TDC 375-701                   Student Name:
Quiz 1
2009-09-16


1. Which group is responsible for authoring and maintaining the
   Internet RFCs?

   ___  ICANN

   _x_  IETF

   ___  ISO

   ___  ITU



2. Which is not a status type (aka Maturity Level) of RFCs?

   _x_ Vulnerability Analysis

   ___ Informational

   ___ Experimental

   ___ Proposed Standard



Q. Which best describes the end-to-end argument?

   ___ Functionality is best put into a limited number of devices in
       the network to ease network administration.

   ___ Functionality is best put into a limited number of devices in
       the network to minimize security attack vectors.

   _x_ Functionality should be moved upward, closer to the application
       that uses that functionality.

   ___ Functionality should be moved downward in a layered system,
       away from the application that uses that functionality.



Q. Which best describes the term "sinkhole" as used in the Internet
   community (e.g. re: the Conficker case study presented in class)?

   ___  A method for intercepting packets, removing the ones with
        malicious intent and sending all others to the originally
        intended destination.

   ___  A method for distributing firewall filter rules throughout
        the Internet so that malicious packets can be blocked at
        the source.

   ___  A method for duplicating packets unobtrusively at key
        locations on the Internet for inspection and offline analysis.

   _x_  A method for redirecting (hijacking) certain types of traffic
        away from unwanted parties or destination services.


Q. Assume the following:

   * You are using Ethernet at layer 2 throughout the path.  A Ethernet
     frame may contain up to 1500 bytes of payload data.

   * A new layer three (L3) protocol has been developed, called JTKP.
     It consists of the following mandatory fixed size header fields
     (the size of the field in bytes in parantheses) and no optional
     headers:

     - source address (8)
     - destination address (8)
     - hop count (1)
     - checksum (4)
     - identification (4)
     - next-protocol (2)
     - total length (2)

   The maximum JTKP data payload size per packet is 9000 bytes.  You
   are using JTKP over Ethernet and do not want to fragment any packets.
   If you have 9000 bytes of JTKP payload data, caclulate the fewest
   number of JTKP packets that can be sent and calculate the total size
   of each JTKP packet.  Each JTKP packet should be as large as possible.

JTKP header overhead = 8 + 8 + 1 + 4 + 4 + 2 + 2 = 29 bytes
Maximum data per Ethernet frame = 1500 - 29 = 1471 bytes
So:
  9000 / 1471 = 6 full Ethernet frames, plus 1 frame with 174 data bytes
Each Ethernet frame consists of (Ethernet payload in parantheses):
  Frame 1: 1471 bytes of data plus 29 bytes of JTKP headers (1500)
  Frame 2: 1471 bytes of data plus 29 bytes of JTKP headers (1500)
  Frame 3: 1471 bytes of data plus 29 bytes of JTKP headers (1500)
  Frame 4: 1471 bytes of data plus 29 bytes of JTKP headers (1500)
  Frame 5: 1471 bytes of data plus 29 bytes of JTKP headers (1500)
  Frame 6: 1471 bytes of data plus 29 bytes of JTKP headers (1500)
  Frame 7:  174 bytes of data plus 29 bytes of JTKP headers (203)
Note:
  Total Ethernet payload data sent = (1500*6)+203=9203, and 203/7 = 29

$Id: quiz1.txt,v 1.2 2009/09/19 15:22:08 jtk Exp $