4.9 Communication and networking Flashcards

Question

How does HTTPS work?

Answer 1

HTTPS uses encryption to secure the data being transferred, and authenticates the web server through certificates.

Answer 2

The web client sends a request message to a web server and the web server sends back a response message containing the data needed to display the webpage (or other web resource).

Answer 3

* FTP commands can be issued from a command line interface, but more commonly a user interacts with an FTP client, which sits on top of the actual FTP protocol. * Once logged in, the user can access directories on the FTP server and can download and upload files. * FTP sites which are publicly available are known as anonymous FTP.

Answer 4

- Secure Shell - Used to provide an encrypted connection for remote access to another computer

Answer 5

- Simple Mail Transfer Protocol - Used to send emails from client device to the linked mail server or to forward the email to the recipient's mail server

Answer 6

- Post Office Protocol (v3) - Used to retrieve emails from an email server.

Answer 7

- Hypertext Transfer Protocol Secure - HTTPS is used for accessing a webpage from a web server securely. HTTPS encrypts data between the client and server.

Answer 8

- Hypertext Transfer Protocol - HTTP is used for accessing a webpage from a web server

Answer 9

- File Transfer Protocol - Used to move files between two devices. (commonly used to transfer data and programs as opposed viewable content)

Answer 10

* A Uniform Resource Locator (URL) is the address of a webpage or other internet resource * It indicates the location of a resource **as well as** the protocol used to access it.

Answer 11

Fully qualified domain name

Answer 12

Host name or subdomain

Answer 13

Domain name

Answer 14

* A domain name identifies an **organisation or individual** on the internet. * They use alphanumeric characters which make them easier for humans to remember than IP addresses

Answer 15

To translate a **fully qualified domain name** into its corresponding **IP address**

Answer 16

* The domain name system is a **distributed database of mappings** from **FQDNs** to their corresponding **IP addresses** * DNS servers are organised into a **hierarchy**

Answer 17

The query will be passed to another DNS server

Answer 18

- An (internet) registry - Each TLD may have restrictions as to who can use it

Answer 19

To maintain a definitive register of who owns a specific domain.

Answer 20

The maximum number of signal changes in a medium per second

Answer 21

The number of bits transmitted over a medium per second

Answer 22

bit rate of channel = (baud rate) x (number of bits per signal change)

Answer 23

Bits are sent one after the other over a single wire from source to destination

Answer 24

- Multiple bits are sent simultaneously over multiple wires from source to destination - Each bit is sent down a different wire

Answer 25

- Unreliable because of **skew** - Parallel wires also suffer from **crosstalk**

Answer 26

As each wire has slightly **different properties**, there is a possibility bits could travel **different speeds** over each of the wires and arrive at **different times**, meaning the signals might **overlap**

Answer 27

Interference between different lines, which causes data corruption

Answer 28

1. Serial transmission doesn't suffer from **skew or cross-talk** 2. Serial is **reliable** over much longer distances 3. Serial transmissions tends to be **cheaper**, as there is much less complexity and the physical size of cables is smaller

Answer 29

- A measure of the maximum capacity of a communication channel - It is directly proportional to bit rate - Measured in bits per second

Answer 30

A time delay before some component in a computer system responds to an instruction

Answer 31

- Data is transferred at regular intervals, synchronised by a clock signal - Receiver and transmitter clocks are synchronised

Answer 32

- Receiver and transmitter clocks only need to be synchronised for the duration of data transmission - Blocks of data are sent as soon as they are ready

Answer 33

- Start bit is sent to synchronise the clock in the receiver to the transmitter clock - Stop bit allows the receiver time to process the current block of data before another is sent - Stop bit is opposite to start bit to allows the next start bit to be recognised

Answer 34

Blocks or allows network traffic, based on predefined or dynamic rules and policies

Answer 35

When a firewall monitors outgoing and incoming packets and allowing them to pass or halt based on - source and destination IP addresses - protocols / ports - **Each packet is analysed separately**

Answer 36

- When the firewall monitors the incoming and outgoing traffic from all ongoing TCP connections by: -- Analysing **packet types** -- Inspecting the **payload** -- Checking for **suspicious activity** (eg lots of outgoing data) - **Connected packets are analysed together**

Answer 37

* A server that sits between the network hosts and the firewall * Packets are sent outside the network by the proxy server (on behalf of the network hosts) * Provides anonymity, caching, and logging of user activities

Answer 38

A piece of malicious software that can self-replicate between computers, either within a network (such as the Internet) or by a user downloading and running and malicious files. Unlike viruses, worms are **complete programs** - they do not require a **host program** to cause damage.

