COMPUTER NETWORKS 1. Describe the OSI Reference Model and Describe about the 7 layers of OSI Reference Layers Open System Interconnections (OSI) is a network architecture model based on the ISO standards. It is called the OSI model as it deals with connecting the systems that are open for communication with other systems. The OSI model has seven layers. Layer Unit Exchanged Physical Bit Data Link Frame Description It is concerned with transmitting raw bits over a communication channel. Chooses which type of transmission mode is to be selected for the transmission. The available transmission modes are Simplex, Half Duplex and Full Duplex., The main task of this layer is to transform a raw transmission facility into a line that appears free of undetected transmission errors. It also allows detecting damaged packets using the CRC (Cyclic Redundancy Check) error-detecting, code. When more than one node is connected to a shared link, Data Link Layer protocols are required to determine which device has control over the link at a given time. It is implemented by protocols like CSMA/CD, Layer Network Unit Exchanged Packet Description CSMA/CA, ALOHA, and Token Passing. It controls the operation of the subnet. The network layer takes care of feedback messaging through ICMP messages. Transport The basic functionality of this layer is to accept data from the above layers, split it up into smaller units if needed, pass these to the network layer, and ensure TPDU - Transaction that all the pieces arrive correctly at the other end. Protocol Data Unit The Transport Layer takes care of Segmentation and Reassembly. Session The session layer allows users on different machines to establish sessions between them. Dialogue control is using the full-duplex link as SPDU Session half-duplex. It sends out dummy packets from the client Protocol Data Unit to the server when the client is ideal. The presentation layer is concerned with the syntax and semantics of the information transmitted. It translates a message from a common form to PPDU - Presentation Presentation the encoded format which will be understood by the Protocol Data Unit receiver. It contains a variety of protocols that are commonly needed by users. APDU - Application The application layer sends data of any size to Application Protocol Data Unit the transport layer. 2. Describe the TCP/IP Reference Model and define the 4 layers of TCP/IP. It is a compressed version of the OSI model with only 4 layers. It was developed by the US Department of Defence (DoD) in the 1980s. The name of this model is based on 2 standard protocols used i.e. TCP (Transmission Control Protocol) and IP (Internet Protocol). Layer Link Internet Description Decides which links such as serial lines or classic Ethernet must be used to meet the needs of the connectionless internet layer. The internet layer is the most important layer which holds the whole architecture together. It delivers the IP packets where they are supposed to be delivered. Its functionality is almost the same as the OSI transport layer. It enables peer entities on the network to carry on a conversation. Application It contains all the higher-level protocols. Transport 3. Differentiate OSI Reference Model with TCP/IP Reference Model 4. Name some services provided by the application layer in the Internet model? Some services provided by the application layer in the Internet model are as follows: Mail services Directory services File transfer Access management Network virtual terminal 5. What are proxy servers, and how do they protect computer networks? Proxy servers prevent external users from identifying the IP addresses of an internal network. They make a network virtually invisible to external users, who cannot identify the physical location of a network without knowledge of the correct IP address. 6. What is a switch? A switch is a network device that connects multiple devices or networks together. It allows you to quickly and easily connect different devices to a network, providing the ability to share data or resources between them. It also allows for the creation of separate networks for different users or devices. 7. What are routers? Ans. Routers connect two or more network segments. These intelligent network devices store information such as paths, hops, and bottlenecks in their routing tables. They determine the most accurate data transfer paths and operate in Open Systems Interconnection (OSI) Network Layer. The roles of a router include: Inter-network communication Best path selection Packet forwarding Packet filtering 8. In which OSI layer Header and Trailer are added? What happens in the OSI model, as a data packet moves from the lower to upper layers? What happens in the OSI model, as a data packet moves from the upper to lower layers? At the Data link layer trailer is added and at the OSI model layer 6,5,4,3 added header. In the OSI model, as a data packet moves from the lower to upper layers, headers get removed. In the OSI model, as a data packet moves from the upper to lower layers, headers are added. This header contains useful information. 9. What is IP Spoofing? IP Spoofing is essentially a technique used by hackers to gain unauthorized access to Computers. Concepts of IP Spoofing were initially discussed in academic circles as early as 1980. IP Spoofing types of attacks had been known to Security experts on the theoretical level. It was primarily theoretical until Robert Morris discovered a security weakness in the TCP protocol known as sequence prediction. Occasionally IP spoofing is done to mask the origins of a Dos attack. In fact, Dos attacks often mask the actual IP addresses from where the attack has originated from. 10. What is TCP and UDP and also compare about TCP and UDP. TCP or TCP/IP is the Transmission Control Protocol/Internet Protocol. It is a set of rules that decides how a computer connects to the Internet and how to transmit the data over the network. It creates a virtual network when more than one computer is connected to the network and uses the three ways handshake model to establish the connection which makes it more reliable. UDP is the User Datagram Protocol and is based on Datagrams. Mainly, it is used for multicasting and broadcasting. Its functionality is almost the same as TCP/IP Protocol except for the three ways of handshaking and error checking. It uses a simple transmission without any hand-shaking which makes it less reliable. TCP/IP UDP Connection-Oriented Protocol Connectionless Protocol More Reliable Less Reliable Slower Transmission Faster Transmission Packets order can be preserved or can be Packets order is not fixed and packets are rearranged independent of each other Uses three ways handshake model for No handshake for establishing the connection connection TCP packets are heavy-weight UDP packets are light-weight Offers error checking mechanism No error checking mechanism Protocols like DNS, RIP, SNMP, RTP, Protocols like HTTP, FTP, Telnet, SMTP, BOOTP, TFTP, NIP, etc. use UDP at the HTTPS, etc. use TCP at the transport layer transport layer 11. What is a network? What are some of its benefits? A network consists of two or more separate devices linked together such that they can communicate. Networks can be classified according to different criteria such as scope, type of connection, functional relationship, topology, or function, among others. Some of the benefits of computer networks include: 1. Resource sharing - Users on a network can share resources like printers, storage, and applications. 2. Communication - Networks enable users to communicate and collaborate in real time, regardless of their physical location. 3. Improved data security - Networks can be configured with security features such as firewalls and access controls to protect against unauthorised access. 4. Increased productivity - With shared resources and improved communication, networks can increase productivity and efficiency in the workplace. 5. Cost savings - By sharing resources, networks can reduce hardware and software costs. 6. Scalability - Networks can be easily expanded to accommodate new users and devices. 7. Centralised management - Network administrators can manage resources, users, and security from a central location, improving efficiency and security. How are networks classified? Network types can be classified and divided based on the area of distribution of the network. The below diagram would help to understand the same: 12. Explain the different types of network. 13. What are ‘client’ and ‘server’ in a network? Clients and servers are separate logical entities that work together over a network to accomplish a task. A client application is the element of communication that requests or requests a network service, for example, accessing a web page, or downloading a file, or sending an email. A server application is the element of communication that responds to customer requests, providing the required service, that is, sending the web page or the requested file or email. The client-server model is used by computer applications such as email, the World Wide Web, and network printing. 14. What is the MAC address and how is it related to NIC? Differentiate the MAC address with the IP address MAC address is the Media Access Control address. It is a 48-bit or 64-bit unique identifier of devices in the network. It is also called the physical address embedded with Network Interface Card (NIC) used at the Data Link Layer. NIC is a hardware component in the networking device using which a device can connect to the network. The difference between MAC address and IP address are as follows: MAC Address IP Address Media Access Control Address Internet Protocol Address 6 or 8-byte hexadecimal number 4 (IPv4) or 16 (IPv6) Byte address It is embedded with NIC It is obtained from the network Physical Address Logical Address Operates at Data Link Layer Operates at Network Layer. Helps to identify the device Helps to identify the device connectivity on the network. 15. What is subnet? A subnet is a network inside a network achieved by the process called sub netting which helps divide a network into subnets. It is used for getting a higher routing efficiency and enhances the security of the network. It reduces the time to extract the host address from the routing table. 