Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Java Prep > HTTP and Web Technologies > Flashcards

HTTP and Web Technologies Flashcards

1
Q

What is HTTP?

A

Hyper Text Transfer Protocol (HTTP) is an application layer protocol which allows for data communication for World Wide Web.

It defines how messages should be formatted and transmitted and what actions should browsers take in response to various commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is HTTPS?

A

Hyper Text Transfer Protocol Secure (HTTPS) is the extension of HTTP. It is used for secure communication as it encrypts all message contents, including HTTP headers and request/response data.

In HTTPS, the underlying communication protocol (TCP) is encrypted using TLS (Transport Layer Security).

HTTPS promotes:

  • authentication of accessed websites
  • protection of privacy and integrity of exchanged data while in transit

and provides protection against:

  • man in the middle attack
  • eavesdropping
  • data tampering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is client and server?

A

In terms of networking, client is the entity initiating a request for data/service and server is the entity providing the data/service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a stateless and stateful protocol?

A
  1. Stateless protocol is the one in which state of client (session data, identity, status etc) is not stored by server and every request from client is treated as an independent request.
    For eg. IP, HTTP
  2. Stateful protocol is the one in which server has to maintain the state of client.
    For eg. TCP, BGP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Give examples of stateless protocol.

A

IP and HTTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Give examples of stateful protocol.

A

TCP and BGP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Give the default ports for:

  1. HTTP
  2. HTTPS
  3. echo
  4. FTP data
  5. FTP control
  6. SSH
  7. SMTP
  8. DHCP server
  9. DHCP client
  10. SQL server
  11. Telnet
  12. POP3
  13. DNS
A
  1. 80
  2. 443
  3. 7
  4. 20
  5. 21
  6. 22
  7. 25
  8. 67
  9. 68
  10. 1433
  11. 23
  12. 110
  13. 53
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How does server store state when HTTP, the communication protocol, is stateless?

A

HTTP is layered on top of TCP, the transmission/connection protocol, which itself is stateful.

In addition to this, the server uses cookies, a session management method, to store the state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a port?

A

IP addresses identify the network but cannot identify the services (SMTP/HTTP/FTP) on that network. TCP/UDP extend the IP addresses by providing the 2-byte address of these services, called port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an HTTP session?

A

It is the sequence of network request-response transactions for a single client and consists of three phases:

  1. Client establishes a TCP connection.
  2. Client sends a request
  3. Server processes the request, sending back status code and data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Explain the request-response pair.

A

The HTTP communication sent by client is termed as request, which contains startline (HTTP verb followed by URI followed by HTTP version), header (acceptable data formats/size/languages), a blank line and optional body.

The HTTP reply by server to the request by client is termed as response, which contains status line (HTTP status code followed by status text followed by HTTP version), header (format/size/langague of data) and optional body.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the current version of HTTP and what are its advantages over previous version?

A

Current version is HTTP/2.

Advantages of HTTP/2 over HTTP/1.1:

  1. data compression of header
  2. parallel loading of page elements (image, video, text)
  3. request prioritization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a URL? Explain the structure of URL.

A

Uniform Resource Locator (URL) is the web address of a web resource specifying its uniform location in computer network.

For a URL
https://www.hellothere.com:1234/catalogue/home?location=sydney&budget=10000

  • https:// is the protocol
  • www.hellothere.com is the host
  • 1234 is the port number
  • catalogue/home is resource path
  • location=sydney&budget=10000 is the query.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a URI? Whats the difference between URI and URL?

A

Uniform Resource Identifier (URI) is a compact sequence of characters that identify a web resource, but cannot locate it.

URLs can identify and locate a resource and hence are URIs. This makes all URLs URIs but vice versa is not true.

For eg. name of a person is URI as it can identify it but cannot locate it. Address of a person is URL and URI as it can locate and identify it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is URN? Whats the difference between URL, URI and URN?

A

Uniform Resource Name (URN) is used to identify a resource by unique name but not locate it. It is in the form of urn:isbn:n-nn-nnnnnn-n.

URLs identify and locate a resource whereas URNs only identiy the resource by a unique name. Both URLs and URNs are URIs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the HTTP verbs?

A

The action that a client would like to perfom is termed as HTTP verb.

GET, POST, PUT, DELETE, HEAD, CONNECT, PATCH are some of the verbs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Explain idempotent methods.

A

A method is idempotent if multiple requests of that method can be made without changing the result beyond initial application.

GET, PUT, HEAD, PATCH, DELETE are idempotent methods but POST is not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is HTTP GET?

A 
It is used to retrieve a resource from server. It can send limited data which is appended to the URL. As this displays the username and password, GET is unsecure. 
Ex. GET /dept/class HTTP/1.1
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is HTTP POST?

A 
It is used to send data to the server to create new resources through a separate body section.
Ex. POST /home/class HTTP/1.1
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is HTTP DELETE?

A

It is used to delete the data on server.

Ex. DELETE /home/class HTTP/1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is HTTP PUT?

A

It is used to either entirely replace existing data or create new resource on server.

Ex. PUT /home/class HTTP/1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is HTTP HEAD?

A

It is used to request headers that are generally sent with GET which can be checked before downloading a large resource.
Ex. HEAD /home/class

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is HTTP PATCH? What is the difference between HTTP PUT and HTTP PATCH?

A 
HTTP PATCH is used to modify portions of already existing data on server. HTTP PUT replaces entire resource with the new data.
Ex. PATCH /home/class HTTP/1.1
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is HTTP CONNECT?

A

Used by client to start two-way communication with requested server only when it knows it talks to proxy and the final URI begins with https://.

CONNECT www.google.com:443 HTTP/1.1
asks proxy to open a raw TCP connection to google and to repeat the data over that connection without any interpretation.

The intent of connect is to allow end-to-end encrypted TLS session, so that the data is unreadable to a proxy.

Once the connection has been established by the server, the Proxy server continues to proxy the TCP stream to and from the client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is HTTP TRACE?

A

It is used to retrieve the hops that a request takes to round trip from server and is used for diagnostic purposes.
Ex. TRACE /home/class

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is HTTP OPTIONS?

A

HTTP OPTIONS method allows the client to determine the options and/or requirements associated with a resource, or the capabilities of a server, without implying a resource action or initiating a resource retrieval.

The request can be either

  1. OPTIONS /catalogue/home HTTP/1.1 or
  2. OPTIONS * HTTP/1.1

The client can send a URI for OPTIONS method or an asterisk (*) to refer to entire server.

Minimally, the response should be a 200 OK and have an Allow header with a list of HTTP methods that may be used on this resource.