Answer 39

* A virus is a small program of **self-replicating** software that is **attached to other program or files** * Viruses require a **host file** in which to reside

Answer 40

* A type of malware that is disguised as a legitimate benign file that users can be tricked into opening * They can delete and modify data and allow more malware in once they are opened

Answer 41

1. Improving code quality 2. Monitoring 3. Protection (e.g. up to date antivirus programs)

Answer 42

The way a network and its connected devices (computers, printers, servers etc.) are connected

Answer 43

1. If **main cable fails** no network data can be transmitted 2. **Performance degrades** heavily with increased traffic 3. **Security is poor** as all computers on the network can see all transmissions

Answer 44

1. If central node goes down the whole network can’t transmit / receive data 2. Can be costly to set up and install as lots of cabling is needed

Answer 45

- 32 bits *(e.g. 192.168. 10.150)* - Network ID and Host ID

Answer 46

Identifying the Network ID part of an IP address (bitwise `AND` operation applied to subnet mask and IP address)

Answer 47

- 128 bits *(e.g. 2001:0db8:85a3:0000:0000:8a2e:0370:73)* - Introduced to ensure there would be enough addresses for all devices to have a unique one - as IPv4 addresses are running out

Answer 48

- Routable IP Addresses must be public addresses. They are unique on a global scale, and are allocated by a regional issuing authority. - Non-routable IP addresses are assigned internally to devices on a private network. Many devices may have the same private address.

Answer 49

- A process in which a router translates one or more non-routable IP addresses into one or more routable IP addresses and vice versa in order **to provide Internet access** to the local hosts - A single routable IP address can be used for an entire private network

Answer 50

- An **application of network address translation (NAT)** that redirects a communication request for the public IP address using a specific port to a pre-selected private host - The port number is unchanged (forwarded)

Answer 51

- Allows computers outside the LAN to connect to a specific computer (and port) within the LAN - Needed if you want to have a (web) server inside the LAN

Answer 52

Bitwise `AND` operation of subnet mask with both computer's IP addresses. The result of the `AND` operations are the **network IDs**. These are then compared.

Answer 53

- Routers are organised into a **hierarchy** - The path to take is selected by each router, determined by the **Network ID** of the **destination IP address** - Each router decrements the **"time to live"** of the packets - Source and destination **MAC addresses** changed at each hop - **Network Address Translation** will occur at routers at either end

Answer 54

To automate the allocation of IP addresses (configuration) to hosts on a network

Answer 55

- Reduces the need for **expert knowledge** when configuring a host - Reduces the **time** required to configure hosts

Answer 56

1. Host sends request to **discover** a DHCP server 2. DHCP server **offers configuration to host** 3. Host **accepts configuration by echoing** the accepted configuration back to the server 4. DHCP server **confirms** that configuration has been allocated to host

Answer 57

- **Port forwarding** - Router must forward all traffic arriving on the HTTP(S) port to the IP address of the Web Server

Answer 58

A port automatically allocated to a client that is temporarily assigned and only exists for the duration of a connection.

Answer 59

Communication is **initiated by clients**, so clients must know which port number to connect to *before* communication with the server starts. Also, particular port numbers are used to provide a particular service.