16. What is internetworking? Internetworking is a combination of two words, inter and networking which implies an association between totally different nodes or segments. This connection area unit is established through intercessor devices akin to routers or gateways. The first term for associate degree internetwork was interconnected. This interconnection is often among or between public, private, commercial, industrial, or governmental networks. 17. Name of the software layers or User support layer in the OSI model. Application layer Presentation layer Session layer Name the hardware layers or network support layers in the OSI model. Network layer Datalink layer Physical layer 18. What are Datalink Protocols? Datalink protocols are defined as the sets of requirements used to implement the data link layer. There are the following categories of Data Link protocols: Synchronous Protocols Asynchronous Protocols Bit Oriented protocols Character Oriented Protocols 19. What are the functions of a Network Layer? The Network Layer or OSI Layer 3 provides services for exchanging individual sections of data over the network between identified end devices. To perform this end-to-end transport, Layer 3 uses four basic processes: Addressing Encapsulation Routing Decapsulation 20. Explain about VPN (Virtual Private Network) VPN or the Virtual Private Network is a private WAN (Wide Area Network) built on the internet. It allows the creation of a secured tunnel (protected network) between different networks using the internet (public network). By usi-ng the VPN, a client can connect to the organization’s network remotely. The below diagram shows an organizational WAN network over Australia created using VPN: 21. Explain the different types of VPN and advantages of VPN? Few types of VPN are: Access VPN: Access VPN is used to provide connectivity to remote mobile users and telecommuters. It serves as an alternative to dial-up connections or ISDN (Integrated Services Digital Network) connections. It is a low-cost solution and provides a wide range of connectivity. Site-to-Site VPN: A Site-to-Site or Router-to-Router VPN is commonly used in large companies having branches in different locations to connect the network of one office to another in different locations. There are 2 sub-categories as mentioned below: Intranet VPN: Intranet VPN is useful for connecting remote offices in different geographical locations using shared infrastructure (internet connectivity and servers) with the same accessibility policies as a private WAN (wide area network). Extranet VPN: Extranet VPN uses shared infrastructure over an intranet, suppliers, customers, partners, and other entities and connects them using dedicated connections. Advantages of using VPN: VPN is used to connect offices in different geographical locations remotely and is cheaper when compared to WAN connections. VPN is used for secure transactions and confidential data transfer between multiple offices located in different geographical locations. VPN keeps an organization’s information secured against any potential threats or intrusions by using virtualization. VPN encrypts the internet traffic and disguises the online identity. 22. Why is encryption on a network necessary? Encryption changes data from its original readable to unreadable format, thus ensuring network security. The user must use a secret key or password to decrypt the data. Encryption is useful for communications and in any case where you want to protect sensitive information. Thus, encrypting the information in disks, folders or even individual files is possible to prevent unauthorized access. Then, in addition to protecting users’ privacy, data encryption prevents other types of attacks, such as identity theft or bank fraud, and provides a protection mechanism against the theft or loss of devices with sensitive information 23. What is Symmetric and Asymmetric Encryption? Symmetric Key Encryption: Encryption is a process to change the form of any message in order to protect it from reading by anyone. In Symmetric-key encryption the message is encrypted by using a key and the same key is used to decrypt the message which makes it easy to use but less secure. It also requires a safe method to transfer the key from one party to another. Asymmetric Key Encryption: Asymmetric Key Encryption is based on public and private key encryption techniques. It uses two different keys to encrypt and decrypt the message. It is more secure than the symmetric key encryption technique but is much slower. 24. Explain about ICMP protocol, DHCP Protocol, ARP protocol, FTP protocol ICMP is the Internet Control Message Protocol. It is a network layer protocol used for error handling. It is mainly used by network devices like routers for diagnosing the network connection issues and crucial for error reporting and testing if the data is reaching the preferred destination in time. It uses port 7 by default. DHCP is the Dynamic Host Configuration Protocol.It is an application layer protocol used to auto-configure devices on IP networks enabling them to use the TCP and UDP-based protocols. The DHCP servers auto-assign the IPs and other network configurations to the devices individually which enables them to communicate over the IP network. It helps to get the subnet mask, IP address and helps to resolve the DNS. It uses port 67 by default. ARP is Address Resolution Protocol. It is a network-level protocol used to convert the logical address i.e. IP address to the device's physical address i.e. MAC address. It can also be used to get the MAC address of devices when they are trying to communicate over the local network. FTP is a File Transfer Protocol. It is an application layer protocol used to transfer files and data reliably and efficiently between hosts. It can also be used to download files from remote servers to your computer. It uses port 27 by default. 25. What are nodes and links? Node: Any communicating device in a network is called a Node. Node is the point of intersection in a network. It can send/receive data and information within a network. Examples of the node can be computers, laptops, printers, servers, modems, etc. Link: A link or edge refers to the connectivity between two nodes in the network. It includes the type of connectivity (wired or wireless) between the nodes and protocols used for one node to be able to communicate with the other. 26. What is the network topology and describe about different types of network topology? Network topology is a physical layout of the network, connecting the different nodes using the links. It depicts the connectivity between the computers, devices, cables, etc. The different types of network topology are given below: Bus Topology: All the nodes are connected using the central link known as the bus. It is useful to connect a smaller number of devices. If the main cable gets damaged, it will damage the whole network. Star Topology: All the nodes are connected to one single node known as the central node. It is more robust. If the central node fails the complete network is damaged. Easy to troubleshoot. Mainly used in home and office networks. Ring Topology: Each node is connected to exactly two nodes forming a ring structure If one of the nodes are damaged, it will damage the whole network It is used very rarely as it is expensive and hard to install and manage Mesh Topology: Each node is connected to one or many nodes. It is robust as failure in one link only disconnects that node. It is rarely used and installation and management are difficult. Tree Topology: A combination of star and bus topology also known as an extended bus topology. All the smaller star networks are connected to a single bus. If the main bus fails, the whole network is damaged. Hybrid: It is a combination of different topologies to form a new topology. It helps to ignore the drawback of a particular topology and helps to pick the strengths from other. 27. What are the HTTP and the HTTPS protocol? HTTP is the HyperText Transfer Protocol which defines the set of rules and standards on how the information can be transmitted on the World Wide Web (WWW). It helps the web browsers and web servers for communication. It is a ‘stateless protocol’ where each command is independent with respect to the previous command. HTTP is an application layer protocol built upon the TCP. It uses port 80 by default. HTTPS is the HyperText Transfer Protocol Secure or Secure HTTP. It is an advanced and secured version of HTTP. On top of HTTP, SSL/TLS protocol is used to provide security. It enables secure transactions by encrypting the communication and also helps identify network servers securely. It uses port 443 by default. 28. What is the SMTP protocol? SMTP is the Simple Mail Transfer Protocol. SMTP sets the rule for communication between servers. This set of rules helps the software to transmit emails over the internet. It supports both End-to-End and Store-and-Forward methods. It is in always-listening mode on port 25. 29. What is an IPv4 address? What are the different classes of IPv4? An IP address is a 32-bit dynamic address of a node in the network. An IPv4 address has 4 octets of 8-bit each with each number with a value up to 255. IPv4 classes are differentiated based on the number of hosts it supports on the network. There are five types of IPv4 classes and are based on the first octet of IP addresses which are classified as Class A, B, C, D, or E. 30. What is the minimum size of the icmpV4 packet what is the maximum size of the icmpv4 packet? Minimum size ICMPv4 packet = 28 bytes Maximum size ICMPv4 packet = 2068 bytes 31. Differentiate between a ‘bit rate’ and a ‘baud rate’. A bit rate is the number of bits transmitted during one second, whereas, baud rate refers to the number of signal units per second that are required to represent those bits. Baud rate = bit rate / N, where N is the no. of bits represented by each signal shift. 32. Define the term Jitter? Jitter is a “packet delay variance”. It can simply mean that jitter is considered a problem when different packets of data face different delays in a network and the data at the receiver application is time-sensitive, i.e. audio or video data. Jitter is measured in milliseconds (ms). It is defined as an interference in the normal order of sending data packets. 