It is used mostly by APIs to describe to user what he/she is allowed to do with each resource exposed by their endpoints.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the status code?

A

Status code provides the status of server’s processing of the request from client. The status codes starting with

1xx: information message (request is received by server)
2xx: request processing successful
3xx: redirection
4xx: client error
5xx: server error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is HTTP status 100?

A

Continue

server has received the request headers and the client should proceed to send the request body.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is HTTP status 101?

A

Switching protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is HTTP status 200?

A

OK

request was processed successfully and response was sent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is HTTP status 201?

A

Created

New resource was created by request on server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is HTTP status 202?

A

Accepted

the request has been accepted for processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is HTTP status 204?

A

No Content

the request was processed successfully but does not contain any data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is HTTP status 300?

A

Multiple choices

multiple options for the resource from which the client may choose (via agent-driven content negotiation)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is HTTP status 301?

A

Moved permanently

the new location of resource is given in the Location option inside response header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is HTTP status 304?

A

Not modified

The resource is not modified and client should use cached copy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is HTTP status 400?

A

Bad request

server did not understand the request due to invalid syntax/too large size

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is HTTP status 401?

A

Unauthorized

need to perform authentication before accessing the resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is HTTP status 403?

A

Forbidden

similar to 401 except reauthentication will make no difference. The access is permanantly forbidden and tied to the application logic, such as insufficient rights to a resource (for eg, creating a duplicate record where only one is allowed)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What is HTTP status 404?

A

Page Not Found

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is HTTP status 405?

A

Method Not Allowed

requested method is not supported for resource such as PUT request on a read-only resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What is HTTP status 406?

A

Not Acceptable

The requested resource is capable of generating only content not acceptable according to the Accept headers sent in the request (related to content negotiation)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is HTTP status 407?

A

Proxy Authentication Required

The client must first authenticate itself with the proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is HTTP status 408?

A

Request Timeout

request took longer than the server was prepared to wait

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is HTTP status 410?

A

Gone

resource requested is no longer available and will not be available again

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What is HTTP status 413?

A

Payload Too Large

The requested resource is too large for the server to handle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What is HTTP status 414?

A

URI Too Long

The URI provided was too long for the server to process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What is HTTP status 415?

A

Unsupported Media Type

The requested resource has a media type which does not match Content-Type or Content-Encoding values of request.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What is HTTP status 440?

A

Login Time-out

The client’s session has expired and must log in again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What is HTTP status 500?

A

Internal server error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What is HTTP status 501?

A

Not implemented

The server does not yet support the functionality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is HTTP status 502?

A

Bad Gateway

Indicates that the server, while acting as a gateway or proxy, received an invalid response from the upstream server, requires a fix by the web server or the proxies you are trying to get access through.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What is HTTP status 503?

A

Service Unavailable

Common causes are a server that is down for maintenance or that is overloaded. This response should be used for temporary conditions and the Retry-After HTTP header should contain the estimated time for the recovery of the service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

What is HTTP status 504?

A

Gateway Timeout

The server was acting as a gateway or proxy and did not receive a timely response from the upstream server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What is HTTP status 505?

A

HTTP Version Not Supported

The server does not support the HTTP protocol version used in the request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What is ETag?

A

Entity Tag (ETag) is an identifier assigned by server to a specific version of resource.

When a server receives a request, it sends the resource with its ETag value. If the client decides to cache the resource, the ETag value is also stored.

When the client requests for same resource again, the request is sent with ETag value of cached version. If it matches with ETag value of resource version on server, then 304 Not Modified status is sent to the client, asking client to fetch cached copy.

If it does not match, server sends new version of resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is the “Transfer-Encoding: chunked” header?

A

It is used to break the response into smaller parts allowing for streaming of data instead of one big payload.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What protocol layers HTTP connection is made on?

A

HTTP connection is made over TCP which is over IP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What protocol layers HTTPS connection is made on?

A

HTTPS connection is made over TLS/SSL which is over TCP followed by IP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Explain persistent connections in HTTP/1.1.

A

In HTTP/1.0, all connections were closed after single transaction. If client wants 3 resources, then client needs to send 3 requests, which can introduce network traffic and delay.

HTTP/1.1 supports long-lived connections that stay open until client explicitly closes them. These are termed as persistent connections and they are default now.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What does the client need to do if he wants to close the connection after single transaction?

A

Client needs to send “Connection:close” in request header.

62
Q

What is Fat URL?

A

URLs modified to include user’s state information are called Fat URLs.

Some servers keep track of user identity by generating special versions of each URL for each user. Typically, a real URL is extended by adding some state information to the start or end of the URL path .

As the user browses the site, the web server dynamically generates hyperlinks that continue to maintain the state information in the URLs.

In this way, we can tie the independent HTTP transactions with a web server into a single session.

The first time a user visits the web site, a unique ID is generated, it is added to the URL in a server-recognizable way, and the server redirects the client to this fat URL.

Whenever the server gets a request for a fat URL, it can look up any incremental state associated with that user ID (shopping carts, profiles, etc.), and it rewrites all outgoing hyperlinks to make them fat, to maintain the user ID.

63
Q

Explain cookies.

A

An HTTP cookie is a small piece of data that a server sends to the client during the first request. The client may store it and send it back with next request so that the server can know if requests are coming from same client.

Cookies are used for 3 purposes:

  1. Session management- logins/shopping cart/gaming score or anything which server should remember
  2. Personalization- user preferences/themes
  3. Tracking- recording and analyzing user behavior
64
Q

How are cookies created?

A

When a server receives an HTTP request, it can send “set-cookie” header with response. If the client stores the cookie, then the cookie is sent with requests made to the same server inside a cookie header.

An expiration date or duration can be specified, after which the cookie is no longer sent.

  1. Header from server to client asking client to store cookies:
    HTTP/2.0 200 OK
    set-cookie: var1= val1
    set-cookie: var2= val2
  2. Header from client to server with every request to server:
    GET /somepage.html HTTP/2.0
    Host: www.example.com
    Cookie: var1= val1; var2= val2
65
Q

What are session cookies?

A

A session cookie contains session information that is stored in a temporary memory location and then subsequently deleted after the session is completed or the web browser is closed.

66
Q

What are permanent cookies?

A

The cookies which expire after specific date/time instead of expiring when the client closes the session are called permanent cookies.

For eg.
set-cookie: var1=val2; Expires=Wed, 21 Sep 2020 07:41:12 GMT

67
Q

What are domain and path directives of a cookie used for?

