Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
77 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
Local Area Network [LAN] |
Provides access to the network in a small geographical area. |
|
|
|
Wide Area Network [WAN] |
Provides access to the network in a wide geographical area. |
|
|
|
Wireless Local Area Network [WLAN] |
Wirelessly provides access to the network in a small geographical area. |
|
|
|
Data Confidentiality |
Only the intended and authorized recipients can access and read data. |
|
|
|
Data Integrity |
Having the assurance that the information has not been altered in transmission, from origin to destination. |
|
|
|
Data Availability |
Having the assurance of timely and reliable access to data services for authorized users. |
|
|
|
Wireless Internet Service Provider [WISP] |
Connect subscribers to a designated access point or hot spot. Commonly used in rural areas. |
|
|
|
Wireless Broadband Service |
Uses the same cellular technology used to access the Internet with a smart phone or tablet. Using an antenna that provides wireless connection in a home. |
|
|
|
Denial of service attacks |
Attacks designed to slow or crash applications and processes on a network device. |
|
|
|
Identity theft |
Steal the login credentials of a user in order to access private data. |
|
|
|
Firewall filtering |
This is used to block unauthorized access to the network. |
|
|
|
Access control lists [ACL] |
These are used to further filter access and traffic forwarding. |
|
|
|
Virtual private networks [VPN] |
These are used to provide secure access to remote workers. |
|
|
|
Console |
Physical management port that provides out-of-band access to a Cisco device. |
|
|
|
Secure Shell [SSH] |
Method for remotely establishing a secure Command Line Interface [CLI] connection through a virtual interface, over a network. |
|
|
|
Telnet |
Insecure method of remotely establishing a Command Line Interface [CLI] session through a virtual interface, over a network. User authentication, passwords, and commands are sent over the network in plaintext. |
|
|
|
Flow Control |
In network communication, source and destination hosts use it to negotiate correct timing for successful communication. |
|
|
|
Response Timeout |
Rules that hosts have in the networks to specify how long to wait for responses and what action to take if a response timeout occurs. |
TLS will drop packet if timeout or repeated ack # |
|
|
HTTP
|
hyptertext transfer protocol that is application level generic and stateless
|
|
|
|
Stateless
|
unlike fb with real time status updates, its stateless. Request response close.Web Application state is not HTTP Application protocol state
|
|
|
|
Generic
|
The protocol is the same, independent if the content is ---->(1) Static web pages or images served from disk(2) Dynamic content built on the fly during the request(3) Non-browser based (for example, HTTP endpoints for christmas lights).
|
|
|
|
TEXT-BASED PROTOCOL
|
*Requests and responses use a simple text format
*Requests and responses can have binary payloads, but the protocol is text |
|
|
|
REQUEST RESPONSE PAIRS
|
▸ Request
HEAD http://www.google.com/ HTTP/1.1 |
|
|
|
HTTP
|
hyptertext transfer protocol that is application level generic and stateless
|
|
|
|
▸ Response:
|
HTTP/1.1 200 OK |
|
|
|
REQUEST STRUCTURE
|
*Request line followed by headers followed by CRLF *Method SP Request-URI SP HTTP-Version CRLF
*GET /foo/bar.baz HTTP/1.1 field-name ":" [ field-value ] *Host: www.mydomain.com |
|
|
|
FUN WITH STANDARDS
|
A client MUST include a Host header field in all HTTP/1.1 request messages.
All Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request) status code to any HTTP/1.1 request message which lacks a Host header field. HW2 Demonstrated that this isn't strongly enforced |
|
|
|
REQUEST METHODS
|
OPTIONS: Request communication options for the URI GET: Get an entity
|
|
|
|
REQUEST METHODS
|
HEAD: Same as GET with no payload |
|
|
|
REQUEST METHODS
|
POST: Annotate or append data to an entity |
|
|
|
REQUEST METHODS
|
PUT: Modify existing entity |
|
|
|
REQUEST METHODS
|
DELETE: Delete entity |
|
|
|
REQUEST METHODS
|
TRACE: loopback requested method - (Are you behind 7 proxies? ) |
|
|
|
REQUEST METHODS
|
CONNECT: Tell proxy to establish tunnel extension-method: Here be dragons - (But see WebDAV RFC 4918 for an example) |
|
|
|
Stateless
|
unlike fb with real time status updates, its stateless. Request response close.Web Application state is not HTTP Application protocol state
|
|
|
|
?