33. Why do we OSPF a protocol that is faster than our RIP? OSPF stands for Open Shortest Path First which uses a link-state routing algorithm. This protocol is faster than RIP because: Using the link-state information which is available in routers, it constructs the topology of Bluetooth which Bluetooth the topology determines the routing table for routing decisions. It supports both variable-length subnet masking and classless inter-domain routing addressing models. Since it uses Dijkstra’s algorithm, it computes the shortest path tree for each route. OSPF (Open Shortest Path First) is handling the error detection by itself and it uses multicast addressing for routing in a broadcast domain. 34. Why do we need the pop3 protocol for e-mail? Need of POP3: The Post Office Protocol (POP3) is the most widely used protocol and is supported by most email clients. It provides a convenient and standard way for users to access mailboxes and download messages. An important advantage of this is that the mail messages get delivered to the client’s PC and they can be read with or without accessing the web. 35. What is ‘bandwidth’? The limited range of frequencies of signals that a line can carry is called the bandwidth. Bandwidth is often confused with Internet speed when the volume of information can be sent over a connection in a measured amount of time, calculated in megabits per second (Mbps). Logically the bandwidth of our network will be decisive for its quality and speed. The more bandwidth we have, the better since we can transfer data faster. 36. Why Bandwidth is important to network performance parameters? Bandwidth is characterized as the measure of data or information that can be transmitted in a fixed measure of time. The term can be used in two different contexts with two distinctive estimating values. In the case of digital devices, the bandwidth is measured in bits per second (bps) or bytes per second. In the case of analog devices, the bandwidth is measured in cycles per second, or Hertz (Hz). Bandwidth is only one component of what an individual sees as the speed of a network. True internet speed is actually the amount of data you receive every second and that has a lot to do with latency too 37. What are Private and Special IP addresses? Private Address: For each class, there are specific IPs that are reserved specifically for private use only. This IP address cannot be used for devices on the Internet as they are nonroutable. Special Address: IP Range from 127.0.0.1 to 127.255.255.255 are network testing addresses also known as loopback addresses are the special IP address. 38. What is the DNS? What is the protocol and port no of DNS? DNS is the Domain Name System. It is considered as the devices/services directory of the Internet. It is a decentralized and hierarchical naming system for devices/services connected to the Internet. It translates the domain names to their corresponding IPs. For e.g. interviewbit.com to 172.217.166.36. It uses port 53 by default. It uses TCP/UDP protocol. 39. What is Network Cabling? Network cables can connect two computers or computer systems directly. A cable is a cord that is made up of different conductors, which are insulated from each other. This cord is usually protected by a wrap for better strength and flexibility. To choose a network cable, several aspects must be taken into account, such as – The distance that must be covered with that cable The maximum data transmission speed The coating of the cable The type of network to be created The type of braiding, shielding, and/or sheath 40. What are the different types of network cables used in networking? The different types of cables used in networks are – Unshielded Twisted Pair (UTP) Cable Shielded Twisted Pair (STP) Cable Cable Installation Guides Coaxial Cable Fibre Optic Cable Wireless LANs 41. What are the advantages of PAN? PAN has a number of advantages, including: 1. PAN does not require extra space as it does not need cables and wires. 2. It is used in TV and AC rooms, offices, conferences and meetings. 3. It provides multiple device connectivity at the same time. 4. It has an affordable cost. 42. What is the difference between a LAN and a WAN? The following is the difference between a LAN and a WAN. LAN (Local Area Network) WAN (Wide Area Network) It covers a small geographical area, typically It covers a larger geographical area, typically within a building or campus. spanning multiple cities or countries. Operates at high speeds, typically up to 10 Operates at lo Gbps. wer speeds, typically up to 10 Mbps. Managed by a single organisation or Often managed by multiple organisations or individual. service providers. Generally less expensive to set up and Generally more expensive to set up and maintain. maintain. Limited to a small number of devices, It can support a large number of devices, typically typically up to a few hundred. up to thousands or millions. Typically uses Ethernet or Wi-Fi technology. Uses a variety of technologies, including leased lines, satellite links, and VPNs. Provides high levels of security and control Often requires additional security measures to over network resources. protect data and resources. Examples include home networks, office Examples include the Internet, corporate WANs, networks, and school networks. and service provider networks. 43. What is the importance of twisting in the twisted-pair cable? The twisted-pair cable consists of two insulated copper wires twisted together. The twisting is important for minimizing electromagnetic radiation and external interference. 44. Which multiplexing technique is used in the Fiber-optic links? What are the Advantages of Fiber Optics? The wavelength division multiplexing is commonly used in fiber optic links. The advantages of Fiber Optics are mentioned below: Bandwidth is above copper cables. Less power loss and allows data transmission for extended distances. The optical cable is resistant to electromagnetic interference. Fiber cable is sized 4.5 times which is best than copper wires. As the cable is lighter, and thinner, in order that they use less area as compared to copper wires. Installation is extremely easy thanks to less weight. Optical fiber cable is extremely hard to tap because they don’t produce electromagnetic energy. These optical fiber cables are very secure for transmitting data. This cable opposes most acidic elements that hit copper wires also are flexible in nature. Optical fiber cables are often made cheaper than equivalent lengths of copper wire. 45. Which of the multiplexing technique is used to combine analog signals also what technique is used to combine digital signals? To combine analog signals, commonly FDM(Frequency division multiplexing) and WDM (Wavelength-division multiplexing) are used. To combine digital signals, time division multiplexing techniques are used. 46. What is the use of a router and how is it different from a gateway? The router is a networking device used for connecting two or more network segments. It directs the traffic in the network. It transfers information and data like web pages, emails, images, videos, etc. from source to destination in the form of packets. It operates at the network layer. The gateways are also used to route and regulate the network traffic but, they can also send data between two dissimilar networks while a router can only send data to similar networks. 47. Can IP Multicast be load-balanced? No, The IP multicast multipath command load splits the traffic and does not load balance the traffic. Traffic from a source will use only one path, even if the traffic far outweighs traffic from other sources. 48. Compare the hub vs switch Hub Operates at Physical Layer Half-Duplex transmission mode Ethernet devices can be connected send Less complex, less intelligent, and cheaper No software support for the administration Switch Operates at Data Link Layer Full-Duplex transmission mode LAN devices can be connected Intelligent and effective Administration software support is present Less speed up to 100 MBPS Supports high speed in GBPS Less efficient as there is no way to avoid collisions More efficient as the collisions can be when more than one nodes sends the packets at the avoided or reduced as compared to same time Hub 49. What is the difference between the ipconfig and the ifconfig? ipconfig ifconfig Internet Protocol Configuration Interface Configuration Command used in Microsoft operating Command used in MAC, Linux, UNIX systems to view and configure network operating systems to view and configure interfaces network interfaces Used to get the TCP/IP summary and allows to changes the DHCP and DNS settings 50. What is firewall? How does a firewall work? The firewall is a network security system that is used to monitor the incoming and outgoing traffic and blocks the same based on the firewall security policies. It acts as a wall between the internet (public network) and the networking devices (a private network). It is either a hardware device, software program, or a combination of both. It adds a layer of security to the network. This is among the popularly asked networking interview questions. The firewall ‘listens’ for what information packets are trying to leave or enter the computer system. Blocking can be done based on various criteria, such as the IP to which they are destined, the type of port used to send them, or the application of origin. One of the most complex aspects of using firewalls lies in their configuration, in deciding what types of connections are blocked and which ones are not. 51. What is Multicast? Multicast is a method of group communication where the sender sends data to multiple receivers or nodes present in the network simultaneously. Multicasting is a type of one-tomany and many-to-many communication as it allows sender or senders to send data packets to multiple receivers at once across LANs or WANs. This process helps in minimizing the data frame of the network. For more details please read Multicasting in computer network article. 