A

Domain and path directives of a cookie set the scope of cookie- what URLs should the cookies be sent to.

Domain specifies allowed hosts if specified, otherwise it defaults to the host of current URL.
Ex. if Domain=mozilla.org then cookies are included on all subdomains like developer.mozilla.org

Path indicates the URL path that must exist in requested URL in order to send cookies. The “/” character is directory-separator and subdirectories will match as well.
Ex. if Path=/docs then /docs, /docs/web, /docs/web/HTTP will match.

68
Q

What are zombie cookies?

A

Cookies that recreate after deletion are called zombie cookies. They are recreated from backups stored outside of client’s dedicated cookie storage.

69
Q

Explain proxy authentication supported by HTTP.

A

It is similar to basic authentication performed by server upon receiving client request except the authentication is asked by an intermediate proxy, not the target server.

  1. Client sends a request to the server.
  2. An intermediate proxy server sends “407 Proxy Authentication Required” response along with Proxy-Authenticate header to client.
  3. Client prompts user for login.
  4. The login credentials are sent in Proxy-Authentication header of request.
  5. After the proxy validates the credentials, request is forwarded to the target server.
70
Q

What are the three types of authentications supported by HTTP?

A

Basic, proxy and digestive

71
Q

Explain basic authentication supported by HTTP.

A
  1. Client sends a request to the server.
  2. Server sends 401 Unauthorized response along with WWW-Authenticate header to client.
  3. Client prompts user for login.
  4. The login credentials are sent in base64 encryption format in Authentication header of request.
  5. After the server validates the credentials, response containing the resource is sent to client.
72
Q

Explain digest authentication supported by HTTP.

A

It is quite similar to basic authentication performed by server except digest authentication uses more secure hashing functions to encrypt user’s login credentials (MD5 or KD) and does not need password to be sent in the request.

It requires servers to store the hash of user’s password such that it cannot be decoded to get the password.

The process goes like this:

  1. Client sends a request to the server.
  2. Server sends 401 Unauthorized response along with WWW-Authenticate header to client, which contains realm (group of web pages who use same authentication so that user doesn’t get prompted every time he/she goes to different page) and nonce(random number that can be only used once).
  3. Client prompts user for login.
  4. Client generates an MD5 hash of username, realm, password and server nonce. This result is referred to as HA1.
  5. Client generates another MD5 hash of HTTP method and URI. This result is referred to as HA2.
  6. The MD5 hash of combined HA1, server nonce, client nonce and HA2 is calculated. This result is referred to as response and is sent to server finally.
  7. Server takes the username and realm and generates its own version of MD5 hash of username, realm, server nonce and hashed password for that user available in server’s database.
  8. If client-generated and server-generated MD5 hashes are equal, then authentication is complete. Otherwise it gives 401 Unauthorized response.

The obvious advantages are that the password is not sent directly and server nonce is allowed to contain timestamps so that replay attack can be prevented.

On the down side, digest authentication is vulnerable to MITM attack. An MITM attacker could ask client to use basic authentication as digest authentication does not provide a way for client to verify server’s identity.

73
Q

Explain SSL.

A

Secure Sockets Layer (SSL) is a standard security protocol for establishing an encrypted link between client and server.

It determines the variables of the encryption for both link being established and data being sent by using RSA and public-key cryptography.

SSL 3.1 was termed as TLS 1.0 (Transport Layer Security) after which all previous versions of SSL were deprecated.

74
Q

What is a digital certificate?

A

It is an electronic document used to prove ownership of public key and includes the public key itself, identity of owner (i.e. subject) and digital signature of the issuer.

If the certificate is valid, then the key is used to communicate securely with the certificate’s subject.

75
Q

What is an SSL certificate?

A

Secure Socket Layer (SSL) Certificateis a type of digital certificate that establishes secure connection between client and server and encrypts all the transmitted data.

Sites that have valid SSL certificate in place start with HTTPS and to assure the security to the visitors, browsers display Extended Validation (EV) indicators such as green padlock.

The sites which do not have SSL certificates show red padlock with ‘Your connection is not private’ warning text.

76
Q

Explain TLS.

A

Transport Layer Security (TLS) is SSL 3.1 and is a standard security protocol for establishing an encrypted link between client and server, such as web browser loading a website. TLS can also be used to encrypt other communications such as email, messaging and VOIP.

It operates directly on top of TCP, so that higher layer protocols (such as HTTP) can be left unchanged while still providing a secure connection.

HTTPS is an implementation of TLS on top of HTTP. Underneath TLS layer, HTTP is identical to HTTPS.

77
Q

How does TLS work?

A

TLS handshake is the foundational part of how TLS works. It happens once TCP connection has been opened via TCP handshake.

  1. Client opens a TLS connection to the server by sending a message to the server. The TLS handshake starts. The message contains TLS version supported by client, a set of encryption algorithms (known as cipher suites) and a string of random bytes (known as client random).
  2. Server sends back its SSL certificate (which has its public key) along with its chosen cipher suite and server random.
  3. The client verifies server’s SSL certificate with issuing CA and in response, creates a “pre-master secret” encrypted with server’s public key (extracted from server’s digital certificate) and sends it to the server.
  4. Server decrypts the pre-master secret using its private key.
  5. Both client and server generate session keys using client random, server random and pre-master secret and send it to each other with “finished” message.
  6. The TLS handshake is complete, TLS session is established and server and client now encrypt all the transmitted data.
78
Q

How does SSL work?

A
  1. Client opens an SSL connection to the server and asks server to identify itself. The SSL handshake starts.
  2. Server sends its SSL certificate, which contains server’s public key.
  3. Browser checks the certificate root (certificate issuing authority for server’s certificate) against a list of trusted CAs (Certificate Authority) and that it is unexpired, unrevoked and its common name matches the host it is connecting to.
  4. If the certificate passes all the tests, client creates a symmetric session key, encrypts it using server’s public key and sends it back to the server.
  5. Server decrypts the symmetric session key using its private key and sends back an acknowledgment, encrypted using the symmetric session key to start the encrypted session. Handshake is now complete.
  6. Server and client now encrypt all the transmitted data.
79
Q

Why should client trust certificates signed by Certificate Authority (CA)?

A

Certificate Authorities (CAs) only sign the certificates knowing a particular public key belongs to a server having a particular private key. Also, another CA, pretending to be the original CA cannot sign the certificate as it needs to know original CA’s private key.

When client agent receives the certificate, it first verifies the public key it has received with the CA who has signed the certificate.

This means that attacker must have its own certificate, for which he/she needs to convince the CA to either sign the certificate or use it as it is.

