1
Q
What is a data payload?
A
The TCP and IP headers and application data all collectively
2
Q
When two devices are communicating, what actually does the communicating and what is this called?
A
- Application are the ones communicating
- Process-to-process communication
3
Q
What are the 4 layers of the TCP-IP model?
A
- Application
- Transport
- Network
- Link
4
Q
What does the TCP-IP model show?
A
How data is generated by an app and is processed by different protocols so it can be sent across physical connections.
5
Q
Describe what the application layer does
A
Where network applications create and interpret data
6
Q
Describe what happens at the Transport layer
A
- TCP splits application data into segments
- Attaches a header containing: source and destination ports, segment number and checksum
7
Q
What protocols are found at the transport layer?
A
- TCP
- UDP
8
Q
Describe what happens at the Network layer
A
- IP encapsulates segments into packets by adding header
- This contains the source and destination IP addresses and a time-to-live value
9
Q
What is the purpose of a time-to-live value?
A
It prevents additional congestion caused by lost packets by deleting them from the router
10
Q
Describe what happens at the Link layer
A
- Packets encapsulated into frames and physically transmitted as electrical signals
- Adds a header that contains the source and destination MAC addresses
11
Q
What is a port and what is it used for?
A
A communication endpoint that addresses a service or application on a network and allows for the same device to run multiple network applications
12
Q
What are well known ports and what is their use?
A
Reserved port numbers for specific purposes/protocols which are required so that clients can initiate communication with servers
13
Q
What is a client port?
A
- Dynamically allocated by the OS and change with each new TCP session
- Used by the OS to direct packets to the correct application
14
Q
What is a server port?
A
- Used by clients to direct requests to correct application on a remote host
- Well known and fixed
15
Q
What is a MAC Address?
A
48-bit number used to uniquely identify a network interface card and exchange data on a LAN
16
Q
What is a network socket?
A
A combination of IP address and port number, IP : port
17
Q
What does HyperText Transfer Protocol (HTTP) do?
A
Defines how web browsers communicate with web servers
18
Q
What is a web server?
A
Software used to listen to HTTP requests and return HTML files or other data
19
Q
What are web browsers?
A
Retrieve and display web pages on a client computer by generating a HTTP request for required resources.
20
Q
How do web servers and web browsers interact?
A
- User requests a page
- Web browser generates the HTTP request and sends it to the server, stating an access method and file path
- Server sends a HTTP response containing a status code and the data requested
21
Q
What is the difference between HTTP and HTTPS?
A
- HTTPS uses Transport Layer Security (TLS) to encrypt data before passing it to TCP
- Requests and responses are encrypted and the server and client are authenticated using digital certificates (IP addresses still visible)
22
Q
What are the features of File Transfer Protocol (FTP)?
A
- Used to transfer files between computers on networks
- Computers must be running FTP server or client server
- Clients can share, download or upload files
- Includes an authentication process
23
Q
What does SMTP do?
A
Send emails from a client to a mail server, or from one user’s mail server to another
24
Q
How does POP3 work?
A
- Retrieves a copy of email messages from the user’s mail server onto local client device
- Original message retained on mail server and any changes on local device are not synchronised back
25
How does IMAP work?
- Retrieves a copy of email messages from the user’s mail server onto local client device
- Any changes made to messages are recorded on the server
26
What are the features of SSH?
- Allows uses to remotely connect to another computer and issue commands on that remote machine
- Used in managing remote servers
27
What is SSH used to do?
- Configuring and restarting services
- Adding / Changing users
- Configuring firewalls
28
What are the two sections of the IPv4 address?
- Network ID
- Host ID
29
What is the purpose of the Network ID?
Router looks for the longest matching network ID (prefix) to determine which interface to send the packet to
30
What is the purpose of the Host ID?
To identify a specific host on a specified network
31
What is the relationship between the number of available Host IDs and the number of bits used to represent them?
Addressable hosts = 2n - 2, where n is the number of bits used
32
What is subnetting?
Splitting a network into subnets by repurposing some of the bits to form a subnet ID
33
What is a subnet mask?
Binary numbers made up of a series of 1s as long as the network ID, followed by 0s for the remaining bits
34
What is the process of identifying the subnet ID using a subnet mask?
1. Covert IP address and subnet mask into binary
2. Perform logical bitwise AND operation between them
3. Result is the subnet ID
35
How do you represent the IP address in CIDR (Classless Inter-Domain Routing)?
IP Address / Subnet ID bits
36
What are the advantages of using subnets?
- Reduces the broadcast domain which improves performance
- Increases security as packets must pass through firewalls if passing between subnets, reducing the spread of malware
37
How does reducing the broadcast domain improve performance when using subnets?
1. When a host needs to communicate to all other devices it has to send packets to the broadcast address
2. All connected devices return an ACK, causing congestion
3. By reducing the number of available hosts, congestion decreases and performance improves
38
Why was IPv6 introduced?
IPv4 uses 32 bits which was insufficient to address all network devices
39
What are the features of IPv6?
Uses 128 bits split into 8 groups of 4 hexadecimal digits
40
What are the advantages of having more unique addresses when using IPv6?
- No need for Network Address Translation
- Simpler and more efficient routing
- Devices can roam between locations and keep the same IP address
- Improved facilities for multicasting
41
Apart from having more unique addresses, what are the other advantages of IPv6?
- Automatic configuration of IP address without DHCP
- Larger IP packet sizes
- Improved support for prioritising packets by type
42
What are the two ways addresses can be assigned to host?
- Manually assigned
- Dynamically assigned
43
How do manually assigned IP addresses work?
- You can tell a computer which IP to use
- Used for hosts that **must be reliably reachable** at a known address
44
How do dynamically assigned IP addresses work?
- DHCP (Dynamic Host Configuration Protocol) server leases and IP address to the host for a fixed duration
- Used for client devices that come and go from the network
45
What are the advatages of dynamically assigned IP addresses?
- Easier as there is no need to enter IP addresses
- Less error prone as there is no way to accidentally have duplicate IPs
- More efficient as IP addresses can be reallocated if they are not being used
46
How does DHCP work?
1. Host requesting an IP address broadcasts a DHCPDISCOVER packet to the subnet
2. DHCP sever responds with a DHCPOFFER packet containing an IP address it can allocate
3. Host responds with a DHCPREQUEST packet, asking for the IP addressing being offered
4. DHCP server responds with a DHCPACK packet, acknowledging allocation of the IP addressing to the host
47
What is a private IP address?
Non-routable IP address that is unique within the LAN but not globally
48
What is a public IP address?
Routable IP address that is globally unique
49
What does it mean for a IP address to be routable?
Can be used to communicate across networks
50
What do all devices on a LAN share and how is this done?
They all share a public IP using Network Address Translation (NAT)
51
Routers are responsible for the NAT process. Describe this process:
- Router swaps source IP address on leaving packets with its own public IP
- TCP/UDP port is modified so it points to hosts within the network
- A translation stable stores the information of how to redirect incoming packets back to their hosts
52
When is port forwarding used?
Used when a server needs to be accessed from external networks. Incoming packets use the public IP address of the router and a known port number which forwards the packet to a known host.
53
What is a router?
- Piece of networking hardware that transfers IP packets from one network to another.
- Has multiple network interfaces that correct to other networks
- Operate in the Network Layer
54
What is a gateway?
- Point that repackages IP packets to use a different link-layer protocol
- Required where packet needs to pass between different topologies
- Operate at the Link Layer
55
Describe Tier 1 in the network hierarchy:
- “Internet backbone” that all other network providers connect to
- Handle huge bandwidths and own most undersea cables
- Operated by large telecommunication companies called Network Service Providers (NSP)
- Engage in peering
56
What is peering?
Agreement between NSPs to allow access to each others networks for free which increases efficient transfer of traffic for all
57
Describe Tier 2 in the network hierarchy:
- Provide national services
- Engage with peering
- Most business-focused Internet Service Providers found here
- Pay access to Tier 1 NSPs to access their network
58
Describe Tier 3 in the network hierarchy:
- Operated by smaller NSPs
- Pay to Tier 2 NSPs to access their network
59
How do packets pass through the network hierarchy as they are sent to their destination?
They travel up to Tier 1 and then back down to lower tiers
60
What are Internet Exchange Points?
Physical locations where Tier 1,2 and 3 networks can connect to each other
61
What does the header of IP packets contain?
- Source IP address
- Destination IP address
- Checksum
- TTL value
62
What is the structure of an IP packet
- IP Header
- Data being carried
63
What does a router determine when it receives a packet?
- Should it drop the packet
- Should it forward the packet and if so where
64
How does a router determine where to send a packet?
- Use information stored in routing and forwarding tables
- Send packets to the next router using longest prefix matching
65
Describe the routing processing?
Routers send packets to the next router where the TTL value is decremented and the MAC address are updated to the new source and destination MAC addresses. This is repeated until the destination is reached.
66
What is packet switching?
Process that controls how data packets are sent across the internet using different paths in an efficient and fault-tolerant way
67
Describe the process of packet switching:
1. Data is broken down into smaller packets by transport layer
2. If using TCP, each packet is given a sequence number, checksum and port number
3. TCP packet encapsulated within an IP packets and IP address are added
4. IP packets encapsulated into an Ethernet frame and MAC addressed are added and passed to the router
5. Each router inspects each packet to see if the destination IP address is on the LAN and if not passes it to the next closest router
6. Each packet is sent along different paths to its destination via connected routers, efficiently using the network
7. Once received, packets are reassembled using sequence number and requests sent for any missing packets
68
What is a Fully Qualified Domain Name (FQDN) ?
A human-friendly, easy-to-remember address for the exactly location of a particular host within the DNS hierarchy
69
What is the FQDN made up of?
- Hostname
- Domain
- Top Level Domain (TLD)
70
What is the Domain Name System (DNS)?
System responsible for translating **FQDNs** into IP addresses
71
Describe the DNS process:
1. Computer checks local DNS cache to see if the FQDN can be found. If so the IP address is retrieved and the process finishes
2. If not the OS will send a DNS lookup request to its assigned DNS resolver
3. If the DNS server does not have the record it sends a query to a Root Name Server which returns the IP address of the appropriate TLD nameserver
4. DNS Server sends a DNS request to the TLD nameserver which returns the IP address of the authoritative nameserver for the specified FQDN
5. DNS resolver sends a request to this server which returns the IP address of the FQDN
72
What is a Uniform Resource Locator (URL)?
Reference to a unique resource / file on a specific host on the Internet
73
What are Internet Registries?
Organisations that are responsible for administering and organising the allocation of IP addresses and domain names across the Internet.
74
What are the 3 mains parts of a URL?
- **Protocol** required to access the resource
- **FQDN** of the machine hosting the resource
- **Path** to the specified resource on that host
75
How do Internet Registries operate?
They delegate responsibility to smaller, regional registries to perform their function within smaller geopolitical areas
76
What are Domain Registrars?
Organisations that have permissions to register domain names on behalf of the organisation that operates a given TLD
77
What are the two forms of encryption and how do they differ?
- Symmetric - same key is used to encrypt and decrypt message
- Asymmetric - pair of different keys that are mathematically related
78
What is the key exchange problem?
How can the encryption key be passed from sender to receiver securely so it cannot be intercepted?
79
What is encryption?
The process of using an algorithm to convert plaintext message into cyphertext that is not understandable without the key
80
What are Certificate Authorities?
Authorities that generate and issue digital certificates from the public keys that are submitted to it
81
What is the RSA algorithm?
Asymmetric encryption algorithm where each communicating party generates a public and private key. Message encrypted by one key can only be decrypted using the other key.
82
How is asymmetric encryption used to solve the key exchange problem?
1. A generates a symmetric key
2. A encrypts key with B’s public key and sends to B
3. B decrypts symmetric key using their private key
4. Both parties have the symmetric key that they can use for communication
83
What are digital signatures?
Data used to verify the identity of the sender of an encrypted message and to detect whether the message has been tampered with during transmission
84
What is the process for generating a digital signature?
1. A generates data that is to be sent to B
2. Hashing algorithm used to generate the hash of the data which is encrypted **using A’s private key**
3. Encrypted Hash is appended to the original data
4. All data is encrypted **using B’s public key** and sent to B
85
How is the identity of the sender and integrity of the data verified using data signatures?
1. B uses their private key to decrypt the received message
2. Recieved original data is rehashed to calculate new hash
3. Received hash is decrypted using A’s public key to get original hash
4. Two hashes are compared. If they are the same A is verified as the sender. If not the identity of A cannot be verified
86
What are the uses of digital signatures?
To ensure that public keys provided in RSA communication are valid
87
What are firewalls?
A security measure designed to provide protection to a network by inspecting IP packets and headers and restricting the exchange of data between the protected network and an external network
88
What are the different typos of firewall?
- Router-based firewalls
- Dedicated firewalls
- Software firewalls
89
What is are router-based firewalls and what are their advatages?
- Firewall built into a router capable of simple packet filtering which inspects IP packets headers
- Cheap and so common in homes and offices
90
What are dedicated firewalls and its advantages and disadvantages?
- Standalone pieces of hardware that act as firewalls
- Capable of more advanced inspection of packets and more complex access rules
- However very expensive
91
What are software firewalls and their advantages and disadvantages?
- Implemented by the OS
- Use packet filtering and inspection
- However less secure and ability to manage rogue packets less sophisticated
92
How do firewalls work?
- Block or allow traffic in specific ports or IP addresses and certain types of packets
- Use stateful inspection to maintain info about the connection, only allowing packets from it
- Acts as a proxy-server
- Identifies unusual behaviour from an internal host
93
How does packet filtering work?
Packet header is inspected and compared to rules set within the firewalls access control list (ACL). **Does not check data itself**
94
Based on what can rules in the ACL be set to permit or deny packets?
- Source and destination address / port
- Protocol being used
- Size of payload
95
What are some disadvantages of using packet filtering?
- Maintaining rules for all possible exchanges in very difficult
- Only considers the addresses and ports
96
How does stateful inspection improve upon packet filtering?
- Inspects the transport and application protocols used to determine if packet should be permitted
- Can dynamically generate filtering rules
- Allows for ongoing, approved communication
97
What is a proxy server?
Device that sits between an internal and external device and handles communication on behalf of the internal device preventing direct communication.
98
What are the benefits of using a proxy server?
- Provides anonymity to the internal host
- Can provide application filtering such as blocking access to websites with particular URLs
- Can maintain a log of all incoming and outgoing requests
- Can detect malformed incoming packets and repair or reject them
- Maintains a local cache of requested web pages
99
What is malware?
A category of software designed to damage or destroy data and/or system
100
What is a virus?
Attaches itself to, or conceals itself within another program or file before replicating and executing its damage
101
What are worms?
Standalone software that do not require a host file in order to run. Are self-replicating and can exploit network vulnerabilities or applications in order to spread
102
What are Trojans?
Malicious software that appear legitimate and trustworthy
103
How are each of the viruses spread?
- Viruses: Sharing or downloading infected files
- Worms: Without human interaction
- Trojans: Downloading malicious software
104
What are typical vulnerabilities that malware can exploit?
- Ineffective firewall rules leading to open ports
- Remote management software being enabled
- Default passwords
- Out of date OS
- Applications where memory is not correctly managed or checked
- **Users**
105
What are the main ways of protecting against malware?
- Preventative measures
- Detection
- Containment
- Recovery
106
What are some examples of preventative measures?
- Correctly configured firewalls
- Regular back-ups
- Disabling removable media
- Suitable user access levels§
107
What are some examples of detection?
- Anti virus software
- Network monitoring system
- Slow computer performance
108
What are some methods of containment?
- Powering off the machine
- Disconnecting from the network
- Quarantine an infected file
109
What are some methods of recovery?
- Attempts made to clean virus from files
- If not possible they are disconnected and backups used
110
How does anti virus software work?
Regularly scan memory for malware or for files that show signs of infection
111
What is the client-server model?
Describes application where functionality is distributed across a server and clients
112
What is the role of the server in the client-server model?
Provides resources and services that are required by the clients
113
What is the role of the client in the client-server model?
Applications that utilise the data represented from the server
114
How is data exchanged in the client-server model?
1. Servers host the resources that the clients require
2. Data exchange is initiated by the clients that sends a request to the server
3. Once the request is sent by the client, the client waits got a response from the server
4. The server responds by providing the requested resource in a response message
5. The client then processes the response that it received e.g. confirming that data sent to the server has been received
115
What is a REST API?
Provide a standard interface and protocol for sending messages from client to server using HTTP request methods
116
What are the corresponding HTTP, CRUD and SQL commands?
Post - Create - INSERT INTO
Get - Retrieve - SELECT
Put - Update - UPDATE
Delete - Delete - DELETE
117
Describe how a client would retrieve data from an online database?
1. Request made by the client to the web browser
2. Web browser responds with the requested web page made up of a text file
3. File file contains JavaScript which loads a REST API
4. Client sends HTTP requests to the database server through the API
5. Database server responds with either JSON or XML file
6. Web browser processes the returned file and displays the response to the user
118
What are URLs used for online databases?
- Each item or collection of data is available at a specific URL; acts as an endpoint
- Causes the server to carry out an appropriate action
- Filter results by using query parameters
119
What are JSON and XML files?
Formats for representing structured data as text so that it can be transferred between web app and server over HTTP
120
What are the advantages of JSON over XML?
- More compact so smaller file sizes and faster transmissions
- Easier for humans to read, create and understand
- Quicker for computers to parse
- Easily convertible in other languages // Understood directly in some languages
121
What is the advantage of XML over JSON?
Explicitly declare data types
122
What is a limitation of using REST APIs?
Cannot maintain a constant stream of communication with the server required in streaming or online gaming
123
What is WebSocket?
Protocol that browsers can use to communicate with servers over a persistent two-way connection over a TCP socket, allowing both parties to send data to one another at any time.
124
What is an API?
Name given to a set of protocols relating to how different applications communicate with each other
125
How are the connections made by HTTP and WebSocket different?
- Relies on individual requests for each exchange, resulting in multiple connections being opened and closed
- Single, long-lived connection that remains open for continuous communication
126
How is data-flow is HTTP and WebSocket different?
- Primarily one-way, but not both simultaneously
- Real-time, two-way communication
127
What is HTTP used for?
- Fetching or updating specific data on client-side
- Scenarios where real-time communication isn’t crucial
- Simpler implementations where ease of use is preferred
128
What is WebSocket used for?
- Real-time applications requiring constant data exchange (e.g. chats or live dashboards)
- Situations where low latency and bi-directional communication are essential
- More complex applications where performance and real-time updates are prioritised
129
How is processing and applications handled in a thin-client?
- Most processing performed by central server
- Keystrokes, mouse clicks and user data are sent to server for processing
- Applications hosted on the server and accessed remotely by clients, often a web-browser
130
How is processing and applications handled on thick-clients?
- Processing performed by local machine
- User-events and data a re processed on local machine
- Applications are installed on the local machine
131
What are the hardware requirements of thin-clients?
- Client machines can have lower-powered processors, less memory and storage
- Servers require multiple processors, lots of RAM and storage
132
What are the hardware requirements of thick-clients?
- Will have faster, more powerful processors, larger memory and storage
- Servers can be lower-powered compared to thin-client
133
What are the advantages of thin-clients?
- Cheaper to purchase due to hardware
- Adding and replacing clients is easier
- All data resides on the server, improving security
- All clients use the same, latest version of applications
- Machines consume less power
134
What are the disadvantages of thin-clients?
- Rely on internet connection to access application
- Higher bandwidth network connection is required
- Servers need to be more powerful
