Protocols — Set 2

Correct Answer: D. POP3

• **POP3 (Post Office Protocol version 3)** = An email retrieval protocol that allows a client to download messages from a mail server to a local device, typically deleting them from the server after download. It operates on Port 110 (unencrypted) and Port 995 (encrypted with SSL/TLS). • **Key fact** — POP3 uses a simple three-phase interaction: Authorization (login), Transaction (retrieve/delete messages), and Update (permanent deletion of marked messages on server logout), with no server-side folder synchronisation. • POP3 was designed for offline mail access — once emails are downloaded, the server copy is removed, making it unsuitable for multi-device access; this contrasts with IMAP which keeps all mail on the server. • 💡 Option A (IMAP) is wrong because IMAP keeps messages on the server and synchronises across multiple devices rather than deleting after download; Option B (SNMP) is wrong because SNMP is used to manage and monitor network infrastructure devices; Option C (SMTP) is wrong because SMTP is used for sending outgoing email, not for retrieving incoming messages.

Correct Answer: A. UDP

• **UDP (User Datagram Protocol)** = A connectionless Transport Layer protocol that sends data packets (datagrams) without first establishing a connection and without checking whether they arrive, making it the fastest standard transport protocol available. It operates on Port numbers assigned per application and adds minimal overhead — only an 8-byte header versus TCP's 20-byte header. • **Key fact** — Because UDP skips acknowledgements and retransmissions, a lost packet in a video stream simply causes a momentary glitch rather than pausing playback to wait for a resend, which is far preferable for real-time media. • UDP is used by DNS (Port 53), DHCP (Ports 67/68), TFTP, online multiplayer games, and live video/audio streaming; modern QUIC protocol (used by HTTP/3) also builds on UDP. • 💡 Option B (FTP) is wrong because FTP uses TCP for reliable ordered file transfer; Option C (HTTPS) is wrong because HTTPS requires a TCP connection for guaranteed delivery of web content; Option D (TCP) is wrong because TCP is the connection-oriented protocol that guarantees delivery, the opposite of connectionless UDP.

Correct Answer: D. SNMP

• **SNMP (Simple Network Management Protocol)** = An application-layer protocol used to collect, organise, and modify information about managed network devices such as routers, switches, servers, and printers, enabling centralised network monitoring. It uses UDP Port 161 for queries from the manager to agents, and UDP Port 162 for unsolicited trap messages sent by agents to the manager. • **Key fact** — SNMP uses a Manager-Agent model: a software 'agent' runs on each managed device and exposes a Management Information Base (MIB) — a structured database of variables like CPU usage, interface status, and error counts — which the manager polls or reads remotely. • SNMPv1 and v2c send community strings (passwords) in plain text, making them insecure; SNMPv3 (current standard) adds authentication with MD5/SHA and encryption with DES/AES, fixing this critical vulnerability. • 💡 Option A (SMTP) is wrong because SMTP is the protocol for sending email messages between mail servers, not network device management; Option B (ARP) is wrong because ARP resolves IP addresses to MAC addresses within a local network; Option C (HTTP) is wrong because HTTP is the application-layer protocol for transferring web pages between browsers and servers.

Correct Answer: D. IMAP

• **IMAP (Internet Message Access Protocol)** = An email retrieval protocol that keeps all messages stored on the mail server and synchronises folder structure, read/unread status, flags, and labels across every device that connects, making it the standard for multi-device email access. It operates on Port 143 (plain) and Port 993 (IMAPS with SSL/TLS). • **Key fact** — IMAP supports server-side search and partial message fetching (headers first, body on demand), so a smartphone can display a full inbox without downloading every attachment — a critical bandwidth advantage over POP3. • IMAP was designed by Mark Crispin at Stanford in 1986; the current version IMAP4rev1 is defined in RFC 3501, and its successor IMAP4rev2 (RFC 9051) adds enhanced security and UTF-8 support. • 💡 Option A (POP3) is wrong because POP3 downloads mail to a local device and typically deletes it from the server, breaking multi-device sync; Option B (SMTP) is wrong because SMTP is used for sending outgoing email, not retrieving it; Option C (DHCP) is wrong because DHCP automatically assigns IP addresses to network devices and has no relation to email.

Correct Answer: A. HTTP

• **HTTP (HyperText Transfer Protocol)** = The foundational application-layer protocol of the World Wide Web that defines how hypermedia documents (HTML, images, videos) are requested by browsers and delivered by web servers, using a request-response model over TCP (Port 80). Tim Berners-Lee designed HTTP in 1989 at CERN as part of his World Wide Web proposal. • **Key fact** — HTTP is stateless — each request is completely independent, with no memory of past interactions; web applications work around this using cookies, sessions, and tokens to maintain state across multiple HTTP requests. • HTTP/1.1 introduced persistent connections (keep-alive); HTTP/2 added multiplexing (multiple requests over one TCP connection); HTTP/3 replaced TCP with QUIC (UDP-based) to eliminate head-of-line blocking and reduce latency. • 💡 Option B (FTP) is wrong because FTP is designed for direct file transfer using separate control and data connections, not for web page delivery; Option C (SMTP) is wrong because SMTP is the protocol for sending email messages between servers; Option D (TELNET) is wrong because TELNET provides remote command-line access to computers, not web page transmission.

Correct Answer: D. RARP

• **RARP (Reverse Address Resolution Protocol)** = A network protocol that allows a device knowing only its own MAC (physical) address to request its IP address from a RARP server on the same LAN, performing the exact reverse mapping of ARP (which goes from IP → MAC, while RARP goes from MAC → IP). It was defined in RFC 903 in 1984. • **Key fact** — RARP was primarily used by diskless workstations in the 1980s that had no local storage to remember their IP address; on every boot, the machine broadcast its MAC address and the RARP server responded with the assigned IP. • RARP is now obsolete because it only provided an IP address with no other network configuration (no gateway, no DNS); it was replaced first by BOOTP and then by DHCP, which provides a complete network configuration in one exchange. • 💡 Option A (ARP) is wrong because ARP does the opposite — it finds the MAC address when the IP is already known; Option B (ICMP) is wrong because ICMP sends error and diagnostic messages between network nodes; Option C (DHCP) is wrong because DHCP dynamically assigns IP addresses along with full network configuration and has replaced RARP entirely.

Correct Answer: D. BGP

• **BGP (Border Gateway Protocol)** = The only Exterior Gateway Protocol (EGP) in widespread use on the internet, responsible for exchanging routing and reachability information between different Autonomous Systems (AS) — independently managed networks like those of ISPs, universities, and large corporations. BGP4 is the current version, defined in RFC 4271. • **Key fact** — BGP is a path-vector protocol: instead of simply counting hops (like RIP) or calculating link costs (like OSPF), it selects routes based on a series of policy attributes including AS_PATH length, NEXT_HOP, LOCAL_PREF, and MED, giving network administrators fine-grained traffic engineering control. • BGP operates over TCP Port 179 and maintains persistent sessions called 'BGP peering sessions' between routers; a misconfigured BGP announcement (route leak) can accidentally redirect global internet traffic, as seen in several high-profile outages. • 💡 Option A (RIP) is wrong because RIP is an Interior Gateway Protocol (IGP) using hop count within a single AS, with a 15-hop maximum making it unsuitable for the internet; Option B (OSPF) is wrong because OSPF is also an IGP using link-state within a single AS, not between autonomous systems; Option C (EIGRP) is wrong because EIGRP is Cisco's proprietary advanced distance-vector protocol used inside autonomous systems.

Correct Answer: A. SSL

• **SSL (Secure Sockets Layer)** = A cryptographic protocol developed by Netscape in 1995 that uses digital certificates issued by Certificate Authorities to authenticate a server's identity and then establishes an encrypted channel between server and client, ensuring that transmitted data cannot be read or tampered with in transit. SSL is the predecessor of the modern TLS (Transport Layer Security) protocol. • **Key fact** — SSL uses an asymmetric key exchange (RSA or Diffie-Hellman) to securely share a symmetric session key, then switches to faster symmetric encryption (AES) for the bulk of the data — combining the security of public-key cryptography with the speed of symmetric encryption. • All versions of SSL (1.0, 2.0, 3.0) are now deprecated due to critical vulnerabilities (POODLE, DROWN attacks); modern browsers exclusively use TLS 1.2 or TLS 1.3, though the public still refers to it colloquially as 'SSL'. • 💡 Option B (UDP) is wrong because UDP is a connectionless transport protocol with no built-in security or encryption; Option C (ARP) is wrong because ARP maps IP addresses to MAC addresses at the local network level and provides no security features; Option D (POP3) is wrong because POP3 is an email retrieval protocol and provides no server-client security exchange mechanism.

Correct Answer: A. IGMP

• **IGMP (Internet Group Management Protocol)** = A network-layer protocol that manages the membership of IP multicast groups on a LAN, allowing a host to tell its local router which multicast groups it wants to receive traffic from, and allowing routers to forward multicast packets only to segments with interested receivers. IGMP operates directly over IP (Protocol Number 2). • **Key fact** — Without IGMP, a multicast stream (like a live TV channel) would need to be sent as individual unicast streams to every viewer, multiplying bandwidth by the number of viewers; IGMP enables one stream to reach thousands of subscribers using only the bandwidth of a single stream on the backbone. • IGMPv1 (1989) allowed joining only; IGMPv2 added explicit leave messages to quickly stop unwanted traffic; IGMPv3 (current) added Source-Specific Multicast (SSM), letting hosts specify which particular source they want to receive multicast from. • 💡 Option B (ICMP) is wrong because ICMP sends error messages and network diagnostics like ping, not multicast group membership signals; Option C (SMTP) is wrong because SMTP is the email sending protocol and has nothing to do with multicast group management; Option D (FTP) is wrong because FTP is a file transfer protocol operating over a point-to-point TCP connection.

Correct Answer: D. TELNET

• **TELNET (Teletype Network)** = One of the earliest internet protocols (RFC 854, 1983) that provides a bidirectional, interactive text-based communication channel for remote login to another computer — but transmits all data, including usernames, passwords, and commands, entirely in plain text with zero encryption. It operates on TCP Port 23. • **Key fact** — Because TELNET sends credentials in clear text, any attacker performing a packet capture (using tools like Wireshark) on the same network segment can trivially read login details; this makes TELNET completely unsuitable for use over any untrusted network including the internet. • TELNET has been replaced by SSH for virtually all remote administration purposes; however, TELNET is still sometimes used on isolated lab networks for testing and for connecting to legacy equipment like old routers and mainframes. • 💡 Option A (SSH) is wrong because SSH is the secure, encrypted successor to Telnet — it is the modern and safe protocol for remote login; Option B (SFTP) is wrong because SFTP (SSH File Transfer Protocol) is used for encrypted file transfers, not a plain-text legacy protocol; Option C (HTTPS) is wrong because HTTPS is a secure web protocol that encrypts HTTP traffic, not a remote access protocol.