341SEC-4 Chapter 2

Questions and Answers

What information does the Content-Type: header line provide in an HTTP response message?

• The type of content in the entity body. (correct)
• The number of bytes of the object being sent.
• The time when the object was created.
• The status code of the request.

Which header line is crucial for object caching in both local clients and proxy servers?

• Last-Modified: (correct)
• Content-Length:
• Server:
• Content-Type:

What does a 301 status code indicate in an HTTP response?

• The request was successful, and information is returned.
• The client has issued a bad request.
• The server encountered an error while processing the request.
• The requested object has been permanently moved. (correct)

In an HTTP response message, which header line indicates the number of bytes in the object being sent?

Content-Length: (C)

What does the Server: header line in an HTTP response message indicate?

The web server generating the response. (B)

What is the purpose of the Last-Modified: header in an HTTP response?

To inform when the resource was last updated. (D)

Which of the following is NOT a common status code in HTTP response messages?

600 Invalid (B)

How is the object type indicated in an HTTP response message?

By the Content-Type header. (C)

What is the purpose of the cookie header line in the HTTP response message?

To set cookies for the user's browser (A)

What is included in a cookie file managed by the user's browser?

All cookies associated with the user’s sessions (B)

When does the server create an ID for a user in the backend database?

When the user first accesses the server (D)

What role does the back-end database play in cookie technology?

It stores user-specific records and states (A)

How does the user's browser access cookie data when the user returns to a site after a week?

By retrieving the relevant cookie from the cookie file (B)

What does DNS primarily provide for the Internet?

A directory service (C)

How do most users interact with DNS?

Indirectly through applications (D)

Which application layer functionality does DNS exemplify?

Network-name to network-address translation (B)

What aspect of users’ interaction does the Web significantly differ from traditional media?

It allows content retrieval at any time. (C)

What is one significant advantage of the Web over traditional broadcast media?

Users receive what they want when they want it. (C)

What is the response status code for a generic error indicating a request could not be understood?

400 Bad Request (C)

Which command should be used to view a response message including the base HTML file?

GET (D)

Which status code indicates that the requested HTTP protocol version is not supported?

505 (A)

What is the correct format for an HTTP response as per the provided content?

status line, header fields, blank line, body (C)

What is the purpose of using the HEAD method instead of the GET method?

To fetch only headers without the body (A)

Which of the following phrases describes a 404 status code?

Requested document does not exist on the server (D)

What is denoted by the CR LF sequence in an HTTP response message?

End of the header field (D)

What does the HTTP server do with the request messages it receives?

Processes the request and sends response messages. (A)

What protocol does HTTP/1.0 use for its underlying transport?

TCP (D)

How does TCP ensure the reliability of data transfer for HTTP messages?

By resending messages until acknowledged. (D)

What happens when a client sends a message into its socket interface?

The message goes out of the client’s control and is handled by TCP. (D)

What is the primary role of the socket interface for the HTTP client?

To serve as a bridge between the client process and the TCP connection. (C)

Which statement accurately reflects how the server manages client state information?

The server does not store any state information about clients. (A)

Which layer of the protocol stack is responsible for recovering from data loss during transmission?

Transport layer (B)

How do the browser and the server access TCP for communication?

Using their respective socket interfaces. (A)

TCP provides encryption for data being transferred over the network.

False (B)

TLS enhances TCP by providing encryption, data integrity, and end-point authentication.

True (A)

When using TLS, the application layer must include TLS code on both client and server sides.

True (A)

The data passed into a TLS socket is already encrypted before it reaches the TCP socket.

False (B)

TLS operates as a separate transport protocol comparable to TCP and UDP.

False (B)

Cleartext passwords are securely transmitted over the Internet when using TCP without TLS.

False (B)

The receiving TCP socket is responsible for decrypting the encrypted data with TLS.

False (B)

The first line of an HTTP request message is called the header line.

False (B)

The HTTP GET method is primarily used when the browser requests an object.

True (A)

An HTTP request message can have a maximum of five lines.

False (B)

The method field in the request line can have values such as POST and PUT.

True (A)

A transport-layer protocol ensures that data sent is delivered correctly and completely, known as reliable data transfer.

True (A)

Multimedia applications require guaranteed reliable data transfer, as any data loss significantly impairs performance.

False (B)

Available throughput is defined as the rate at which data can be delivered from the receiving process to the sending process.

False (B)

A transport-layer protocol can provide a service that guarantees throughput at a specified rate for applications.

True (A)

The available throughput of a network path is static and does not change over time.

False (B)

Transport-layer protocols are only relevant for multimedia applications and do not impact other types of applications.

False (B)

In reliable data transfer, the sending process can send data without worrying about errors in delivery.

True (A)

Loss-tolerant applications are fine with occasional data loss without a significant impairment to user experience.

