F5-101 - Application Delivery Fundamentals Flashcards
Explain the purpose of a switch’s forwarding database
Explain the purpose and functionality of ARP
Explain the purpose and functionality of MAC addresses
Explain the purpose and functionality of a broadcast domain
Explain the purpose and functionality of VLANs
Explain the purpose and functionality of link aggregation
Explain the purpose and functionality of IP addressing and subnetting
Given an IP address and net mask, determine the network IP and the broadcast IP
Given a routing table and a destination IP address, identify which routing table entry the destination IP address will match
Explain the purpose and functionality of Routing protocols
Explain the purpose of fragmentation
Given a fragment, identify what information is needed for reassembly
Explain the purpose of TTL functionality
Given a packet traversing a topology, document the source/destination IP address/MAC address changes at each hop
Describe the function of each OSI layer
Differentiate between the OSI layers
Describe the purpose of the various address types at different OSI layers
Compare/Contrast purpose and functionality of MTU and MSS
Explain the purpose and functionality of TCP
Explain the purpose and functionality of UDP
Explain the purpose and functionality of ports in general
Explain how retransmissions occur
Explain the purpose and process of a reset
Describe various TCP options
Describe a TCP checksum error
Describe how TCP addresses error correction
Describe how the flow control process occurs
Explain the purpose and functionality of HTTP
Differentiate between HTTP versions
Interpret HTTP status codes
Determine an HTTP request method for a given use case
Explain the purpose and functionality of HTTP keepalives, HTTP headers, DNS, SIP, FTP
Differentiate between passive and active FTP
Explain the purpose and functionality of SMTP
Explain the purpose and functionality of a cookie
Given a situation in which a client connects to a remote host, explain how the name resolution process occurs
Explain the purpose and functionality of a URL
AJAX
Asynchronous JavaScript and XML is a group of interrelated Web development techniques used on the client-side to create asynchronous Web applications
JSON
JavaScript Object Notation is syntax for storing and exchanging text information. Much like XML. JSON is smaller than XML, faster and easier to parse.
SOAP
SOAP, originally defined as Simple Object Access Protocol, is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks. It relies on XML Information Set for its message format, and usually relies on other Application Layer protocols, most notablyHypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.
XSS
- Cross-site scripting attacks are a special case of code injection
- can lead to an attacker gaining the ability to do anything a victim can do through their browser
- two gereral types: reflected, stored
- mitigate with validation and escaping on the server-side
<a><span>[</span>source<span>]</span></a> <a><span>[</span>source<span>]</span></a>
Positive security model
A “positive” security model or “whitelist” is one that defines what is allowed, and rejects everything else.
non-persistent or reflected XSS
XSS attack typically delivered via email or a neutral web site. an innocent-looking URL, pointing to a trusted site contains the XSS vector. If the site is vulnerable to the vector, clicking the link can cause the victim’s browser to execute the injected script.
persistent or stored XSS
persistent or stored XSS vulnerability is a variant of a cross-site scripting flaw which occurs when the data provided by the attacker is saved by the server, and then permanently displayed on “normal” pages returned to other users
HTTP/2
new iteration of the HTTP protocol
Heartbleed
a buffer over-read bug which affects the open-source cryptography library OpenSSL versions 1.0.1- 1.0.1f, 1.0.2-beta
TCP flags
Nobody can eat, until a poor router says finished.
NS - Nonce Sum
CWR - Congestion Window Reduced
ECE - Explicit Congestion Notification Echo
Urg
Ack
Psh
Rst
Syn
Fin