Applications Chap 2 Flashcards
What is the role of the application layer (Layer 7) in the OSI model?
interface between users and network services,
providing applications with functionalities to exchange data across networks.
How is the application layer defined in the TCP/IP model?
presentation + session + application
List some protocols in the application layer.
- DNS,
- HTTP,
- SMTP,
- FTP,
- TELNET,
- TFTP,
- SNMP.
Describe the client-server paradigm.
distributed application architecture where clients initiate requests for services and servers provide those services.
What are the characteristics of clients in the client-server model?
- Clients initiate requests,
- provide a user interface,
- require less processing power
- can run on various devices.
What are the characteristics of servers in the client-server model?
- Servers provide services
- have powerful hardware and software,
- run continuously
- serve multiple clients concurrently.
What is statelessness in client-server interactions?
server does not store information about the client’s state between requests;
* each request is treated independently,
What are some security considerations in the client-server model?
- **Authentication and encryption **protect communication.
- Access controls manage client access to server resources.
Give examples of applications using the client-server paradigm.
World Wide Web (HTTP), Email (SMTP), File sharing (FTP), Printing (LPD), Database access (SQL), Online gaming, and Cloud computing.
Describe the peer-to-peer (P2P) architecture.
A decentralized network model where
- each participant (peer) has equal status and functionality
- acting as both client and server.
What are the 4 key principles of P2P architecture?
- Decentralization
- resource sharing
- direct communication
- scalability.
What are 3 benefits of P2P networks?
- Robustness
- fault tolerance
- scalability
What are the challenges of P2P networks?
- Security can be a challenge due to the lack of centralized control.
- Dynamic network topology requires efficient protocols for peer discovery and communication.
Give examples of applications using P2P architecture.
- File sharing (e.g., BitTorrent)
- online gaming
- cryptocurrency
How does file distribution time differ between client-server and P2P?
- Client-server time increases linearly with the number of peers (N)
- P2P leverages peer upload capacity for better scalability.
How does BitTorrent work?
- Files are divided into chunks
- peers exchange chunks
- tracker monitors peers in the torrent
- Peers request rarest chunks first and use a tit-for-tat mechanism for sending chunks.
How do processes communicate within the same host?
Using inter-process communication (IPC) mechanisms defined by the OS, such as
- shared memory
- message passing
- pipes
- sockets.
How do processes communicate in different hosts?
By exchanging messages.
What is a socket?
A bidirectional communication endpoint across networks or within a single machine.
How are processes addressed for communication?
Using a combination of the host’s IP address and the port number associated with the process.
What are the 3 benefits of process communication?
- Modularity
- flexibility
- optimized resource utilization.
What are the challenges of process communication?
- Increased complexity
- synchronization overhead
- security concerns.
What does an application-layer protocol define?
- Types of messages exchanged
- message syntax
- message semantics
- rules for when and how processes send and respond to messages.
Give examples of open and proprietary protocols.
Open protocols: HTTP, SMTP.
* available to all
Proprietary protocols: Skype, Zoom.
* controlled by certain entity
What 4 transport layer services are provided to the application layer?
- Data integrity
- timing
- throughput
- security.
What is data integrity in the transport layer?
Ensuring that data remains intact and unaltered during transmission.
What is the role of timing in the transport layer?
Ensuring timely and orderly delivery of data
What does throughput refer to in the transport layer?
The amount of data that can be transmitted over the network in a given time period.
What security measures are implemented in the transport layer?
Encryption, authentication, and other mechanisms.
applications and their transport service requirements.
**Data Loss: **Some applications like file transfer and text messaging require 100% reliable data transfer. Others, such as audio and video streaming, can tolerate some data loss.
*
**Throughput: **Some applications (multimedia) need a minimum throughput to be effective, while others (elastic apps) use whatever throughput they get.
*
**Timing: **Some applications such as Internet telephony and interactive games need low delay to be effective
Describe the TCP service
Reliable transport between sending and receiving processes,
* flow control,
* congestion control,
* connection-oriented setup.
*
It lacks timing guarantees, minimum throughput guarantees and security
Describe the UDP service.
Unreliable data transfer without, flow control, congestion control etc.
connectionless and speedy
Why use UDP?
