Protocols Flashcards
What is a protocol?
A protocol is a set of rules that allow two or more entities(computers) to communicate and transfer data. It ensures that the data is transmitted accurately and can be understood by both the sender and the receiver.
List five protocols
- TCP (transmission control protocol)
- UDP (user datagram protocol)
- HTTP (hyper text transfer protocol)
- gRPC (gRPC Remote Procedure Calls)
- FTP (File Transfer Protocol)
List three text-based data formats
- Plain text: Human-readable and easy to debug, but less efficient.
- JSON (JavaScript Object Notation): Lightweight data-interchange format that’s easy for humans to read and write.
- XML (eXtensible Markup Language): Flexible, but more verbose than JSON.
List three binary-based data formats
- Protobuf (Protocol Buffers): Efficient and extensible binary serialization format developed by Google.
- RESP (REdis Serialization Protocol): Used by Redis, a simple and efficient format for communication between clients and servers.
- h2, h3: HTTP/2 and HTTP/3 protocols that use binary framing for better performance.
What are the two main transfer modes in networking protocols and give an example of each?
The two main transfer modes are:
Message-based (Example: UDP - sends discrete datagrams)
Stream-based (Example: TCP - provides continuous stream of data)
What are the three main types of addressing systems used in networking?
The three main addressing systems are:
DNS (Domain Name System) - Human-readable addresses
IP (Internet Protocol) - Unique numerical labels for devices
MAC (Media Access Control) - Unique identifiers for network interfaces
Explain the difference between full duplex and half duplex communication.
Full duplex allows communication to occur simultaneously in both directions, while half duplex allows communication in both directions but not simultaneously.
What is the key difference between stateful and stateless protocols? Give an example of each.
Stateful protocols maintain a connection state throughout the communication session (example: TCP), while stateless protocols treat each message independently with no connection state maintained (example: UDP, HTTP).
What is the difference between TCP and UDP in terms of flow and congestion control?
TCP implements both flow control (managing data transmission rate) and congestion control (avoiding network congestion), while UDP has neither, making it faster but less reliable.
What are the two main methods of error management in networking protocols?
The two main methods are:
Error codes (standardized codes indicating different types of errors, like HTTP 404)
Retries and timeouts (mechanisms to handle errors by retrying transmission or aborting after a period)
What is the primary difference between HTTP and TCP in terms of directionality?
HTTP is typically unidirectional, involving a client sending a request and a server responding one way at a time, while TCP is bidirectional, allowing simultaneous data transmission in both directions.
What are the three main reasons why we need a communication model?
Agnostic Applications: Allows applications to work independently of network technology
Network Equipment Management: Enables standardized operation of various network devices
Decoupled Innovation: Permits independent innovation within different layers without affecting others
What is an agnostic application and why is it important?
An agnostic application is one that doesn’t need to know the specifics of the network medium it’s using. This is important because it:
Eliminates the need for separate versions for different network mediums
Simplifies application development
Increases compatibility and flexibility
What is the OSI Model and how many layers does it have?
The OSI (Open Systems Interconnection) model is a conceptual framework that divides network communications into seven distinct layers, each describing a specific aspect of networking. It’s used to understand and implement network communications.
What are the 7 layers of the OSI model in order from top to bottom?
Application Layer
Presentation Layer
Session Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
What is the main function of the Transport Layer (Layer 4) and what are its key protocols?
The Transport Layer provides reliable data transfer services to upper layers. Its key protocols are:
TCP (Transmission Control Protocol) for reliable, connection-oriented transmission
UDP (User Datagram Protocol) for connectionless transmission
It ensures complete data transfer through error checking, flow control, and data retransmission.
What is the role of the Physical Layer (Layer 1)?
The Physical Layer transmits raw bit streams over physical medium by:
Handling physical connection setup, maintenance, and teardown
Converting data into electrical, optical, or radio signals
Managing modulation and demodulation of signals
Examples include copper wires, fiber optics, and radio waves.
What is the main difference between the Data Link Layer and the Network Layer?
The Data Link Layer (Layer 2) provides node-to-node data transfer and handles error correction using MAC addressing and framing, while the Network Layer (Layer 3) manages device addressing and routing across network boundaries using IP protocols.
