Chapter 10: Data Communication and Internet Services (Set-10)
When TCP detects packet loss primarily using missing acknowledgments, the loss signal most directly triggers
A DNS cache refresh
B DHCP lease renewal
C Retransmission behavior
D NAT table reset
TCP expects acknowledgments for sent data. If ACKs do not arrive in time, TCP assumes loss and retransmits. This restores missing segments and maintains reliable ordered delivery for applications.
TCP “slow start” is mainly designed to
A Encrypt web traffic
B Gradually increase sending
C Assign dynamic IP
D Reduce DNS TTL
TCP slow start begins with a small congestion window and increases it quickly but stepwise to discover available capacity while avoiding sudden overload, helping prevent early congestion and packet loss.
In TCP congestion control, “congestion window” limits
A DNS resolver cache
B IP header size
C In-flight unacked data
D URL path length
The congestion window controls how much data can be sent without receiving ACKs. It adjusts based on network conditions, balancing speed and avoiding overload that causes packet loss.
A key reason IP fragmentation is undesirable is because
A Any fragment loss fails
B DNS becomes slower
C DHCP stops working
D TCP loses ports
If one fragment of a fragmented IP packet is lost, the whole original packet cannot be reassembled and must be retransmitted by higher layers. This increases overhead and reduces efficiency.
In DNS, iterative resolution means a server
A Returns final always
B Disables caching
C Edits zone records
D Gives referral answers
In iterative queries, each DNS server returns the best information it has, often a referral to another DNS server. The resolver continues querying until it reaches the authoritative answer.
DNS zone transfers are commonly done using
A UDP transport
B TCP transport
C ICMP transport
D ARP transport
Zone transfers need reliable delivery and can be large, so they typically use TCP. UDP is common for normal queries, but full zone transfers rely on TCP reliability.
A DHCP process failing at “discover” stage often indicates
A DNS record missing
B TLS handshake failed
C Broadcast not reaching
D FTP port blocked
DHCP discovery uses broadcast on the local network. If broadcasts are blocked by VLANs or misconfiguration, the client cannot find the DHCP server unless a relay agent forwards requests.
A DHCP relay is required mainly when the DHCP server is
A On same switch
B Inside browser cache
C Behind DNS root
D On another subnet
DHCP client broadcasts do not cross routers by default. A relay agent listens for DHCP messages and forwards them to a DHCP server on a different subnet.
In HTTP caching, a 304 response helps because it
A Forces full download
B Reuses cached copy
C Deletes all cookies
D Changes DNS mapping
304 Not Modified tells the client its cached version is still valid. The browser uses the local cached resource, saving bandwidth and improving speed without downloading the same content again.
The main risk of sending sensitive data in URL query strings is that the URL
A May be logged
B Breaks TCP always
C Disables DNS cache
D Forces HTTP 404
Query strings can appear in browser history, server logs, proxy logs, and referrer headers. Even with HTTPS, logs can expose URLs, so sensitive data should be sent in request bodies instead.
In HTTPS, the main job of TLS is to
A Assign IP addresses
B Route packets faster
C Secure data in transit
D Store DNS records
TLS provides encryption and integrity so data cannot be easily read or modified during transmission. It also supports authentication using certificates, helping prevent impersonation attacks.
A certificate warning “name mismatch” typically means
A DNS server down
B Domain not covered
C DHCP pool empty
D FTP login failed
Certificates are issued for specific domain names. If the website name in the URL does not match the certificate’s names, the browser cannot confirm identity and shows a warning.
SNI is useful in modern HTTPS because it allows
A Faster IP routing
B Lower packet loss
C Correct certificate selection
D Longer DHCP lease
SNI lets the client send the hostname during TLS setup. This allows a server hosting many domains on one IP to present the correct certificate for the requested site.
A common reason FTPS can be harder through firewalls is that it
A Uses multiple dynamic ports
B Uses only port 80
C Removes encryption entirely
D Disables TCP handshake
FTP already uses separate control and data connections, often with dynamic data ports. Adding TLS can make inspection harder for firewalls, so more careful port allowances are needed.
A reverse proxy commonly improves security by
A Assigning IP leases
B Replacing DNS records
C Increasing modulation
D Hiding backend servers
A reverse proxy sits in front of servers, exposing one entry point. It can filter traffic, limit attacks, enforce TLS, and keep backend server details hidden from direct internet exposure.
A forward proxy differs because it is used mainly by
A Authoritative DNS
B Client-side users
C DHCP servers
D Web hosting panels
A forward proxy represents client users to the internet. It can enforce policies, hide client identity from external sites, and cache content, while reverse proxies represent servers to clients.