  • If the attacker’s certificate has been signed by CA, then the identity will be immediately revealed.
  • If attacker’s certificate has not been signed by CA, client’s web browser will identify it from its own list of trusted CAs.

Even if the attacker tries to forge the SSL Certificate and provide his own public key to the Client, this action will destroy the signature of CA and the Client’s browser will display warnings about the invalid SSL Certificate.

80
Q

Considering the browser as a client, which method’s parameter will be stored on browser’s session history?

A

GET parameters will be stored on browser’s session history.

In regards to POST, if the user navigates back after submitting a form, the data will be re-submitted (the browser should alert the user that the data are about to be re-submitted), but it won’t be kept on the history.

81
Q

Considering a browser as a client, which method can be cached?

A

GET responses can be cached because GET is idempotent and most of the webpage resources are returned via this method, the browser by default will cache get requests.

82
Q

Which one is a “safe” method- Get or Post?

A

GET is a safe method because this method should NEVER change a resource. Safe methods are HTTP methods that do not modify resources.

83
Q

If I copy and paste an endpoint URL to a browser’s address bar and press enter, which method is invoked by default?

A

GET.

84
Q

Which method request has a body?

A

GET and POST both method requests can have body- GET method can have username password whereas POST request has data to be added to server.

85
Q

Considering a Static Website, what is the only method it will respond to?

A

GET.

A static website is an application which does not need any other tool to process its files as they will return browser readable content (Javascript, images, CSS, HTML). As a result, it only needs to respond to GET requests in order to return the html pages.

86
Q

Which method has length restrictions?

A

GET method- the URL has a length limit of 2048 characters.

As payload is sent in POST method, there is no limit on the data sent.

87
Q

Which method is more secure and should be used to deal with sensitive data?

A

POST.

GET responses can be cached by browser and stored in browser history. That can make GET login endpoint to be visible in browser and will also get logged in server. Hence it is not safe.

88
Q

Which method can be bookmarked?

A

GET.

POST should not be bookmarked for below reasons:

  • Attempting to bookmark a POST will just result in a GET operation on the URL.
  • The method is not idempotent and there is no guarantee the response will always be the same. It could result in a duplicated bank transaction, for example.
  • The URL would lose its parameters as bookmark doesn’t support a body payload.
  • It may contain sensitive data, which should not be stored.
89
Q

Which method only allows ASCII characters?

A

GET

90
Q

What is the difference between HTTP and HTTPS?

A

HTTPS URLs begin with https:// whereas HTTP ones begin with http://

HTTPS uses port 443 and HTTP post is 80.

HTTP is not encrypted and is vulnerable to man-in-the-middle attack and eavesdropping.

91
Q

What is Content Negotiation?

A

Returning a specific representation of a resource as specified by client is called content negotiation.

There are 2 types of content negotiation:

  1. Server-driven: client sends several HTTP headers describing the preferred format/language/encoding of data and server provides the content best suiting these headers.
  2. Agent-driven: when facing an ambiguous request, the server sends back a page containing links to available resources with ‘300 multiple choices’ status. The user is presented with these choices and has to choose one.
92
Q

What are safe methods?

A

The methods which do not modify the resource and are only intended for information retrieval are called safe methods.

GET, HEAD, OPTIONS, TRACE are safe methods.

93
Q

What is MIME type?

A

Multipurpose Internet Mail Extensions (MIME) is used as a standard way of classifying file types over the internet.

It has two parts- type and subtype, separated by /
For eg. application/msword is MIME type when MS Word file is being received.

94
Q

What is Upstream server?

A

In computer networking, upstream server refers to a server that provides service to another server.

In other words, upstream server is a server that is located higher in a hierarchy of servers. The highest server in the hierarchy is sometimes called the origin server.

95
Q

What is encryption? What are its types?

A

Encryption is the process that encodes a message/data so that it can be only read by certain people.

Random string of bits created specifically for scrambling and unscrambling of data is called key. Keys are generated via complex algorithms (called ciphers) to make sure they are unpredictable.

The two types of encryption are:

  • Symmetric Key
  • Asymmetric key
96
Q

Explain Symmetric Key encryption.

A

This type of encryption uses same key for encryption and decryption of the data. The keys may be identical or there may be a simple transformation to go between the two keys.

Sender encrypts the data using the key and sends ciphertext+key to receiver. Receiver then decrypts the ciphertext using key.

This requirement that both parties have access to the secret key is one of the main drawbacks of symmetric key encryption.

Symmetric Key encryption can use either

  • stream cipher: encrypts the digits/letters of a message one at a time
  • block cipher: takes a number of bits and encrypts them as a single unit, padding the plaintext so that it is multiple of the block size.

AES, DES, Blowfish are popular examples of symmetrics key algorithms.

97
Q

Explain Asymmetric Key encryption.

A

Also called as public key encryption, uses a pair of keys- public and private, i.e., encryption and decryption keys are different.

The sender as well as receiver each generate a pair of keys using a complex algorithm, such as RSA. This algorithm makes sure that the public and private keys of a user (are really just extremely large alphanumeric strings) are mathematically linked but cannot be deduced from one another. Public key is then used to encrypt the data and matching private key is used to decrypt the data.

The encryption process goes as follows:

  • Sender and receiver first exchange their public keys. This way, sender has receiver’s public key and vice versa.
  • Sender then encrypts the data with receiver’s public key and sends it through.
  • Receiver decrypts the data with its private key, which only he/she has and cannot be derived from his/her public key.
98
Q

Explain Man-in-the-middle attack.

A

Man in the middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

If Alice wants to communicate with Bob using asymmetrics key encryption, Alice will ask Bob for his public key. If Bob sends it to Alice, but a third party attacker Eve is able to intercept it, MITM attack can begin.

Eve can pass her own public key as Bob’s public key to Alice. Alice, who thinks she has Bob’s public key, encrypt the message and sends it across channel. Eve, whose public key was actually used for encryption, can now easily decrypt the message actually intended for Bob.

This shows the need for Alice and Bob to have some way to ensure that they are truly using each others’ public keys.

99
Q

Explain the role of Certificate Authority (CA).

A

CA proves that the entity is really who they claim to be.

Just like all the entities wanting to communicate securely, every CA has its own public and private key.

When a web server wants to get involved in secure communication using asymmetric key encryption, it needs CA to validate its public key so that it can show client that the server is who it claims to be.

For this, the web server sends its key pair to CA with a certificate signing request. The CA signs the certificate with its private key and sends it to web server. Now anyone with CA’s public key can decrypt it and see that it was indeed signed by CA. This builds trust.