What are the main functions of the Presentation Layer (Layer 6)?
The Presentation Layer transforms data into a format that the application layer can accept by:
Handling encoding and encryption
Managing data compression
Performing data serialization (e.g., converting to JSON or XML)
Ensuring data is readable and translatable between different systems
How does a POST request flow DOWN through the OSI model from sender to network? Describe the process at each layer.
Starting from top to bottom:
Application Layer (L7): Creates the POST request with HTTP headers, method, and data
Presentation Layer (L6): Formats the data (e.g., converts to JSON), may encrypt if using HTTPS
Session Layer (L5): Establishes and manages the session, may handle authentication
Transport Layer (L4): Breaks data into segments, adds TCP header with port numbers
Network Layer (L3): Adds IP headers with source/destination IP addresses, determines routing
Data Link Layer (L2): Frames the data, adds MAC addresses
Physical Layer (L1): Converts the data into bits and transmits as signals (electrical, light, or radio)
How does a POST request flow UP through the OSI model when being received? Describe the process at each layer.
Starting from bottom to top:
Physical Layer (L1): Receives and converts signals back into binary data
Data Link Layer (L2): Checks frame integrity, removes frame headers, verifies MAC addresses
Network Layer (L3): Checks IP addresses, removes IP headers, reassembles packets if needed
Transport Layer (L4): Reassembles segments, removes TCP headers, checks for complete data
Session Layer (L5): Validates session, maintains connection
Presentation Layer (L6): Decrypts if necessary, converts from transmission format (e.g., JSON to object)
Application Layer (L7): Processes the HTTP POST request and passes to application
What specific data elements are added to the message at each layer when sending?
The data elements added at each layer are:
Application (L7): HTTP headers, method (POST), URL, body
Presentation (L6): Encryption, compression, data format indicators
Session (L5): Session identifiers, tokens
Transport (L4): TCP/UDP headers, port numbers, sequence numbers
Network (L3): IP headers, source/destination IP addresses
Data Link (L2): MAC addresses, frame headers and trailers
Physical (L1): Synchronization bits, signal patterns
What key checks are performed at each layer when receiving data?
Key checks at each layer:
Physical (L1): Signal integrity, bit synchronization
Data Link (L2): Frame check sequence (FCS), MAC address verification
Network (L3): IP address verification, packet integrity
Transport (L4): Sequence number checks, port number validation
Session (L5): Session validity, authentication status
Presentation (L6): Format compatibility, decryption success
Application (L7): HTTP request validity, content validation
What are the 7 main types of network intermediaries that a message might pass through between client and server?
Main intermediaries include:
Switches (Layer 2 device)
Routers (Layer 3 device)
Proxies
Load Balancers
CDNs (Content Delivery Networks)
Firewalls
Gateways
At which OSI layers do network intermediaries typically operate, and why don’t they need to look at higher layers?
Network intermediaries typically operate at:
Physical Layer (L1) - for signal transmission
Data Link Layer (L2) - for MAC addressing and switching
Network Layer (L3) - for IP routing
They don’t need higher layers because routing decisions are made based on addressing and routing information contained in these lower layers.
How does a switch handle a message and what OSI layer does it operate at?
A switch operates at Layer 2 (Data Link Layer) and:
Examines the MAC addresses in the frame header
Uses its MAC address table to determine the correct port
Forwards the frame only to the specific port needed
Doesn’t modify the data in higher layers
Creates separate collision domains for each port
How does a router handle a message and what OSI layer does it operate at?
A router operates at Layer 3 (Network Layer) and:
Examines IP addresses in the packet header
Consults its routing table to determine best path
May fragment packets if necessary
Updates TTL (Time To Live) field
Forwards packets between different networks
What is the role of a CDN in message delivery and which parts of the packet does it examine?
A CDN (Content Delivery Network):
Operates primarily at Layer 3-7
Examines IP addresses to determine client location
Looks at HTTP headers to understand request type
Caches content at edge servers
Routes requests to the nearest edge server
Reduces latency and bandwidth usage
How does a proxy server handle message forwarding and what information does it need to examine?
