocking.
Traflc from the reflector to the site containing objectionable data is blocked. Thus, the IP ID only increases by 1 because the SYN-ACK from the site never reaches the reflector.
Outbound reset packets from the reflector do not reach the site. The site will continue to send SYN-ACK packets until it receives an ACK, causing the reflector's IP ID to increase by 2 each time.