Explain why a DNS cache poisoning attack can compromise DKIM but not S/MIME. Describe how DKIM could be modified to defend against DNS based attacks
What will be an ideal response?
In DKIM, the public key of the sending MTA is obtained via a DNS lookup.
Thus, a DNS cache poisoning attack will compromise DKIM since an attacker can forge a
message and its signature by replacing the public key of the legitimate sending MTA with
his own public key and sign the forged message with his private key. S/MIME is immune
from DNS cache poisoning attacks since it assumes that the public key of the sender is
transmitted to the recipient through a secure channel or signed by a party trusted by the
recipient.
You might also like to view...
The TableEntity inherited property ________ is a unique string that’s used by the Windows Azure Table Storage service to spread a table across multiple servers.
a) DistributionKey b) RowKey c) TimeStamp d) PartitionKey
When specifying a data type for the columns in a database table, the data types you can choose from are provided by the ____________.
a. DBMS b. programming language c. computer manufacturer d. compiler
A quick and easy way to identify the DNS server domain and IP address in Windows, Mac, and Linux is to type __________ at the command prompt.
Fill in the blank(s) with the appropriate word(s).
A technician is setting up a computer lab. Computers on the same subnet need to communicate with each other using peer to peer communication. Which of the following would the technician MOST likely configure?
A. Hardware firewall B. Proxy server C. Software firewall D. GRE tunneling