UDP provides a lightweight, connectionless service that is useful for applications that do not require the overhead of TCP’s reliability mechanisms
less concerned w reliability, faster, better for video
examples of applications and their corresponding transport protocols
TCP
- FTP
- SMTP
-HTTP
Internet telephony (SIP, RTP) can use TCP or UDP. Streaming audio/video can use HTTP, DASH, WOW, FPS. Interactive games often use UDP, but can use TCP
How is TCP secured?
Transport Layer Security (TLS) provides
- encrypted TCP connections,
- data integrity
- endpoint authentication.
Apps use TLS libraries, which in turn use TCP
What is DNS?
Domain Name System. It translates user-friendly domain names into numerical IP addresses, acting as the internet’s phonebook
Why is DNS important?
enables seamless web browsing and communication by translating domain names to IP addresses, so users don’t have to memorize complex numerical strings
How does DNS work?
- When you enter a domain name, your computer sends a request to a DNS resolver.
- The resolver contacts authoritative DNS servers to get the IP address
- sends it back to your computer
What are the 4 main components of DNS?
- Root servers
- Top-Level Domain (TLD) servers
- Authoritative Name Servers
- Resolvers
What is the role of TLD servers?
- manage specific domain extensions (e.g., .com, .org)
- direct resolvers to authoritative name servers.
- They act as section heads, guiding you to the specific bookshelf based on the domain extension
What is the role of Authoritative Name Servers?
hold the official IP address records for specific domains.
They are the bookshelves holding the actual information (IP address) for the specific domain name
What is the role of Resolvers?
intermediaries, receiving user requests and querying other DNS servers for IP addresses.
* research assistants, taking your domain name request, consulting the different sections, and bringing you the answer (IP address)
Why is DNS a distributed database?
To avoid a single point of failure, handle high traffic volume, and reduce maintenance
What services does DNS provide?
- Hostname-to-IP-address translation
- host aliasing
- mail server aliasing
- load distribution
What are Local DNS name servers?
- When a host makes a DNS query, it is sent to its local DNS server,
- which either answers from its cache or forwards the request into the DNS hierarchy.
- Each ISP has a local DNS name server
Describe Iterated query in DNS.
The contacted server replies with the name of the server to contact next: “I don’t know this name, but ask this server”
Describe Recursive query in DNS.
The contacted server bears the burden of name resolution
How does caching work in DNS?
- Once a name server learns a mapping,
- it caches the mapping and returns it in response to a query.
- Cache entries timeout after some time (TTL)
What is the format of a DNS resource record (RR)?
(name, value, type, ttl)
What are the different types of DNS records?
A: Hostname to IP address
◦
CNAME: Alias name for a canonical name
◦
MX: Mail server associated with name
◦
NS: Domain to authoritative name server for this domain
What is the structure of DNS query and reply messages? (5 things)
same format:
1. message header (identification, flags),
2. questions
3. answer RRs
4. authority RRs,
5. additional info
How do you register a new domain name?
- Register the name at a DNS registrar (e.g., Network Solutions),
- provide names and IP addresses of authoritative name servers
- create type A and MX records
What are common DNS security threats?
DDoS attacks and spoofing attacks (DNS cache poisoning)
How can DNS be secured?
- Traffic filtering,
- local DNS servers caching IPs of TLD servers
- DNSSEC (DNS Security Extensions)
What are the benefits of DNS?
- Human-readable naming,
- simplified Internet navigation,
- decentralized and distributed architecture,
- scalability,
- efficient IP address management,
- load balancing,
- fault tolerance and redundancy,
- global accessibility
- dynamic host configuration
DNS name resolution process: iterated query
I request host
local DNS server to root DNS server
root to local
locl to TLD
TLD to local
LOcal to authoritative
autoritative to local
local to host
DNS name resolution process: recursive query
I request host
local DNS server to root DNS server
root to TLD
TLD to authoritative
authoritative to TLD
TLD to root
root to local
local to host
Describe the function and key characteristics of the DNS protocol within the application layer.
DNS translates human-readable domain names into numerical IP addresses.
* uses a distributed database to perform translation,
* host aliasing, mail server aliasing and load distribution.
* DNS protocol is defined in RFCs.
* also used to implement security measures
What is HTTP?
the foundation of data communication on the World Wide Web. It is used for retrieving web pages, transferring HTML content, and accessing websites via web browsers.
How does HTTPS differ from HTTP?
HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP, where data exchanged between the client and server is encrypted using SSL/TLS protocols. It is commonly used for secure transactions like online shopping and banking.
What is SMTP used for?
