CS 380--Midterm Examination

Midterm

CS 380
Spring 1999
Craig A. Rich

1

Give two reasons for using layered protocols in a network architecture.

2

What are the common configurable parameters of a DNS resolver?

3

Consider a DNS server that knows the following resource records for the zone north.edu

north.edu. IN NS 203.58.6.40

north.edu. IN MX 203.58.6.35

lang.eng.north.edu. IN A 203.58.6.23

alice.cs.north.edu. IN A 203.58.6.35

bob.cs.north.edu. IN A 203.58.6.36

math.north.edu. IN A 203.58.6.40

www.north.edu. IN CNAME bob.cs.north.edu.

and a DNS server that knows the following resource records for the zone south.edu

south.edu. IN NS 102.101.33.62

south.edu. IN MX 102.101.33.62

math.south.edu. IN A 102.101.50.15

www.south.edu. IN CNAME alice.cs.south.edu.

alice.cs.south.edu. IN A 102.101.33.62

bob.cs.south.edu. IN A 102.101.33.63

www.cs.south.edu. IN CNAME bob.cs.south.edu.

Consider the following list of names:

math

www

www.cs

alice

bob

alice.cs

bob.cs

alice.cs.south

bob.cs.south.edu.

www.north.edu

www.south.edu.

a) To what numerical IP address(es) do the names resolve, if the DNS resolver uses the domain search list north.edu, south.edu?

b) To what numerical IP address(es) do the names resolve, if the DNS resolver uses the domain search list cs.south.edu, south.edu?

4

There are several places where resource records can reside or be destined in the DNS protocol:

Name server primary (master) zone
Name server secondary (slave) zone
Name server cache
Resolver cache
Application

Draw a directed graph whose nodes are places where resource records can reside and whose edges show possible transfers of resource records.

5

Consider the following design for a challenge-and-response authentication protocol, in which K_AB is a secret key known only to Alice and Bob:

Alice sends A to Bob
Bob sends R_B to Alice
Alice sends K_AB(R_B) to Bob
Alice sends R_B-1 to Bob
Bob sends K_AB(R_B-1) to Alice

Describe a way that an intruder Trudy who does not know K_AB can masquerade as Bob.

6

Consider the following list of application layer protocols, and their usage in the Cal Poly Pomona Intranet:

Protocol	Name
FTP	File Transfer Protocol
IMAP	Interactive Mail Access Protocol
HTTP	Hypertext Transfer Protocol
NNTP	Network News Transfer Protocol
POP	Post Office Protocol
SMB	Server Message Block Protocol
SMTP	Simple Mail Transfer Protocol
Telnet	Remote Login Protocol

a) Which protocols' client implementations also involve the Domain Name System (DNS)?

b) Which protocols' server implementations also involve authentication?

c) Which protocols can be used to transfer file contents to an Intranet server from your client?

d) Which protocols can be used to transfer file contents to your client from an Intranet server?

7

Consider a computing environment in which there are users u1, u2, u3, u3, u4, u5, groups g1 = {u1, u2, u5}, g2 = {u2, u4, u5}, g3 = {u2, u4}, and a directory named dir containing files named file1 and file2. The results of the following ls and acl_edit commands are given:

% ls -ld  dir dir/file1 dir/file2

drwxrwx--x   2 u2       g2           352 Apr 30 12:29 dir
-rw-rw----   1 u3       g3            52 Apr 30 12:29 dir/file1
-rwxrwxr-x   1 u4       g3           146 Apr 30 12:30 dir/file2

% acl_edit dir -l

mask_obj:rwx-id
user_obj:rwxcid
group_obj:r-x---
user:u4:------
group:g3:rwx-id
other_obj:--x---
any_other:--x---

% acl_edit dir/file1 -l

mask_obj:rw----
user_obj:rw-c--
group_obj:rw----
group:g2:rw----
other_obj:------
any_other:------

% acl_edit dir/file2 -l

mask_obj:rwxcid
user_obj:rwxc--
group_obj:r-x---
user:u3:rwx---
group:g1:r-----
other_obj:r-x---
any_other:r-x---

Give a matrix whose rows are labeled by the users u1, u2, u3, u4, u5, whose colums are labeled by the directory and file names dir, dir/file1, dir/file2, and whose contents show the permissions (a subset of rwxcid) authorized to the specific user on the specific directory or file.