Summary Questions, Chapters 40-42 Flashcards
Firewall
Hardware or software protecting against unauthorised access to a network
What are the two ways of creating a firewall?
- packet filtering
* stateful inspection
What is packet filtering?
A technique for examining the contents of packets on a network and rejecting them if they do not conform to certain rules.
What is stateful inspection?
A technique for examining the contents of packets on a network and rejecting them if they do not form part of a recognised communication.
Why does routing through a proxy server increase security?
There is no direct connection between the computer on the LAN and the internet, so all requests are passed through the proxy server.
What is symmetric encryption?
Where the sender and receiver both use the same key to encrypt and decrypt data.
What is key exchange?
When the sender sends the encryption key to the receiver
What is asymmetric encryption?
When a public and private key are used to encrypt and decrypt data.
What is a private key?
A code used to encrypt and decrypt data that is only known by one user, but is mathematically linked to a corresponding public key.
What is a public key?
A code used to encrypt and decrypt data that can be made public and is linked to a corresponding private key.
What is a digital certificate?
A method of ensuring that an encrypted message is from a trusted source as they have a certificate from a Certification Authority.
What is a Certification Authority?
A trusted organisation that provides digital certificates and signatures.
What is a digital signature?
A method of ensuring that an encrypted message is from a trusted source as the have a unique, encrypted signature, verified by a Certification Authority.
What is a Trojan?
Malware that is hidden within another file on your computer.
What is a virus?
A generic term for malware where the program attaches itself to another file in order to infect a computer.
What is a worm?
Malware or type of virus that replicates itself and spreads around a computer system, but does not need to be attached to a file in order to infect a computer.
List ways of reducing the risk of a virus entering your network.
- firewall
- keep OS up to date
- encrypt data files
- ensure requests are coming from recognised sources
- keep anti-virus software up to date
Which type of encryption is more secure?
Asymmetric
What is TCP/IP?
A set of protocols for all TCP/IP network transmissions.
What are the four layers of TCP/IP?
Application, Transport, Internet, Link
What is the purpose of the Application Layer?
Handles Domain Name System and some protocols.
What is the purpose of the Transport Layer?
Ensures all packets have arrived and that there are no errors in them.
What is the purpose of the Internet Layer?
Defines IP addresses of devices that send and receive data, creates and routes packets
What is the purpose of the Link Layer?
Controls physical characteristics, provides synchronisation of devices, identifies network topology being used
What is a port?
An addressable location on a network that links to a process or application.
What is HTTP?
A protocol for transmitting and displaying web pages.
What is the client-server model?
A way of implementing a connection between computers where one computer (client) makes use of the resources of another (server).
Which protocols does HTTPS use?
Secure Socket Layer (SSL) and Transport Layer Security (TLS)
What is FTP?
A protocol for handling file uploads and downloads.
What is SSH?
A protocol for remote access to computers.
How does SSH improve connection security?
It creates a secure network of nodes.
Why must you use specific command words when using SSH?
It uses a command line interface.
What is SMTP protocol used for?
Sending emails
What is POP3 protocol used for?
Receiving emails
Which port does POP3 use?
Port 110
What is a web server?
A dedicated computer on a network for handling web content.
What is an email server?
A dedicated computer on a network for handling email.
What is a web browser?
An application for viewing web pages.
How does a web browser show a user web pages?
- Sends URL
- Translates URL to IP address
- Returns to browser
- Browser connects to web server using IP address
- Web server sends web pages to browser
What does API stand for?
Application Program Interface
What is an API?
A set of subroutines that enable one program to interface with another program.
What is websocket protocol?
A set of rules that creates a persistent connection between two computers (client and server) on a network to enable real-time collaboration.
What are messages?
Packets of data transmitted using websocket protocol.
What is CRUD?
An acronym that explains the main functions of a database: Create, Read, Update, Delete
What does CRUD refer to?
The way in which data is actually displayed.
What does SQL stand for?
Standard Query Language
What is SQL?
A programming language used to manage data within a relational database.
What does REST stand for?
Representational State Transfer
What is REST?
A methodology for implementing a networked database.
What does HTTP stand for?
Hypertext Transfer Protocol
What is HTTP?
Protocol to define identification, request and transfer of multimedia content over the Internet.
What does JSON stand for?
JavaScript Object Notation
What is JSON?
A standard format for transmitting data.
What does XML stand for?
Extensible Markup Language
What is XML?
A method of implementing a database where a database is put into a server and various users can access it from their workstations.
What is a thin client?
A network where one computer contains most resources, processing power and storage capacity, which it distributes to other clients.
What is a thick client?
A network where resources, processing power and storage capacity are distributed between the server and the client computers.
What is a terminal?
A computer with little or no processing power or storage capacity, which is used as a client in a thin client network.
What are the advantages of a thin client network?
- Easy and cheap to set up new clients
- Server can be configured to distribute all hardware and software resources needed
- Hardware and software changes only need to be implemented on the server
- Easier for network manager to control the clients
- Greater security as clients have fewer access rights
What are the disadvantages of a thin client network?
- Clients are dependent on server, so if it goes down, all clients are affected
- Can slow down with heavy use
- May require greater bandwidth to cope with client request
- High-specification servers are expensive
What are the advantages of a thick client network?
- Reduced pressure on the server leading to more uptime
- Clients can store programs and data locally, giving them more control
- Fewer servers and lower bandwidth can be used
- Suitable for tablets and mobile phones that require more of the processing and storage to be done on the server side
What are the disadvantages of a thick client network?
- Reduced security if clients can download software or access the internet remotely
- More difficult to manage and update
- Data more likely to be lost or deleted on client side
- Can be difficult to ensure data integrity
How does JSON compare to XML in terms of human readability?
Very easy to read as it is based on defining objects and values
How does JSON compare to XML in terms of how compact the code is?
Less code is created in JSON than XML.
How does JSON compare to XML in terms of parsing speed?
Quicker than XML as data is clearly defined as object and value.
How does JSON compare to XML in terms of ease of creation?
Easier to create as the syntax of the coding is easier.
How does JSON compare to XML in terms of flexibility and extenibility?
Works with a limited range of data types, which may not be sufficient for all applications.
