Which HTTP method is designed specifically to retrieve data from a server without causing any side effects?
Think about the method that only asks for information without changing anything.
The GET method is used to request data from a server and should not change any data on the server. POST, PUT, and DELETE are used to modify data.
You are designing a web application that handles user login and sensitive data. Which protocol should you choose to ensure data security during transmission?
Consider which protocol protects data from being read by others during transmission.
HTTPS uses encryption (TLS/SSL) to secure data between client and server, protecting sensitive information like passwords. HTTP transmits data in plain text, which is insecure.
Your website uses HTTPS and experiences a sudden increase in traffic. Which approach best helps maintain performance while keeping secure connections?
Think about offloading encryption work to a dedicated component to reduce load on backend servers.
Terminating SSL/TLS at the load balancer allows it to handle encryption/decryption, reducing CPU load on backend servers. Forwarding unencrypted traffic internally is safe within a trusted network.
For delivering static images and videos on a public website, what is a key tradeoff when choosing HTTPS over HTTP?
Consider the impact of encryption on speed and security.
HTTPS encrypts data, adding some latency and CPU overhead, but it protects data integrity and privacy. HTTP is faster but insecure. Both support caching.
When a client establishes an HTTPS connection, the TLS handshake adds extra time before data transfer begins. Approximately how many round-trip times (RTTs) does a full TLS 1.3 handshake require before encrypted data can be sent?
TLS 1.3 improved handshake speed compared to previous versions.
TLS 1.3 requires one round-trip time (RTT) for a full handshake before encrypted data can be sent. It also supports zero-RTT for resumed sessions, but the question asks about a full handshake.