100
Q

Explain DNS.

A

Domain Name System (DNS) is

(1) a distributed database implemented in a hierarchy of DNS servers and
(2) an application-layer protocol that provides a key-value lookup from a domain/host name (google.com) to an IP address, which is required in order for the network to route a request to an appropriate server.

The DNS servers are often Unix machines running the Berkeley Internet Names Domain (bind) software.

DNS protocol runs over UDP and uses port 53. DNS is commonly employed by other application-layer protocols such as HTTP, SMTP, FTP to translate user-supplied hostnames to IP addresses.

101
Q

What is Google’s DNS IP address?

A

Google maintains the IP addresses 8.8.8.8 and 8.8.4.4 as the primary and secondary DNS addresses for Google Public DNS.

102
Q

What is CNAME?

A

Canonical Name (cname) is the true host name of the server that its multiple aliases are associated with. The multiple aliases are just easy to remember than the complicated cname.

For eg. www.example.com CNAME example.com
www.example.com is an alias for CNAME example.com.

A CNAME must point to another domain name, never to an IP address. They can point to another CNAME record but it is not a good practice.

CNAME records are used for

  • providing separate hostname for specific services such as email or FTP and pointing that hostname to the root domain
  • registering the same domain in several countries and pointing the country versions to the main “.com” domain

When the DNS server returns a CNAME record, it will not return that to the client. Rather it will again look up the returned domain name, and finally return the A record’s IP address.

103
Q

What is mail server aliasing?

A

It is same as cname, but for a mail server.

It is highly desirable that email addresses and their hostnames (such as hotmail.com) be easy to remember. The cname for hotmail.com might be relay1-west-coast.hotmail.com but with mail server aliasing, we do not have to remember the cname and can use alias.

104
Q

What is DNS load balancing?

A

Also known as round-robin or load distribution, is the practice of configuring a domain name in DNS server such that client requests to that domain are distributed across a group of servers.

This helps optimize client requests for a specific domain by routing traffic.

105
Q

What are the three types of DNS servers?

A

Root nameservers

Top-level domain (TLD) nameservers

Authoritative nameservers (ANS)

106
Q

Explain root nameservers.

A

When a browser cache, OS and ISP does not have an entry for domain name requested by client, the request goes to root nameservers, which returns IP address of appropriate TLD nameservers.

For eg. for www.example.com, the root server will return the IP address of .com TLD server.

There are 13 logical root nameservers, with logical names ranging from a.root-servers.net to m.root-servers.net.

Although they are referred to as a single server, each root server is actually a network of replicated servers (hence called 13 logical), for both security and reliability purposes. As of June 2020, there are 1085 instances of root nameservers.

107
Q

Why are there only 13 logical root nameservers?

A

When a response is recevied from a root server, below information is transmitted:

IP address: 4 bytes
full name of root server: 20 bytes
record type code: 2 bytes
record class code: 2 bytes
TTL value: 4 bytes

This amounts to 32 bytes in total.

DNS protocol uses UDP datagram, which limits to single packet of 512 bytes. If there are multiple queries to a DNS server, then in a single packet, maximum 13 32-byte information packets can be sent, hence there are 13 logical root nameservers.

512/32 is actually 16 but the 3 bytes are left for protocol information.

108
Q

Explain the TLD nameservers.

A

They are responsible for resolving top-level domains such as:

  • generic: com, edu, org, net, gov
  • country: in, uk, fr, ca, jp

and directing to the authoritative nameservers (ANS) for that domain.

109
Q

What is a resolver/recursive resolver/resolving nameserver/local DNS server?

A

When the domain name is typed in a browser, the entity that accepts the query and hurries to root nameservers to begin the process, is called resolver/recursive resolver/resolving nameserver/local DNS server.

It acts as a middleman between client agent (browser) and DNS nameserver. After receiving a DNS query from client, it either responds with cached data or sends a request to root nameserver, followed by another request to TLD nameserver, and then one last request to ANS.

During this process, recursive resolver will cache information received from ANS.

On most occasions, the recursive resolver is the ISP (Internet Service Provider). All the resolvers must know the IP address of nearest root server.

110
Q

Explain Authoritative nameservers (ANS).

A

The ANS is usually the last step in the resolving a domain name. It provides the IP address and cname (if required).

111
Q

What is anycast routing?

A

Typically, the communication between network-devices is 1:1, each communication goes from one specific device to a targeted device on the other end of communication.

Anycast network, in contrast, allow multiple servers on the network to use same IP address, or set of IP addresses so that any one of the DNS servers can respond to the DNS query and typically the one that is geographically closest will provide the response.

Anycast network is 1:many communication.

This reduces latency, improves uptime for DNS resolving service and provids protection against DNS flood DDoS attacks.

112
Q

Explain how DNS works.

A
  1. Client types a URL, www.example.com, in the browser.
  2. Browser first checks its own DNS cache (chrome://net-internals/#dns). If an entry for requested URL exists, then it is returned otherwise it proceeds to next step.
  3. Browser queries OS for OS-level caching. A process called stub resolver handles this request by checking its own cache. If an entry for requested URL exists, then it is returned otherwise it proceeds to next step.
  4. Browser sends the query to local DNS server inside ISP. The recursive resolver first checks its own cache.
  5. 1 If it has cached the entry, it is returned to client.
  6. 2 If it has NS records for the ANS but not A records, it sends a query to ANS directly, bypassing intermediate steps.
  7. 3 If it does not have NS records, it queries the TLD nameserver, skipping the root server.
  8. 4 In the unlikely event that recursive resolver’s cache has been purged, it queries the root nameserver (.)
  9. The root server responds to the resolver with the address of TLD nameserver for .com.
  10. The resolver then makes a request to the .com TLD nameserver. The TLD server then responds with the IP address of the domain’s ANS, ns1.example.com. Although there are numerous .com domains, TLD nameservers know the exact address of ns1.example.com due to Domain Registrar. When a domain is purchased, the domain registrar reserves the name and communicates the TLD registry its ANS.
  11. Lastly, the recursive resolver sends a query to the domain’s nameserver. The IP address for example.com is then returned to the resolver from the nameserver.
    The DNS resolver then responds to the web browser with the IP address of the domain requested initially.
  12. The browser, having now received the IP address of www.example.com makes an HTTP request to that IP address.
  13. The server at that IP address returns the webpage to be rendered in the browser.
113
Q

What are the types of DNS queries?