True (A)

Guaranteed available throughput at a specific rate is a desirable feature for many applications.

True (A)

The transport-layer protocol is responsible for sending messages from the receiving process to the socket.

False (B)

Choosing a transport-layer protocol is similar to selecting between different modes of travel.

True (A)

All applications can tolerate data loss without significant consequences.

False (B)

Reliable data transfer is one of the four dimensions of transport-layer protocol services.

True (A)

Packets can be discarded or overflow buffers, leading to data corruption during transmission.

True (A)

The Internet supports a single transport-layer protocol.

False (B)

Packet loss only occurs when data is transmitted over wireless networks.

False (B)

Timing and security are not considered when evaluating transport-layer protocols.

False (B)

For most applications, timely delivery of packets is always more critical than the data being reliably delivered.

False (B)

The choice of a transport-layer protocol can significantly affect the performance of an application.

True (A)

A socket is the interface between the application layer and the transport layer within a host.

True (A)

The application developer has complete control over the transport-layer side of the socket.

False (B)

The socket provides a programming interface for network applications built by the application developer.

True (A)

What is the primary function of the cookie header line in the HTTP request message?

To inform the server about previously set cookies (A)

Which component of cookie technology is maintained entirely on the client side?

Cookie file managed by the user's browser (B)

What does the back-end database primarily do within cookie technology?

It creates and maintains session IDs for users (A)

How does a server utilize the cookie ID for user requests after a significant time has passed?

It accesses stored sessions and maintains previous user states (A)

Which of the following best describes the initial action taken by a server when a client interacts for the first time using cookies?

The server creates a cookie entry and generates a session ID (C)

Which of the following best describes the role of HTTP within the Web application?

HTTP defines the format and sequence of messages exchanged between browser and Web server. (D)

In terms of complexity, how does electronic mail differ from web applications like HTTP?

Electronic mail utilizes multiple application-layer protocols while web applications typically use one. (A)

How is the Web application defined beyond merely the use of HTTP?

The Web encompasses several components working together, including servers, protocols, and clients. (A)

What distinguishes application software from network-core device software?

Application software is confined to end systems and not network-core devices. (B)

Why are servers typically housed in data centers?

To reduce latency for end users in application communications. (B)

What is a primary requirement when developing network applications?

The software must be designed to run on multiple end systems. (A)

What role does the network layer play in the context of application software?

It functions at a lower layer and does not support application execution. (C)

What is a consequence of confining application software to end systems?

It results in faster deployment and diversity of network applications. (B)

How does the relationship between the browser program and web server program function?

They communicate over the network to fulfill user requests. (A)

What does the User-agent: header line signify in an HTTP request?

It identifies the browser type making the request. (A)

Why is the Accept-language: header important in an HTTP request?

It signals the server to provide a version in the user's preferred language. (D)

What effect does including the Connection: close header line have?

It informs the server to close the connection after the response. (D)

What does the presence of a persistent connection allow in an HTTP context?

Multiple requests over a single connection. (A)

How does the HTTP request format generally appear?

It includes multiple header lines and a request line. (B)

What is the primary purpose of the Connection: close header in an HTTP request?

To inform the server that the connection should not be kept alive. (A)

What defines the message types in an application-layer protocol?

The types of messages exchanged between systems (C)

What aspect of an application-layer protocol ensures that messages are understood correctly?

The syntax of the message types (B)

Which of the following describes the semantics of fields in an application-layer protocol?

The meaning of the information contained in the fields (B)

What is a primary feature of the Web as a client-server application?

Users can obtain documents from Web servers on demand (A)

Which statement accurately describes an application-layer protocol's rules?

They determine when and how messages are sent and responded to (A)

What determines the fields in a message as per an application-layer protocol?

The syntax defined by the protocol (C)

Which characteristic is often typical of proprietary application-layer protocols?

They limit information accessibility to enhance security (C)

Flashcards are hidden until you start studying

Study Notes

HTTP Response Messages

• The Server: header line identifies the web server (like User-agent: in HTTP requests).
• Last-Modified: header shows the object's creation or last modification time; crucial for caching.
• Content-Length: header specifies the object's size in bytes.
• Content-Type: header indicates the object type (e.g., HTML), not relying on file extensions.
• HTTP response message format: status line (version, status code, phrase), header lines, blank line, entity body.
• Common status codes:
  • 200 OK: Successful request.
  • 301 Moved Permanently: Object moved; new URL in Location: header.
  • 400 Bad Request: Server couldn't understand the request.
  • 404 Not Found: Requested document doesn't exist.
  • 505 HTTP Version Not Supported: Server doesn't support the HTTP version.
• To see an HTTP response, use telnet to connect to a web server, send a request (e.g., GET), and examine the response. Using HEAD instead of GET only retrieves headers, not the object itself.
• HTTP uses TCP for reliable data transfer, ensuring message integrity. This is handled by lower layers, making HTTP independent of loss or reordering concerns.
• Servers are stateless; they don't remember past interactions with clients.

Web and HTTP

• Before the early 1990s, internet use was primarily among researchers, for tasks like remote login, file transfer, and email.
• The World Wide Web's arrival in the early 1990s made the internet accessible to the general public.
• The Web's on-demand nature, unlike traditional broadcast media, is a key appeal, offering users content when they want it.

Cookies

• Four components of cookie technology:
  • Cookie header line in HTTP response messages.
  • Cookie header line in HTTP request messages.
  • Cookie file on the user's system, managed by their browser.
  • Backend database at the website.
• Example: When a user first interacts with a site, the server creates an ID and stores it in the database and sends a cookie to the client. Subsequent visits use cookies to identify the user and retrieve their information stored in the database.

TCP Security and TLS

• TCP and UDP do not inherently provide encryption; data sent is transmitted in plain text.
• Transport Layer Security (TLS) enhances TCP by adding encryption, data integrity, and endpoint authentication.
• TLS is not a separate transport protocol like TCP or UDP; it's an application-layer enhancement.
• Applications using TLS include TLS code (libraries) in both client and server sides.
• TLS uses a socket API similar to the standard TCP socket API. Data is encrypted by TLS before being passed to the TCP socket, and decrypted by TLS upon receiving.

Sockets and Transport Layer Protocols

• A socket is the interface between the application layer and transport layer within a host. It's also the Application Programming Interface (API) between the application and the network.
• Application developers control the application-layer side of the socket but have limited control over the transport layer. The only real controls are the choice of transport protocol and setting a few transport-layer parameters (like buffer sizes).
• Applications choose transport protocols (like TCP or UDP) based on which services best meet their needs. This is analogous to choosing train vs. airplane travel.

Transport Layer Services

• Four key services transport-layer protocols can offer: reliable data transfer, throughput, timing, and security.

Reliable Data Transfer

• Reliable data transfer ensures data sent by an application arrives correctly and completely. This is critical for applications where data loss is unacceptable (e.g., email, file transfer, finance).
• Some applications (e.g., multimedia) can tolerate data loss.

Throughput

• Throughput is the rate at which data is delivered. It can fluctuate due to shared network bandwidth.
• A guaranteed throughput service means a transport protocol ensures data is delivered at a minimum specified rate, which is important for real-time applications (e.g., Internet telephony).

HTTP Message Format

• HTTP messages are in ASCII text and consist of header lines and a request line (for requests).
• A request line has three fields: method (e.g., GET, POST), URL, and HTTP version.
• Header lines provide additional information (e.g., host, user-agent, accept-language).
• GET method is commonly used to request an object specified in the URL.

Network Application Development

• Network applications involve programs running on different end systems that communicate over a network.
• Examples include web applications (browser and web server) and video-on-demand services (client app and server).
• Application software runs on end systems, not network core devices (routers, switches).
• Application-layer protocols define how applications on different systems exchange messages. They specify message types, syntax, semantics, and communication rules.
• Some protocols are public (e.g., HTTP), while others are proprietary (e.g., Skype).

The Web and HTTP

• The Web is a client-server application using HTML, browsers, servers, and HTTP.
• HTTP defines message format and sequence between browser and server. It's a crucial part, but not the only component of the web application.
• Other applications like Netflix utilize multiple components, including servers, clients, and application-level protocols (e.g., DASH) to manage various functions and message exchanges.

HTTP Request Message Example

• The example HTTP request includes header lines providing information about the host, connection type, user agent, and preferred language.
• The Host: header line specifies the requested server (e.g., ebay:8734). While a TCP connection exists, this header is critical for web proxy caches.
• The Connection: close line signals the browser's preference for the server to close the connection after sending the requested object.
• The User-agent: header identifies the browser type (e.g., Mozilla/5.0 for Firefox). Servers can tailor responses based on the user agent.
• The Accept-language: header indicates the user's preferred language (e.g., French). This is one example of content negotiation in HTTP.

Cookies and User State

• Cookie technology involves four components:
  • A cookie header line in the HTTP response message.
  • A cookie header line in the HTTP request message.
  • A cookie file on the user's end system, managed by the browser.
  • A backend database at the website.
• Cookies maintain user state across multiple interactions with a website. For instance, using Amazon as an example, a unique ID for a user is generated and stored upon their first visit, allowing the website to identify a returning user.

Key Applications in the Book

• The book focuses on key network applications: the Web, email, directory service, video streaming, and P2P applications.
• The Web serves as a primary example due to its popularity and the relative simplicity of its protocol (HTTP).
  • Email is presented as a complex application because it uses multiple application-layer protocols.