Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

WebBreach Mastery > HTTP in detail > Flashcards

HTTP in detail Flashcards

Learn about how you request content from a web server using the HTTP protocol

1
Q

Which protocol is used for transmitting webpage data such as HTML, images, and videos?
* FTP (File Transfer Protocol)
* SMTP (Simple Mail Transfer Protocol)
* HTTP (HyperText Transfer Protocol)
* IMAP (Internet Message Access Protocol)

A

HTTP (HyperText Transfer Protocol)

Explanation: HTTP, or HyperText Transfer Protocol, is the foundational protocol used for transmitting webpage data over the internet, including HTML files, images, and videos. It was developed by Tim Berners-Lee and facilitates the communication between web browsers and servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What primary advantage does HTTPS provide over HTTP?
* Faster data transfer speeds
* Encryption of data in transit
* Compressing data to reduce size
* Direct file transfer capabilities

A

Encryption of data in transit

Explanation: HTTPS, which stands for HyperText Transfer Protocol Secure, provides a secure version of HTTP by encrypting the data sent and received. This encryption ensures that the data cannot be easily intercepted or read by unauthorized parties, enhancing privacy and security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Who was the primary developer of HTTP?
* Vint Cerf
* Marc Andreessen
* Tim Berners-Lee
* Linus Torvalds

A

Tim Berners-Lee

Explanation: Tim Berners-Lee, along with his team, developed HTTP between 1989 and 1991. This protocol laid the foundation for data communication on the World Wide Web.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why is HTTPS considered more secure than HTTP?
* Because it uses a different set of TCP/IP protocols
* Because it encrypts the data using SSL or TLS
* Because it prevents the transmission of multimedia content
* Because it uses a faster server response time

A

Because it encrypts the data using SSL or TLS

Explanation: HTTPS is considered secure because it uses SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to encrypt the data being transmitted. This means that any data exchanged between the user’s browser and the web server is encrypted, which prevents eavesdropping and ensures that the user is connected to the authentic server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does HTTPS ensure in addition to encrypting data?
* Reduction of data usage
* Verification of server identity
* Increased website loading speeds
* Conversion of HTML to other markup languages

A

Verification of server identity

Explanation: In addition to encrypting data, HTTPS also verifies the identity of the web server. This is achieved through SSL/TLS certificates, which assure users that they are communicating with the legitimate server and not an imposter, adding a layer of security against man-in-the-middle attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What component of a URL specifies the protocol used to access a web resource?
* Scheme
* Host
* Port
* Path

A

Scheme

Explanation: The scheme of a URL indicates the protocol that should be used to access a resource on the internet, such as HTTP, HTTPS, or FTP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In a URL, what does the ‘host’ represent?
* The password required to access the server
* The directory or file path on the server
* The domain name or IP address of the server
* A specific section of the web page

A

The domain name or IP address of the server

Explanation: The host component of a URL refers to the domain name or IP address of the server that hosts the web resource you are trying to access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the purpose of the ‘port’ in a URL?
* To determine the method of the HTTP request
* To specify the particular protocol version
* To dictate the part of the server to connect to
* To define the path to the resource on the server

A

To dictate the part of the server to connect to

Explanation: The port in a URL is used to specify the gateway through which to connect to the server, commonly being 80 for HTTP and 443 for HTTPS, but can technically be any port between 1 - 65535.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a ‘query string’ in a URL used for?
* Authenticating the user with a username and password
* Sending extra information to the server for processing
* Specifying the fragment of the page to jump to
* Identifying the protocol version being used

A

Sending extra information to the server for processing

Explanation: The query string in a URL is a way to send additional information to the server, often in the form of key-value pairs, that can affect the resource being requested, like specifying an article ID in a blog request.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does the ‘fragment’ part of a URL do?
* It encrypts the communication with the server
* It specifies the location on the page to be displayed
* It represents the HTTP method being used for the request
* It tells the server which protocol version is being requested

A

It specifies the location on the page to be displayed

Explanation: The fragment in a URL is an internal page reference, often preceded by a hash (#), which browsers use to navigate to a specific part of the webpage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In an HTTP request, what is indicated by the method ‘GET’?
* The type of protocol used to secure the data
* The type of operation the client is performing
* The specific version of the HTTP protocol in use
* The length of content being requested

