Networking & Protocols
Network security: free-recall review
Retrieval beats re-reading. For each prompt, say or write a full answer from memory before you open the model answer — the effort of recall is what makes the unit stick.
Reconstruct the unit’s spine without looking back: why attack economics favor the attacker alone, how amplification and state-exhaustion work, where firewalls end and WAFs begin, what DNSSEC and RPKI each protect, and why defense in depth is non-negotiable.
- 01Why do DDoS attack economics favor the attacker only if you defend alone, and how does a CDN invert that?
- 02Explain amplification/reflection and why it is the attacker's economist choice.
- 03How do SYN cookies defeat a SYN flood, and what is the tradeoff?
- 04Where does a firewall stop being enough and a WAF begin, and why is neither sufficient alone?
- 05What does DNSSEC protect versus RPKI/ROV, and why is publishing a ROA without ROV enforcement only half a defense?
- 06Why is no single layer enough against DDoS, and what does a full defense-in-depth stack look like in order?
If you could reconstruct each answer from memory, you hold the unit’s spine: attack economics favor the lone defender, so you share infrastructure; amplification and SYN floods turn a cheap attacker into a flood you absorb rather than blocklist; firewalls and WAFs cover disjoint layers; DNSSEC and RPKI/ROV protect DNS responses and BGP routes respectively — each useless as a half-measure; and no single layer stops every vector, which is why defense in depth stacks anycast edge, L3/L4 filters, WAF, rate limits, mTLS, and adaptive concurrency, with humans on call for the rest.