|
Despite the simplicity, your browser only uses GET, POST Web frameworks claiming to use PUT actually use POST Typically append _method: PUT to POST data |
|
|
|
A SIMPLE, REAL POST
|
POST /html/demo_form_exercise.php HTTP/1.1 Host: www.w3schools.com
|
|
|
|
RESPONSE STRUCTURE
|
Status-Line followed by headers followed by CRLF HTTP-Version SP Status-Code SP Reason-Phrase CRLF HTTP/1.1 200 OK HTTP/1.1 404 Not Found
|
|
|
|
RESPONSE TYPES WE CARE ABOUT
|
Success with no body (the worst!)
Success with body Error |
|
|
|
COMMON STATUS CODES
|
200 OK
404 Not Found 500 Internal Server Error 502 Bad GatewayProposed: 451 Unavailable For Legal Reasons |
|
|
|
REST
|
REST = Representational state transfer,Rest is an architecture, not a framework The PhD of R. Fielding, the name at the top of RFC 2616
|
|
|
|
REST GUIDELINES
|
PUT and DELETE should be IDEMPOTENT-Multiple calls beyond the first don't change anything-So don't make DELETE /things/0 HTTP/1.1 mean the first thing! GET should be NULLIPOTENT (side effect free) - GET /users/1 HTTP/1.1 shouldn't edit the user POST has a creation side effect
|
|
|
|
REST(WIKI)
|
* focus is on component roles and a specific set of interactions between data elements rather than implementation details.
*purpose is to induce performance, scalability, simplicity, modifiability, visibility, portability, and reliability.REST is the software architectural style of the World Wide Web. |
|
|
|
Generic
|
The protocol is the same, independent if the content is ---->(1) Static web pages or images served from disk (2) Dynamic content built on the fly during the request(3) Non-browser based (for example, HTTP endpoints for christmas lights).
|
|
|
|
TEXT-BASED PROTOCOL
|
*Requests and responses use a simple text format *Requests and responses can have binary payloads, but the protocol is text
|
|
|
|
REQUEST RESPONSE PAIRS
|
▸ Request HEAD http://www.google.com/ HTTP/1.1 ▸ Response: HTTP/1.1 200 OK Date: Thu, 19 May 2016 15:06:53 GMT Expires: -1 Cache-Control: private, max-age=0Content-Type: text/html; charset=ISO-8859-1 P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info." Server: gws
|
|
|
|
RESTful systems
|
RESTful systems typically, but not always, communicate over Hypertext Transfer Protocol (HTTP) with the same HTTP verbs (GET, POST, PUT, DELETE, etc.) that web browsers use to retrieve web pages and to send data to remote servers. |
|
|
|
REST
|
systems interface with external systems as web resources identified by Uniform Resource Identifiers (URIs), for example /people/tom, which can be operated upon using standard verbs such as GET /people/tom. |
|
|
|
REQUEST STRUCTURE
|
*Request line followed by headers followed by CRLF *Method SP Request-URI SP HTTP-Version CRLF*GET /foo/bar.baz HTTP/1.1 field-name ":" [ field-value ]*Host: www.mydomain.com |
|
|
|
REST
|
The name "Representational State" is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through the application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. |
|
|
|
FRAMEWORKS SUPPORT REST
|
*rails, django, node.js, etc. all support RESTful applications
*Less code for you to write *Client code becomes easier as well due to consistency |
|
|
|
WHAT IS A WEB APP?
|
Application that consumes HTTP Requests and produces HTTP Responses
Can it consume other stuff? Sure! Can it produce other stuff? Sure! |
|
|
|
WEB APPLICATION ARCHITECTURE
|
Typically runs in an application container
Has some code to map request URL to function Frameworks provide a LOT more Frequently MVC architecture |
|
|
|
MVC ARCHITECTURE
|
1)Models
*Map "things" in the database to "things" in code *You should be able to write a simulation in your system with just models *Many people push too much logic into Controllers |
|
|
|
FUN WITH STANDARDS
|
A client MUST include a Host header field in all HTTP/1.1 request messages.
