tryhackme notes sep2024 Flashcards
How does a switch improve network efficiency compared to a hub?
A switch improves network efficiency by managing data traffic intelligently, directing packets only to the intended recipient device, whereas a hub broadcasts data to all connected devices.
How does the ‘Content-Type’ header function in HTTP responses?
‘Content-Type’ header specifies what kind of data the server returns to the client, such as an HTML document or a JPEG image.
Explain the priority of encoding specified in HTTP headers.
The encoding specified in the HTTP headers has a higher priority than the encoding specified in the header of the HTML document using the ‘meta charset’ HTML tag.
What is the significance of the SID for services.exe?
The SID for services.exe is NT AUTHORITY\SYSTEM (S-1-5-18), indicating it runs with the privileges of the most authorized user.
What follows the HTTP status line in a response?
After the HTTP status line, the HTTP response headers come, providing metadata for the returned resource or error.
Explain the concept of idempotent methods in HTTP.
Idempotent methods can send multiple identical requests to the server, and the outcome will always be the same regardless of how many times the requests are sent.
What is the range of values for each octet in an IP address?
Each octet in an IP address can range from 0 to 255.
How does an ARP request work?
An ARP request broadcasts a message on the network asking for the MAC address associated with a specific IP address.
How does the Destination Port differ from the Source Port in a UDP connection?
Unlike the Source Port, which is chosen at random, the Destination Port is not randomly chosen and corresponds to a specific application or service.
Describe the purpose of caching DNS queries.
Caching DNS queries mitigates the risk of using stale values in a DNS cache and improves efficiency.
Define TCP/IP in the context of web servers.
TCP/IP, or Transmission Control Protocol/Internet Protocol, is the underlying protocol suite used for communication over the internet.
Describe the OSI model.
The OSI model, or Open Systems Interconnection Model, is a fundamental framework used in networking that dictates how all networked devices send, receive, and interpret data.
Explain the significance of the FIN packet in TCP communication.
The FIN packet signifies the intention to terminate a connection, allowing both parties to acknowledge the closure.
How does the checksum field contribute to data integrity in networking protocols?
The checksum field provides integrity checking for protocols such as TCP/IP; if any data is changed, the checksum value will differ from what was expected, indicating corruption.
Define the purpose of the OSI model.
The purpose of the OSI model is to provide a standardized framework for understanding and implementing network communication between different systems.
Explain the role of a DNS resolver in the browsing process.
The DNS resolver responds to the web browser with the IP address of the domain requested.
What devices can be aggregated by a switch?
A switch can aggregate multiple devices such as computers and printers.
Explain the role of the Default Gateway in data transmission.
The Default Gateway is responsible for sending data to devices that are not on the same network.
Explain the function of an AAAA Record.
An AAAA Record maps a domain name to its corresponding IPv6 address.
Describe the function of the Flag header in packet handling.
The Flag header determines how the packet should be handled by either device during the handshake process.
Explain the setup complexity of IPSec compared to other protocols.
IPSec is more difficult to set up than other VPN protocols, but it offers stronger encryption if successfully configured.
What are the advantages of using UDP?
UDP is much faster than TCP, does not care if data is received or not, and allows application developers flexibility in how quickly packets are sent.
Describe the process a new device follows to obtain an IP address using DHCP.
A new device sends a request to the network to check for any available DHCP server. The DHCP server replies with an IP address that the device can use. The device then confirms the IP address, and the DHCP server acknowledges and confirms the completion of the process.
How does the HTTP server component function?
The HTTP server component interprets the client’s request and formulates the appropriate response.
How do headers enhance the web experience when making requests?
Headers allow additional data to be sent along with the request, providing a richer web experience.
Describe the two types of Top Level Domains (TLD).
The two types of Top Level Domains (TLD) are generic Top Level Domains (gTLD) and country code Top Level Domains (ccTLD).
How do devices associate their MAC address with an IP address?
Devices use the ARP protocol to associate their MAC address with an IP address on the network.
How does a dynamic web server generate responses?
A dynamic web server generates responses based on user input, data processing, or interaction with external systems.
Describe the response from the server when a file has been deleted.
The server returns a response indicating that the file has been deleted. If the same request is sent again, the server responds that the file has already been deleted.
Explain the process of an ARP request.
An ARP request is a broadcast message sent on the network asking, ‘What is the MAC address that owns this IP address?’
Describe the average time it takes for DNS lookups to complete.
DNS lookups on average take between 20-120 milliseconds to complete.
How does a web browser access resources on a website?
A web browser requests assets such as HTML and images from a web server, using URLs to specify how and where to access these resources.
What types of content can a web server store in its file system?
A web server can store various types of content in its file system, including HTML files, images, scripts, and other files.
Describe the two types of messages sent by the ARP protocol.
The ARP protocol sends ARP requests and ARP replies to map IP addresses to MAC addresses.
What is the first message in the Three-way handshake?
The first message is the SYN message, which is the initial packet sent by a client to initiate a connection and synchronize the two devices.
Explain the disadvantages of using UDP.
Disadvantages of UDP include a lack of safeguards like data integrity, resulting in a poor user experience during unstable connections.
Define a TXT Record in DNS.
A TXT Record is a free text field where any text-based data can be stored.
What is the function of web server software?
Web server software controls the processing and delivery of web content to clients.
Describe the process of encapsulation in the TCP model.
Encapsulation in the TCP model involves adding information to each layer as a piece of data (or packet) traverses it.
Describe the purpose of a Three-way handshake in TCP.
The Three-way handshake establishes a reliable connection between two parties before data transmission begins.
How are IP addresses typically assigned to devices on a network?
IP addresses are mostly assigned automatically using DHCP, although they can also be assigned manually.
How does subnetting work in networking?
Subnetting splits a network into smaller networks, known as subnets.
Describe the role of the data header in a UDP packet.
The data header in a UDP packet is where the actual data, or bytes of a file being transmitted, is stored.
What happens if a DNS query is not found in a laptop’s cache?
If a DNS query is not found in the laptop’s cache, it will send the DNS query to the first DNS server in the chain, often the home router.
How does a web server process requests from web browsers?
A web server acts as a central hub that processes requests from web browsers and serves the requested content back to the clients.
Describe the purpose of the Destination Port in a UDP connection.
The Destination Port is the port number that an application or service is running on the remote host that is receiving the data.
How does the checksum function in a TCP packet?
The checksum is used to verify the integrity of the data by checking for errors in the transmitted packet.
How can a virtual host be configured?
There are many ways to configure a virtual host, with various methods commonly used today.
How does the HTTP response status line begin?
The HTTP response status line starts with the protocol version, followed by the response status code, and then a human-readable text explanation of the status code.
How do traditional web servers operate?
Traditional web servers handle HTTP requests and serve web content. Examples include Apache HTTP Server, Nginx, LiteSpeed, and Cherokee.
How many logical root name servers exist globally?
There are 13 logical root name servers globally.
How are HTTP status codes categorized?
HTTP status codes are categorized into classes such as informational responses (100–199), successful responses (200–299), redirection messages (300–399), client error responses (400–499), and server error responses (500–599).
What happens after a device confirms the IP address it received from the DHCP server?
After confirming the IP address, the DHCP server acknowledges the assignment, completing the process, and the device starts using the assigned IP address.
Define the Sequence Number in data transmission.
The Sequence Number is a random number assigned to the first piece of data transmitted during a connection.
What is the main difference between Layer 2 and Layer 3 switches?
Layer 2 switches operate at the data link layer and forward frames based on MAC addresses, while Layer 3 switches operate at the network layer and route packets based on IP addresses.
Describe the exchange of data packets between client and server.
The exchange of data packets between the client and the server ensures reliable delivery of requests and responses, facilitating communication.
What is the role of the destination address in a packet?
The destination address is the IP address of the device that the packet is being sent to, guiding the data on where to travel next.
How does the DNS resolver interact with the root name server?
The DNS resolver queries a DNS root name server to obtain the address of a TLD DNS server.
Describe the significance of Layer 7 in the OSI model.
Layer 7, known as the Application layer, is significant because it provides network services directly to end-user applications.
Give an example of an HTTP DELETE request.
An example of an HTTP DELETE request is for deleting an item from the shopping cart in an e-commerce web application.
How many instances of services.exe can exist in a process tree?
There can only be one instance of services.exe in a process tree.
Describe the initial function of a virtual host.
A virtual host initially started to host more than one website on a single machine, sharing resources like memory and CPU to achieve maximum efficiency.
How does a router handle DNS queries?
The router checks its own DNS cache for an answer; if not found, it forwards the request to the next DNS server.
What happens after the DNS resolver receives the address of a TLD DNS server?
The resolver makes a request to the TLD server, which responds with the IP address of the domain’s authoritative name server.
How does the HEAD method function in HTTP?
The HEAD method retrieves the resource’s headers without retrieving the resource itself.
Describe the purpose of the Destination IP in a packet.
The Destination IP is the IP address of the device that the packet is intended for.
Explain the Three-way handshake process.
The Three-way handshake is a method used to establish a connection between two devices, involving a series of special messages.
Define the purpose of the FIN packet in TCP connection termination.
The FIN packet is used to initiate the closure of a TCP connection, indicating that the sender has finished sending data.
Describe the role of a DHCP server in the network.
A DHCP server assigns IP addresses to devices on the network, manages the IP address pool, and ensures that each device receives a unique IP address for communication.
How do dynamic and static web servers differ?
Dynamic web servers generate content on-the-fly based on user requests, while static web servers deliver pre-existing content without modification.
Describe the function of a router in a network.
A router’s job is to connect networks and pass data between them using routing.
What is the significance of ping in network diagnostics?
Ping is significant in network diagnostics as it uses ICMP packets to determine the performance and reliability of a connection between devices, checking if the connection exists and is functioning properly.
Explain the importance of web servers in the Internet.
Web servers are the backbone of the Internet, facilitating the accessibility and availability of online resources.
Identify the typical provider of the next DNS server in the chain.
The next DNS server in the chain is typically provided by your Internet Service Provider (ISP).
What must both computers agree on during the communication process?
Both computers must agree on the same random number sequence for successful data reconstruction.
What processes are spawned by the system process during Windows startup?
The system process launches the Session Manager Subsystem (smss.exe) and is responsible for starting other processes like services.exe, lsass.exe, and lsm.exe.
Differentiate between gTLD and ccTLD.
gTLD stands for generic Top Level Domain, while ccTLD stands for country code Top Level Domain, such as .ca or .co.uk.
Explain the significance of acknowledging packets in TCP.
Acknowledging packets ensures that both devices confirm receipt of data, which is crucial for maintaining data integrity and reliability in the communication.
Identify the function of Layer 3 in the OSI model.
Layer 3, known as the Network layer, is responsible for routing packets using IP addresses.
How does TCP handle synchronization between devices?
TCP is capable of synchronizing two devices to prevent them from being flooded with data in the wrong order.
Explain the function of a TLD name server.
A TLD name server stores the IP addresses of authoritative name servers and responds to queries from DNS resolvers with the address of the domain’s name server.
Describe when the system process is started.
The system process is started at boot time, before any other user-mode processes.
Define the CRUD operations associated with HTTP methods.
CRUD operations correspond to Create (POST), Read (GET), Update (PUT), and Delete (DELETE).
Describe the relationship between Network Address and Host Address.
The Network Address identifies the network, while the Host Address identifies individual devices within that network.
Describe the purpose of the RS T packet in communication.
The RS T packet abruptly ends all communication and indicates that there was some problem during the process.
How do both types of web servers contribute to client requests?
Both dynamic and static web servers contribute to receiving and processing client requests, ensuring smooth communication by delivering the requested content promptly.
Describe how subnet masks are represented.
Subnet masks are also represented as a number of four bytes (32 bits), similar to IP addresses.
How does UDP’s flexibility benefit software developers?
UDP’s flexibility allows software developers to decide how quickly packets are sent without the constraints of a continuous connection.
Describe the purpose of a Network Address.
A Network Address identifies the start of the actual network and is used to identify a network’s existence.
Explain the function of a VPN.
A VPN (Virtual Private Network) allows devices on separate networks to communicate securely by creating a dedicated path, known as a tunnel, over the Internet.
Explain the significance of the random number sequence in data transmission.
The random number sequence is assigned to any sent data and is used to reconstruct the data by incrementing the sequence by 1.
What is the most common network topology mentioned?
Star topology is mentioned as the most common.
How does redundancy improve network reliability?
Redundancy increases network reliability by adding multiple paths for data to take, allowing alternative routes if one path goes down.
How does a browser initiate a DNS lookup for a domain like google.com?
When a user types google.com into the browser, the browser sends the domain name to the DNS resolver.
What technology does DNS represent and its primary function?
DNS, or Domain Name System, translates domain names into IP addresses, allowing users to access websites using human-readable names.
How does the Windows initialization process relate to system processes?
The Windows initialization process, represented by wininit.exe, is created by the Windows kernel at boot time and does not have a parent process.
Describe the function of routers in a network.
Routers connect different networks and route data packets between them, operating at Layer 3 of the OSI model.
How does the process of establishing a connection via UDP differ from TCP?
The process of establishing a connection via UDP differs from TCP in that UDP does not require a connection to be established and does not send acknowledgments.
Define what an ARP cache is.
An ARP cache is a ledger stored in each device that keeps track of the identifiers (IP and MAC addresses) of other devices on the network.
How does the Checksum contribute to TCP integrity?
The Checksum is a value calculated mathematically to ensure data integrity; if the output differs from what was sent, the data is considered corrupt.
Identify potential issues that could lead to the use of the RS T packet.
Potential issues include the service or application not working correctly or the system having faults such as low resources.
How does a client send a request to a web server?
A client, which can be a web browser, sends an HTTP request to the web server. The request includes information such as the requested URL, request method (e.g., GET, POST), headers, and optional data.
What are the components of a web server?
The components of a web server include the HTTP server, which handles incoming HTTP requests and manages communication between the client and the server, and TCP/IP, which is the underlying protocol suite used for communication over the internet.
Explain the function of the ARP protocol.
The ARP protocol is used to map IP addresses to MAC addresses within a network.
Define the purpose of a network address.
A network address is used to identify the start of a network.
How does TCP handle resource management during a connection?
TCP reserves system resources for each connection, and it is best practice to close connections as soon as they are no longer needed to free up these resources.
What does Alice do after hearing Bob’s acknowledgment of the FIN packet?
Alice acknowledges Bob’s response, confirming that she has received his acknowledgment.
Define application servers and their purpose.
Application servers are designed for hosting web applications and executing server-side code. Examples include Microsoft Internet Information Services (IIS) for .NET apps and Apache Tomcat for Java apps.
How do safe methods affect server state when used on a resource URL?
Using safe methods like GET or HEAD on a resource URL should never change the resource.
What is the maximum number of ports available for use in a UDP connection?
The maximum number of ports available for use in a UDP connection is 65535.
What is a frame in the context of the OSI model?
A frame is a data unit at Layer 2 of the OSI model, which does not contain IP addresses and is used for data link layer communication.
Define ICMP and its role in network diagnostics.
ICMP stands for Internet Control Message Protocol, and it is used for sending error messages and operational information in network communications.
How do routers function in relation to the OSI model?
Routers function at Layer 3 of the OSI model, enabling them to deliver packets using IP addresses.
Define what happens when the RS T packet is used.
When the RS T packet is used, it signifies that communication has been terminated due to issues such as service or application malfunctions or system faults.
How does the cost of star topology compare to other network topologies?
The cost of star topology is higher than other network topologies due to the need for more cabling and dedicated networking equipment, but it offers better reliability and scalability.
Provide an example of an HTTP PATCH request.
An example of an HTTP PATCH request is for updating the quantity of an order item in the shopping cart of an e-commerce web application.
What does an MX Record do?
An MX Record resolves to the address of the servers that handle email for the queried domain.
How does cloud computing enhance the use of virtual hosts?
With the invention of cloud computing, virtual hosts now serve more purposes than ever, including virtual application hosting, virtual server hosting, virtual storage hosting, and sometimes entire data center hosting.
Explain the role of switches in a network.
Switches are dedicated devices in a network designed to aggregate multiple devices, such as computers and printers, using Ethernet. They are more efficient than hubs or repeaters and keep track of which device is connected to which port.
Explain the advantages of using a switch over a hub.
A switch is more efficient than hubs or repeaters because it sends data only to the intended target rather than repeating it to every port.