A

The type of operation the client is performing

Explanation: The ‘GET’ method in an HTTP request is used to retrieve data from the server. It is one of the request methods defined by HTTP and is specifically used for asking for a specified resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does the ‘200 OK’ status code in an HTTP response indicate?
* The server is ready to accept a new request
* The request was received, understood, and processed successfully
* The requested resource has been permanently moved
* The server experienced an internal error

A

The request was received, understood, and processed successfully

Explanation: The ‘200 OK’ status code in an HTTP response is an indication from the server that the request has been successfully received, understood, and processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the ‘Content-Type’ header in an HTTP response used for?
* To specify the browser version making the request
* To provide the date and time of the server
* To inform the client about the type of data in the response
* To indicate the length of the response

A

To inform the client about the type of data in the response

Explanation: The ‘Content-Type’ header in an HTTP response specifies the media type of the data contained in the response, such as text/html for HTML documents, allowing the client to understand and correctly process the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which HTTP method is used primarily to retrieve data from a server?
* POST
* PUT
* DELETE
* GET

A

GET

Explanation: The GET method in HTTP is designed to request data from a specified resource on a server. It is one of the most common HTTP methods and is used to retrieve data without affecting the resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the purpose of the POST method in HTTP?
* To fetch a particular resource from a server
* To submit data to a server for processing
* To update existing data on a server
* To remove data from a server

A

To submit data to a server for processing

Explanation: The POST method is used to send data to a server to create or update a resource. Typically, POST requests are used to submit form data or upload a file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When would you use the PUT method in an HTTP request?
* To request a webpage or other resource
* To update a specific resource on the server
* To send a large amount of data in a query string
* To request the deletion of a resource

A

To update a specific resource on the server

Explanation: The PUT method is used when you want to update a specific resource on the server with the data provided in the request body. It is often used to update existing resources, whereas POST may be used to create new resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What does the DELETE method do in an HTTP request?
* It removes a specified resource from the server.
* It looks up the current state of a resource without retrieving it.
* It adds a new resource to the server.
* It encrypts the data being sent to the server.

A

It removes a specified resource from the server.

Explanation: The DELETE method is used to request that a specified resource be deleted from the server. When successful, it results in the removal of the target resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which HTTP method would you choose to send data to the server to create a new record?
* GET
* POST
* PUT
* DELETE

A

POST

Explanation: The POST method is commonly used to submit data to a server to create a new record. For example, when you fill out a form on a web page and submit it, the form data is typically sent to the server using a POST request.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which status code range indicates that the client’s HTTP request was successful?
* 100-199
* 200-299
* 300-399
* 400-499

A

200-299

Explanation: The status codes ranging from 200-299 indicate a successful HTTP request, with the most common being 200 OK, which means that the request was completed successfully.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What does a 301 status code signify in an HTTP response?
* The server is under maintenance.
* The requested resource has been moved to a new URL permanently.
* The server encountered an error and could not process the request.
* The client made a bad request.

A

The requested resource has been moved to a new URL permanently.

Explanation: The 301 status code is used to indicate that the requested resource has permanently moved to a new location (URL). This response code is used for permanent URL redirection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

If you receive a 404 status code, what does it mean?
* The server is not currently able to handle the request due to overload or maintenance.
* The request was successful and a new resource was created.
* The requested page or resource could not be found on the server.
* The request method used is not allowed for the requested resource.

A

The requested page or resource could not be found on the server.

Explanation: The 404 status code is one of the most recognizable and is used to indicate that the server could not find the requested resource. It is commonly known as “Page Not Found”.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is indicated by a 503 status code?
* The client’s request contained incorrect syntax.
* The client is not authorized to access the requested resource.
* The server is not ready to handle the request, possibly due to overload or maintenance.
* The request method is not supported by the server and cannot be handled.

A

The server is not ready to handle the request, possibly due to overload or maintenance.

Explanation: A 503 status code means “Service Unavailable”, and it indicates that the server is currently unable to handle the request. This may be due to the server being overloaded or down for maintenance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What does the status code 403 Forbidden mean?
* The client’s request is incomplete and needs more information.
* The client does not have access rights to the content; hence, it is unauthorized.
* The client has made too many requests in a given amount of time.
* The server has encountered an unexpected condition that prevented it from fulfilling the request.

A

The client does not have access rights to the content; hence, it is unauthorized.