A proxy server:
Can operate at multiple layers (L3-L7)
Examines IP addresses for routing
May look at HTTP headers for decision making
Can modify headers and content
May perform caching, filtering, or load balancing
Can hide client identity from destination server
What is the typical path a request might take from client to server through intermediaries?
Typical path:
Client → Local Switch (L2)
→ Router (L3)
→ ISP’s Network
→ Various Internet Routers
→ CDN Edge Server
→ Load Balancer
→ Firewall
→ Server’s Local Network
→ Destination Server
What security checks might intermediaries perform while processing a message?
Security checks by intermediaries:
Firewalls: Packet filtering, port checking
Proxies: Malware scanning, content filtering
Routers: Access control lists (ACLs)
Load Balancers: DDoS protection
Switches: MAC address filtering
IDS/IPS: Traffic pattern analysis
What are the main shortcomings of the OSI Model?
The main shortcomings are:
Too many layers (7) making it complex to comprehend
Ambiguous boundaries between layers causing debates about layer responsibilities
Unnecessary separation of layers 5-6-7 which often function together in practice
Less practical compared to the TCP/IP model used in real-world networking
How does the TCP/IP model differ from the OSI model in terms of structure?
Key differences:
TCP/IP has only 4 layers (vs OSI’s 7 layers)
Combines OSI layers 5,6,7 into single Application layer
Physical layer is not officially part of TCP/IP model
More closely aligned with actual protocol implementations
Simpler and more practical for real-world use
Why don’t all network devices need to implement all seven layers of the OSI model?
Different devices operate at different layers based on their function:
Routers operate primarily at Layer 3 (Network)
Switches operate primarily at Layer 2 (Data Link)
End-user devices implement all layers
Each device only needs the layers relevant to its specific network function
What are the four layers of the TCP/IP model and what do they do?
Application Layer: Combines OSI layers 5,6,7 - handles high-level protocols and data representation
Transport Layer: End-to-end communication, error correction (TCP/UDP)
Internet Layer: Logical addressing and routing (IP)
Data Link Layer: Physical addressing and frame handling
What issues can arise from the OSI model’s layer boundaries being ambiguous?
Ambiguous boundaries can cause:
Confusion about which layer handles specific functions
Debates about where certain operations (like encryption) should occur
Overlap in layer responsibilities
Difficulty in implementing clear separation of concerns
Challenges in protocol design and development
How does the TCP/IP model address the shortcomings of the OSI model?
TCP/IP addresses OSI shortcomings by:
Reducing number of layers to 4
Combining upper layers into single Application layer
Matching actual protocol implementations
Providing clearer layer boundaries
Focusing on practical networking needs
Why is it simpler to deal with OSI Layers 5-6-7 as just one layer?
It’s simpler because:
These layers often work together in practice
Modern protocols don’t clearly separate these functions
Many applications handle all three layers’ functions together
Reduces complexity in protocol design
Better reflects how network applications actually work
What is the key practical benefit of the TCP/IP model over the OSI model?
Key practical benefits include:
Closer alignment with real-world networking protocols
Simpler to understand and implement
More flexible for modern applications
Better reflects actual network operations
Matches the Internet’s architecture more closely
What are the key differences between TCP and UDP, and when should each be used?
TCP (Transmission Control Protocol):
Connection-oriented
Guaranteed delivery
Flow control and error checking
Used for: Web browsing, email, file transfers
UDP (User Datagram Protocol):
Connectionless
No delivery guarantee
Faster, less overhead
Used for: Streaming, gaming, real-time applications
What is a three-way handshake in TCP, and what are its steps?
A three-way handshake establishes a TCP connection:
SYN: Client sends synchronization packet
SYN-ACK: Server acknowledges and sends its own synchronization
ACK: Client acknowledges server’s synchronization
This process establishes sequence numbers and confirms both sides are ready for data transfer.
What is DNS and how does it work at a high level?
DNS (Domain Name System):
Translates domain names to IP addresses
Hierarchical system: root → TLD → domain → subdomain
Uses cache to improve performance
Involves multiple server types: root, TLD, authoritative, recursive
Example: www.example.com → 93.184.216.34
What is HTTPS and why is it important?