NAT traversal is needed for some apps because NAT
A Stops DNS entirely
B Disables HTTP status
C Breaks inbound connections
D Removes TCP headers
NAT hides internal devices behind one public IP. Inbound connections from outside do not know which internal device to reach unless port forwarding, UPnP, or traversal methods are used.
In PAT (Port Address Translation), the router uniquely tracks flows mainly using
A Port number mapping
B DNS TTL values
C MAC address table
D HTTP cookies
PAT maps multiple internal connections to one public IP by assigning different public-side port numbers. The NAT table tracks these port mappings to return responses to the correct internal host.
DNSSEC helps by ensuring DNS answers are
A Always encrypted
B Cryptographically authentic
C Always faster
D Always cached
DNSSEC adds digital signatures so resolvers can verify that DNS data is genuine and not altered. It protects against spoofed DNS replies, though it does not automatically encrypt DNS queries.
A negative DNS cache entry is stored when a lookup returns
A 200 OK status
B DHCP NACK reply
C NXDOMAIN response
D TCP SYN message
Negative caching stores “does not exist” results for a short time. This reduces repeated queries for missing names, improving efficiency, but can delay visibility when a new record is created.
A CNAME chain can increase resolution time because it
A Shrinks IP packets
B Extends DHCP lease
C Improves throughput
D Requires extra lookups
Each CNAME points to another name that must also be resolved to an A/AAAA record. Multiple alias steps can trigger additional DNS queries unless results are already cached.
In DHCP, a reservation ensures
A Random IP always
B Same IP for MAC
C No gateway sent
D No DNS provided
A DHCP reservation ties a specific MAC address to a particular IP address in the server configuration. The device still uses DHCP, but consistently receives the same address.
A “wrong default gateway” typically causes
A No local LAN access
B No MAC address
C No internet access
D No HTTP status codes
With the wrong gateway, a device can still talk to local subnet hosts, but traffic to other networks cannot be forwarded correctly. This blocks internet or cross-network communication.
In TCP, a small receive window can reduce throughput because it
A Limits sender in-flight
B Increases DNS cache
C Shrinks packet header
D Improves modulation
The receive window tells how much data the receiver can accept without ACK. If it is small, the sender must pause often, limiting in-flight data and reducing speed on longer-latency links.
For VoIP, which issue is most damaging because it causes uneven packet timing
A DNS caching
B FTP passive mode
C Jitter variation
D Static addressing
VoIP needs steady packet arrival for smooth audio. Jitter causes irregular delays, producing choppy sound. Buffers can reduce jitter effects, but high jitter still harms real-time quality.
High latency harms VoIP mainly because it
A Increases DNS TTL
B Delays conversation flow
C Reduces IP length
D Changes MAC values
High latency creates noticeable pauses and talk-over, making conversation unnatural. Even if bandwidth is sufficient, long delays reduce call usability and can increase echo effects.
In email systems, port 587 is most associated with
A Mail submission
B DNS queries
C FTP control
D POP3 download
Port 587 is commonly used for SMTP submission from email clients to mail servers, often with authentication. Port 25 is typically used for server-to-server mail transfer.
Secure DNS over HTTPS (DoH) means DNS queries are sent using
A SMTP transport
B FTP transport
C HTTPS transport
D ICMP transport
DoH sends DNS requests inside HTTPS traffic, providing encryption and privacy against local observers. It changes how DNS is transported, though name resolution still follows DNS rules.
A major difference between HTTP and HTTPS is that HTTPS provides
A Automatic IP leasing
B Encrypted authenticated channel
C Packet routing tables
D MAC address mapping
HTTPS uses TLS to encrypt data and verify server identity via certificates. HTTP alone does not provide built-in confidentiality or identity checks, so traffic can be intercepted or modified more easily.
HTTP/1.1 persistent connections improve performance because they
A Remove IP routing
B Disable DNS caching
C Shorten MAC tables
D Reuse TCP connection
Reusing one TCP connection avoids repeated handshakes for many resources on a page. This reduces latency and improves page load times, especially when many small files are requested.
An HTTP 429 response generally indicates
A Resource not found
B Permanent redirect
C Too many requests
D Unauthorized access
429 is returned when the client exceeds a rate limit. It helps servers protect resources from overload or abuse, often advising clients to slow down or retry after some time.
A reverse DNS (PTR) record is often checked by mail servers to
A Reduce spam chances
B Increase bandwidth
C Speed DHCP leasing
D Encrypt SMTP traffic
Many mail servers verify that the sending IP has a valid PTR record matching a domain. While not a complete proof, it is a useful signal to reduce spam and spoofing.
If ping fails but websites load normally, the most likely explanation is
A DNS not working
B ICMP blocked
C DHCP pool empty
D NAT disabled
Many firewalls block ICMP echo responses for security. Web browsing can still work because HTTP/HTTPS use TCP, so ping failure does not always mean the host is unreachable.