Explanation: The 403 Forbidden status code indicates that the server understands the request but refuses to authorize it. This means the client does not have the necessary permissions to access the resource, regardless of authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which HTTP method is used primarily to retrieve data from a server?
* OPTIONS
* PUT
* TRACE
* GET

A

GET

Explanation: The GET method is used to request data from a specified resource on a server. It is one of the most common HTTP methods used primarily for retrieving data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A ‘304 Not Modified’ response indicates what about the resource?
* It has been permanently moved.
* It has not been modified since the last request.
* It is temporarily unavailable.
* It can only be accessed with proper authentication.

A

It has not been modified since the last request.

Explanation: The 304 status code is used in conditional GET calls to reduce bandwidth. It tells the client that the resource has not been modified since the last time it was accessed and there is no need to resend it, so the client can continue to use the same cached version.

26
Q

Which status code means the server understood the request but refuses to authorize it?
* 200
* 401
* 403
* 404

A

403

Explanation: The 403 Forbidden status code indicates that the server understood the request but refuses to authorize it. This suggests that the client does not have the necessary permissions for the requested resource.

27
Q

What is the purpose of the ‘Accept’ header in an HTTP request?
* To specify the domain the client wishes to connect to.
* To state the MIME types the client can handle.
* To tell the server which HTTP method to use.
* To authorize the client with the server.

A

To state the MIME types the client can handle.

Explanation: The ‘Accept’ header is used to tell the server what file formats the client can handle. It specifies the media types that are acceptable for the response, allowing the server to select a variant based on the value of the header.

28
Q

Which HTTP method would you use to update a specific piece of data on the server?
* OPTIONS
* PUT
* TRACE
* CONNECT

A

PUT

Explanation: The PUT method is used when you want to update an existing resource on the server. If the resource does not exist, PUT might create a new resource, depending on the server’s implementation.

29
Q

A ‘304 Not Modified’ response indicates what about the resource?
* It has been permanently moved.
* It has not been modified since the last request.
* It is temporarily unavailable.
* It can only be accessed with proper authentication.

A

It has not been modified since the last request.

Explanation: The ‘304 Not Modified’ status code is used in conditional GET requests to indicate that the resource has not been modified since the version specified by the request headers If-Modified-Since or If-None-Match. In such a case, there is no need to retransmit the resource.

30
Q

Which status code means the server understood the request but refuses to authorize it?
* 200
* 401
* 403
* 404

A

403

Explanation: The 403 Forbidden status code indicates that the server understands the request but refuses to authorize it. This usually means that the client does not have the necessary permissions for the resource.

31
Q

What is the purpose of the ‘Accept’ header in an HTTP request?
* To specify the domain the client wishes to connect to.
* To state the MIME types the client can handle.
* To tell the server which HTTP method to use.
* To authorize the client with the server.

A

To state the MIME types the client can handle.

Explanation: The ‘Accept’ header is used to inform the server about the types of media that the client can process. This header is sent by the client to indicate the media types that are acceptable for the response, such as text/html or image/jpeg.

32
Q

In HTTP, what is a ‘payload’?
* A set of headers specifying the server type.
* The data sent within an HTTP request or response.
* The URL of the resource being requested.
* The protocol version used in the request.

A

The data sent within an HTTP request or response.

Explanation: The payload in HTTP refers to the actual data sent within the request or response body. This can be anything from form data sent in a POST request to the HTML of a webpage being sent in a response.

33
Q

What does the status code ‘202 Accepted’ indicate?
* The server accepted the request but hasn’t processed it yet.
* The client’s browser must follow a redirect.
* The client’s request was formatted incorrectly.
* The server successfully processed the request, but no content is returned.

A

The server accepted the request but hasn’t processed it yet.

Explanation: The 202 Accepted status code indicates that the server has accepted the request for processing, but the processing has not been completed. It acknowledges that the request has been taken into account but may or may not be acted upon.

34
Q

What would an HTTP status code of ‘418 I’m a teapot’ typically indicate?
* The server refuses to brew coffee because it is, permanently, a teapot.
* The request was successful, and the server is returning the requested data.
* The server is temporarily redirecting the request.
* The server encountered an unexpected condition.

A

The server refuses to brew coffee because it is, permanently, a teapot.

Explanation: The 418 I’m a teapot status code is an Easter egg, defined in RFC 2324, the Hyper Text Coffee Pot Control Protocol, and is not expected to be implemented by actual HTTP servers. It’s a humorous response used to indicate that the server refuses to brew coffee because it is, in fact, a teapot.

35
Q

If a web server returns ‘411 Length Required’, what does it mean?
* The server requires the Content-Length header in the request.
* The request URI is too long.
* The server is down for maintenance.
* The server cannot meet the requirements of the Expect request-header field.

A

The server requires the Content-Length header in the request.

Explanation: The 411 Length Required status code indicates that the server

refuses to accept the request without a defined Content-Length header. The server needs to know the size of the request payload for processing.

36
Q

Which status code category indicates that further action needs to be taken by the user agent to fulfill the request?
* 1xx
* 2xx
* 3xx
* 4xx

A

3xx

Explanation: Status codes in the 3xx range indicate redirection. The client must take additional action to complete the request, often by making a subsequent request to a different URI.

37
Q

When is the HTTP ‘PATCH’ method typically used?
* To request the header of a resource.
* To make a partial update to a resource.
* To retrieve the full content of a resource.
* To establish a tunnel to the server.

A

To make a partial update to a resource.

Explanation: The PATCH method is used for making partial updates to an existing resource. Unlike PUT, which typically requires a complete replacement of the resource, PATCH is applied to a resource to make changes to its current state.

38
Q

What is the purpose of cookies in web transactions?
* To maintain state between the server and client.
* To increase the speed of the server response.
* To encrypt the data transmission.
* To specify the preferred language of the client.

A

To maintain state between the server and client.

Explanation: Cookies are used to maintain state information as HTTP is stateless. They are small pieces of data stored on the client’s computer and sent with requests to keep track of the client’s previous interactions with the server.

39
Q

A ‘206 Partial Content’ status code is used when…
* …the entire resource is being sent in the response.
* …only a part of the resource is sent because of a range header sent by the client.
* …the resource has been completely moved to a new URL.
* …the client’s request is too complex to be fulfilled.

A

…only a part of the resource is sent because of a range header sent by the client.

Explanation: The 206 Partial Content status code is used when the server is fulfilling a range request for a resource, and the response contains just the specified range of data instead of the complete resource.

40
Q

What does the ‘Host’ header in an HTTP request specify?
* The IP address of the client.
* The domain name of the server to which the request is being sent.
* The preferred language of the response content.
* The port number to connect to on the server.

A

The domain name of the server to which the request is being sent.

Explanation: The Host header in an HTTP request is used to specify the domain name of the server (and optionally the port number) to which the request is being sent, which is necessary for servers hosting multiple domains (virtual hosting).

41
Q

Which HTTP response code is commonly used to test whether a resource is reachable without transmitting the entire resource?
* 100 Continue
* 200 OK
* 204 No Content
* 301 Moved Permanently

A

204 No Content

Explanation: The 204 No Content status code is used when the server successfully processes the request but does not need to return any content. It’s often used in situations where the server wants to confirm that the resource is reachable or the request is valid without sending any data.

42
Q

When would you expect to receive a ‘409 Conflict’ HTTP status code?
* When the server requires additional actions to complete the request.
* When the request conflicts with the current state of the resource.
* When a resource has been permanently removed from the server.
* When the server cannot process the request due to a client error.

A

When the request conflicts with the current state of the resource.

Explanation: The 409 Conflict status code indicates that the request could

not be processed because of a conflict in the request, such as an edit conflict between multiple simultaneous updates.

43
Q

The ‘Referer’ header in an HTTP request is used for what purpose?
* To carry the body of the HTTP request.
* To inform the server of the URL of the referring document.
* To authenticate the client’s credentials.
* To specify the port number for the request.

A

To inform the server of the URL of the referring document.

Explanation: The ‘Referer’ (sic) header in an HTTP request specifies the address of the webpage (i.e., the URI or IRI) that linked to the resource being requested. This allows the server to ascertain where the request originated.

44
Q

What does ‘SSL’ stand for, and what is its role in web security?
* Secure Sockets Layer, it encrypts data between the client and server.
* Server Security Layer, it guards the server against unauthorized access.
* Simple Scripting Language, it is used for client-side scripting.
* Secure Server Login, it handles authentication protocols for the server.

