CS6250 Lesson 9 Internet Security 2026 UPDATED EXAM ACTUAL LATEST VERSIONS 100 QUESTIONS AND CORRECT VERIFIED ANSWERS WITH RATIONALES (100% CORRECT) A+ GRADED ASSURED

CS6250 Lesson 9 Internet Security 2026 UPDATED
EXAM ACTUAL LATEST VERSIONS 100
QUESTIONS AND CORRECT VERIFIED
ANSWERS WITH RATIONALES (100%
CORRECT) A+ GRADED ASSURED

(T/F) A Distributed Denial of Service Attack consists of the attacker sending a large volume of
traffic to the victim through servers (slaves), so that the victim host becoming unreachable or in
exhaustion of its bandwidth - CORRECT ANSWER: True



(T/F) ARTEMIS uses a configuration file and a mechanism for receiving BGP updates from
routers and monitoring services to detect BGP hijacking attacks - CORRECT ANSWER: True



(T/F) ASwatch takes primarily a proactive approach to infer network reputation by monitoring
the routing behavior of networks - CORRECT ANSWER: True


(T/F) ASwatch uses information exclusively from the data plane to infer network reputation -
CORRECT ANSWER: False (from the CONTROL plane)


(T/F) Attackers tend to keep the uptime of domains used for malicious purposes as short as
possible in order to avoid being detected - CORRECT ANSWER: False


(T/F) BGP Blackholing is a defense against prefix hijacking - CORRECT ANSWER: False (it's
against DDoS)


(T/F) BGP Blackholing is used to mitigate DDoS attacks - CORRECT ANSWER: True


(T/F) BGP Blackholing stops the traffic closer to the destination of the attack - CORRECT
ANSWER: False

,(T/F) DNS-based content delivery aims to distribute the load amongst multiple servers at a single
location, but also distribute these servers across the world - CORRECT ANSWER: True



(T/F) DNS-based content delivery determines the nearest server, which results in increased
responsiveness and availability - CORRECT ANSWER: True



(T/F) Fast-Flux Service Networks (FFSNs) can be leveraged by malicious actors to extend the
availability of a scam - CORRECT ANSWER: True



(T/F) In a reflection attack, the attackers use a set of reflectors to initiate an attack on the victim -
CORRECT ANSWER: True



(T/F) IP spoofing is the act of setting a false IP address in the source field of a packet with the
purpose of impersonating a legitimate server - CORRECT ANSWER: True


(T/F) Legitimate networks may let malicious content be up for weeks to more than a year -
CORRECT ANSWER: False


(T/F) Prefix deaggregation and mitigation with Multiple Origin AS (MOAS) are independent
from ARTEMIS - CORRECT ANSWER: False


(T/F) Round Robin DNS (RRDNS) is one of the "tools" that malicious parties can use to extend
the time their content is accessible/hosted on the Internet. - CORRECT ANSWER: True


(T/F) Round Robin DNS is a mechanism used by large websites to distribute the load of
incoming requests to several servers at a single physical location - CORRECT ANSWER: True



(T/F) The BGP blackholing technique can only be applied for traffic related to specific
applications. - CORRECT ANSWER: False

, (T/F) The FIRE system takes primarily a reactive approach to infer network reputation, relying
on monitoring IP blacklists - CORRECT ANSWER: True



(T/F) Using the fast flux technique to extend the availability of a scam domain name, it makes it
impossible for the scam to be taken down - CORRECT ANSWER: False



ASwatch relies on the premise that "bulletproof" ASes have ______________ interconnection
patterns and overall different ___________ plane behavior from most legitimate networks -
CORRECT ANSWER: DISTINCT




CONTROL


Consider the reflection and amplification attack as shown in the figure below. Which IP address
is being spoofed in this attack?
· IP Address of the Victim

· IP address of the Reflector

· IP address of the Master

· IP address of the Slaves - CORRECT ANSWER: IP address of the victim


Determine which property of secure communication is violated in the event that a third-party
pretends to be another entity on the network.

· Confidentiality

· Integrity

· Authentication
· Availability - CORRECT ANSWER: Authentication