A “proxy cache” speeds access mainly by
A Increasing file size
B Changing IP routes
C Serving stored copies
D Disabling encryption
The proxy stores frequently requested resources. When the same content is requested again, it can deliver a cached copy locally, reducing internet bandwidth and improving response times.
In OSI, encryption and data format conversion are most associated with
A Presentation layer
B Physical layer
C Data Link layer
D Network layer
The Presentation layer handles data representation, such as encoding, compression, and encryption/decryption. This ensures applications can interpret data correctly, even across different system formats.
The OSI layer that sets up, manages, and ends communication sessions is
A Transport layer
B Data Link layer
C Session layer
D Physical layer
The Session layer manages dialogs between applications, establishing sessions, maintaining them, and closing them properly. It can support synchronization points for recovery in long exchanges.
If a resolver returns a cached DNS answer that is wrong due to spoofing, the attack is often called
A TCP slow start
B DNS cache poisoning
C HTTP redirect loop
D NAT port mapping
Cache poisoning inserts false DNS data into a resolver cache, causing users to be redirected to malicious IPs. DNSSEC helps detect forged answers by validating digital signatures.
In FTP, the command channel and data channel separation is mainly for
A DNS vs routing
B NAT vs DHCP
C TLS vs ICMP
D Control vs transfer
FTP uses one channel for commands (login, directory, commands) and another for actual data movement. This design supports flexible transfers but complicates firewall traversal.
In HTTP, the “Host” header became essential mainly due to
A Packet switching
B DNSSEC signing
C Virtual hosting
D DHCP reservations
Virtual hosting allows many domains to share one IP. The Host header tells the server which domain the client requested, so the server can deliver the correct website content.
If a website uses HSTS, the browser will
A Force HTTP only
B Force HTTPS only
C Disable DNS entirely
D Disable TCP ACK
HSTS tells browsers to always use HTTPS for that domain for a period. This prevents downgrade attacks and accidental HTTP access, strengthening security for future visits.
A VPN provides confidentiality mainly because it
A Removes IP headers
B Disables routing
C Shortens URLs
D Encrypts tunneled traffic
VPNs encrypt packets sent through the tunnel. Even on public Wi-Fi, local observers cannot easily read traffic contents, though the VPN provider may still see encrypted traffic endpoints.
In a network, a “protocol suite” is best described as
A Set of related protocols
B Single port number
C One DNS record
D Only physical cables
A protocol suite includes multiple protocols that work together, such as TCP/IP, which combines IP, TCP, UDP, and application protocols like HTTP, DNS, and SMTP for full communication.
Port 993 is typically used for
A Secure POP3
B Secure HTTP
C Secure IMAP
D Secure FTP
Port 993 is used for IMAPS (IMAP over TLS). It secures mailbox synchronization. POP3S commonly uses port 995, and HTTPS uses port 443.
Port 995 is typically used for
A Secure IMAP
B Secure POP3
C Secure SMTP relay
D Secure DNS
Port 995 is used for POP3S (POP3 over TLS), encrypting email retrieval. IMAPS uses 993, while SMTP submission often uses 587 with TLS support.
A common tool to locate where delays occur on the path to a server is
A Cookie manager
B DNS editor
C Traceroute tool
D DHCP analyzer
Traceroute shows each hop between you and the destination and measures hop response times. This helps identify where latency or packet loss is likely occurring along the route.
“Encapsulation” in TCP/IP means HTTP data gets wrapped first by
A DNS query header
B MAC table entry
C DHCP lease data
D TCP segment header
Application data like HTTP is first placed into a TCP segment with TCP headers, then wrapped in an IP packet, and finally in a link-layer frame. Each layer adds needed control information.
If a client uses DoH, local network observers can still often see
A DNS query name
B Destination IP used
C MAC of remote host
D SMTP mailbox data
DoH encrypts DNS query content, but the client still connects to some IP addresses. Observers can often see which DNS service IP is contacted and later which site IPs are accessed.
In HTTP, “cookie” is sent from client to server using
A Host request header
B Location response header
C Cookie request header
D Server response header
Browsers include stored cookies in the Cookie header when making requests to the same domain and path rules. Servers may set cookies using Set-Cookie in responses.
When DHCP assigns settings, it typically includes IP, subnet mask, DNS, and
A Default gateway
B HTTP status code
C TCP sequence number
D FTP username
DHCP usually provides essential network settings: IP address, subnet mask, default gateway, and DNS servers. This enables local communication and access to other networks without manual configuration.
If a server responds with 301 instead of 302, it indicates
A Temporary redirect
B Permanent redirect
C Authentication required
D Resource missing
A 301 redirect means the resource has permanently moved. Browsers and search engines may update stored links, whereas 302 indicates a temporary move with different caching and indexing behavior.