Answer 60

A set of agreed rules relating to communication between computer devices

Answer 61

**S**: Uses same key for both encryption and decryption **A**: Doesn't **S**: Have to distribute the key without interception **A**: Don't **S**: Faster **A**: Slower, but provides both confidentiality and authentication

Answer 62

1. `A` encrypts the message with `B`'s public key 2. `B` decrypts with their own private key (the only key that can do this)

Answer 63

1. `A` encrypts the message with `B`’s public key *and* `A`’s private key 2. `B` will decrypt with `B`’s private and `A`’s public key

Answer 64

To confirm the identity of the sender, **and** to detect if a message or document has been tampered with

Answer 65

1. `A` **hashes** the document, creating a **message digest** 2. `A` encrypts this message digest with their private key. This encrypted hash is known as the **digital signature** 3. The digital signature is **appended** to the message 4. (This may now be encrypted with `B`’s public key, sent to `B`, and decrypted by `B` using their own private key as normal) 5. `B` **decrypts** the digital signature with `A`’s public key, to reveal the message digest. `B` also hashes **recalculates the hash** for the document. If the result of these procedures is the same, then the message has not been tampered with *and* the identity of the sender is authenticated.

Answer 66

Digital certificates are used to verify the sender's identity

Answer 67

* An electronic document that authenticates a message sender or a website * It contains the sender's public key as well as some information about them

Answer 68

A trusted individual (certificate authority) **signs** a copy of *A*’s public key as well as some information about *A*. Digital certificates will contain: - 🔢 Serial number - 🏷️ Name (e.g. domain name for website digital certificates) - 📅 Expiration date - 🔑 Copy of the certificate holder’s public key

Answer 69

- Modern web browsers check the digital certificate of each secure website as a standard security measure. - If the certificate is suspicious or out of date, the site is blocked.

Answer 70

In order to distribute the key securely in symmetric encryption systems. * Asymmetric encryption algorithms are nearly always much more **computationally expensive** than symmetric ones * So in many cases it is common to exchange a **shared key** using a key-exchange algorithm, and then to transmit the data using that key and a **symmetric key algorithm**. (e.g. SSH and SSL/TLS)

Answer 71

**Physical**: The physical layout of the connections between computers on the network **Logical**: How the packets flow around a network

Answer 72

1. The client sends a request to a server 2. The server responds with the data that was requested *(Most computers are nominated as clients and one or more as servers)*

Answer 73

The Websocket protocol defines an **API** establishing a **full-duplex 'socket' connection** between a **web browser and a server** over **TCP**

Answer 74

Data can be transmitted in both directions at the same time

Answer 75

- To provide a **persistent bidirectional connection** between client and server, allowing **both** parties to send data at any time - The connection is also fast and real-time, and overheads are small leading to reduced packets sizes

Answer 76

- 👾 online gaming - 💬 instant messaging - 📹 video streaming - ☁️ remote cloud based document collaboration

Answer 77

The four fundamental operations for any database or content management system: - **C**reate - **R**etrieve - **U**pdate - **D**elete

Answer 78

Representational State Transfer

Answer 79

REST enables CRUD to be mapped to SQL database functions

Answer 80

Create → POST → INSERT

Answer 81

Retrieve → GET → SELECT

Answer 82

Update → PUT → UPDATE

Answer 83

Delete → DELETE → DELETE

Answer 84

The REST API allows JavaScript to talk to a database through HTTP. 1. The client browser creates a HTTP request, calling the REST API 2. The REST API is created and run on the server 3. The server responds to the client’s requests using either JSON or XML 4. The client’s browser processes the JSON or XML and displays the response to the user

Answer 85

* The client computer needs no knowledge at all of how the database server works * So clients and servers can be developed independently

Answer 86

Standards for transferring data between a server and an application

Answer 87

Java script object notation

Answer 88

1. Easier for a human to read 2. More compact (so quicker to transmit) 3. Easier to create (as syntax is simpler) 4. Easier for computers to parse and therefore quicker to parse

Answer 89

* When the processing / storage is carried out on the server * The **server** needs lots of RAM, many secondary storage devices, and more processors * The client needs a high bandwidth internet connection

Answer 90

* When the processing / storage is carried out on the client * The client needs greater RAM, secondary storage and processing capacity than more thin clients * Less reliance on an internet connection to do stuff

Answer 91

- 👾 gaming - 📹 (professional) video editing - 🔬 simulation/research

Answer 92

1. Internet connection not needed to do useful stuff 2. More flexible in what can be done (not limited by what cloud-based services exist) 3. Users can more easily keep data private

Answer 93

1. More expensive to buy and maintain 2. Client is responsible for back-up of files 3. Client is responsible for update of software

Answer 94

1. Cheaper to purchase, due to the lower hardware specification 2. Simpler updating of software, as this is done by the server 3. Server is also responsible for backups

Answer 95

1. Higher bandwidth internet connection is needed to be useful 2. Limited to what cloud-based services exist and how they work 3. Potential privacy concerns as entrusting a third-party to look after your files

Answer 96

- 🔋 The servers need to be more **powerful** machines - 💾 The servers need more **secondary storage** space - ⏱️ They need to be **always on** - 📈 As more hosts connect to a P2P network, the resource supply increases. Whereas when more hosts connect to a single server, the **more powerful and expensive** the machines need to be

Answer 97

**CS** : The server has authority over the service **P2P** : All computers have **equal status** - clients share resources *and* computing power **CS** : Clients access resources from the server **P2P** : Resources are stored on the computers, and any computer can access resources directly from any other - there is no dependence on a central server **CS** : Server **failure** disrupts all computers on the network **P2P** No single point of failure **CS** : Configuration is more complex, and setting up and maintaining the network is more **expensive** **P2P** : Cheaper to set up and maintain **CS** : Supports centralised **backups** **P2P** : Backups need to be made locally **CS** : Improved **security** management, as security management can be centralised **P2P** : Management of security must be managed individually on each computer

Answer 98

* Personal web server for hosting a simple website with a limited number of users * Cloud-based gaming platforms * College

Answer 99

* Home network with a small number of trusted devices * Decentralised cryptocurrencies (e.g. Bitcoin) * BitTorrent protocol

Answer 100

To allow devices to communicate within a network without being physically connected to it

Answer 101

A type of wireless local area network (WLAN) that is based on international standards

Answer 102

* Wireless network interface card * Wireless Access Point

Answer 103

* Encryption of data using WPA or WPA2 * Disabling the SSID broadcast * MAC address allow lists

Answer 104

Wifi Protected access

Answer 105

WPA2 is more secure

Answer 106

* A **Service Set Identifier** (SSID) is a locally unique **identifier** for a wireless network * They use alphanumeric characters that are specified during the setup of the wireless network * This SSID is used by all devices which want to connect to that network

Answer 107

The SSID broadcast can be disabled in order to make it hidden, only allowing those who know the SSID to try to connect

Answer 108

- MAC address allow lists can be created to only allow specific devices to connect to a network - Each MAC address is **unique to each NIC** - The **WAP checks** the MAC addresses of devices trying to connect against a list of allowed devices - Only devices with an **allowed** MAC address are able to connect

Answer 109

Carrier Sense Multiple Access with Collision Avoidance

Answer 110

Request to Send / Clear to send

Answer 111

1. 👂 When a device is ready to transmit, it **listens** to its communication channel to check if it is idle 2. ⏳️🎲 If there is a **data signal present**, it means another transmission is in progress, so the device **waits** for a random period of time 3. 📮 When no data signal is present, the device **sends its data** 4. ✅ Once the destination device (e.g. WAP) receives the data, it will respond back with an **acknowledgment** 5. ⏳️🎲 If this acknowledgement is not received, the sending device waits for a **random time period** and the process begins **again**

Answer 112

1. Before a device sends a message, a **Request to Send** is sent 2. The WAP responds with a **Clear to Send signal** to **only one** device at a time, and only that device transmits its data 3. If a CTS is not received the device must wait a random amount of time and try again

Answer 113

Stateful inspection

Answer 114

* There aren't enough unique addresses in IPv4 - there are many more IPv6 addresses as they are much longer * IPv6 eliminates the need for NAT * Automatic host configuration is possible without DHCP

Answer 115

Host ID = all zeros

Answer 116

The Hidden Node problem

Answer 117

If **A** is transmitting data to the WAP, and **B** is outside the transmission range of **A**, then **B** might start transmitting its own data, causing a collision

Answer 118

How do we pass the key from sender to receiver without it being intercepted?