| 1. | What is an application layer protocol? |
| Answer: | An application layer protocol is any process, either custom or well-known, that has a structured mechanism for communicating between clients and servers. |
| 2. | What is the difference between HTTP persistence and pipelining? |
| Answer: | Within both HTTP persistence and pipelining, clients open up a single connection for multiple requests-responses, but with pipelining, the client does not wait for the HTTP responses from the server before sending additional requests. |
| 3. | What is the HTTP header and value that servers use to issue session cookies to clients? |
| Answer: | To issue a session cookie to a client, the server does not include the value within the "expires=value" parameter in the "Set-Cookie:" header. For example, the following header will issue a session cookie "Session-ID=020313214" to clients: Set-Cookie: Session-ID=020313214 |
| 4. | What is the difference between basic and message digest authentication? |
| Answer: | Basic authentication does not encrypt your username and passwords before sending them on the networkyour passwords are encoded using Base64 encoding, but Base64 is a two-way encoding algorithm, meaning that you can easily reverse the encoded value. Message digest encoding hashes your username, password, and a nonce value issued by the server. Message digest hash algorithms are one-way, meaning that you cannot obtain the original value when given the hashed value. |
| |
| 5. | What is the difference between explicit and implicit cache controls? |
| Answer: | Implicit cache controls are the responses sent by origin servers to conditional requests from caches. Explicit controls are sent by the origin servers to caches to control the way that the caches store and yield content. |
| 6. | List the three types of security schemes and the available algorithms that PKI systems commonly use. |
| Answer: | Public key algorithms PKI uses Digital Signature Algorithm (DSA) and Rivest Shamir Adleman (RSA) to encrypt a random number between client and server used to generate a bulk encryption secret key. Secret key algorithms PKI uses Data Encryption Standard (DES), Triple DES (3DES), Rivest Cipher 2 (RC2), and Rivest Cipher 4 (RC4) for encrypting bulk data with its secret key. Hash key algorithms PKI uses Message Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA-1) for integrity checking during SSL sessions and for authenticating certificates.
|
| 7. | How do Certificate Authorities (CAs) generate digital signatures for signing a server's certificate? |
| Answer: | The CA creates a digital signature by first computing a hash on the contents of the certificate. The CA then encrypts the hashed value using its private key to produce its digital signature. |
