Homework 7 - Chapters 7 and 8 (Extra Credit)

1. DNS queries are done via UDP. How does a DNS client handle lost UDP packets (either the query or the reply), since UDP does no retransmission?
2. Due to the requirements of the IP layer, UDP packets may be as small as 576 bytes. What happens to the DNS lookup if the name to look up is longer than 576 bytes?
3. Can multiple IP addresses have the same domain name? If yes, explain the motivation behind allowing this. If no, explain why not.
4. Can one IP address be associated with multiple domain names? Explain why or why not?
5. Email addresses are typically of the form username@machine.domain. How is DNS used to find the appropriate mail server for an email address?
6. Why is DNS cache poisoning a concern from a security perspective?
7. Describe the difference between IPSec in tunneling mode and in transport mode.
8. Why is transmission encryption more vital for a wireless link than for a wired link?
9. At what level in the protocol stack (e.g. data link, network, etc) must a stateful inspection firewall operate? Justify your answer. When answering, consider which fields of the header a stateful firewall inspects and in which header (IP, TCP, Ethernet, etc) those fields are located.
10. A corporation requires that all telecommuters use VPNs to connect from home to the corporate network. Assume that all VPNs use IPSec in ESP tunnel mode to connect the user from home to the corporate network, but once inside the network, standard Ethernet is used to deliver data. Bob the CEO is at home and wishes to send Alice the VP of Human Resources a memo on who will be laid off in the next round of budget cuts. Does Bob need to use additional encryption for this memo? Consider who Bob does NOT want to see the memo and when the memo would be encrypted and when it would be in plaintext with the default VPN setup.