|
|
|
|
MVC ARCHITECTURE
|
2)Controllers *Mediate function calls between views and models *If a Car model has a "drive" method, that goes on the Car, but if it has a "click" handler, that goes in the controller *In a web app, often HTML templates that get their data from controllers |
|
|
|
MVC ARCHITECTURE
|
3)Views All Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request) status code to any HTTP/1.1 request message which lacks a Host header field. HW2 Demonstrated that this isn't strongly enforcedYou didn't include it and google didn't require it |
|
|
|
HTTPS
|
HTTP OVER TLS
|
|
|
|
Request methods
|
OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT PATCH
|
|
|
|
Header fields
|
[Cookie ETag Location HTTP referer DNT X-Forwarded-For]
|
|
|
|
Status codes
|
301 Moved Permanently
302 Found 303 See Other 403 Forbidden 404 Not Found |
|
|
|
REQUEST METHODS
|
OPTIONS: Request communication options for the URI
GET: Get an entity HEAD: Same as GET with no payload POST: Annotate or append data to an entity PUT: Modify existing entity DELETE: Delete entity |
|
|
|
RESPONSE STRUCTURE
|
Status-Line followed by headers followed by CRLF HTTP-Version SP Status-Code SP Reason-Phrase CRLF HTTP/1.1 200 OK HTTP/1.1 404 Not Found HTTP/1.1 400 Bad Request
|
|
|
|
RESPONSE TYPES WE CARE ABOUT
|
Success with no body (the worst!) Success with body
Error |
|
|
|
EXAMPLE RESPONSE (TO THE POST)
|
HTTP/1.1 200 OK
Cache-Control: publicContent-Type: text/html Date: Thu, 19 May 2016 17:12:27 GMT Server: Microsoft-IIS/7.5 X-Powered-By: PHP/5.4.2 X-Powered-By: ASP.NET Content-Length: 667 |
|
|
|
COMMON STATUS CODES
|
200 OK 404 Not Found 500 Internal Server Error 502 Bad Gateway Proposed: 451 Unavailable For Legal Reasons
|
|
|
|
REST
|
REST = Representational state transfer,Rest is an architecture, not a framework The PhD of R. Fielding, the name at the top of RFC 2616
|
|
|
|
REST GUIDELINES
|
PUT and DELETE should be IDEMPOTENT -Multiple calls beyond the first don't change anything -So don't make DELETE /things/0 HTTP/1.1 mean the first thing! GET should be NULLIPOTENT (side effect free) -GET /users/1 HTTP/1.1 shouldn't edit the user POST has a creation side effect |
|
|
|
REST(WIKI)
|
* focus is on component roles and a specific set of interactions between data elements rather than implementation details.*purpose is to induce performance, scalability, simplicity, modifiability, visibility, portability, and reliability.REST is the software architectural style of the World Wide Web. To the extent that systems conform to the constraints of REST they can be called RESTful. RESTful systems typically, but not always, communicate over Hypertext Transfer Protocol (HTTP) with the same HTTP verbs (GET, POST, PUT, DELETE, etc.) that web browsers use to retrieve web pages and to send data to remote servers. REST systems interface with external systems as web resources identified by Uniform Resource Identifiers (URIs), for example /people/tom, which can be operated upon using standard verbs such as GET /people/tom. The name "Representational State" is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through the application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. |
|
|
|
FRAMEWORKS SUPPORT REST
|
*rails, django, node.js, etc. all support RESTful applications*Less code for you to write*Client code becomes easier as well due to consistency
|
|
|
|
WHAT IS A WEB APP?
|
Application that consumes HTTP Requests and produces HTTP ResponsesCan it consume other stuff? Sure! Can it produce other stuff? Sure!
|
|
|
|
WEB APPLICATION ARCHITECTURE
|
Typically runs in an application container Has some code to map request URL to function Frameworks provide a LOT more Frequently MVC architecture
|
|
|
|
MVC ARCHITECTURE
|
1)Models *Map "things" in the database to "things" in code *You should be able to write a simulation in your system with just models *Many people push too much logic into Controllers 2)Controllers *Mediate function calls between views and models *If a Car model has a "drive" method, that goes on the Car, but if it has a "click" handler, that goes in the controller 3)Views*In a web app, often HTML templates that get their data from controllers
|
|
|
|
HTTPS
|
HTTP OVER TLS
|
|
|
|
Request methods
|
OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT PATCH
|
|
|
|
Header fields
|
[Cookie ETag Location HTTP referer DNT X-Forwarded-For]
|
|
|
|
Status codes
|
301 Moved Permanently 302 Found 303 See Other 403 Forbidden 404 Not Found 451 Unavailable For Legal Reasons
|
|
