HTTP Flashcards
What is HTTP?
The Hypertext Transfer Protocol (HTTP) is the primary protocol for transmission of data across the Internet. It is a method for encoding and transferring data between a client (such as a web browser) and a web server.
HTTP follows a request-response paradigm in which the client makes a request and the server issues a response.
How are request and responses being sent during HTTP.
When request and responses are being sent, they use TCP/IP to reduce and transport the data in small packets of binary sequences of ones and zeros. These packets are physically sent through electric wires, fibre optic cables and wireless networks.
What is TCP/IP?
TCP/IP (Transmission Control Protocol/Internet Protocol) is a suite of communications protocols.
What is an HTTP header?
An HTTP header is a field of an HTTP request or response that passes additional context and metadata about the request or response. For example, a request message can use headers to indicate it’s preferred media formats, while a response can use headers to indicate the media format of the returned body.
What is a request header?
A request header is an HTTP header that can be used in an HTTP request to provide information about the request context, so that the server can tailor the response.
What are HTTP Fetch Metadata Request Headers and why are they used?
Fetch metadata request headers provide information about the context from which the request originated.
This allows a server to make decisions about whether a request should be allowed based on where the request came from and how the resource will be used
What is an HTTP Response header?
A response header is an HTTP header used to give a more detailed context of the response.
What is an HTTP Security Header?
HTTP security headers are a subset of HTTP headers that is specific to security. Security headers provide an extra layer of security by restricting behaviours permitted by browsers and servers once a web application is running.
What does HTTPS do?
HTTPS encrypts and decrypts user HTTP requests as well as the HTTP responses (e.g., web pages) that are returned by a web server. HTTPS protects against sniffing and man-in-the-middle (MITM) attacks.
What is the Transport Security Layer used for?
TLS can be used to encrypt other communications such as email, messaging, and voice over IP (VoIP).
What are the three main properties provided by TLS?
Encryption, Integrity and Authentication.
- Encryption: hides the data being transferred from third parties.
- Integrity: verifies that the data has not been forged or tampered with.
- Authentication: ensures that the parties exchanging information are who they claim to be.
What happens during a TLS handshake?
- Specify which version of TLS (TLS 1.0, 1.2, 1.3, etc.) they will use.
- Decide on which cipher suites (encryption methods) they will use.
- Authenticate the identity of the server using the server’s TLS certificate.
- Generate session keys for encrypting messages between them after the handshake is complete.
What types of digital signatures are there?
Certified Signatures:
* Adding a certifying signature to a PDF document indicates that you are the author of the document and want to secure the document against tampering.
Approval Signatures
* Approval signatures on a document can be used in an organisation’s business workflow by helping to optimise approval procedures.
Visible Digital Signatures:
* These allow a single user or multiple users to digitally sign a single document.
Invisible Digital Signatures:
* Documents with invisible digital signatures carry a visual indication of a blue ribbon in the task bar.