A

Secure Sockets Layer, it encrypts data between the client and server.

Explanation: SSL stands for Secure Sockets Layer. It is a standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

45
Q

What does a ‘401 Unauthorized’ status code indicate in an HTTP response?
* The server cannot find the requested resource.
* The client needs to authenticate itself to get the requested response.
* The client’s request has been refused due to insufficient permissions.
* The server is not capable of fulfilling the request.

A

The client needs to authenticate itself to get the requested response.

Explanation: The 401 Unauthorized status code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource. The client can repeat the request with suitable Authorization headers.

46
Q

Which HTTP status code suggests that the client should switch protocols according to the ‘Upgrade’ header sent in the request?

  • 100 Continue
  • 101 Switching Protocols
  • 200 OK
  • 301 Moved Permanently
A

101 Switching Protocols

Explanation: The 101 Switching Protocols status code is sent in response to an Upgrade request header from the client and indicates the protocol the server is switching to.

47
Q

When a server responds with a ‘405 Method Not Allowed’ status code, what does it mean?

  • The server can be reached, but the specific resource is not available.
  • The method specified in the request line is not allowed for the resource identified by the request-URI.
  • The server has not found anything matching the request-URI.
  • The client’s request was made with the wrong protocol.
A

The method specified in the request line is not allowed for the resource identified by the request-URI.

Explanation: The 405 Method Not Allowed response code indicates that the server knows the request method, but the method has been disabled and cannot be used for the requested resource.

48
Q

What is indicated by the ‘Accept-Language’ header in an HTTP request?

  • The language in which the client wishes to receive the response.
  • The default character set preferred by the client.
  • The type of content that the client can accept.
  • The languages that the client is authorized to access.
A

The language in which the client wishes to receive the response.

Explanation: The ‘Accept-Language’ request HTTP header advertises which languages the client is able to understand, and which locale variant is preferred.

49
Q

If a response includes a ‘Content-Encoding’ header, what does it tell the client?

  • How the content is encoded, such as using gzip or deflate.
  • The length of the response content in bytes.
  • The server that handled the request and its software version.
  • The date and time at which the content was generated.
A

How the content is encoded, such as using gzip or deflate.

Explanation: The ‘Content-Encoding’ entity header is used to compress the media-type. When present, its value indicates which encodings were applied to the entity-body. It lets the client know how to decode in order to obtain the media-type referenced by the Content-Type header.

50
Q

What is the purpose of the ‘Host’ header in an HTTP request?

  • To inform the server about the browser version being used.
  • To tell the server which website to return when hosting multiple sites.
  • To specify the length of the content being sent to the server.
  • To declare the types of content encoding the client can handle.
A

To tell the server which website to return when hosting multiple sites.

Explanation: The ‘Host’ header is used to specify the domain name of the server being requested. This is particularly important for servers hosting multiple domains (virtual hosts), as it tells the server which website or resource the client wants to access.

51
Q

What information does the ‘User-Agent’ header provide to the web server?

  • The client’s preferred language.
  • The browser software and version number being used by the client.
  • The acceptable character sets of the client.
  • The acceptable content types that the client can process.
A

The browser software and version number being used by the client.

Explanation: The ‘User-Agent’ header contains a string that allows the server to identify the type of device and browser making the request, which can be used to return different web content formatted for that specific browser or to gather analytics.

52
Q

Why is the ‘Content-Length’ header important in an HTTP request?

  • It informs the server of the client’s caching capabilities.
  • It indicates the size of the request payload.
  • It specifies the expiry date of the resource being requested.
  • It communicates the client’s preferred content types.
A

It indicates the size of the request payload.

Explanation: The ‘Content-Length’ header indicates the size of the entity-body, in bytes, sent to the recipient. This allows the server to ensure that the entire package of information has been received.

53
Q

What does the ‘Accept-Encoding’ header in a request tell the web server?

  • The client’s domain name.
  • The data compression algorithms that the client can handle.
  • The character set preferred by the client.
  • The protocols supported by the client.
A

The data compression algorithms that the client can handle.

Explanation: The ‘Accept-Encoding’ request header specifies the content encodings (like gzip or deflate) that the client is able to understand. Using this information, the server can select a suitable encoding for the response content.

54
Q

What is the function of the ‘Cookie’ header in an HTTP request?

  • To set new cookies in the client’s browser.
  • To cache the content of the response.
  • To inform the server of the client’s browser settings.
  • To send stored cookie data to the server.
A

To send stored cookie data to the server.

Explanation: The ‘Cookie’ header is included in HTTP requests to send cookie data that the server has previously set via ‘Set-Cookie’ back to the server. This allows the server to maintain a stateful session with the client.

55
Q

What is the primary purpose of a ‘Set-Cookie’ header in an HTTP response?

  • To request the client’s user details.
  • To instruct the client’s browser to store a cookie.
  • To inform the server about the client’s browser version.
  • To specify the content length of the response body.
A

To instruct the client’s browser to store a cookie.

Explanation: The ‘Set-Cookie’ header in an HTTP response is sent by the server to the client in order to create a cookie on the client’s system. This cookie is then used for various purposes, such as maintaining session state or storing user preferences.

56
Q

When a client sends a ‘Cookie’ header in an HTTP request, what is it conveying to the server?

  • The client’s acceptance of the server’s cookie policy.
  • The client’s preference for the type of content it wishes to receive.
  • The cookie data previously set by the server that needs to be sent back.
  • A request to set a new cookie on the client’s system.
A

The cookie data previously set by the server that needs to be sent back.

Explanation: The ‘Cookie’ header in an HTTP request contains cookie data that the server has previously set via the ‘Set-Cookie’ header. The client sends this data back to the server with subsequent requests, allowing the server to recognize the client and maintain session information.

57
Q

What does it mean when a server sends a ‘Set-Cookie’ header with the HTTP response?

  • The server is requesting a cookie from the client’s browser.
  • The server is acknowledging the receipt of a cookie from the client.
  • The server is setting or updating a cookie on the client’s system.
  • The server is deleting a cookie from the client’s system.
A

The server is setting or updating a cookie on the client’s system.

Explanation: When a server sends a ‘Set-Cookie’ header with the HTTP response, it instructs the client’s browser to store the cookie. The browser will then send this cookie back to the server with each subsequent request to the same domain, which can be used for maintaining user sessions, personalizing content, or tracking user behavior.

58
Q

How does a web server identify returning visitors to a website using cookies?

  • By the IP address provided in the ‘Host’ header.
  • Through unique token values stored in the cookies.
  • Via the ‘User-Agent’ header containing browser information.
  • Through the ‘Content-Length’ header indicating the size of the request.
A

Through unique token values stored in the cookies.

Explanation: A web server identifies returning visitors by sending a unique token in a ‘Set-Cookie’ header, which the client’s browser then stores. On subsequent visits, the browser sends this token back to the server in a ‘Cookie’ header, allowing the server to recognize returning visitors.

59
Q

What can you use to view the cookies your browser sends to a website?

  • The browser’s history logs.
  • The website’s ‘Contact Us’ page.
  • The browser’s developer tools, under the “Network” tab.
  • The server’s public configuration files.
A

The browser’s developer tools, under the “Network” tab.

Explanation: Most modern browsers provide developer tools with a ‘Network’ tab that shows all resources requested by the browser. By clicking on a specific resource, you can view the details of the request and response, including the ‘Cookies’ tab where the sent and received cookies are displayed.

60
Q

What is the role of cookies in web authentication?

  • They store clear-text usernames and passwords for convenience.
  • They hold a session token that maintains authenticated state between requests.
  • They encrypt data transmissions between the client and server.
  • They increase the bandwidth for faster authentication checks.
A

They hold a session token that maintains authenticated state between requests.

Explanation: Cookies are commonly used in web authentication to store a session token or identifier. After the initial login, this token is sent with each HTTP request to maintain an authenticated session, so the user does not have to log in for every page request.

61
Q

If a user deletes the cookies stored by their browser, what effect does this have on their browsing experience?

  • Websites will no longer be able to track their visit history.
  • The browser will request to download images and other media again.
  • They may be logged out of websites where they were previously signed in.
  • The browser will switch to using a different web protocol for requests.
A

They may be logged out of websites where they were previously signed in.

Explanation: Deleting cookies from a browser typically logs the user out of websites where they were signed in because the session tokens stored in cookies are removed. Without these tokens, the server cannot recognize the user’s authenticated session on subsequent requests.

62
Q
A

WebBreach Mastery (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions