Important Short Questions and Answers: Application Layer

1. What is the purpose of Domain Name System?

Domain Name System can map a name to an address and conversely an address to name.

2. Discuss the three main division of the domain name space.

Domain name space is divided into three different sections: generic domains, country domains & inverse domain.

Generic domain: Define registered hosts according to their generic behavior, uses genericsuffixes.

Country domain: Uses two characters to identify a country as the last suffix. Inverse domain: Finds the domain name given the IP address.

3. Discuss the TCP connections needed in FTP.

FTP establishes two connections between the hosts. One connection is used for data transfer, the other for control information. The control connection uses very simple rules of communication. The data connection needs more complex rules due to the variety of data types transferred.

4. Discuss the basic model of FTP.

The client has three components: the user interface, the client control process, and the client data transfer process. The server has two components: the server control process and the server data transfer process. The control connection is made between the control processes. The data connection is made between the data transfer processes.

5. What is the function of SMTP?

The TCP/IP protocol supports electronic mail on the Internet is called Simple Mail Transfer (SMTP). It is a system for sending messages to other computer users based on e-mail addresses. SMTP provides mail exchange between users on the same or different computers.

6. What is the difference between a user agent (UA) and a mail transfer agent? (MTA)?

The UA prepares the message, creates the envelope, and puts the message in the envelope. The MTA transfers the mail across the Internet.

7. How does MIME enhance SMTP?

MIME is a supplementary protocol that allows non-ASCII data to be sent through SMTP. MIME transforms non-ASCII data at the sender site to NVT ASCII data and deliverers it to the client SMTP to be sent through the Internet. The server SMTP at the receiving side receives the NVT ASCII data and delivers it to MIME to be transformed back to the original data.

8. Why is an application such as POP needed for electronic messaging?

Workstations interact with the SMTP host which receives the mail on behalf of every host in the organization, to retrieve messages b y using a client-server protocol such as Post Office Protocol , version 3(POP3). Although POP3 is used to download messages from the server, the SMTP client still needed on the desktop to forward messages from the workstation user to its SMTP mail server.

9. Write down the three types of WWW documents.

The documents in the WWW can be grouped into three broad categories: static, dynamic and active.

Static: Fixed-content documents that are created and stored in a server. Dynamic: Created by web server whenever a browser requests the document. Active: A program to be run at the client side.

10. What is the purpose of HTML?

HTML is a computer language for specifying the contents and format of a web document. It allows additional text to include codes that define fonts, layouts, embedded graphics and hypertext links.

11. Define CGI.

CGI is a standard for communication between HTTP servers and executable programs. It is used in crating dynamic documents.

12. Name four factors needed for a secure network.

Privacy: The sender and the receiver expect confidentiality.

Authentication: The receiver is sure of the sender’s identity and that an imposter has not sentthe message.

Integrity: The data must arrive at the receiver exactly as it was sent.

Non-Reputation: The receiver must able to prove that a received message came from a specificsender.

13. How is a secret key different from public key?

In secret key, the same key is used by both parties. The sender uses this key and an encryption algorithm to encrypt data; the receiver uses the same key and the corresponding decryption algorithm to decrypt the data. In public key, there are two keys: a private key and a public key. The private key is kept by the receiver. The public key is announced to the public.

14. What is a digital signature?

Digital Signature is an electronic signature that can be used to authenticate the identity of the sender of a message or document and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signature is easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.

15. What are the advantages & disadvantages of public key encryption? Advantages:

a)        Remove the restriction of a shared secret key between two entities. Here each entity can create a pair of keys, keep the private one, and publicly distribute the other one.

b)       The no. of keys needed is reduced tremendously. For one million users to communicate, only two million keys are needed.

Disadvantage:

If you use large numbers the method to be effective. Calculating the cipher text using the long keys takes a lot of time. So it is not recommended for large amounts of text.

15. What are the advantages & disadvantages of secret key encryption?

Advantage:

Secret Key algorithms are efficient: it takes less time to encrypt a message. The reason is that the key is usually smaller. So it is used to encrypt or decrypt long messages.

Disadvantages:

a)        Each pair of users must have a secret key. If N people in world want to use this method, there needs to be N (N-1)/2 secret keys. For one million people to communicate, a half-billion secret keys are needed.

b)       The distribution of the keys between two parties can be difficult.

17. Define permutation.

Permutation is transposition in bit level.

Straight permutation: The no. of bits in the input and output are preserved. 

Compressed permutation: The no. of bits is reduced (some of the bits are dropped).

Expanded permutation: The no. of bits is increased (some bits are repeated).

18. Define substitution & transposition encryption.

Substitution: A character level encryption in which each character is replaced by anothercharacter in the set.

Transposition: A Character level encryption in which the characters retain their plaintext but theposition of the character changes.

19. State the difference between fully qualified and partially qualified domain name

Glossary:

Application layer: The fifth layer in the Internet model; provides access to network resources.

Authentication: Verification of the sender of a message.

Authentication Server (AS): The KDC in the Kerberos protocol.

Browser: An application program that displays a WWW document. A browser usually usesother Internet services to access the document.

Challenge Handshake Authentication Protocol (CHAP): In PPp, a three-way handshakingprotocol used for authentication.

Cipher: An encryption/decryption algorithm.

Cipher Feedback Mode (CFB): A DES and triple DES operation mode in which data is sentand received 1 bit at a time, with each bit independent of the previous bits.

Cipher Stream Mode (CSM): A DES and triple DES operation mode in which data is sent andreceived 1 byte at a time.

Ciphertext: The encrypted data.

Common Gateway Interface (CGI): A standard for communication between HTTP servers andexecutable programs. CGI is used in creating dynamic documents.

Cookie: A string of characters that holds some information about the client and must be returnedto the server untouched.

Diffie-Hellman protocol: A key management protocol that provides a one-time session key fortwo parties.

Digital Signature: A method to authenticate the sender of a message.

DNS server: A computer that holds information about the name space.

Domain Name: In the DNS, a sequence of labels separated by dots.

Domain Name Space: A structure for organizing the name space in which the names are definedin an inverted-tree structure with the root at the top.

Domain Name System (DNS):A TCP/IP application service that converts user-friendly namesto IP addresses.

File Transfer Protocol (FTP): In TCPIIP, an application layer protocol that transfers filesbetween two sites.

Firewall: A device (usually a router) installed between the internal network of an organizationand the rest of the Internet to provide security.

Fully Qualified Domain Name (FQDN): A domain name consisting of labels beginning withthe host and going back through each level to the root node.

Generic Domain: A subdomain in the domain name system that uses generic suffixes.

Hashed-Message Authentication Code (HMAC): A MAC based on a keyless hash functionsuch as SHA-l.

HyperText Markup Language (HTML): The computer language for specifying the contentsand format of a web document. It allows additional text to include codes that define fonts, layouts, embedded graphics, and hypertext links.

HyperText Transfer Protocol (HTTP): An application service for retrieving a web document.

Inverse Domain: A subdomain in the DNS that finds the domain name given the IP address.Kerberos: An authentication protocol used by Windows 2000.

Key Distribution Center (KDC): In secret key encryption, a trusted third party that shares a keywith each user.

Partially Qualified Domain Name (PQDN): A domain name that does not include all the levelsbetween the host and the root node.

Password Authentication Protocol (PAP): A simple two-step authentication protocol used inPPP.

Routing Information Protocol (RIP): A routing protocol based on the distance vector routingalgorithm.