52. What is the difference between Bluetooth and wifi? Bluetooth Wifi Bluetooth Wifi Bluetooth has no full form. While Wifi stands for Wireless Fidelity. It requires a Bluetooth adapter on all devices for connectivity. Whereas it requires a wireless adapter Bluetooth for all devices and a wireless router for connectivity. Bluetooth consumes low power. While it consumes high power. The security of Bluetooth is less in comparison to the number of wifi. While it provides better security than Bluetooth. Bluetooth is less flexible means these limited users are supported. Whereas wifi supports a large number of users. The radio signal range of Bluetooth is ten meters. Whereas in wifi this range is a hundred meters. Bluetooth requires low bandwidth. While it requires high bandwidth. 53. What are Unicasting, Any casting, Multicasting and Broadcasting? Unicasting: If the message is sent to a single node from the source then it is known as unicasting. This is commonly used in networks to establish a new connection. Any casting: If the message is sent to any of the nodes from the source then it is known as any casting. It is mainly used to get the content from any of the servers in the Content Delivery System. Multicasting: If the message is sent to a subset of nodes from the source then it is known as multicasting. Used to send the same data to multiple receivers. Broadcasting: If the message is sent to all the nodes in a network from a source then it is known as broadcasting. DHCP and ARP in the local network use broadcasting. 54. What happens when you enter google.com in the web browser? Below are the steps that are being followed: Check the browser cache first if the content is fresh and present in cache display the same. If not, the browser checks if the IP of the URL is present in the cache (browser and OS) if not then request the OS to do a DNS lookup using UDP to get the corresponding IP address of the URL from the DNS server to establish a new TCP connection. A new TCP connection is set between the browser and the server using three-way handshaking. An HTTP request is sent to the server using the TCP connection. The web servers running on the Servers handle the incoming HTTP request and send the HTTP response. The browser process the HTTP response sent by the server and may close the TCP connection or reuse the same for future requests. If the response data is cacheable then browsers cache the same. Browser decodes the response and renders the content. 55. Name two technologies by which you would connect two offices in remote locations. Two technologies that would connect two offices in remote locations are VPN and Cloud computing. 56. Define piggybacking? And advantages and disadvantages of piggybacking? Piggybacking is used to improve the efficiency of the bidirectional protocols. When a frame is carrying data from A to B, it can also carry control information about arrived (or lost) frames from B; when a frame is carrying data from B to A, it can also carry control information about the arrived (or lost) frames from A. Advantages of Piggybacking: The major advantage of piggybacking is the better use of available channel bandwidth. Disadvantages of Piggybacking: The major disadvantage of piggybacking is additional complexity and if the data link layer waits too long before transmitting the acknowledgment, then re-transmission of the frame would take place. 57. What is a zone-based firewall? A Zone-based firewall is an advanced method of stateful firewall. In a stateful firewall, a stateful database is maintained in which the source IP address, destination IP address, source port number, and destination port number are recorded. Due to this, only the replies are allowed i.e. if the traffic is generated from inside the network then only the replies (of inside network traffic) coming from outside the network are allowed. Cisco IOS router can be made firewall through two methods: 1. By using CBAC: create an access list and apply it to the interfaces keeping in mind what traffic should be allowed or denied and in what direction. This has an extra overhead for the administrator. 2. Using a Zone-based firewall. 58. What is a server farm? A server farm is a set of many servers interconnected together and housed within the same physical facility. A server farm provides the combined computing power of many servers by simultaneously executing one or more applications or services. A server farm is generally a part of an enterprise data centre or a component of a supercomputer. A server farm is also known as a server cluster or computer ranch. 59. Name the three means of user authentication. There is biometrics (e.g. a thumbprint, iris scan), a token, or a password. There is also twolevel authentication, which employs two of those methods. 60. What is Confidentiality, Integrity & Availability? The CIA triad can be broadly defined as: Confidentiality – means information is not disclosed to unauthorized individuals, entities, or processes. For example, if we say I have a password for my Gmail account but someone saw it while I was doing login into my Gmail account. In that case, my password has been compromised and Confidentiality has been breached. Integrity – means maintaining the accuracy and completeness of data. This means data cannot be edited in an unauthorized way. For example, if an employee leaves an organization then in that case data for that employee in all departments like accounts, should be updated to reflect the status to JOB LEFT so that data is complete and accurate in addition, this is only authorized persons should be allowed to edit employee data. Availability – means information must be available when needed. For example, if one needs to access information about a particular employee to check whether an employee has outstood the number of leaves, that case, it requires collaboration from different organizational teams like network operations, development operations, incident response, and policy/change management. Denial of service attack is one of the factors that can hamper the availability of information. 61. What is the meaning of threat, vulnerability, and risk? Threats are anything that can exploit a vulnerability accidentally or intentionally and destroy or damage an asset. An asset can be anything people, property, or information. The asset is what we are trying to protect and a threat is what we are trying to protect against. Vulnerability means a gap or weakness in our protection efforts. Risk is nothing but an intersection of assets, threats, and vulnerability. 62. Define Digital Signatures? As the name sounds are the new alternative to signing a document digitally. It ensures that the message is sent to the intended use without any tampering by any third party (attacker). In simple words, digital signatures are used to verify the authenticity of the message sent electronically. OR A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document. 63. What is Authorization? Authorization provides capabilities to enforce policies on network resources after the user has gained access to the network resources through authentication. After the authentication is successful, authorization can be used to determine what resources the user is allowed to access and the operations that can be performed. 64. What is the difference between IPS and a firewall? The Intrusion Prevention System is also known as Intrusion Detection and Prevention System. It is a network security application that monitors network or system activities for malicious activity. The major functions of intrusion prevention systems are to identify malicious activity, collect information about this activity, report it, and attempt to block or stop it. Intrusion prevention systems are contemplated as augmentation of Intrusion Detection Systems (IDS) because both IPS and IDS operate network traffic and system activities for malicious activity. IPS typically records information related to observed events, notifies security administrators of important observed events, and produces reports. Many IPS can also respond to a detected threat by attempting to prevent it from succeeding. They use various response techniques, which involve the IPS stopping the attack itself, changing the security environment, or changing the attack’s content. A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic, and based on a defined set of security rules it accepts, rejects, or drops that specific traffic. 65. Define the term OFDM? Orthogonal Frequency Division Multiplexing (OFDM): It is also the multiplexing technique that is used in an analog system. In OFDM, the Guard band is not required and the spectral efficiency of OFDM is high which oppose to the FDM. In OFDM, a Single data source attaches all the sub-channels. 66. What is network latency, and how can it be minimised in a network? Network latency is the time delay between sending a data packet from one network device to another. Various factors, such as distance, network congestion, and equipment performance, can cause it. High latency can lead to poor network performance, slow response times, and decreased productivity. To minimise network latency, network administrators can implement various solutions such as using faster network hardware, optimising network configurations, reducing network congestion, implementing quality of service (QoS) policies, and using content delivery networks (CDNs) to reduce the distance data needs to travel. TCP/IP INTERVIEW QUESTIONS 1. Explain the range of TCP/IP classes? 2. What are Pvt. IP address? The private IP address of a system is the IP address that is used to communicate within the same network. Using private IP data, information can be sent or received within the same network. 3. Explain does IP protects data on the network? IP itself doesn’t guarantee delivering data correctly. It leaves all data protection to the transport protocol. Both TCP and UDP have mechanisms that guarantee that the data they deliver to an application is correct. Using the IP layer, the correct destination of the packet is identified & delivered. The Transport layer protocols (TCP/UDP) check if the data delivered is correct using the Checksum mechanism. However, if the destination IP is not alive, the packet is hopped by decreasing the TTL (Time to leave) field and when it becomes zero, the packet is lost and undelivered. If the transport layer is UDP, the source doesn’t know of the failure in the delivery of the packet. 4. What is the name of the data Unit of the Transport layer? What is the name of the data unit to send by the Internet layer? The protocol data unit of the transport layer is a segment or datagram. The protocol data unit of the internet layer is a packet. 5. Difference between TCP and UDP protocols? Transmission control protocol (TCP) User datagram protocol (UDP) TCP is a connection-oriented protocol. Connection-orientation means that the communicating devices should establish a connection before transmitting data and should close the connection after transmitting the data. UDP is the datagram oriented protocol. This is because there is no overhead for opening a connection, maintaining a connection, and terminating a connection. UDP is efficient for broadcast and multicast types in order of network transmission. TCP is reliable as it guarantees the delivery of data to the destination router. The delivery of data to the destination cannot be guaranteed in UDP. Transmission control protocol (TCP) User datagram protocol (UDP) TCP provides extensive error checking mechanisms. It is because it provides flow control and acknowledgement of data. UDP has only the basic error checking mechanism using checksums. Sequencing of data is a feature of Transmission Control Protocol (TCP). This means that packets arrive in-order at the receiver. There is no sequencing of data in UDP. If the order is required, it has to be managed by the application layer. TCP is comparatively slower than UDP. UDP is faster, simpler, and more efficient than TCP. Retransmission of lost packets is possible in TCP, but not in UDP. There is no retransmission of lost packets in the User Datagram Protocol (UDP). TCP has a (20-60) bytes variable length header. UDP has an 8 bytes fixed-length header. TCP is heavy-weight. UDP is lightweight. TCP doesn’t support Broadcasting. UDP supports Broadcasting. TCP is used by HTTP, HTTPs, FTP, SMTP and Telnet. UDP is used by DNS, DHCP, TFTP, SNMP, RIP, and VoIP. 6. Mention any five applications that use TCP ports. Following are the five applications that use TCP port: FTP POP SSH SMTP Telnet 7. What is TELNET? TELNET is a client-service protocol on the internet or local area network, allowing a user to log on to a remote device and have access to it. This is among the most commonly asked networking interview questions. Technically, it is a bidirectional interactive text-oriented communication facility which uses a virtual terminal connection. 8. How TCP protocol provides reliability? TCP is reliable as it uses checksum for error detection, attempts to recover lost or corrupted packets by re-transmission, acknowledgment policy, and timers. It uses features like byte numbers and sequence numbers and acknowledgment numbers so as to ensure reliability. 9. Write down the name of services provided by TCP? Process to process communication Stream orientation Full duplex service Multiplexing Reliability 10. Explain TCP protocol header format? Write the name of all TCP “Flag”? A TCP Flag field contains 6 different flags, namely: URG: Urgent pointer is valid ACK: Acknowledgement number is acknowledgment) PSH: Request for push RST: Reset the connection SYN: Synchronize sequence numbers FIN: Terminate the connection valid( used in case of cumulative 11. What is the role of the TCP checksum field? One of the important fields of TCP protocol format. It is 16 bits long. This field holds the checksum for error control. It is mandatory in TCP as opposed to UDP. 12. What is PORT? A port is basically a physical docking point that is basically used to connect the external devices to the computer, or we can say that a port acts as an interface between the computer and the external devices, e.g., we can connect hard drives and printers to the computer with the help of ports. 13. Write the name of the Well-Known Port used by TCP? PORT Transport Protocol Service Description 7 Echo Port just echoes whatever is sent to it. This feature can be used in many attacks, such as Smurf/Fraggle. 9 Discard Discard any datagram that is received. 20 /21 File Transfer Protocol (FTP) Port used by FTP protocol to send data to a client. TCP 23 Telnet Port used by Telnet to remotely connect to a workstation or server(unsecured) TCP 25 Simple Mail Transfer Protocol (SMTP) Used to send E-Mail over the Internet TCP 53 Domain Name System (DNS) Port for DNS requests, network routing, and zone transfers TCP 67 BOOTP Bootstrap protocol TCP 80 Hyper Text Transfer Protocol (HTTP) Used for browsing web-pages on a browser TCP 110 Post Office Protocol (POP3) Port used to retrieve complete contents of a server mailbox TCP TCP UDP and 14. Define the term Endpoint in TCP? TcpEndpoint allows you to easily establish and communicate over TCP/IP network connections between client and server processes, possibly residing on different hosts. The TcpEndpoint class follows a telephone-like model of networking: clients “call” servers and servers “answer” clients. Once a network connection is established between a client and a server, the two can “talk” to each other by reading from and writing to the connection. 15. Explain the error control mechanism in TCP? TCP protocol has methods for finding out corrupted segments, missing segments, out-oforder segments, and duplicated segments. Error control in TCP is mainly done through the use of three simple techniques: 1. 2. 3. Checksum Acknowledgment Retransmission 16. Explain congestion? A state occurring in the network layer when the message traffic is so heavy that it slows down network response time is known as congestion. 17. What is the difference between stop-and-wait protocol & sliding window protocol? Stop-and-Wait Protocol Sliding Window Protocol In sliding window protocol, sender sends more In Stop-and-Wait Protocol, sender sends than one frame to the receiver side and reone frame and wait for acknowledgment transmits the frame(s) which is/are damaged or from receiver side. suspected. Efficiency of Stop-and-Wait Protocol is worse. Efficiency of sliding window protocol is better. Sender window size of Stop-and-Wait Sender window size of sliding window protocol is Protocol is 1. N. Receiver window size of Stop-and-Wait Receiver window size of sliding window protocol Protocol is 1. may be 1 or N. In Stop-and-Wait Protocol, sorting is not In sliding window protocol, sorting may be or necessary. may not be necessary. Efficiency of Stop-and-Wait Protocol is Efficiency of sliding window protocol is 1/(1+2*a) N/(1+2*a) Stop-and-Wait Protocol is half duplex. Sliding window protocol is full duplex 18. What is a ‘frame relay’, and which layer does it operate? Frame Relay is a data link layer digital packet-switched network protocol technology designed to connect local area networks (LANs) and transfer data over wide area networks (WANs). Frame Relay shares some of the same underlying technology as X.25. It is based on the older X.25 packet-switching technology designed to transmit analogue data as voice conversations. Unlike X.25, which is designed for analogue signals, Frame Relay is a fast packet technology, meaning the protocol does not attempt to correct errors. It is often used to connect LANs with main backbones, as well as in public-wide area networks and in private network environments with leased T-1 lines. It requires a dedicated connection during the transmission period and is not ideal for voice or video, which require a constant stream of transmissions. 19. What are the different features of Frame Relay? The different features of Frame Relay are: Frame Relay is a connectionless service, which means that every data packet that passes over the network contains address information Frame Relay is a service that is provided with a variety of speeds from 56 Kbs to 25 Mbs. Although the speeds most used for the service are currently 56 Kbs and 1,544 Mbs The frames are of variable length and go up to 4,096 bytes Frame Relay is considered a broadband ISDN service It operates at high speed (1,544 Mbps to 44,376 Mbps). It operates only on the physical and data link layers. Therefore, it can be easily used on the Internet. It has a large frame size of 9000 bytes. Therefore, it can accommodate all local area network frame sizes. Frame Relay can only detect errors (at the data link layer). However, there is no flow control or error control. It operates in the data link layer. 20. How does a Frame Relay Work? Frame Relay supports the multiplexing of traffic from multiple connections over a shared physical link. It uses hardware components that include router frames, bridges and switches to pack data into individual frame relay messages. Each connection uses a 10-bit Data Link Connection Identifier (DLCI) for unique channel addressing. There are two types of connections: Permanent Virtual Circuits (PVCs) for persistent connections are intended to be maintained for long periods even if data is not actively transferred. Switched Virtual Circuits (SVCs) for temporary connections that last only one session. Frame Relay then places the data in a variable-size unit called a frame. It leaves any necessary error correction (data retransmission) until the endpoints, speeding up the overall data transmission. 21. What is round trip time? The length of time taken by a data packet to be sent to a destination includes the time it takes for an acknowledgment of that packet to be received back at the original place. 22. What is the significance of TCP acknowledgments? TCP acknowledgments are used to acknowledge packets that are successfully received by the host. The flag is set if the acknowledgment number field contains a valid acknowledgment number. 23. What is retransmission? The TCP retransmission means resending the packets over the network that have been either lost or damaged. Here, retransmission is a mechanism used by protocols such as TCP to provide reliable communication. Here, reliable communication means that the protocol guarantees the packet’s delivery even if the data packet has been lost or damaged. The networks are unreliable and do not guarantee the delay or the retransmission of the lost or damaged packets. The network, which uses a combination of acknowledgment and retransmission of damaged or lost packets, offers reliability. 