



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
CS6250 Computer Networks CS6250 Module 9 Practice Exam Guide 2026
Typology: Exams
1 / 6
This page cannot be seen from the preview
Don't miss anything!




Confidentiality Integrity Authentication Availability
Used by large websites to distribute the load of incoming requests
(larger TTL)
When accessing the name of the service using DNS, the CDN computes the 'nearest edge server' and returns its IP address to the DNS client. It determines the nearest server, which results in the content being moved 'closer' to the DNS client which increases responsiveness and availability.
(lower TTL)
Based on a rapid change in DNS answers, in order to prevent spammers for injecting bad IP addresses into the DNS resolution lifecycle
(lowest TTL)
nEtworks sys- tem)?
Legitimate networks are usually able to remove the malicious content within a few days whereas rogue networks may let the content be up for weeks to more than a year!
ASwatch learns the control-plane behavior of a normal AS and a malicious one and learns to ditterentiate between them
ASwatch takes an unknown AS and calculates the features for it, assigning it a reputation score.
Rewiring activity - changes in the AS connecting activity, multiple changes in providers / customers looks suspicious
IP Space Fragmentation and Churn - inspects advertised prefixes of an au- hood of a security tonomous system. Malicious ASes are likely to use small BGP prefixes to partition breach within an organization?
their IP address space and only exposes a small section of them
2C. Type-U hijack- In this attack the hijacking AS does not modify the AS-PATH but may change the ing
Man-in-the-mid- dle
prefix.
In this classification of attacks, the attacker attempts to hijack the network traflc and manipulate the redirected network traflc on its way to the receiving AS
The traflc intercepted by the hijacker can be Dropped, so that it never reaches the intended destination
The traflc intercepted by the hijacker can be Eavesdropped or manipulated before it reaches the receiving AS
The traflc intercepted by the hijacker can be Impersonated, e.g. In this case the network traflc of the victim AS is impersonated and the response to this network traflc is sent back to the sender.
Human error - misconfiguration / accidents
Targeted attack - intentional interception of network traflc (man-in-the-middle) (stealthy)
High impact attack - obvious attempt to cause widespread disruption
Malicious autonomous system router advertises a prefix that it doesn't own, taking advantage of its shorter distance to have peer / customer routers change their path for the prefix to the malicious autonomous system.
Malicious autonomous system receives a path and alters it, placing itself as the best path to reach a specific autonomous system / prefix. This path will likely be shorter than the original, causing other ASes to use the new hijacked path.
A configuration file where all prefixes owned by the network are listed for refer- ence.
A mechanism for receiving BGP updates, allows the system to receive updates from local routers and monitoring services
Prefix deaggregation - announcing more specific prefixes in order to mitigate prefix hijacking
Mitigation with multiple origin AS (MOAS) - third party organizations and service providers do BGP announcements for a given network
An attempt to compromise a server or network resources with a flood of traflc ture of a DDoS at- Attack compromises and deploys flooding servers that send high volumes of traflc tack.
to a victim
Impersonating a legitimate server with a spoofed IP address. One method causes a server to flood a target with unsolicited responses to spoofed requests. The other uses the spoofed IP address in the both the source and destination IP, causing the server to send responses / requests to itself.
tion and Amplifi- cation attack.
then DDoS the target on behalf of the attacker.