|
|
HomeGraffitiAboutSitemapVisualDevWork
Email BrianGPG Key |
GRAFFITI -- July 28, 2008 thru August 03, 2008>> Link to the Current Week <<Last Week << Mon Tues Wed Thu Fri Sat Sun >> Next Week Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable. About eMail - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message. |
 
|
MONDAY
Tues
Wed
Thu
Fri
Sat
Sun
July 28, 2008
2208 - Good evening. All the normal Monday stuff is done, and now I'm just going berserk over the complete and utter lack of skills that my "instructor" has in my current class. Here's the first sentence of today's quiz: "All questions has one correct answer only." Gaaaaaaaaaaaaaah! And three of the questions are wrong. That is, they're badly formed questions that either don't give the correct answer as one of the choices, or reflect that he wrote the question by reading parts of (but not all of) the book, and doesn't understand the material well enough to know he's writing crap questions. If I don't get an A, it's because I grok the material that the instructor doesn't, so I answer questions "correctly" and get marked wrong. This has happened. Of course, I'm likely to be making myself really popular in this department. Here was one of my postings a few weeks back in our little "Cafe" section, regarding problems with questions from another quiz:
Professor, perhaps I can help clarify Jon's questions, using the same problems from Quiz 8:
***
5.Which of the following statement is not correct for securing DNS (Domain Name System) (select one)?
a.Client computers use DNS to locate network resources; DNS servers perform the name resolution for these clients
b.Attackers can spoof the address of the primary DNS server and send incorrect updates to secondary DNS server
c.Split DNS design prevents attacker from gaining information about the design of internal network
d.In DNS cache poisoning, the attacker deletes all entries in the DNS zone database
***In question 5, you ask for us to select the ONE incorrect statement about securing DNS. This, of course, implies that at least three of the statements are *CORRECT* statements about _securing_ DNS.
(a) is (as Jon noted) about USING DNS, not about securing it. So (a) is a candidate for being an incorrect statement about securing DNS.
(b) delineates an ATTACK against DNS, without saying anything at all about how to secure against such an attack. So (b) is a candidate for being an incorrect statement about securing DNS.
(c) is indeed a correct method for securing a DNS server, and cannot be considered in the list of possible incorrect statements.
(d) also delineates a type of attack against DNS, and not only that, but an incorrect description of such an attack. Still, since it has nothing to do with "securing DNS", it too is eligible for consideration as the possible incorrect answer.So, three of the four statements have nothing to do with securing DNS. One of them is operational, and two are attacks. I "reasoned" that by describing an attack incorrectly, you meant for that one to be selected, which is why I chose (d).
However, from the perspective of your question, THREE of the FOUR statements are incorrect statements about securing DNS, it's beyond just being a trick question. I had to guess what you were thinking to get the "right" answer. This is a technical subject and I should not have to guess.
Now on to question 6 from the chapter 8 quiz:
*** 6.Which of t
he following statement is not correct for securing DHCP (Dynamic Host Configuration Protocol) (select one)?
a.DHCP clients request IP assignment s from DHCP server, and the DHCP server assigns one from the address pool
b.DHCP broadcasts should be blocked from being forwarded to other segments; most routers broadcast it by default
c.Attackers can use unauthorized or rogue DHCP server to assign IP address or network options to DHCP clients
d.Protocol analyzer or IDS can be used to discover network packets from unauthorized DHCP servers
***Again, we're looking for the ONE incorrect statement about securing, this time DHCP. So I'm looking for three correct statements about securing DHCP.
(a) is a true (if simplified) operational description of DHCP. Not a securing statement. (b) is a securing
statement, and is wrong, since routers block broadcasts by default. (This became my number one candidate as the "answer").
(c) is a method of attacking a network with a rogue DHCP server, not a method of securing DHCP.
(d) is a method of defending a network against rogue DHCP servers, a true securing statement, and cannot be the answer.In this case there is at least a clear "best" incorrect statement about securing DHCP servers, since of the TWO statements about securing DHCP servers, only one was incorrect. However, the other two statements were not about securing DHCP at all.
In the latter case, had you worded the question as
"Of the statements below, identify the one statement about securing DCHP that is incorrect." there would have been no doubt about how to answer question 6. There is only one incorrect statement about securing DHCP there.
In question 5, however, there is simply no incorrect statement about securing DNS. There is only one statement at all about securing DNS among the four, and it is correct. The other three statements are either operational or attacking, and the "answer" you chose as an incorrect statement about securing DNS is that of a mis-described attack. Jon is frustrated by this level of ambiguity, as am I.
I hope this clarification helps you understand what's at issue here.
best,
.brian
It makes me sad. Now, time for dinner.
Mon
TUESDAY
Wed
Thu
Fri
Sat
Sun
July 29, 2008
Garden haul |
2148 - Good evening. It was a day of preparation - preparation for updates to be applied to test systems prior to updating production systems soon. Preparation for some work via serial connection to revive a troubled Solaris 10 box that needed mirrors rebuilt, and (as long as we're at it), disk slices re-sized to make for a slightly larger swap. That went okay, but I got to work at 0715, and left at 1935. Long day.
I got home in time to give the dogs their 8 o'clock treat, then I got in the trash and recycle barrels, watered the herbs, and harvested from the garden (click the link at right to see an evening's haul). There are plenty more peppers where those came from, but I had other things to do ... like have dinner. I made dinner and scarfed it by nine. Then I hared back up here and logged into work to update one of those test systems so that the effects of the updates can be evaluated by our devs tomorrow morning. Doing stuff the right way means off hours, and that's just fine. Now, after this, I'm headed back downstairs to fill up the salsa fresca trough, and jar up a couple of pints for work tomorrow. Ciao!
Mon
Tues
WEDNESDAY
Thu
Fri
Sat
Sun
July 30, 2008
1911 - Good evening. I'm reworking Marcia's backup scheme, listening to the Grateful Dead (explicitly tracks from Dick's Picks #4), and puttering around with Gentoo 2008.0 as a VM in Parallels on Harmony. I probably hibernated the MBP 7 or 8 times between starting the install and completing it - Parallels (and the ongoing Gentoo install) never blinked. Nice. That reminds me - I need to clean up the XP install on Parallels there, to use less space. That'll keep me busy, that and reading and such for school. Yeah, with instruction like that, we're mostly doomed (as Greg noted), but I still need to keep the wheel turning. Ciao!
Mon
Tues
Wed
THURSDAY
Fri
Sat
Sun
July 31, 2008
2102 - Good evening. I've got a lobster pot half-full of fresh red sauce mother. I'll be simmering that every night for a few days, tuning the seasoning and bringing it to perfection. Then I'll serve from it, and restore to it with fresh tomatoes, herbs and seasoning once a week or so for the next two months until I get tired of dishes made with red sauce. Then, like last year, I'll turn the rest into a chili, and freeze it in meal-portions. Um ... yum. So that, and working on this week's reading and "discussion threats" (sigh) ate the rest of the evening. Ciao!
Mon
Tues
Wed
Thu
FRIDAY
Sat
Sun
August 1, 2008
2249 - Good evening. Marcia's exercycle was giving her trouble - it's been just about 10 years, so I guess we got our money out of it. Today after work, we got her a recumbant exercycle. That'll make it easier for her to use (and for me to use), thus more likely that we'll both use it more often. That's a good thing. Now, go watch Dick Feynman: The Douglas Robb Memorial Lectures.
Mon
Tues
Wed
Thu
Fri
SATURDAY
Sun
August 2, 2008
No post......
Mon
Tues
Wed
Thu
Fri
Sat
SUNDAY
August 3, 2008
2023 - Good evening. I've stayed busy - busy enough that I only checked email once yesterday and once so far today. That's a bit unusual for me. But the yard is in much happier shape, mostly pruning and mowing (yesterday). And I cleaned out the garage and the attached shed extensively (today). I'm tired, but I feel really good about what I've accomplished.
In the Middle East, the battles rage on. Yeah, the whole hearts and minds thing, right? And in the meantime, while I'm sure that the majority of the population in both Iraq and Afghanistan just wants to get on with life, there's bunches on all side of the religious schisms that want to kill each other, plus bystanders, plus any American or NATO forces they can get. Sigh. Still, three casualties to report this week. Our condolences to the families and units of the fallen.
Last Week << Mon Tues Wed Thu Fri Sat Sun >> Next Week
Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.
All Content Copyright © 1999-2011 Brian P. Bilbrey.
Except where otherwise noted, this site is licensed under the
Creative
Commons Attribution-Noncommercial-Share Alike 3.0 United States
License.