24. If TCP round trip time, RTT is currently 30m sec and the following acknowledgment comes in after 26, 32 and 24 m sec respectively what is the new RTT estimate? (Use α = 0.9) The formula for estimate new RTT New RTT = 0.9*30+ (1-0.9)*26 New RTT = 29.6 25. Explain about features of TCP? Connection-oriented: An application requests a “connection” to the destination and uses the connection to transfer data Stream Data transfer: It is the duty of TCP to pack this byte stream into packets, known as TCP segments, which are passed to the IP layer for transmission to the destination device. Reliable: It recovers data from the network layer if data is damaged, duplicated, or corrupted. Point to Point: TCP connection provides end-to-end delivery. Interoperability: It eliminates cross-platform boundaries. Error and flow control: Error-checking, flow-control, and acknowledgment functions. Name resolution: It helps in solving human-readable names into IP addresses. Routability: TCP/IP is a routable protocol, It helps in resolving logical addresses. Full Duplex: It provides connection in both directions. 26. What is SCTP protocol? SCTP stands for Stream Control Transmission Protocol. It is a connection-oriented protocol on computer networks that provides a full-duplex association, i.e., transmitting multiple streams of data between two endpoints at the same time that have established a connection in the network. It is sometimes referred to as next-generation TCP or TCPng. SCTP makes it easier to support telephonic conversation on the Internet. A telephonic conversation requires the transmitting of the voice along with other data at the same time on both ends. The SCTP protocol makes it easier to establish a reliable connection. SCTP is also intended to make it easier to establish connections over the wireless networks and managing the transmission of multimedia data. SCTP is a standard protocol (RFC 2960) and is developed by the Internet Engineering Task Force (IETF). 27. Explain the process of three-way handshaking protocol? Process of three-way handshaking protocol Step 1 (SYN): In the first step, the client wants to establish a connection with the server, so it sends a segment with SYN(Synchronize Sequence Number) which informs the server that the client is likely to start communication and with what sequence number it starts segments. Step 2 (SYN + ACK): Server responds to the client request with the SYN-ACK signal bits set. Acknowledgment (ACK) signifies the response of the segment it received and SYN signifies with what sequence number it is likely to start the segment. Step 3 (ACK): In the final part, the client acknowledges the response of the server and they both establish a reliable connection with which they will start the actual data transfer. 28. Difference between Leaky bucket and Token bucket algorithm Leaky Bucket Token Bucket When the host has to send a packet, the packet is thrown in a bucket. This leaky bucket holds tokens generated at regular intervals of time. Bucket leaks at a constant rate The bucket has a maximum capacity. Leaky Bucket Token Bucket Bursty traffic is converted into uniform traffic by leaky buckets. Bucket there is a ready packet, a token is removed from the bucket and the packet is sent. In practice, a bucket is a finite queue output at a finite rate. If there is no token in the bucket, the packet cannot be sent. 29. Write advantages of the token bucket over the Leaky bucket algorithm? If a bucket is full in tokens, tokens are discarded, not packets. While in a leaky bucket, packets are discarded. Token Bucket can send large bursts at a faster rate, while buckets always send packets at a constant rate. 30. What is the difference between connection-oriented service and connection-less? Connection-oriented Service Connection-less Service Connection-oriented service is related to the Connection-less service is related to the telephone system. postal system. Connection-oriented service is preferred by long Connection-less Service is preferred by and steady communication. bursty communication. Connection-oriented Service is necessary. Connection-less compulsory. Service is Connection-oriented Service is feasible. Connection-less Service is not feasible. not In connection-oriented Service, Congestion is In connection-less Service, Congestion is not possible. possible. Connection-oriented Service gives the guarantee Connection-less Service does not give the of reliability. guarantee of reliability. In connection-oriented Service, Packets follow In connection-less Service, Packets do not the same route. follow the same route. Connection-oriented services bandwidth of a high range. require a Connection-less Service bandwidth of low range requires 31. What are the TCP connections phases? Write features of TCP sliding window? In TCP, connection-oriented transmission requires three phases: Connection establishment Data Transfer Connection termination Features of the TCP sliding window: It uses variable-size windows to provide flow control as well as reliable transfer. a TCP connections are full-duplex, two transfers proceed simultaneously over each connection, one in each direction. It support machine of various speed and size communicate through a network and also routers of various speeds. 32. What is the maximum size of the TCP header? What is the minimum size of TCP header? Maximum size of the TCP header = 60 bytes Minimum size of the TCP header = 20 bytes 33. Do port addresses need to be unique? Why or why not? Why are port addresses shorter than IP addresses? Port addressing is done by the transport layer, which is the 4th layer of the OSI (Open System Interconnection) Model. Port addresses are short because they have to perform the end-to-end delivery of the message and the protocols are less in number than computer systems, therefore, port addresses are less than IP addresses. The IP address refers to the computer/device connected to the network and the port address refers to a particular protocol to communicate with the server as per client request. 34. Are both UDP and IP unreliable to the same degree? Why or Why not? No, UDP is unreliable and connectionless. While IP unreliability lies in the upper layer protocols. The IP packet becomes reliable if the upper layer protocol is TCP. In terms of data integrity, UDP is more reliable than IP. The checksum in the IP header only applies to the header itself, not to the whole packet. The UDP checksum applies to the whole user segment. 35. Define the term Datagram? It is a logical unit to transfer information over the network. This data is transmitted from source to destination. It does not guarantee that data will be delivered or lost on the way. It has two section headers and a data payload. It travels in-network without establishing a prior virtual network between source and destination. i.e. Unlike, it has no prior information about the path between source and destination. This data is frequently divided into smaller parts and transmitted to the defined route. 36. What are the registered port and Dynamic port? Registered port: The ports ranging from 1024 to 49151 are not assigned and controlled by an IANA. They can only be registered with IANA to prevent duplication. Dynamic port: This port ranging from 49152 to 65535 is neither controlled nor registered. They can be used in any process. 37. Write the importance of TTL field? The lifespan or lifetime of data that is being sent. Once, after that specified time is over or elapsed, the data will be discarded or it can also be stated as a number of hops that packet is set to exist in the network, after which that packet is discarded. The purpose of the TTL field is to avoid a situation in which an undeliverable datagram keeps circulating in the network. 38. An IPv4 packet has arrived with the first 8 bits as shown: 01000010 The receiver discards the packet. Why? An IPv4 packet has arrived with the first 8 bits being 01000010 the receiver discards the packet because the first 4 bits represent version IPV4. and another 4 bits represent header length (/ 4) which should range between 20 to 60 bytes. Here 0010 represents header length, is equal to 2 * 4 = 8. So, the receiver will reject the packet. 39. In an IPv4 packet, the value of HLEN is 1000 in binary. How many bytes of options are being carried by this packet? If an IPv4 packet, the value of HLEN is 1000 in binary, then 32 bytes of options are carried by this packet. HLEN = 1000 = 8 8*4 = 32 40. What are open loop congestion control and closed-loop congestion control techniques? Open-loop congestion control policies are applied to prevent congestion before it happens. The congestion control is handled either by the source or the destination. Closed-loop congestion control technique is used to treat or alleviate congestion after it happens. 41. Which fields of the IPv4 header change from router to router? Total length field and header checksum of IPv4 header change from router to router. 42. The value of HLEN in an IPv4 datagram is 7.How many option bytes are present? If the value of the HLEN field is 7, then there are 28 (since 7 × 4 = 28) bytes included in the header. 43. Can the value of the header length in an IPv4 packet be less than 5? The value of the header length field of an IP packet can never be less than 5 because every IP datagram must have at least a base header that has a fixed size of 20 bytes. 44. A host is sending 100 datagrams to another host. If the identification number of the first datagram is 1024, what is the identification number of the last(in IPv4)? If a source is sending 100 datagrams and for the first datagram identification no is 1024 then for the last datagram identification number will be 1024 + 99 = 1123. 45. Explain the reason for the elimination of the checksum in the IPv6 header? The checksum is eliminated in IPv6 because it is provided by upper-layer protocols; it is therefore not needed at this level. 