A

There are 3 types of DNS queries:

  1. Recursive: DNS client requests DNS resolver for an answer and resolver responds to the client with requested resource record or an error message. Resolver starts a recursive query process, starting from root server until it finds ANS.
  2. Iterative: DNS client queries DNS resolver, which returns the best answer it can. If the resolver has the correct answer in its cache, it returns the answer. If not, it refers the DNS client to the root server or nearest ANS. The DNS client then must repeat the query directly against DNS server it was referred to.
  3. Non-recursive: A query in which DNS resolver either
    (a) already knows the answer because it has record stored in its cache or
    (b) knows the final ANS for the record which definitely holds the correct IP address.
    In both cases, there is no need for additional rounds of queries. Rather, a response is immediately returned to the client.
114
Q

When a TLD nameserver responds to DNS resolver with address of ANS, it is usually ns1.example.com (for webpage www.example.com). Since ns1.example.com is a subdomain of example.com, how is TLD nameserver able to resolve it before resolving example.com?

A

When DNS resolver queried TLD nameserver, TLD nameserver responded with extra information. The resolver got at least one IP address for each ANS, which is called glue.

Hence, the resolver not only got the name of authoritative server, but also the IP address (which breaks circular dependency).

115
Q

Explain glue records.

A

When a client queries for www.example.com, the DNS resolver first queries root nameserver, then TLD nameserver and finally ANS. However, the ANS are inside domain itself, such as domain www.example.com has ANS ns1.example.com, ns2.example.com etc.

By having the ANS inside the domain itself, these nameservers cannot be found without outside assistance. This is called a ‘circular reference’.

Creating a glue record, an A record served by the TLD nameserver, avoids circular references and allows for both DNS name resolution and listing the nameservers inside the domain itself.

Glue records can only be created at the domain registrar as the registrar controls the DNS settings for a given domain’s delegation. Every nameserver on the internet has its own glue record created by the domain’s owner.

When you host your own authoritative servers, you need to set up the glue records with the domain registrar. If a third party, such as a managed DNS provider hosts your ANS, then the provider takes care of setting up the glue record.

116
Q

Explain the domain name syntax and format.

A

The domain name consists of one or more parts called labels, which are separated by dot.

For eg. forum.support.example.com is a domain name where forum, support, example, com are labels.

A label may contain up to 63 characters.
The label at extreme right is TLD (here, com), the next one example.com is second-level domain and all the subsequent labels from right to left are lower down in the namespace hierarchy, and they are called subdomains.

DNS allows maximum 127 subdomains.

The above example represents a subdomain “forum” under the subdomain “support”, under the domain “example”, under the top level domain “.com”.

117
Q

Explain the DNS message format.

A

DNS communication occurs via two types of messages: queries and replies. Both DNS query format and reply format consist of the following sections:

Header (12 bytes): contains identification, flags, no. of questions, no. of answers, no. of authority records and additional info.

flags section of Header: contains bits indicating type of message(query/reply), whether name server is authoritative, whether query is recursive, whether request was truncated and status.

Question: contains domain name being resolved, record type (A, AAAA, MX, TXT etc) and record class (IN).

Answer: contains the resource records of the queried name. This response is in the format name, TTL, record class, record type and record data.

Authority: contains info for authoritative nameserver (its TTL, refresh rate etc)

Additional: contains other helpful records. For eg. answer field in reply to an MX server contains canonical hostname of mail server. The additional section contains Type A record for IP address of that canonical hostname.

118
Q

What is DNS zone?

A

A DNS zone is a distinct part of domain namespace which is delegated to a legal entity- a person or organization, who are responsible for maintaining it.

For eg. in forum.support.example.com, .com is TLD, example is second-level domain and rest are subdomains. Each of these levels can be a DNS zone.

Every domain zone has two types of zone files containing the mappings between domain names, IP addresses and other resources.

  • Master file: which authoritatively describes a zone
  • Cache file: lists contents of DNS cache
119
Q

Explain DNS resource records (RR).

A

In a DNS zone file, each entry represents the DNS resource record (RR) and is made up of following fields:

  • Name: alphanumeric identifier of DNS record. If left blank, inherits its value from previous record.
  • Time To Live (TTL): mentioned in seconds, it is how long the record should be kept in local cache of DNS client. If left blank, inherits its value from Global TTL value of the zone file.
  • Record type: DNS record type. For eg. A record maps hostname to IPv4 address, CNAME record maps an alias to another hostname.
  • Record data: has one or more information elements, depending on record type, separated by whitespace. For eg. MX record has two elements- priority and domain name of email server.
120
Q

What is an A record and AAAA record?

A

It is an address mapping record in DNS zone file.

A record maps a hostname to corresponding IPv4 addresss.

AAAA record maps a hostname to corresponding IPv6 address.

121
Q

What is an MX record?

A

A Mail Exchanger record specifies an email server for the given domain and is used to route outgoing emails to an email server.

One domain can have multiple MX records (i.e. multiple mail servers) for load balancing.

122
Q

What is an NS record?

A

A Name Server record specifies that a DNS zone, such as example.com is delegated to a specific ANS and provides the IP address of that ANS server.

123
Q

What is a PTR record?

A

A Reverse Lookup Pointer record allows DNS resolver to perform reverse DNS lookup (from IP address to hostname)

124
Q

What is a CERT record?

A

A Certificate record stores encryption certificates such as PKIX, SPKI, PGP etc.

125
Q

What is an SRV record?

A

A Service record is a custom DNS record defining the location (hostname and port number) of a service.

126
Q

What is an SOA record?

A

A Start of Authority record contains administrative information about the zone.

It contains the primary master ANS for that zone, contact details for domain admin, domain serial number and how frequently the information for the zone is refreshed.

127
Q

What is BIND?

A

Berkeley Internet Name Domain (BIND) is free, open-source software used by DNS servers.

BIND has 3 main components:
- Nameserver: maintains DNS zone file and responds to DNS queries either as caching-only name server or ANS.

  • Resolver: BIND has lightweight resolver library that can run on DNS clients (OS or routers) and a resolver daemon process that can run on local host.
  • Nameserver tools: BIND provides tools to manage DNS system such as dig, host, nslookup, Remote Name Daemon Control (RNDC).
128
Q

What is Primary and Secondary DNS?

A

Primary DNS server is the first point of contact for a browser for resolving a DNS query. The primary DNS server contains a DNS record that has the correct IP address for the hostname.

If the primary DNS server is unavailable, the device contacts a secondary DNS server, also known as slave, containing a recent read-only copy of the same DNS records. The process of secondary DNS server receiving an updated version of DNS records’ copy is called zone transfer.

