ist 346 Final

Ace your homework & exams now with Quizwiz!

policy issues of email

-ECPA compliance- email requires consent -archival policy -subpoenas- pulling emails from backups for a court order -employees use company property

What are some concerns which need to be addressed in a production mail setup?

-SMTP doesnt need to be authenticated -no TLS encryption -no spam system -no scaling strategy -no directory service

Technological issues of email

-uses lots of storage -complicated service -requires lots of servers -SPAM -not that secure -easy to spoof

Anatomy of Email

3 components: Protocols, APIs, Components. protocols: IMAP4, POP3, SMTP, IMAPS APIs: SMTP, MIME, various RFCs Components: MUA, MTA, MDA, AA, message store

what's Roundcube? (used in email lab)

A container thats a webmail client. MUA

Web API's JSON, XML

APIs are code you execute in your program that someone else wrote. Web APIs are APIs executed over the HTTP or HTTPs protocol. Allows us to leverage services in the cloud to our own program JSON is a lightweight format API for storing and transporting data, often used when data is sent from a server to a web page XML is machine readable content formal similar to HTML. allows for the design of schemas so that any data formal can be represented.

web scalability and reverse proxies

An HTTP reverse proxy is an HTTP server which retrieves resources from one or more servers on behalf of a client. used to limit exposure of web application. Web can be scaled vertically, horizontally (add load balancer and 2 servers) and up and out (add a bunch of web servers and database servers)

What is a topic?

An MQTT topic is the channel for the IoT data. One MQTT broker can handle millions of messages so we use topics to categorize messages similar to each other

4. which native mobile application development platform uses Java for its programming language

Android

Popular mobile operating systems

Apple iOS and Google Android

Other kinds of messaging applications

Chat/ IM Slack Microsoft teams Yammer Video chat (Zoom)

Types of IoT and their examples

Consumer (smart thermostat) Commercial (Pro Sports team data collection) Industrial (Amazon robots to locate items on shelves) Infrastructure (smart cities)

5. The contents of web pages are primarily coded in

HTML

2. The protocol for retrieving email messages is

IMAP

Where does the majority of the processing occur in an IoT network?

Little to no actual processing occurs in an Iot sensor. The decision making on whether or not to send an email will occur in the software application, like NodeRed platform.

16. The protocol for IoT messaging is

MQTT

components of an email and their terminology

MUA = mail user agent MTA = message transfer agent MDA= mail delivery agent AA= access agent

MUA MTA MDA AA

Mail user agent (outlook, gmail etc.) Message transfer agent. sends mail around the internet Mail delivery agent. writes mail to the mail message, from MDA to message store Acess agent. Exposes a protocol so users can read mail from the message store

IoT architecture MQTT and gateways

Message Queuing Telemetry Transport is a protocol for IOT. Messages are categorized by topics, and MQTT broker collects messages from publishers and push through gateways (?)

Native, Hybrid, PWA, app development- differences, pros, cons

Native- write the app in the language of the mobile OS. Best performance, but unique for every platform and challenging to maintain hybrid- write the app in an intermediate language which then either complies to native or PWA. One language for all OS, access to MOST hardware, not suitable for some applications PWA- write the app in HTML and JavasScript as you would a website. Easiest skillset, don't need to put in app store, not suitable for some applications or supported by all platforms, least access to hardware

6. A protocol for authenticating a web API is

OAUTH2

What is the difference between a PATCH and a PUT?

PUT is for replacing the entire record, and PATCH is for partial updates.

how mobile differs from web

Phones have a browser, but most of our experiences use native apps downloaded. Advantages: offline data, push notifs, better performance, access to hardware features like camera or microphone

whats the mobile application development process that doesn't require an upload to the app store

Progressive Web app

9. Which is not a typical responsibility of a mobile back end as a service

Publishing to app stores

Provide an example of something you use everyday which would be considered IoT?

Roomba, smart fridge/ washing machine.

18. The protocol for sending email is

SMTP

3. which of the following is not a concern which should be addressed in a production email setup

SMTP access to this public

SMTP vs IMAP.. which one sends mail and which retrieves it?

SMTP does the sending to a mailbox, and IMAP allows a user to retrieve it.

When you send an email from an actual mail client, which protocol(s) are used and why?

SMTP to send the email and IMPA to save a copy in the sent folder

Software defined product/ hardware defined product

Software defined product is a product that is made what it is because of the software application, which is programmable & updatable, and the cybermodel, the statistical model which assists in decision making hardware defined product is made what it is bc of its hardware. Sensors to gather data, actuator to alter environment, and embedded system, packages data and sends over internet.

What is telnet? What is the value of using Telnet to connect to any TCP protocol?

Telnet is a protocol that allows us to interact with the mail server from our terminal at the protocol level. This isn't how you could normally use email, but shows how application layer protocols like SMTP and IMAP work. Can be used to troubleshoot.

What is IoT and how is it different from smart devices?

The Internet of Things or IoT represents technologies embedded into everyday objects so that they can communicate over the Internet. From WiFi tooth brushes to traffic cameras, it seems like nothing is immune from the IoT craze. IoT is different from smart products. While things like a washing machine that sends text when clothes are dry is considered IoT, true IoT derives value from being smart and connected. It is more than a device, it is a combo of device, software, network, and interface

What is the purpose of an MQTT Broker like Mosquitto?

The MQTT Broker collects messages from the sensors and queues them until the Node Red platform is ready to consume and process them. the MQTT broker prevents loss of data over the network between sensors and platforms which process the data. Without MQTT we would not be able to make changes to the IoT platform without losing data!

what are the purpose of the email message headers?

They include information like who the message is to/from, either the message was identified as SPAM, the date/time is was sent, and the message id. All this stuff helps the mail client determine what to do with this message and how to display it to us.producpr

TLS, SSL, termination

Transport Layer Security- encrypts traffic over wire to protect against "Man in the Middle" attacks. Acquire certificate from authority, and browsers "trust" authority and encrypt traffic. (https) SSL????? TERMINATION???

URL HTML Web Server Web Browser Resource

URL = global name space which identifies a resource on the web HTML= Markup language for rendering web pages Web Server= a computer on the web which hosts resources web browser= a computer on the web which consumes resources resource= content at a URL, hosted on a web server and requested by a web browser

What is the purpose of a software application like Node Red?

a data flow based programming tool for the Internet of Things, to send us an email when the glass is empty. The Node Red application is subscribed to listen for messages on the same topic. When it sees a message it processes the message by displaying it to the debut window.

10. to scale HTTP services horizontally we need

a load balancer

What is covered in a code of ethics and/or code of conduct policy

acceptable use policy + network monitoring policy and privileged access code of conduct

What is Swagger?

an API documentation tool which automatically generates sample instructions for how any API can be consumed. Swagger shows us the different endpoints to interact with our content, whether we want to list it, add to it, or change it.

8. your company needs to manage iPads used as automated sales kiosks. a possible solution could be

an MDM system

What is an OAuth 2 access token? What is the relationship between it and the client secret and client id pair?

an opaque string, generated from the client secret which provides the bearer of the token access to the API for a limited amount of time. Any client with the access token can access the API with the set permissions for as long as the token is valid. typically the access token is generated as requested by an authenticated client.

What is Squidex?

an open-source, content-as-a-service platform used to create APIs. Squidex is a headless content management system. It allows you to create custom content definitions (schema) and it will create an HTTP API that allows you to create, retrieve, update and delete (CRUD) your custom content.

How the web works, request verbs and status codes

clients make requests to web servers, typically using a browser. the client provides a request method and URL. verb (nature of the request) + URL (the resource to request) The web server send a response to the client. In the response is the content based on the URL. The client renders (draws) the content in the web browser. Status code (what happened) + content type (the actual content)

what are the various IoT types?

consumer commercial industrial infrastructure

what are the responsibilities of mobile backend as a service? which aren't needed as well

contains the web APIs required by the application and other services like push notifs. saves you development and admin resources in mobile app. data storage, scalability, usage analytics, identity management and social auth.

15. in the web API lab we used as application called Squidex, which could be best classified as...? What is Squidex

content as a service. Squidex is an open-source, content-as-a-service platform used to create APIs.

What and why of ethics?

ethics are the principles of conduct that govern a group of people. not morals.. what is ethical isnt clear bc there might not be clear policies important bc SAs have privledge to confidential info, they must be responsible and people must be able to trust you with the access

Mobile device management

getting apps into the stores, search + install. Mobile Device Management Systems remotely install apps on devices. Run separate internal App stores. Control which apps can be launched/ accessed.

13. an email address such as [email protected] is an example of which type of namespace?

global and hierachical

Whats a global namespace? whats a hierachial namespace?

global is the @syr.edu or @gmail while hierarchial is the names on the global namespace like rjisley

Whats an MDM systems role? What is it primarily used for?

hint. the importance of automation of tasks software that allows IT administrators to control, secure and enforce policies on smartphones, tablets and other endpoints. Important to automate ethical policy

whats the difference between IoT and smart devices

hint: a specific model is in existence IOT derives value from being smart and connected. its more than the device, also includes the software, network, and UI. software defined product + hardware defined product

example of a sensor and an actuator

in a thermostat, notices too hot actuator would activate air conditioning

HTTP protocol: what forms does it always return content in a response

in code. status code: what happened content type: the actual content

What is OAuth 2?

industry-standard protocol for authenticating to a Web API. So we can expose API to clients securely without giving everyone the password

How IMAP works

internet-> MTA->MDA (exchange hubs-> message store-> AA (Exchange) -> MUA

Does NodeRed actually connect to the IoT device? Explain your answer

it never actually connects to the devices, but instead listens for messages to arrive on our MQTT broker.

What are the concerns that are addressed in terms of setting up and producing email

lots of storage, spam, not that secure, lots of servers, legal and ethical compliance policies, archival policy

12. Info of who the email message is to, and whether the message was identified as SPAM are called

message headers

how are ethics different from morals?

morals are the proclomation of what is right and good, while ethics are principles of conduct. ethics are defined, while morals are more like a moral compass

11. which mobile app development process creates applications which generally perform the best

native

Privileged access? What is it? Who has it?

people with privleged access can see other peoples otherwise private info. need a special code of conduct on how to act. must be trained in ethics and code of conduct, policy, and procedure

Why must we include the bearer token with every API call? How come there is no short-cut method where we login one and it persists for the entire session?

reThe HTTP protocol is stateless. This means that the requests do not know about each other. Because each request is completely isolated from the other we must include our credentials with every request. That's right. When you "log on" to a website, it saves a similar token and that token goes back to the server on every request to make sure "its really you" and that you are still "logged in." Such is the way of the web!c

types of IoT analytics

retrospective analytics- what happened? diagnostic- why did it happen? descriptive- whats happening now predictive- what will happen prescriptive- what should i do about it?

what is required to provide access to an HTTP service behind a firewall?

reverse proxy

MBaaS- what they do

saves development and administrative resources in mobile app initiatives. Data storage with Web APIs, push notifs, auto scalability, client device analytics and usage statistics, handles identity management and social authentification

7. An IOT hardware defined product consists of

sensors and actuators

How STMP works

simple mail transport protocol MUA (source)-> MDA (exchange)-> MTA (sendmail)-> through the internet -> MTA->MDA-> message store

1. The HTTP protocol always returns back content and a .... in the response?

status code

14. an automated web API documentation tool is known as

swagger

for SMTP requests why do we authenticate

to attempt to filter out spam

17. Why is it important to authenticate SMTP requests

to prevent spammers from sending email


Related study sets

FN - Chapter 25: Asepsis and Infection Control

View Set

Ch. 40 Respiratory dysfunction pediatric

View Set

AFRICAN AMERICAN HISTORY 2 CHAPTER 13 EXAM

View Set

Baloncesto: Fill in the blanks with basketball scores in Spanish Follow the model.

View Set

P - Chapter 25 - Muscle Relaxants

View Set

Final Exam Biology (Chapters 17,18,19)

View Set

UE Origin and Insertion: Forearm Muscles

View Set