Network Applications

Question 1

HTTP

Answer 1

Hypertext Transfer Protocol

• Enables clients (typically browsers) to request resources from HTTP server on port 80 by default
• Requests resource with URL (uniform resource locator)
• Server responds with either datea or error message
• Data sent unencrypted and no authentication from client or server

Question 2

HTTP Header

Answer 2

• Defines the formats of the responses and requests to and from HTTP servers
• Payload is usually HTML (Hypertext Markup Language).

Question 3

Web Servers

Answer 3

• HTTP Servers connected to the internet and hosting websites
• Main platforms are Microsoft Internet Information Server (IIS), Apache and nginx

Question 4

Dedicated Server

Answer 4

• Private HTTP server allocated by rented as service from ISP
• Typically unmanaged or management has an additional cost

Question 5

VPS

Answer 5

Virtual Private Server

• ISP Allocated VM within a physical server
• Isolated by a hypervisor

Question 6

Cloud Hosting (HTTP Server)

Answer 6

• Website runs on cloud on several hardware computers, allowing more scalability if needed

Question 7

Shared Hosting (HTTP Server)

Answer 7

• Website is hosted within private directory on shared server
• Performance can be affected by other sites hosted on server because they all share resources

Question 8

SSL/TLS

Answer 8

Secure Sockets Layer/ Transport Layer Security

• Developed to address security problems with HTTP
• Encrypts TCP connections
• When used with HTTP is called HTTP Secure (HTTPS)

Question 9

HTTPS

Answer 9

HTTP Secure

• Web server is installed with digital certificate from certificate authority (CA)
• Proves identity of server, assuming client also trusts CA
• Certificate is wrapper for public/private encryption key pair
• Server and client use certificate to set up an encrypted tunnel
• Sent of port 443

Question 10

FTP

Answer 10

File Transfer Protocol

• Used to perform administrative upload/downloads for servers and appliances
• Port 21 used for commands and status, but not to transfer data

Question 11

Active FTP

Answer 11

• Client sends PORT command specifying chosen data connection port
• Server opens a connection between client port and port 20 on the server
• Poses issues for some firewalls, as the server is initiating inbound connection

Question 12

Passive FTP

Answer 12

• Client opens data port
• Sends PASV command to server control port
• Server opens random high number port and sends to the client with PORT command

Question 13

TFTP

Answer 13

Trivial File Transfer Protocol

• Connectionless, running over UDP port 69
• Not guaranteed delivery
• Only suitable for small files
• Only supports reading (GET) and writing(PUT) files.
• Most commonly used by legacy network applications.
• No security mechanisms

Question 14

SFTP

Answer 14

Secure FTP

• Encrypted authentication and data transfer between client and server
• Secure link is created using SSH over TCP port 22
• Command and data can then be sent over link without risk
• Requires an SSH server that support SFTPs

Question 15

Explicit TLS (FTPES)

Answer 15

• Means of securing FTP over SSL/TLS
• Use AUTH TLS to upgrade insecure connection over port 21 to secure one.
• This protects authentication credentials
• Data connection can be encrypted using PROT command

Question 16

Implicit TLS (FTPS)

Answer 16

• Negotiates SSL/TLS tunnel before exchange of FTP commands
• Uses Port 990
• Tricky to use with firewall

Question 17

SMB

Answer 17

Server Message Block

• Provides File/Print Sharing Services over windows network
• Allows hows to share directories and printers to other machines.
• Typically run over Port 445

Question 18

Port 9100

Answer 18

• Referred to as standard TCP/IP port, Appsocket, or JetDirect
• Establishes TCP connection to transfer raw Page Description Language (PDL) and Printer Job Language (PJL)
• Most common PDLs are PS and PCL

Question 19

IPP

Answer 19

Internet Printing Protocol

• Adapted form of HTTP that uses port 631 and can be implemented as secure protocol (IPPS)
• Provides better support for status messaging than port 9100

Question 20

WSD/AirPrint

Answer 20

• Allow device to advertise service capabilities over network
• Windows and Mac hosts can add device using play and play and manage it with status updates

Question 21

SQL

Answer 21

Structured Query Language

- Used to operate relational databases

Question 22

SMTP

Answer 22

Simple Mail Transfer Protocol

• Specifies how mail is delivered from one system to another.
• Server SMTP server finds IP of recipient server using domain name of recipient email address
• Recipient servers are registered in DNS for MX and A records
• Tries to send message several times and delivers non-delivery report(NDR if it failed.

Question 23

SMTPS

Answer 23

Secure SMTP

- Works much like HTTPS with certificate on server and negotiations between client and server

Question 24

Port 25

Answer 24

• Used to relay messages between SMTP servers

- If security is required STARTTLS command can be used to set up secure connection

Question 25

Port 587

Answer 25

- Used by mail clients to submit messages for delivery by SMTP server - Servers configured for 587 should use STARTTLES and require authentication to send

Question 26

POP

Answer 26

Port Office Protocol - Allows user client email software to access mailbox server - Establishes connection to POP server on port 110 - User is authenticated and contents are downloaded to local PC - Generally speaking, messages are deleted from mailbox server when they are downloaded - Can be secured with TLS using port 995

Question 27

IMAP

Answer 27

Internet Mesage Acces Protocol - Supports permanent connections to mailbox server and connecting multiple clients to mailbox at same time. - Also allows client to manage mailbox on server - Port 143. - Secure TLS connection on port TCP/993

Question 28

POTS

Answer 28

Plain old telephone service | - Legacy, analog voice service

Question 29

PBX

Answer 29

Private Branch Exchange - Automated switchboard allowing single connection point for orgs voice lines - Provides full phone system functionality over digital digital trunk line

Question 30

SIP

Answer 30

Session Initiation Protocol - One of most widely uses session control protocols - SIP endpoints are end user device, like IP handsets or client server web conference software - Each device or user is assigned unique SIP Uniform Resource Code Example: SIP:jaime@515support.com Runs over UDP 5060 unsecured and 5061 secured.

Question 31

RTP

Answer 31

Real-time Transport Protocol - Manages delivery of data in real time - Uses UDP, but with some of the reliability features of TCP - Works closely with RTP Control Protocol - RTCP monitors session and send quality reports which can be used to modify session and aid QoS

Question 32

VoIP Phones

Answer 32

- Use VLAN tagging to ensure SIP control and RTP media protocols can be segregated from normal traffic.

Question 33

Main Web Server Platforms

Answer 33

- Apache, Microsft Internet Information Server(IIS) and nginx