SMTP (Simple Mail Transfer Protocol) is used for sending email messages between email servers, allowing users to send emails from their clients to the recipient’s email server.
What are IMAP and POP3?
IMAP (Internet Message Access Protocol) and POP3 (Post Office Protocol v3) are used for retrieving email messages from email servers. IMAP allows access from multiple devices, while POP3 downloads and removes messages from the server.
What is SSH, and why is it important?
Secure Shell is a network protocol used for secure remote access to computers and servers.
1. It provides encrypted communication for executing commands,
2. transferring files
3. managing remote systems.
What are the 5 essential components of the Web?
**1. Web Servers: **Store and deliver web content
**2. Web Clients: **Web browsers that access and display content
3. Web Documents: HTML-formatted information
**4. URLs: **Unique resource identifiers
5. HTTP: Governs communication between clients and servers
What is a webpage?
document written in languages like HTML, CSS, and JavaScript that contains text, images, multimedia, and interactive elements.
What do web browsers do?
Web browsers (e.g., Chrome, Firefox, Edge, Safari) are software applications that render and display web content to users in a readable format.
How does HTTP function as a client-server protocol?
where web browsers act as clients, sending requests to web servers, which process and respond with the requested data.
What does HTTP GET do?
- Requests data from a specified resource,
- retrieving data from the server without modifying it.
- Should be used for safe and idempotent operations. Example: Retrieving a webpage or image
What does HTTP PUT do
- Uploads a representation of the specified resource to the server
- replacing the current representation with the provided one.
- Used to update existing resources.
- Not idempotent and may change the server state. Example: Updating a user profile
What does HTTP POST do?
- submits data to be processed to a specified resource,
- sending data to the server in the request body.
- Can create new resources or modify existing data.
- May have side effects on the server. Example: Submitting a form or uploading a file
What are the key parts of an HTTP Request?
Method: Specifies the desired action (e.g., GET, POST).
▪
URL: Identifies the requested resource on the server.
▪
Headers: Provide extra info like content type and user agent.
▪
Body (optional): Data sent to the server (e.g., form data)
What are the key parts of an HTTP Response?
Status Code: Indicates the request outcome (e.g., 200 for success).
▪
Headers: Provide information like content type and server details.
▪
Body (optional): Contains the requested data (e.g., HTML code).
HTTP Response Status Codes: 200 OK
Request succeeded, and the requested object is included in the message
HTTP Response Status Codes: 301 Moved permanently
The requested object has moved; the new location is specified in the Location field
HTTP Response Status Codes: 400 bad request
The request message was not understood by the server
HTTP Response Status Codes: 404 not found
The requested document was not found on the server
HTTP Response Status Codes: 505 http version not supported
The server does not support the HTTP version used in the request
What are the characteristics of non-persistent HTTP connections?
- Each request requires a new TCP connection.
- The connection ends immediately after each response.
- Simpler implementation, but can overload servers with high request frequency
What are the characteristics of persistent HTTP connections?
- A single TCP connection handles multiple requests and responses.
- The connection remains open for a specified time.
- Reduces connection overhead and improves performance for multiple requests.
- Can increase server load if not managed efficiently
Describe the steps in a non-persistent HTTP example.
1.Client initiates TCP connection to the server.
2.Client sends HTTP request message.
3.Server receives the request, forms a response, and sends it.
4.Server closes the TCP connection.
5.Steps 1-4 are repeated for each object
What is the formula for non-persistent HTTP response time?
2 RTT + file transmission time
What is RTT? ( round trip time)
The time for a small packet to travel from client to server and back
What contributes to HTTP response time per object?
- One RTT to initiate TCP connection,
- one RTT for HTTP request
- and the first bytes of the response,
- and the object/file transmission time
What are the issues with non-persistent HTTP?
- Requires 2 RTTs per object,
- operating system overhead for each TCP connection.
- Browsers often open multiple parallel TCP connections
How does HTTPS work?
Handshake: Client and server verify identities and establish a secure connection.
▪
Encryption: Data is scrambled using a shared secret key.
▪
Integrity Check: Digital signatures ensure data isn’t tampered with
What are some benefits of HTTPS beyond basic security?
- Browsers inform users about website security, prompting them to prioritize protected interactions.
- Visual cues like padlocks indicate secure connections
What are the benefits of HTTPS?
- Protects sensitive information,
- provides website authentication,
- enhances user trust
- improves search engine ranking
What are the default ports for HTTP and HTTPS?