HTTPS (Hypertext Transfer Protocol Secure):
Encrypts data between client and server
Uses SSL/TLS protocols
Provides three key services:
Encryption (privacy)
Authentication (server identity verification)
Data integrity (prevents tampering)
Required for sensitive data transmission
What is a subnet mask and what is its purpose?
A subnet mask:
Divides an IP address into network and host portions
Helps identify which part of IP address belongs to network
Common mask: 255.255.255.0 (/24)
Allows efficient network segmentation
Helps in routing and network organization
What happens when you type a URL in a browser and press enter?
Sequence of events:
DNS lookup to get IP address
TCP three-way handshake
HTTPS/TLS handshake if secure
HTTP GET request sent
Server processes request
Response sent back
Browser renders content
Additional resources loaded (images, CSS, etc.)
What is a CDN and why is it used?
Content Delivery Network:
Distributed servers worldwide
Caches content closer to users
Benefits:
Reduces latency
Decreases server load
Provides DDoS protection
Improves availability
Used by most major websites
What is NAT and why is it important?
Network Address Translation:
Translates private IP addresses to public IP
Conserves IPv4 addresses
Provides basic security
Types:
Static NAT
Dynamic NAT
PAT (Port Address Translation)
Essential for home/office networks
What is the difference between a switch and a router?
Switch (Layer 2):
Forwards based on MAC addresses
Operates within same network
Creates separate collision domains
Faster than routers
Router (Layer 3):
Forwards based on IP addresses
Connects different networks
Makes routing decisions
Provides network isolation
What is ARP and why is it needed?
Address Resolution Protocol:
Maps IP addresses to MAC addresses
Essential for Layer 2 communication
Process:
Broadcast ARP request
Target responds with MAC
ARP cache updated
Required for all IP networks
What are the main types of network security threats?
Key threats:
DDoS attacks
Man-in-the-middle attacks
SQL injection
Phishing
Malware
Port scanning
DNS poisoning
Zero-day exploits
What is a load balancer and what are its main functions?
Load Balancer functions:
Distributes traffic across servers
Health monitoring
Session persistence
SSL termination
Application-layer routing
Methods:
Round-robin
Least connections
IP hash
HTTP response status code: 200
Success
HTTP response status code: 301/302
Redirect
HTTP response status code: 400
Bad Request
HTTP response status code: 401
Unauthorized
HTTP response status code: 403
Forbidden
HTTP response status code: 404
Not Found
HTTP response status code: 500
Server Error
HTTP response status code: 503
Service Unavailable
What is CIDR notation and how is it used?
CIDR (Classless Inter-Domain Routing):
Notation: IP address/prefix length
Example: 192.168.1.0/24
Used for:
Network specification
Route aggregation
Efficient IP allocation
Subnet definition
What is a firewall and what are its main types?
Firewall types:
Packet filtering (stateless)
Stateful inspection
Application layer (proxy)
Next-generation firewalls
Functions:
Access control
Traffic monitoring
Threat prevention
Logging
What is the difference between IPv4 and IPv6?
Key differences:
Address length: 32-bit vs 128-bit
Format: Decimal vs Hexadecimal
Number of addresses: 4.3 billion vs 340 undecillion
Security: Optional vs Built-in IPSec
Configuration: Manual/DHCP vs Autoconfiguration
Header: Complex vs Simplified
What are common TCP/IP protocols and their port numbers?
Common protocols/ports:
HTTP: 80
HTTPS: 443
FTP: 21
SSH: 22
SMTP: 25
DNS: 53
DHCP: 67/68
POP3: 110
IMAP: 143
What is a proxy server and what are its main uses?
Proxy server uses:
Privacy/anonymity
Content filtering
Caching
Access control
Load balancing
Security scanning
Geographic restriction bypass
Monitoring/logging
What is the difference between symmetric and asymmetric encryption?
Symmetric:
Same key for encryption/decryption
Faster
Better for large data
Examples: AES, DES
Asymmetric:
Public/private key pairs
More secure for key exchange
Slower
Examples: RSA, ECC
What are microservices and how do they communicate?
Microservices:
Independent, small services
Communication methods:
REST APIs
Message queues
gRPC
Event streaming
Benefits:
Scalability
Independent deployment
Technology flexibility
Easier maintenance
