2. Which of the following is not an optional step in establishing an SSL handshake?
a. Server side certificate validation by the client b. client side certificate validation by the server c. Generation of session keys for encryption and decryption d. Selection of a suitable Cipher suite for encryption by the server and the client
3. Which of the following is true about SSL
a. SSL can be configured only on port 80 b. SSL can be configured only on port 443 c. SSL can be configured to work on any port above 1024 d. None of the above
4. Which of the following are true about load balancing methods?
a. DNS round robin method maps multiple IPs to a single host name b. Hardware load balancing maps multiple IPs to a single host name c. Hardware load balancing can potentially involve a single point of failure d. DNS round robin is easy to setup than hardware load balancing. e. DNS load balancing supports server affinity f. Hardware load balancing supports server affinity
5. Which of the following are true about SSL?
a. SSL facilitates secure communication b. SSL is a high level protocol and sits on top of HTTP c. SSL is a low level protocol and sits below HTTP d. SSL works only with HTTP
#3 � I would say d which is 'None of the above' because SSL can be configured on any port; by convention it's configured on port 443.
As my book, HTTP Essentials by Stephen Thomas, says on page #158:
Although the URI scheme allows explicit specification if a TCP port, HTTP over SSL has a default port of 443. This approach does highlight a limitation with SSL. Each application that has the option of using SSL needs two separate default TCP ports: one for standard, non-secure operation (e.g., HTTP�s port 80) and a separate port fir secure communications (such as HTTP�s port 443).
#5 a and c
The book says on page #157:
As a separate protocol, SSL is available to all applications that use TCP for transport. ..... Notice that in the standard case HTTP communicates directly with TCP while, when SSL is involved, HTTP communicates only with SSL, and SSL, in turn, communicates with TCP.
The book says:
The simplest way to distribute HTTP requests to multiple servers is to use the Domain Name System (DNS). The DNS protocol translates the host name part of a URL into an IP address. To send requests to different Web servers, the DNS server simply needs to respond with different IP addresses. ..... The earliest load balancing implementations used a single round-robin algorithm to route the requests. With a round robin, the first request is sent to host A; the next request is sent to host B, and so on. The process continues through all the Web servers and then starts over again at server A.
A hardware load-balancing device (HLD), also known as a layer 4-7 router, is a physical unit that directs computers to individual servers in a network, based on factors such as server processor utilization, the number of connections to a server, or the overall server performance. The redirection process is one form of load balancing. The use of an HLD minimizes the probability that any particular server will be overwhelmed and optimizes the bandwidth available to each computer or terminal. In addition, the use of an HLD can minimize network downtime, facilitate traffic prioritization, provide end-to-end application monitoring, provide user authentication, and help protect against malicious activity such as denial-of-service (DoS) attacks.
Server affinity refers to the characteristics of each load distribution facility that take these constraints into account. The load distribution facility recognizes that multiple servers can be acceptable targets for a request. However, it also recognizes that each request can be directed to a particular server where it is handled better or faster.
William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
Joined: Jul 09, 2001
The non-optional steps in establishing an SSL handshake should probably be a, c and d. The optional is therefore b. - client side certificate validation by the server.
Joined: Apr 22, 2004
Thanks Dan Drillich. My assumptions are matching with you. But the answers given in mock exam: #3. c #4. a,c,d,f
Joined: Jul 09, 2001
#3. c doesn't make much sense.
#4. a,c,d,f while we said a,b,d,f
It seems to me that b and c are correct �
b. Hardware load balancing maps multiple IPs to a single host name c. Hardware load balancing can potentially involve a single point of failure
where the single point of failure is the load balancer.
It just that if we choose c, then we are inconsistent with the a choice.
-- Dan [ February 28, 2005: Message edited by: Dan Drillich ]