HTTP uses port 80. HTTPS uses port 443
What is a security certificate?
A document that verifies the identity of the website you are connected to
What are cookies?
Small text files stored on a browser by websites to maintain stateful information about users across multiple HTTP requests
How are cookies set?
A web server includes one or more cookies in the HTTP response headers. Each cookie has a name-value pair and optional attributes.
Sending Cookies
- A user’s web browser sends subsequent HTTP requests to the same server
- including any cookies associated with that server in the request headers.
How does server-side state management work with cookies?
- Upon receiving a request with cookies, the server reads the cookies from the request headers
- and uses the information to maintain stateful data about the user.
What are the four components that enable websites and browsers to maintain state between transactions?
1) cookie header line of HTTP response message
2) 2) cookie header line in next HTTP request message
3) 3) cookie file kept on user’s host, managed by user’s browser
4) 4) back-end database at Web site
What are the privacy concerns related to HTTP cookies?
- pose security risks if not properly handled.
- Third-party cookies can track users across multiple websites
What can cookies be used for?
- Track user behavior on a given website (first-party cookies)
- track user behavior across multiple websites (third-party cookies)
What are the two main types of cookies?
- Session cookies (temporary, deleted when the browser closes)
- persistent cookies (stored on the device until they expire or are manually deleted)
What is the main focus of GDPR regarding cookies?
- Transparency, consent, and control.
- Users must give explicit consent before cookies are placed on their devices.
What steps ensure GDPR compliance for cookies?
- Use clear cookie banners,
- provide a detailed privacy policy,
- implement consent management tools,
- conduct regular audits
What is web cache?
- A temporary storage location for frequently accessed web content,
- located closer to users than the original servers
What are the different types of web cache?
- Browser cache,
- proxy cache
- CDN cache
What are the benefits of web cache?
- Faster loading times,
- reduced bandwidth usage,
- improved responsiveness
- reduced server load
What are the limitations of web cache?
- Cached content can become outdated,
- cache size limitations
- security measures are needed to prevent unauthorized access
What are the three major components of email?
User agents, mail servers, and SMTP
What do mail servers have?
Mailbox containing
1. incoming messages for users
2. a message queue of outgoing mail messages
Describe the path an email takes from sender to recipient.
1.Sender composes email.
2.Client sends email to mail server (SMTP).
3.SMTP server routes email to recipient’s mail server (POP3 or IMAP).
4.Recipient’s mail server stores the email.
5.Recipient retrieves the email
What protocols are used in email communication?
SMTP (sending), POP3 (downloading), and IMAP (managing and accessing)
What is SMTP, and what are some common commands?
SMTP is a protocol for sending email messages between servers.
Common commands include HELO, MAIL FROM, RCPT TO, DATA, and QUIT
What are some key characteristics of SMTP?
- text-based protocol.
- It can relay messages to other SMTP servers.
- Authentication mechanisms are used.
- It uses persistent connections.
Give examples of successful completion SMTP response codes.
- 200 OK: The command was successful.
- 220 Service ready: The server is ready to accept commands.
- 250 OK: The requested action was successful
What is IMAP?
A protocol used by email clients to retrieve emails from a mail server,
**allowing emails to be stored on the server **and
synchronized across multiple devices
What are the key features of IMAP?
- Remote access,
- message synchronization,
- folder management,
- message flags and status,
- support for MIME
- security
What are the steps of the IMAP workflow?
- Email client connects to the mail server (IMAP) on port 143,
- authenticates with the server,
- selects a specific mailbox or folder for access,
- can search, list, read, download, delete, or move emails within the mailbox.
What is offline access in the context of IMAP?
Some IMAP clients offer offline access capabilities, allowing users t**o access and read emails **even when they are not connected to the internet
What is POP3?
A protocol used for retrieving email messages from a mail server to a client device
What are the characteristics of POP3?
- Single access,
- download and delete,
- no folder management
- limited message flags
What is FTP?
A standard network protocol used for transferring files between a client and a server on a computer network
What are some key characteristics of FTP?
- Client-server architecture,
- supports active and passive modes,
- supports ASCII and binary modes,
- and uses authentication
What is the general workflow for FTP?
- Client establishes control and data connections,
- logs in,
- navigates directories,
- selects a file,
- transfers data
- disconnects
What are some common FTP commands?
- USER,
- PASS,
- LIST,
- RETR,
- STOR,
- DELE
- QUIT.
