Server Communication/Protocol Flashcards

(30 cards)

1
Q

How does server communication work?

A

Server communication typically begins when an application on the server opens a specific port to listen for incoming data or instructions.

This data may arrive in various forms, such as plain text or encrypted payloads. Once data is received, the server processes it, requiring authentication to verify the client’s identity and permissions.

After successful processing and authentication, the server responds back to the client through the same connection. This process ensures both the security of the data exchanged and the reliability of the communication channel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are common apps to communicate with servers?

A

-SSH
-PuTTY
-OpenSSH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What tools secure and efficient file transfer (FTP/ SFTP)?

A

-Rsync
-File Zilla
-WinSCP
-RSIc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is (FTP) and (SFTP)?

A

FTP, secure file transfer protocol, also known as SFTP

TP is one of the oldest protocols for network file transfers. It allows users to upload and download files from a server. However, it lacks encryption, making it less suitable for transferring sensitive data.

SFTP enhances data transmission over FTP by securing it with SSH encryption. This protects data, making it ideal for sensitive communication across potentially insecure networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the delta transfer method?

A

The Delta transfer method minimizes data transmission by sending only the changes between the source and destination files over the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is (HTTP)?

A

Hypertext transfer protocol or (HTTP), the backbone of web communication. It is primarily used to transmit web pages by following a request-response model. It facilitates data transfer in various formats like HTML, JSON, and plain text, making it versatile for web browsing and API interactions.

HTTP is the foundation of the World Wide Web, enabling data transfer between web servers and clients (e.g., web browsers). It defines the rules for requesting and receiving resources such as HTML pages, images, videos, and other multimedia content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define WebSocket?

A

WebSocket provides a bidirectional or full duplex communication channel that remains open for real-time data exchange between a client and a server. This is ideal for applications requiring persistent connections, such as live notifications and interactive games, as it significantly reduces latency compared to traditional HTTP connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are (3) email protocols?

A

-SMTP
-POP3
-IMAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What methods do (HTTP) support?

A

GET: Requests a resource from the server.

POST: Submits data to be processed by the server.

PUT: Updates or creates a resource on the server.

DELETE: Removes a resource from the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Secure Sockets Layer (SSL) and Transport Layer Security (TLS)?

A

While HTTP is designed for clear-text communication, SSL/TLS protocols provide a secure and encrypted communication channel over the Internet. These protocols are often used in conjunction with HTTP to create HTTPS (HTTP over SSL/TLS), which encrypts the data exchanged between the client and server, protecting it from eavesdropping and tampering.

SSL/TLS creates a secure connection via a handshake process that includes exchanging cryptographic keys and verifying the server’s identity with digital certificates from trusted Certificate Authorities (CAs). After establishing the secure connection, all data exchanged between the client and server is encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define File Transfer Protocol (FTP)?

A

FTP is a standard network protocol used for transferring files between computers over a network. It functions on a client-server architecture, with the client starting a connection to the FTP server and being able to upload, download, rename, delete, and manage files and directories on the remote server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are (2) mode of File Transfer Protocol (FTP)?

A

-Binary mode
-ASCII mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define Secure File Transfer Protocol (SFTP)?

A

Secure File Transfer Protocol (SFTP) leverages the Secure Shell (SSH) protocol for secure data transfer over an encrypted channel. It is a more secure alternative to traditional FTP because it encrypts the entire communication session, including authentication, commands, and data transfers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define Simple Mail Transfer Protocol (SMTP)?

A

SMTP is the standard protocol for transmitting email across the Internet. It defines the rules for sending email messages from a mail client or server to another mail server for delivery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define Internet Message Access Protocol (IMAP)?

A

IMAP is a protocol for accessing and managing email messages stored on a remote mail server. It provides a more advanced and flexible alternative to the older Post Office Protocol (POP), which only allows the retrieval of email messages from the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Remote Desktop Protocol (RDP)?

A

The Remote Desktop Protocol (RDP) is a proprietary protocol. It was developed by Microsoft, and it enables remote access and control of a computer or server over a network connection. It is widely used in various scenarios, such as remote administration, technical support, and remote working environments.

17
Q

What are proprietary protocols?

A

While many communication protocols are open standards, some protocols are proprietary and developed by specific companies or vendors for their own products and services. Proprietary protocols are typically closed-source, and their specifications are considered intellectual property by the companies that developed them. These protocols are often used for communication within a specific ecosystem or platform, ensuring interoperability between different components or services offered by the same vendor.

Examples of proprietary communication protocols include Microsoft Remote Procedure Call (MS-RPC), used in various Microsoft products and services like Active Directory and Exchange Server, and the Apple Filing Protocol (AFP), used for file services on macOS and other Apple operating systems. Skype also uses a proprietary protocol for its voice and video communication services, and many online games employ proprietary protocols for real-time communication between game clients and servers.

18
Q

What is interception and eavesdropping involve?

A

Interception and eavesdropping involve unauthorized access to or theft of information as it travels across a network.

19
Q

What are (2) types of interception and eavesdropping?

A

-Wireless sniffing
-Cable tapping

20
Q

Define Man-in-the-middle (MitM) attacks?

A

In a MitM attack, two parties think that they are directly communicating with each other, but the attacker is relaying the communication can alter it. This type of attack can occur in any form of online communication, such as banking, email, or social media. Attackers can intercept login credentials or alter a transaction’s details.

21
Q

What are (2) types of Man-in-the-middle (MitM)?

A

-Session hijacking
-DNS spoofing

22
Q

Define phishing?

A

Phishing is a method of deception involving fake emails, websites, or messages that mimic legitimate institutions to steal sensitive information. It can lead to unauthorized access to servers, facilitating further attacks such as installing malware or direct attacks on the network.

23
Q

What are (5) types of phishing methods?

A

-Spear phishing
-Whale
-Vishing
-Smishing
-Clone phishing

24
Q

Why is encryption important?

A

Encryption encodes messages or information so that only authorized people can access it. Encryption should be employed in several layers:

25
What are (2) types of encryption?
-Data at rest - " in transit
26
What are (4) secure protocols?
-HTTPS -SSL/TLS -SSH -VPN
27
What are (3) Network Security Tools?
-Firewalls -Intrusion detection systems/Intrusion prevention systems (IDS/IPS) -Antivirus and anti-malware software
28
What are (2) Regular updates and patch management?
-Operating system updates -App updates
29
What are (2) training awareness aspects?
-Security training programs -Security emails
30
What are (2) security configurations?
-Disable unnecessary services -Access controls