Chapter 10: Data Communication and Internet Services (Set-5)
In a TCP connection, the receiver can detect missing data primarily using
A MAC addresses
B DNS records
C Subnet masks
D Sequence numbers
TCP numbers bytes/segments so the receiver can see gaps in the sequence. Missing sequence ranges indicate lost segments, so the receiver can trigger retransmission, ensuring reliable, ordered delivery.
Which TCP mechanism prevents a fast sender from overwhelming a slow receiver
A Flow control
B Name resolution
C Proxy caching
D NAT mapping
TCP flow control uses a sliding window and receiver window size to limit how much unacknowledged data can be sent. This protects receiver buffers and avoids data loss from overload.
TCP congestion control mainly tries to prevent
A DNS poisoning
B IP exhaustion
C Network overload
D Email spoofing
Congestion control reduces sending rate when packets are dropped or delayed, helping avoid congestion collapse. It adapts to network conditions, improving fairness and overall stability across many users.
In IP networking, fragmentation is needed when
A Packet exceeds MTU
B DNS TTL is low
C TCP uses ACK
D DHCP lease ends
If an IP packet is larger than the link’s MTU, it may need fragmentation so it can traverse that link. Fragmentation adds overhead and can reduce performance, so avoiding it is preferred.
Path MTU discovery is mainly used to
A Increase bandwidth
B Avoid fragmentation
C Create DNS zones
D Speed up DHCP
Path MTU discovery tries to find the largest packet size that can travel end-to-end without fragmentation. This improves efficiency by sending packets that fit the smallest MTU on the path.
In DNS, “recursive query” means the server must
A Return final answer
B Return only referral
C Block all caching
D Change zone records
A recursive query asks the resolver to do the full lookup and return the final IP or record. The resolver may contact root, TLD, and authoritative servers to complete it.
Which DNS behavior can cause users to still see an old IP after a website changes servers
A NAT translation
B FTP active mode
C Cached DNS entries
D TCP handshake
DNS results are cached by resolvers and devices based on TTL. If records change, cached answers may persist until TTL expires, causing some users to reach the old server temporarily.
A DNS “negative cache” stores the result of
A Subnet calculation
B Non-existent domain
C Port forwarding
D TLS certificate
Negative caching stores responses like “name does not exist” for a short time. This reduces repeated queries for missing domains and improves efficiency, but can delay visibility of newly created records.
DHCP “reservation” is best described as
A Random IP each time
B DNS alias record
C Proxy login method
D Fixed IP for MAC
A DHCP reservation assigns the same IP address to a specific MAC address every time. It combines the convenience of DHCP with the predictability of a static address for that device.
A device can have correct IP and subnet mask but still fail to access internet if
A Gateway is wrong
B DNS cache is high
C UDP is used
D HTTP is enabled
Without the correct default gateway, a device cannot send traffic outside its local network. Local communication may work, but internet access fails because packets are not forwarded to other networks.
A device can reach websites by IP but not by name when
A MTU is small
B NAT is enabled
C DNS server missing
D TCP is reliable
If DNS server settings are incorrect, name resolution fails even though IP routing works. The browser cannot translate a domain name into an IP address, so only direct IP access succeeds.
In HTTP, a stateless protocol means the server
A Uses no headers
B Blocks all cookies
C Requires VPN always
D Stores no client state
HTTP does not automatically remember previous requests. Each request is independent, so websites use cookies and sessions to maintain user login and preferences across multiple requests.
A common reason websites use sessions instead of storing all data in cookies is
A Keep data server-side
B Increase DNS speed
C Reduce MTU size
D Avoid TCP ACK
Sessions keep sensitive or large state on the server. The browser stores only a session ID, reducing exposure risk and cookie size limits while allowing secure control of user state.
In HTTP/1.0, which header value was commonly used to request a persistent connection
A Host header
B Cookie header
C Connection: keep-alive
D Cache-Control header
In HTTP/1.0, persistent connections were not default. Clients often sent Connection: keep-alive to reuse the same TCP connection for multiple requests, reducing repeated handshakes and improving page load time.
In HTTPS, “certificate mismatch” warning commonly appears when
A Port 80 is used
B Domain name differs
C DNS TTL is low
D DHCP lease expired
Certificates are issued for specific domain names. If the user visits a different name than what the certificate covers, the browser warns because the server identity cannot be verified for that domain.
In TLS, integrity protection mainly ensures
A Data not altered
B Data always compressed
C IP never changes
D DNS never caches
TLS uses message authentication to detect tampering. Integrity checks ensure the data received is exactly what was sent, preventing attackers from modifying content during transmission.
In FTP, why is passive mode often preferred over active mode for clients behind NAT
A Server initiates data
B DNS handles data
C Client initiates data
D TCP avoids handshake
Passive mode allows the client to initiate both control and data connections, which works better through NAT/firewalls. Active mode requires the server to connect back, which is often blocked.
FTP control and data separation can create firewall issues mainly because
A DNS TTL changes
B MAC addresses change
C Cookies expire fast
D Data ports vary
FTP uses a control channel plus separate data connections. Data ports can be dynamic, especially in passive mode, so firewalls must allow a range of ports, making configuration more complex.
In networking, a “well-known port” generally falls in range
A 0 to 1023
B 1024 to 49151
C 49152 to 65535
D 65000 to 65535
Well-known ports are standardized for common services, like 80 for HTTP and 25 for SMTP. Operating systems often restrict binding to these ports to privileged processes for security reasons.
Which port is used by DNS queries in most cases
A Port 80
B Port 53
C Port 110
D Port 143
DNS typically uses port 53, commonly over UDP for quick queries and TCP for larger responses or zone transfers. Port 53 is the standard service port for DNS operations.
Email retrieval over a secure POP3 connection commonly uses
A Port 25
B Port 53
C Port 995
D Port 587
POP3S is POP3 over SSL/TLS and commonly uses port 995. It encrypts credentials and messages during retrieval, protecting email access on untrusted networks.
Email synchronization over a secure IMAP connection commonly uses
A Port 993
B Port 110
C Port 21
D Port 80
IMAPS is IMAP over SSL/TLS and commonly uses port 993. It secures mailbox synchronization and protects usernames, passwords, and email content during transfer.
Secure web browsing commonly uses HTTPS on
A Port 80
B Port 25
C Port 21
D Port 443
Port 443 is the standard port for HTTPS. Browsers connect to it when loading secure websites, enabling encrypted traffic and identity verification through TLS certificates.
Which technique allows multiple internal devices to share one public IP using different port numbers
A DNS caching
B FTP upload
C PAT translation
D TLS handshake
PAT (Port Address Translation), a common NAT form, maps many private addresses to one public IP by changing source ports. This lets many devices access the internet using a single public IP.
In a web proxy, “forward proxy” means it acts on behalf of
A Web servers
B Client users
C DNS root
D DHCP clients
A forward proxy represents clients to the internet. It can filter content, hide client IPs from external sites, enforce policies, and cache resources to reduce bandwidth use.
A “reverse proxy” typically sits in front of
A Client browsers
B DNS resolvers
C DHCP pools
D Backend servers
A reverse proxy handles incoming traffic for servers, providing load balancing, SSL termination, caching, and security filtering. Clients connect to the proxy, which forwards requests to internal servers.
VPN tunneling mainly works by
A Encapsulating packets
B Removing all headers
C Changing DNS zones
D Disabling routing
VPNs encapsulate original packets inside another packet format and encrypt them. This creates a secure tunnel across public networks, protecting confidentiality and integrity of the transported traffic.
In network troubleshooting, high “jitter” is especially harmful for
A DNS caching
B DHCP leasing
C VoIP audio calls
D Static websites
Jitter causes packet arrival times to vary, producing choppy audio in real-time voice. While buffering helps, too much jitter increases delay or causes gaps, reducing call clarity and conversation quality.
In VoIP, which issue causes missing sound when packets arrive too late for playback
A DNS recursion
B Packet loss effect
C NAT exhaustion
D FTP timeout
Late packets are often discarded because real-time audio cannot wait. Even if the network delivers them later, they miss the playback window, acting like packet loss and causing gaps or distortion.
Traceroute shows hops mainly because routers send
A ICMP time exceeded
B SMTP delivery report
C DNS authoritative reply
D FTP control response
Traceroute relies on TTL expiration. When TTL reaches zero, routers return an ICMP “time exceeded” message. By increasing TTL gradually, traceroute learns each hop along the path.
If traceroute stops after a certain hop but browsing still works, a likely reason is
A DNS failure
B DHCP expired
C ICMP blocked
D NAT disabled
Some routers or firewalls block ICMP responses or deprioritize them. Traceroute may show timeouts, yet normal TCP/UDP traffic still passes, so web browsing can continue normally.
In HTTP/1.1, persistent connections reduce overhead mainly by
A Removing DNS queries
B Shortening IP headers
C Disabling caching
D Reusing TCP connection
Keeping one TCP connection open avoids repeated handshakes for each resource. This reduces latency, improves page load speed, and is especially helpful when many small files are loaded.
A 304 HTTP response code generally means
A Not found
B Not modified
C Permanent redirect
D Server error
304 indicates the resource has not changed since the client’s cached version. The browser can reuse its cached copy, saving bandwidth and improving speed while keeping content consistent.
An HTTP 429 status code is commonly related to
A Page not found
B Unauthorized user
C Too many requests
D Bad gateway
429 means the client has sent too many requests in a short time. Servers use it for rate limiting to prevent overload or abuse, often with guidance on when to retry.
In DNS, a “CNAME chain” can slightly slow resolution because it
A Requires extra lookups
B Removes TTL entirely
C Breaks IP routing
D Changes subnet mask
A CNAME points to another name that must also be resolved to an A/AAAA record. Multiple alias steps can require additional DNS queries, increasing lookup time if not cached.
DNSSEC is primarily designed to protect against
A NAT translation issues
B FTP login failures
C DNS spoofing attacks
D DHCP renewal delays
DNSSEC adds digital signatures to DNS data so resolvers can verify responses are authentic. It helps prevent attackers from forging DNS answers and redirecting users to fake IP addresses.
DHCP can fail for a client if the network blocks
A TLS handshake
B DNS caching
C FTP passive ports
D Broadcast discovery
DHCP discovery often uses broadcast messages on the local network. If broadcasts are blocked by misconfiguration or VLAN rules without a relay agent, the client cannot find the DHCP server.
A DHCP relay agent is mainly used when
A Server is different subnet
B DNS is offline
C NAT is disabled
D HTTP is encrypted
DHCP broadcasts do not cross routers by default. A relay agent forwards DHCP requests to a server on another subnet, allowing centralized DHCP service across multiple networks.
In IP networks, the “default route” is used when
A DNS record missing
B Cookie expired
C No specific route matches
D FTP login fails
Routers use routing tables. If no more specific route exists for a destination, the default route forwards traffic to a gateway of last resort, typically toward an ISP or upstream router.
When an HTTPS site is accessed, SNI helps the server to
A Assign dynamic IP
B Choose correct certificate
C Increase bandwidth
D Shorten URL path
Server Name Indication (SNI) lets the client indicate the requested hostname during TLS setup. This allows a server hosting many domains on one IP to present the correct certificate.
A major security risk of accepting invalid HTTPS certificates is
A Man-in-middle attack
B Faster browsing speed
C Better DNS caching
D Higher bandwidth
Ignoring certificate warnings allows attackers to impersonate the website and intercept encrypted traffic. This can expose passwords and sensitive data because the identity verification step is bypassed.
In email delivery, why do many servers verify reverse DNS of sending IP
A Increase bandwidth
B Improve NAT speed
C Reduce spam risk
D Shorten TTL values
Reverse DNS helps validate that an IP belongs to a legitimate mail server. Many spam sources lack proper PTR records, so checking reverse DNS is one signal used in spam filtering decisions.
A website can still load even if DNS is down on your network if
A IP is cached
B NAT is disabled
C DHCP expired
D FTP is active
Browsers and OS caches may store earlier DNS results. If the IP is still cached and reachable, the site can load by reusing the cached mapping until it expires.
In NAT environments, some protocols struggle because they embed IP/port inside data; the common fix is
A DNS CNAME record
B Application-aware gateway
C DHCP reservation
D HTTP caching
Some protocols include address info inside payloads, which NAT doesn’t automatically rewrite. Application-aware gateways or helpers can inspect and modify payload data so connections work through NAT correctly.
For secure remote administration file transfer, the safest basic choice is
A FTP protocol
B HTTP protocol
C POP3 protocol
D SFTP protocol
SFTP provides encrypted authentication and file transfer, protecting credentials and data. Plain FTP can expose logins and file contents, making it risky on untrusted networks or public internet.
In TCP, the “window size” mainly controls
A DNS cache duration
B IP address length
C Unacked data allowed
D HTTP redirect count
Window size defines how much data can be sent before receiving acknowledgments. It affects throughput, especially on high-latency links, by allowing more in-flight data without waiting.
A common cause of low throughput on high-bandwidth, high-latency links is
A Small TCP window
B High DNS TTL
C Short URL path
D Low MAC value
With high latency, the sender must keep enough data in flight to fill the path. If the TCP window is too small, the sender waits often, reducing achievable throughput despite high bandwidth.
In HTTP, why is GET considered less suitable for sending sensitive data than POST
A GET is encrypted
B POST uses UDP
C GET blocks cookies
D URL can be logged
GET parameters can appear in URLs, browser history, server logs, and referrer headers. Even with HTTPS, logs may store URLs, so sensitive data should not be placed in query strings.
A key difference between HTTP and HTTPS is that HTTPS provides
A Automatic IP assignment
B Authentication of server
C Packet fragmentation
D DNS zone updates
HTTPS uses certificates so browsers can verify the server identity and establish encrypted communication. HTTP alone provides no built-in identity verification, making it easier to intercept or spoof traffic.
In DNS, which record is most directly used to prove domain ownership for some services
A PTR record
B MX record
C TXT record
D SRV record
TXT records store arbitrary text and are often used for verification, such as proving domain control for email security and service setup. Providers check a specific TXT value to confirm ownership.