Application Layer

Question 1

What is DNS?

Answer 1

Domain Name System - maps urls/names to addresses. (IPv4, IPv6, MAC)

Question 2

WHat is DHCP?

Answer 2

Dynamic Host Protocol - Allocates dynamic IPv4 addresses.

Question 3

What is the process of DHCP? (4)

Answer 3

DHCP Discover - Client requests IP address
DHCP Offer - DHCP offers IP address/es to client.
DHCP Request - Client selects IP address and requests it.
DHCP Ack - DHCP confirms selection.

Question 4

What is telent?

Answer 4

Unencrypted terminal emulation protocol. Not used over Internet anymore, mostly used to communicate with old machines.

Question 5

What has telnet been replaced by?

Answer 5

SCP and SSH

Question 6

What is SMTP?

Answer 6

Simple Mail Transfer Protocol, used to reliably send emails, usually over TCP connection.
Can be extended with authentication.

Question 7

What is IMAP?

Answer 7

Internet Message Access Protocol - usedto send emails over TCP connection. Ports 134/993 (secure)

Question 8

What is HTTP?

Answer 8

Text-based protocol for transfering hypermedia contexts.

Question 9

What are the 5 requests of HTTP?

Answer 9

GET, POST, PUT, DELETE, HEAD

Question 10

What is QUIC?

Answer 10

Quick UDP Internet Connection - Uses UDP to transfer packets quickly on the web. Used by chrome - experimental.

Question 11

What is CoAP?

Answer 11

Constrained Application Protocol - Uses MQTT-based publish/subscribe method to share messages. Used for devices with less resources like IoT devices.

Question 12

What is RTSP and what packet transfer method does it use?

Answer 12

Real-Time Streaming Protocol, using UDP for fast transfer of packets.

Question 13

What are the 4 main file transfer protocols?

Answer 13

SMB - Server Message Block - Microsoft, provides authentication and file locking.
NFS - Network File Service - Linux
P2P - Peer-to-peer - uses trackers (BitTorrent)
FTP - File Transfer Protocol

Question 14

What is MQTT?

Answer 14

Publish-subscribe network protocol.
Messages published to a broker.
Clients subscribe to data streams.
Messages are tagged so only clients that are subscribed to that tag receive the message.

Question 15

What is CoAP?

Answer 15

Lightweight, RESTful, modern version of MQTT, used for devices with less resources.

Question 16

What is in a CoAP request?

Answer 16

Message id, RESTful request (e.g. GET)

Question 17

What is in a CoAP response?

Answer 17

Message ID, Ack and Payload. (Unless payload is too big, then Ack and payload are sent separately.

Question 18

Why/when are CoAP proxies used?

Answer 18

When the servers are ‘sleepy’ nodes (not always listening for requests).
The proxies store the requests and when the server becomes active, it sends the cached requests.

Question 19

What are block transfers in CoAP?

Answer 19

Large payloads are broken down into chunks and sent to the client.
The client rebuilds the payload.

Question 20

What is the function of DNS?

Answer 20

To convert user-friendly URLs to address (IPv4, IPv6, MAC)

Question 21

What are the record types for IPv4 and IPv6?

Answer 21

IPv4 - A record

IPv6 - AAAA record.

Question 22

What is a DNS resolver?

Answer 22

A local DNS server that receives and ‘resolves’ requests.

Question 23

Where does a client get the IP address for a DNS from?

Answer 23

DHCP.

Question 24

What is the DNS hierarchy?

Answer 24

Root servers -> Top Level Domains -> Sub-domains NS -> Resolvers

Question 25

What is the recursive DNS lookup?

Answer 25

If the resolver doesn’t have the required DNS record, it requests it from a root server.
The root server responds with the address of a DNS that could have the response.
This repeats until the correct record is found. (The resolver ‘walks’ the hierarchy)

Question 26

Which port is used for DNS communication?

Answer 26

Port 53

Question 27

Which port is used for DHCP?

Answer 27

Port 67

Question 28

Which port is used for HTTP?

Answer 28

Port 80

Question 29

Why is UDP good for DNS? (2)

Answer 29

Efficient

Connectionless - good for handling DNS abuse

Question 30

Why does a DNS need to be resilient?

Answer 30

It is critical infrastructure for the internet, so therefore vulnerable to DDoS attacks.

Question 31

Why are there multiple (350+) DNS root servers? (2)

Answer 31

To share load balancing - client is directed to nearest alive server.
For greater resilience - If one server goes down/is attacked, clients can be directed to the next nearest alive server.

Question 32

What are the security solutions for DNS? (3)

Answer 32

Block spoof IPs.
Block resolver lookups from non-local IPs.
DNSSEC - adds signatures to requests.

Question 33

What is an issue with DNSSEC?

Answer 33

It makes the responses a lot larger which can make managing them complex.