Changes to DNS records can only be done on a primary server, which can then update secondary DNS servers. Secondary DNS servers are not mandatory and DNS system can work even if a primary DNS server is available.

A primary DNS server can act as a secondary DNS server for another zone.

The concept of primary and secondary DNS servers is benefitial as it:

  • serves well during the time of primary server failure
  • distributes the load between primary and secondary
129
Q

Explain DHCP.

A

Dynamic Host Configuration Protocol (DHCP) is used to dynamically assign IP addresses to end systems (hosts) if automatic IP settings are enabled for them.

Usually, network admins assign the IP addresses manually when small and fixed number of hosts are present. If number of hosts is going to be large and variable, instead of configuring all hosts, network admins configure one special host which runs a service to lease IP addresses to all the connected hosts. This special host is called DHCP server. The SOHO router supports embedded DHCP server.

When a laptop connects to the internet via router, laptop runs DHCP protocol and DHCP server assigns an IP address to laptop. The laptop here becomes DHCP client (every device’s OS has DHCP client service incorporated) and this process of obtaining IP address is called DORA process which means:

  • Discover: host sends discover message to DHCP server
  • Offer: DHCP server sends an IP address in response
  • Request: host asks DHCP server to allocate this IP address to host
  • Acknowledgement: allocates the IP address to host and sends an ack message.

Post acknowledgement, DHCP client configues the TCP/IP settings in its OS.

In the DORA process, DHCP server provides DHCP client with additional information such as :

  • Default gateway IP address (which is the IP address of first hop router)
  • subnet mask (4-byte number dividing an IP address into network and host address)
  • DNS server IP address (IP address of DNS
  • lease time (duration till when host can use assigned IP address, after end of this duration host must send request to renew the IP address).

DHCP uses connectionless UDP protocol and uses port 67 for server and 68 for client.

130
Q

What is Message Authentication Code (MAC)? Why does SSL/TLS use it instead of digital signature?

A

MAC is a method used by SSL to check authenticity and data integrity. It is based on symmetric key encryption.

It accepts two parameters: a symmetric secret key and a random message. Client and server both must have the same symmetric secret key. Message encryption with key produces a result called tag.

If the MAC tag of the sender and the calculated MAC tag of the recipient match, nobody tampered with the message. If they do not match, data is compromised.

The MAC is sometimes called a checksum, cryptographic checksum, or protected checksum.

Creation and verification of MAC tags for each packet doesn’t add much delay as MAC uses same key and symmetric cryptography is computationally cheaper than asymmetric one. With digital signature, the cost of signing and verifying each packet will surely increase the computation and add substantial delay.

131
Q

Explain the DHCP’s DORA process.

A
  1. Discovery: client creates a DHCPDISCOVER message and places it in UDP datagram, where source port address is 68 and destination port address is 67. IP packet encapsulates this and adds 0.0.0.0 as source IP address (as source doesn’t yet have an IP) and 255.255.255.255 as destination IP address (to broadcast over network as source doesn’t even know where DHCP server is). IP packet is then wrapped by data link layer frame, putting client’s MAC address as source and FF:FF:FF:FF:FF:FF as destination address.
  2. Offer: DHCP server receives the message on port 67 and sends DHCPOFFER message in response by filling up the YIAddr (Your IP address) field in DHCPDISCOVER message. It also adds its own IP address and same transaction ID (as sent by client). Now the offer message is placed in UDP segment with 67 as source port address and 68 as destination port address. In IP packet and Ethernet frame, source IP and MAC address is DHCP server IP and MAC address. Destination address in both layers is broadcast as client has set the broadcast bit.
  3. Request: The newly arriving client will choose from among one or more server offers and respond to its selected offer with a DHCPREQUEST where the addresses match that of DHCPDISCOVER message as IP address is still not assigned to host.
  4. Acknowledgement: The server responds to the DHCP request message with a DHCPACK message, confirming the requested parameters.
132
Q

When DHCP client broadcasts discover message on the network, how does the router forward it as broadcast IP datagram cannot be passed through any router?

A

With the help of relay agent (which is just a router acting as an intermediary).

The relay agent knows the IP address of DHCP server and listens to the broadcast messages on port 67. When it receives DHCP discover packet, it encapsulates the message in unicast datagram and forwards the packet to DHCP server.

The packet, now having unicast destination address can be forwarded by any router.

Once it reaches DHCP server, server knows the message has come from a relay agent because of the GIADDR field in packet. The relay agent, after receiving a reply from DHCP server, sends it to DHCP client.

133
Q

How does DHCP handle error control if it uses UDP which has no error control?

A

DHCP has two strategies:

  • it requires that UDP uses checksum
  • DHCP client uses timers and a retransmission policy if it does not receive the reply. To prevent traffic jam when several hosts need to retransmit a request (for eg. after power failure), DHCP forces the client to use random number to set its timer.
134
Q

What are the messages exchanged between DHCP client and server? Explain them briefly.

A
  1. DHCPDISCOVER: the client broadcasts discover message on the network in order to obtain an IP address.
  2. DHCPOFFER: server responds to discover message with offer of config params.
  3. DHCPREQUEST: client messages to server either
    (a) requesting offered params from one server and implicitly declining offers from all others
    (b) confirming correctness of previously allocated address after, say, system reboot
    (c) extending the lease on a particular network address
  4. DHCPDECLINE: client performs a quick ARP process to see if anyone has same IP. If a different client indicates that it has same IP, client sends DHCPDECLINE message and starts the process all over.
  5. DHCPACK: DHCP server sends acknowledgement message to client with configuration parameters including committed IP address
  6. DHCPNAK: DHCP server sends negative acknowledgement message to client as client has moved to new subnet or lease has expired
  7. DHCPRELEASE: client sends release message to server, giving the IP address away and cancelling remaining lease.
  8. DHCPINFORM: client sends inform message to server, asking only for configuration parameters as client already has externally (manually) configured IP address.
135
Q

What is DHCP scope?

A

DHCP scopes is the range of available IP addresses that the DHCP server can lease to clients. Scopes typically define a single physical subnet on network to which DHCP services are offered.

136
Q

Why CNAME cannot point to/ contain as its data an IP address?

A

CNAME has been defined in the IETF standards such that it must always point to an alias. If it is made to point to an IP address, the resolver will try to resolve the IP address as if it is an alias.

For eg. if CNAME is made to point to an IP address like:
www.example.com CNAME 124.23.64.45

  1. The resolver will try to query a record for hostname 124 within domain 23.64.45. It doesn’t have anything for that name, hence it will query root server.
  2. The rootserver returns the IP address of TLD server but since in this case, .45 is the TLD, it will respond with nothing, failing the DNS lookup.
137
Q

Why is CNAME pointing to another CNAME a bad practice?

A

A CNAME can point to another CNAME but DNS server’s strategy with CNAME record is that it will look up the returned hostname until it finds A record.

This chain may continue several CNAME levels deep and if the RRs are not properly created, the lookup process might get caught in endless loop.

138
Q

In what conditions does client send DHCPDECLINE message to DHCP server?

A

After receiving an IP offer from DHCP server, client checks the ARP table on network to see if IP address is unique. If it is not, it sends a DHCPDECLINE message.

The reason why this IP conflict occur could be:

  1. If a network admin manually configures hosts and assigns duplicate IP address to two hosts on the same network
  2. If there are two DHCP servers on a network, they might hand out same IP address to two different hosts
  3. If a device comes back online after being in standby mode for long time. In this case, if the lease expires and the host does not renew it, server may retract the IP address and assign it to another host. Now if the old host comes back online, thinking it still owns the IP, results in conflict.
139
Q

What is the difference between hypertext and hypermedia?

A

Hypertext is a text document containing links (references) to other document(s).

Hypermedia is superset of hypertext- hypertext which is not limited to text, it can include graphics, audio and video.

140
Q

Explain HTTP 100 Continue.

A
  1. The initial part of a request has been received and has not yet been rejected by server. The server intends to send a final response after request has been fully received and acted upon.

Or

  1. If client is sending a large data to server using say, PUT, client may include an ‘Expect’ header in request like this:

Expect: 100-Continue

This tells the server that it should respond with 100 Continue status if it is going to accept the request. It tells client that it can start sending the request body.

The benefit here is that if server is unable to accept the request or there is some problem with the request, server can immediately respond with error before client starts sending the body.

141
Q

Explain HTTP 101 Switching Protocol.

A

Server understands and is willing to comply with the client request for which TCP connection is about to be used for different protocol.

The server must generate an Upgrade header field in the response to indicate the protocol to which it is switching to immediately after the empty line that terminates the response.

HTTP/ 1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade

It is assumed that the server will only agree to switch protocols when it supports the protocol and is advantageous to do so. For example, switching to a newer version of HTTP might be advantageous over older versions.

142
Q

Explain HTTP 102 Processing.

A

It informs the client that a full request has been received, the server is working on it and the real status will be sent later.

It is similar to 100 Continue except 100 Continue is returned immediately (so that client can send data) whereas 102 Processing is sent only after full request has been received and handling the request is going to take more than 20 seconds.

This mechanism of sending 102 Processing status helps server to tell client that it is not dead and to avoid client timeout.

143
Q

Explain HTTP 103 Early Hints.

A

It is used by server to preemptively send headers to a client or intermediary so that the client can make certain optimizations ahead of time.

A server might tell a browser that it is very likely to require certain CSS stylesheets to render the document using Link header. When the client receives these headers, it might immediately start fetching those resources.

The 103 Early Hints status code can move those headers up even earlier. In this case, client’s GET request would produce 2 responses:

  1. 103 Early Hints would be sent asap for server while
  2. 200 OK (the real response) took a bit longer to produce.

This could allow client to quickly fetch these additional resources.

144
Q

Explain HTTP 200 OK.

A

It states that the request has succeeded.

The meaning of success depends on the HTTP request method:

  1. GET: the resource has been fetched and transmitted in the message body
  2. HEAD: the entity headers are in the message body
  3. POST: the resource has been transmitted in the message body
  4. TRACE: the message body contains the request message as received by the server.

The successful result of a PUT or a DELETE is often not a 200 OK but a 204 No Content (or a 201 Created when the resource is uploaded for the first time).

145
Q

Explain HTTP 201 Created.

A

It states that the request was successful and also resulted in a new resource being created.

In the case of

  • PUT request, it means that a new resource was created on the actual URL that was specified in the request.
  • POST request, it means that a new resource was created at different URL, specified in the Location header and validator headers ETag and Last-Modified.
146
Q

Explain HTTP 202 Accepted.

A

It indicates that the request has been accepted by the server but its not sure if the request will be completed successfully.

This status code is used by APIs mostly who run some batch processing. The server accepts the request and sends 202 Accepted response. The API might later send an email to user providing the status of batch process.

There is no way for HTTP to later send another response indicating the outcome of processing the request.

147
Q

Explain HTTP 203 Non-Authoritative-Information.

A

It is a status code used by proxy when it makes changes to the response payload sent by server before it reaches client, perhaps because the proxy converts the format or adds something to the HTML body.

For these situations a proxy can indicate that it changed something by changing the status-code to 203.

As proxy changes the status code, it is no longer possible to see what the original status code was. Hence it is recommended to use the Warning header set to 214 Transformation Applied code.

148
Q

Explain HTTP 204 No Content.

A

It is returned by server when request was successful but there was no response body.

If the status code was generated for a PUT/POST request, the response can contain ETag header.

It also indicates that the user agent need not navigate away from its current view. For e.g. save action during document editing. The document being saved remains available to the user for editing.

149
Q

Explain HTTP 205 Reset Content.

A

The server has fulfilled the request and wants the user agent to reset the view (refresh the UI or clear the contents of a form).

This response is intended for common data entry tasks such as form-filling. When user submits its filled form, the request is sent and server asks browser to reset the view for next entry so that user can initiate another input action.

Since this implies that no additional content will be sent, server must not send any payload and indicate the content-length to be zero.

150
Q

Explain HTTP 206 Partial Content.

A

It is used for range requests. It is possible for an HTTP client to request only portions of a resource using range requests.

For eg. client requesting only last 100 bytes of a large log resource. If client issued such request and server is able to fulfill it, it indicates to the client that it is sending back only certain ranges with 206 Partial Content status and Content-Range header.

If the server doesn’t support Range requests, it will just return a 200 OK status along with entire payload. The client will know that the server didn’t support it via this status code and omission of Content-Range header.

If only one range is being sent, Content-Type is set to response’s content type and Content-Range is provided.

If several ranges are being sent, Content-Type is set to multipart/byteranges and each fragment covers
one range with Content-Range describing it.

151
Q

Explain HTTP 300 Multiple Choices.

A

This code says that server has multiple representations of requested resource and user agent (or user) should choose one of them.

If the server has a preferred choice, the server should generate Location header field containing a preferred choice’s URI.

For request methods other than HEAD, the server should generate payload containing list of URIs for multiple choices. The user agent may make a selection from the list if it understands the provided media type.

Java Prep (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions