DNS Cache Poisoning Attacks


Case Project 5-1

The chief information officer (CIO) in your organization has expressed concerns about

the use of encryption by employees. Currently, users encrypt Microsoft Word

documents using the built-in encryption function. The CIO has been considering a third-

party cryptographic product, but needs more information about how Word encryption

works before she can make an informed decision.

You have been asked to write a two-page report that explains the extent to which the IT

department can configure the cryptographic features of Word 2010. What is the process

involved in configuring encryption?

Case Project 5-2

You are employed by an e-commerce company as an assistant to the chief security

officer. Your company has received a number of recent complaints from customers who

have ordered products but have not received them. In addition, many of these

customers have reported being victims of identity theft. Your company’s legal

department has recommended that all departments study their practices to ensure that

they are taking reasonable measures to prevent identity theft. The chief security officer

believes that DNS cache poisoning attacks may be responsible for traffic being

redirected from your company’s Web site to impostor Web sites where customer

information is then collected and misused.

You have been asked to prepare a two-page report that explains how DNS cache

poisoning attacks work and how the DNSSEC system can help to prevent these attacks.

Case Project 6-1

You work for a network consulting firm, and you have been assigned to pre- pare a

presentation for the executives of an amusement park company who are concerned

about communication costs and session persistence when employees use their

company-issued cellular phones. The network at the park includes extensive 802.11-

based APs inside buildings, but many outdoor locations at the park have no WLAN

coverage. Employees often use cellular phones for voice communications because they

are frequently moving around the park. To save costs, the executives are interested in

having the cellular phones use the WLAN when it is in range.

The executives have relatively little training in network technology, so you need to

present the concepts of fixed-mobile convergence and internetworking with external net-

works in a way that the executives can understand. Prepare a slide presentation and a

5- to 10-minute discussion to address the executives' concerns. You also need to

address how to modify the WLAN to support fixed-mobile convergence