1. Explain what does SimpleWebServer Object include?

- SimpleWebServer Object includes the steps that need to be followed to properly use it. The steps are as follows:

- The initialization of the variable takes place that holds the port number for the web server.

- The initialization allows the web server to listen on the port number that is being defined.

- The web server receives the communication through the port that is being mentioned using the object.

- ServerSocket is initialized to establish the connection so that web server and the client can interact with each other.

- This involves redirecting of the content from one place to another only when the sockets on both the sides are opened.

2. Do you know what is the function of Secure Socket layer?

- Secure socket layer is used to provide the security protocol used by the Internet to provide an easy access to the websites.

- It provides a way to validate or identify the website by creating the information file and making the accessing possible.

- It creates an encrypted connection that provides the sending of the data from one source to another using the SSL.

- SSL provides a way to ensure that the security is being provided to the transaction and the data in use.

- The lock is used to display the browsers connection is closed or opened on the secure channel of SSL or TLS.

3. Tell me what are some of the preliminaries of web security?

- Web security consists of some preliminary that need to be followed to provide better security to applications and programs.

- HTTP is also known as HyperText Transfer Protocol is used to provide the communication between the server and the web.

- It provides a connection to be established between the web server and the client computer so that the HTML pages can be transmitted and viewed.

- The website addresses should begin with an http:// prefix and to make it more secure the address should begin with https:// that provides more security.

- HTTP request that is made to the browser provides the web server using Get /HTTP/1.0.

- The server can function properly and send the files only if the index.html is loaded properly and sent back to the user.

4. Do you know what does secure by default mean in web security?

- The secure by default provides the automatic security scripts and applications that save the system from any intrusion.

- This includes the hardening of the system in which all the unnecessary services becomes off by default.

- These allow the process to use fewer resources and allow the process to run in their own shell within their own assigned memory.

- It enables fewer features that explain that if more features are enabled then the chances of being exploited are more with less security is being provided.

- System uses the policy of secure by default to secure the programs and application from unwanted access.

5. Explain what are the security features being provided in web security?

- Security features are very essential in the system as it provides an overall security of the system by applying the patches and the services that keeps the unwanted access away.

- The security features included are as follows:

- Use of algorithms in relation to, the security and the system to, solve the problem of the security.

- Use of SSL or any encryption method to, protect the system from intrusion or any other attack.

- Use of SSL in the SimpleWebServer that doesn't provides the protection against the DoS attack and doesn't allow the accessing to, be done using the /etc/shadow.

6. Tell me what is the function of Socket?

- Sockets are very important from the security point of view as it is a method that allows directing of the data to application using TCP/IP protocols.

- It provides a way to combine the IP address and the port number so that a socket can be created and used.

- Web server and the client system both have a virtual environment on which there are sockets that allow the communication to happen between both the parties.

- Client system communicates with the server using the sockets that are opened on the system and by plugging the wire to the server and client system.

- Run() method used in Scoket allow the connection to be established that is coming from the client side.

- It also has a function accept() that is given in ServerSocket that returns the number corresponding to the request generated.

7. How to write a program to fix the error being produced by the Infinite file?

- The infinite file error can be solved when the data will be read continuously from the file.

- The error can be solved by using the keys that provide only the resources that are required.

- The following program is as follows:

osw.write ("HTTP/1.0 200 OKnn");
while (c != -1) {
sb.append((char)c);
c = fr.read();
}
osw.write (sb.toString());

- This converts the requested file in such a way that if the file exists it shows the messages as ok otherwise it shows an error.

- Limited file access is to be given to the file to remove the error from the infinite file type.

8. Tell me what are the conditions kept in mind before defining the file?

- The file length needs to be checked of the requested file to see that it is above or below the pre-defined value of the available memory.

- The server serves the file using the conditions given or else it shows errors in case the file doesn't exist on the disk.

- The file is not stored in the memory and it consists of the stream or bytes having incremental approach.

- The server fulfils the request when there are no clients that need to be services at the time when the previous one is already in service.

- A download limit will be imposed and till that time the file won't be stored in the memory. It will have the MAX_DOWNLOAD_LIMIT bytes set for the client before stopping the process.

9. Do you know what is the use of Infinite file in Web security?

- Infinite file consists of random bits of code that is stored in /dev/random file used to generate the cryptographic keys.

- Infinite file consists of the source of infinite data that can be used to provide the response in easy manner.

- Web server consists of the file that is received by the server in this format GET //dev/random HTTP/1.0.

- Web server provides the continuous data that can be read from /dev/random/ before the web server can run out of the memory.

- The server crashes out in case it runs out of the memory due to the infinite file type and it is very essential in case of the web security.

10. Do you know what is the Fail-safe approach?

- Fail-safe approach defines the level that divides the security such that it is safe even in case the system is failed.

- The fail safe approach doesn't allow an attacker to take the advantage by breaking in the system and crashes out.

- This approach allows the web server to perform the routines even if the system runs out of the memory in case of any attack.

- The system in attacks doesn't skip the access to the control check or it doesn't skip serving any document requested.

- Fail safe approach can force the web server to run of the memory and have a DoS attack.

Download Interview PDF