46. Write down the name of three strategies used to handle the transmission from IPv4 to IPv6? Dual-stack Tunnelling Header translation 47. What is tunnelling? A technique of internetworking called Tunnelling is used when the source and destination networks of the same type are to be connected through a network of a different type. 43. An IP packet has arrived with the first 8 bits as 01000010. What is the version? The first 4-bits show version i.e. 0100 which belongs to IP version 4. 48. What is fragmentation? Fragmentation is an important function of the network layer. It is a technique in which gateways break up or divide larger packets into smaller ones called fragments. Each fragment is then sent as a separate internal packet. Each fragment has its own separate header and trailer. Sometimes, a fragmented datagram also gets fragmented when it encounters a network that handles smaller fragments. Thus, a datagram can be fragmented several times before it reaches its final destination. The reverse process of fragmentation is difficult. Reassembly of fragments is usually done by the destination host because each fragment has become an independent datagram. 49. Suppose the round trip propagation delay for a 10 Mbps Ethernet having a 48-bit jamming signal is 46.4 ms. what is the minimum frame size? Transmission Speed = 10Mbps. Round trip propagation delay = 46.4 ms The minimum frame size = (Round Trip Propagation Delay) * (Transmission Speed) = 10*(10^6)*46.4*(10^-3) = 464 * 10^3 = 464 Kbit 50. In the slow start phase of the TCP congestion control algorithm, what is the size of the congestion window? In the slow start phase of the TCP congestion control algorithm, the size of the congestion window increases exponentially. IP ADDRESSING 1. What is IP address? IP address is an address having information about how to reach a specific host, especially outside the LAN. An IP address is 32 bit unique address having an address space of 2 32. Generally, there are two notations in which IP address is written, dotted decimal notation and hexadecimal notation. 2. What are the different classes of IP addresses and give the range of each class? IP address is an address having information about how to reach a specific host, especially outside the LAN. An IP address is 32-bit unique address having an address space of 2 32. 3. What is a ‘subnet’? A ‘subnet’ is a generic term for a section of an extensive network, usually separated by a bridge or a router. It also works for the network’s broadcast domains, manages traffic flow, and helps improve network performance. Uses of the subnet in networking include: Relieving network congestion Reallocating IP addresses Improving network security 4. What is subnet mask? A subnet mask is a 32-bit number that is used to identify the subnet of an IP address. The subnet mask is a combination of 1’s and 0’s. 1’s represents network and subnet ID while 0’s represents the host ID. In this case, the subnet mask is, So, in order to get the network to which the destination address belongs, we have to bitwise & with a subnet mask. The address belongs to, 5. What is the range of addresses in the classes of internet addresses? Following are the five different ranges of addresses in the classes of the internet: Class A: 0.0.0.0 – 127.255.255.255 Class B: 128.0.0.0 – 191.255.255.255 Class C: 192.0.0.0 – 223.255.255.255 Class D: 224.0.0.0 – 239.255.255.255 Class E: 240.0.0.0 – 247.255.255.255 6. Why CIDR is used? The problem with this classful addressing method is that millions of class A addresses are wasted, many of the class B addresses are wasted, whereas, number of addresses available in class C is so small that it cannot cater to the needs of organizations. Class D addresses are used for multicast routing and are therefore available as a single block only. Class E addresses are reserved. Since there are these problems, Classful networking was replaced by Classless Inter-Domain Routing (CIDR). 7. What is the LOOPBACK address? Loopback Address is used to let a system send a message to itself to make sure that the TCP/IP stack is installed correctly on the machine. 8. What is a Default Gateway? In organizational systems, a gateway is a node that routes the traffic from a workstation to another network segment. The default gateway commonly connects the internal networks and the outside network (Internet). In such a situation, the gateway node could also act as a proxy server and a firewall. The gateway is also associated with both a router, which uses headers and forwarding tables to determine where packets are sent and a switch, which provides the actual path for the packet in and out of the gateway. 9. Why Hop limit field is used? Hop Limit: Hop Limit field is the same as TTL in IPv4 packets. It indicates the maximum number of intermediate nodes IPv6 packet is allowed to travel. Its value gets decremented by one, by each node that forwards the packet and the packet is discarded if the value decreases to 0. This is used to discard the packets that are stuck in an infinite loop because of some routing error. 10. What protocol is used by PING? What is used of Tracert? ICMP (Internet Control Message Protocol) is used by PING. Traceroute is a widely used command-line utility available in almost all operating systems. It shows you the complete route to a destination address. It also shows the time is taken (or delays) between intermediate routers. 11. Name the ports used by FTP protocol? Basically, FTP protocol uses two ports: Control connection: For sending control information like user identification, password, commands to change the remote directory, commands to retrieve and store files, etc., FTP makes use of connections. The control connection is initiated on port number 21. Data connection: For sending the actual file, FTP makes use of a data connection. A data connection is initiated on port number 20. 12. What is ip address? MAC Addresses are unique 48-bit hardware numbers of computers, which are embedded into a network card (known as Network Interface Card) during the time of manufacturing. The MAC Address is also known as the Physical Address of a network device. In IEEE 802 standard, the Data Link Layer is divided into two sublayers – 1. Logical Link Control(LLC) Sublayer 2. Media Access Control(MAC) Sublayer The MAC address is used by the Media Access Control (MAC) sublayer of the Data-Link Layer. MAC Address is unique worldwide since millions of network devices exist and we need to uniquely identify each. There are two types of IPs – 1. Private IP Address – A private IP address is a set of numbers assigned to each computer or system connected to a private network. An example of a private IP address is your mobile phone or your home router, which has a default local address. 2. Public IP Address – Public IP addresses are global addresses visible to anyone browsing the Internet. A user needs an internet connection to connect to such devices. 13. Explain ARP? Address Resolution Protocol is a communication protocol used for discovering physical addresses associated with a given network address. Typically, ARP is a network layer to data link layer mapping process, which is used to discover MAC addresses for a given Internet Protocol Address. In order to send the data to the destination, having an IP address is necessary but not sufficient; we also need the physical address of the destination machine. ARP is used to get the physical address (MAC address) of the destination machine. Before sending the IP packet, the MAC address of the destination must be known. If not so, then the sender broadcasts the ARP-discovery packet requesting the MAC address of the intended destination. Since ARP-discovery is broadcast, every host inside that network will get this message but the packet will be discarded by everyone except that intended receiver host who’s IP is associated. Now, this receiver will send a unicast packet with its MAC address (ARP-reply) to the sender of the ARP-discovery packet. After the original sender receives the ARP-reply, it updates ARP-cache and starts sending a unicast message to the destination. 14. What is MTU? A maximum transmission unit also called MTU, is a term used in networking and operating systems. It defines the largest size of the packet that can be transmitted as a single entit y in a network connection. The size of the MTU dictates the amount of data that can be transmitted in bytes over a network. 15. If a class B network on the Internet has a subnet mask of 255.255.248.0, what is the maximum number of hosts per subnet? The binary representation of the subnet mask is 11111111.11111111.11111000. 00000000. There are 21 bits set in a subnet. So 11 (32-21) bits are left for host ids. The total possible value of host ids is 2^11 = 2048. Out of these 2048 values, 2 addresses are reserved. The address with all bits as 1 is reserved as broadcast address and the address with all host id bits as 0 is used as a network address of the subnet. In general, the number of addresses usable for addressing specific hosts in each network is always 2^N – 2 where N is the number of bits for host id. So the answer is 2046. 16. What is IP multicast? Multicasting has one/more senders and one/more recipients participate in data transfer traffic. In multicasting, traffic reclines between the boundaries of unicast and broadcast. Its server’s direct single copies of data streams and that are then simulated and routed to hosts that request it. IP multicast requires the support of some other protocols such as Internet Group Management Protocol (IGMP), Multicast routing for its work. And also, in Classful IP, addressing Class D is reserved for multicast groups. 17. Difference between public and private IP addresses? Public IP address– A public IP address is an Internet Protocol address, encrypted by various servers/devices. That’s when you connect these devices with your internet connection. This is the same IP address we show on our homepage. So why the second page? Well, not all people speak the IP language. We want to make it as easy as possible for everyone to get the information they need. Some even call this their external IP address. A public Internet Protocol address is an Internet Protocol address accessed over the Internet. Like the postal address used to deliver mail to your home, the public Internet Protocol address is a different international Internet Protocol address assigned to a computer device. The web server, email server, and any server device that has direct access to the Internet are those who will enter the public Internet Protocol address. Internet Address Protocol is unique worldwide and is only supplied with a unique device. Private IP address– Everything that connects to your Internet network has a private IP address. This includes computers, smartphones, and tablets but also any Bluetooth-enabled devices such as speakers, printers, or smart TVs. With the growing internet of things, the number of private IP addresses you have at home is likely to increase. Your router needs a way to identify these things separately, and most things need a way to get to know each other. Therefore, your router generates private IP addresses that are unique identifiers for each device that separates the network. 18. Can you explain what subnetting? When a bigger network is divided into smaller networks, in order to maintain security, then that is known as Subnetting. So, maintenance is easier for smaller networks. 19. Do you know what Network Address Translation is? To access the Internet, one public IP address is needed, but we can use a private IP address on our private network. The idea of NAT is to allow multiple devices to access the Internet through a single public address. To achieve this, the translation of a private IP address to a public IP address is required. Network Address Translation (NAT) is a process in which one or more local IP addresses is translated into one or more Global IP addresses and vice versa in order to provide Internet access to the local hosts. Also, it does the translation of port numbers i.e. masks the port number of the host with another port number in the packet that will be routed to the destination. It then makes the corresponding entries of IP address and port number in the NAT table. NAT generally operates on a router or firewall. 20. An organization requires a range of IP addresses to assign one to each of its 1500 computers. The organization has approached an Internet Service Provider (ISP) for this task. The ISP uses CIDR and serves the requests from the available IP address space 202.61.0.0/17. The ISP wants to assign address space to the organization which will minimize the number of routing entries in the ISP’s router using route aggregation. To calculate the address spaces are potential candidates from which the ISP can allow any one of the organizations? Subnet Mask for the given IP address: 202.61.0.0/17 ⇒ 11111111 11111111 10000000 00000000 ⇒ 255.255.128.0 Now, since we need 1500 hosts, so, bits for host address, = ceiling (log2 (1500)) = ceiling (10.55) = 11 bits for host address So, the last 11 bits will be for host addresses: 00000000.00000000 → 00000111.11111111 (0.0 → 7.255) 00001000.00000000 → 00010000.00000000 (8.0 - 15.255) 00001111.11111111 → 00010111.11111111 (16.0 - 23.255) Sequences are 0, 8, 16, 24, 32, 40, 48, 56, 64, 72, 80, 96, 104, 112, 120. Hence, 64 and 104 are present in the sequence, so 202.61.104.0 / 21 and 202.61.64.0 / 21 are the possible IP addresses. 21. Explain the difference between Static and Dynamic IP? S.NO Static IP Address Dynamic IP address 1. It is provided by ISP(Internet Service Provider). While it is provided by DHCP (Dynamic Host Configuration Protocol). 2. The static IP address does not change at IP any time, which means if a static ip address is provided then it can’t be changed or modified. While dynamic IP addresses static changes at any time. S.NO Static IP Address Dynamic IP address 3. A static IP address is less secure. While in a dynamic IP address, there is a low amount of risk than static ip address’s risk. 4. A static IP address is difficult to designate. While the dynamic IP address is easy to designate. 5. The device designed by static IP address can be trace. But the device designed by dynamic ip address can’t be traced. 6. The static IP address is more stable than a dynamic IP address. While dynamic ip address is less stable than static ip address. 7. The cost to maintain the static ip address is higher than the dynamic IP address. While the maintaining cost of dynamic ip address is less than static IP address. 8. It is used where computational data is less confidential. While it is used where data is more confidential and needs more security. 22. How will my computer get its IP Address? To get IP address: 1. Click on start ->Programs->Accessories->Command prompt. 2. Type ipconfig on command prompt and press enter key. By using these steps, you can get your PC IP address, Subnet Mask, and default gateway details. 23. What are the features of Gateway? Gateways provide a wide variety of features. Some of which are: Gateways work as a network bridge for data transmission as it makes the transmission of data possible to transmit with more ease and does not demand high storage capacity. Gateways create a structural temporary storeroom for the data transmitted by the server and data requests made by the user end. Gateways made the transmission more feasible as it queued up all the data and divide it into small packets of data rather than sending it bulk. Data transmitted through Gateway is divided into various useful and small packets each having its individual significance and a role to play while processing data. Gateways made the data more secure if the modifications to the gateway could be done which then could create more reliability over smart devices. Gateways optimize the data for search engines, applications, and servers by implanting better readability to the content so that a machine could understand and optimize data with ease 24. Is Ipv6 Backward Compatible With Ipv4? Is It Possible To Have An Ipv4 And An Ipv6 Addresses Simultaneously? No, IPv6 is not backward compatible with IPv4 protocol. Yes, it is possible to have an IPv4 and IPv6 addresses simultaneously. 25. What is TTL? The lifespan or lifetime of data that is being sent. Once after that specified time is over or elapsed, the data will be discarded Or it can also be stated as the number of hops that packet is set to exist in the network, after which that packet is discarded. The purpose of the TTL field is to avoid a situation in which an undeliverable datagram keeps circulating in the network. 26. If the TTL field has the value of 10. How many routers (max) can process this datagram? TTL stands for Time to Live. This field specifies the life of the IP packet based on the number of hops it makes (number of routers it goes through). TTL field is decremented by one each time the datagram is processed by a router. When the value is 0, the packet is automatically destroyed. 27. If the value in the protocol field is 17, the transport layer protocol used is which protocol? If the value in the protocol field is 17, the transport layer protocol uses UDP (User Datagram Protocol). What happens in classless addressing, if there are no classes but addresses are still granted? In classless addressing, there are no classes but addresses are still granted in blocks. The total number of addresses in a block of classless IP addresses = 2(32 – CIDR_value). 28. Suppose two IPv6 nodes want to interoperate using IPv6 datagrams, but they are connected to each other by intervening IPv4 routers. Then what is the best solution? If two IPv6 nodes want to interoperate using IPv6 datagrams, they are connected to each other by intervening IPv4 routers. Then tunnelling is the best solution. 29. What is IANA? IANA, the Internet Assigned Numbers Authority, is an administrative function of the Internet that keeps track of IP addresses, domain names, and protocol parameter identifiers that are used by Internet standards. Some of these identifiers are parameters, such as those used by Internet protocols (like TCP, ICMP or UDP) to specify functions and behaviour; some of them represent Internet addresses and others represent domain names. Regardless of the type of identifier, the IANA function (IANA for short below) ensures that values are managed for uniqueness and made available in publicly accessible registries. 30. What is DHCP? DHCP is an abbreviation for Dynamic Host Configuration Protocol. It is an application layer protocol used by hosts for obtaining network setup information. The DHCP is controlled by a DHCP server that dynamically distributes network configuration parameters such as IP addresses, subnet mask, and gateway address. 31. How can you manage a network using a router? Routers have built-in console that lets you configure different settings, like security and data logging. We can assign restrictions to computers, such as what resources they are allowed to access, or what particular time of the day they can browse the internet.We can even put restrictions on what websites are not viewable across the entire network. 32. What is ipconfig? IPCONFIG stands for Internet Protocol Configuration. This is a command-line application that displays all the current TCP/IP (Transmission Control Protocol/Internet Protocol) network configuration, refreshes the DHCP (Dynamic Host Configuration Protocol) and DNS (Domain Name Server). It also displays an IP address, subnet mask, and a default gateway for all adapters. It is available for Microsoft Windows, ReactOS, and Apple macOS. ReactOS version was developed by Ged Murphy and licensed under the General Public License. 33. What is the difference between ipconfig and ifconfig commands? IPCONFIG stands for Internet Protocol Configuration. This is a command-line application that displays all the current TCP/IP (Transmission Control Protocol/Internet Protocol) network configuration, refreshes the DHCP (Dynamic Host Configuration Protocol) and DNS (Domain Name Server). It also displays IP address, subnet mask, and default gateway for all adapters. It is available for Microsoft Windows, ReactOS, and Apple macOS. ReactOS version was developed by Ged Murphy and licensed under the General Public License. ifconfig(interface configuration) command is used to configure the kernel-resident network interfaces. It is used at boot time to set up the interfaces as necessary. After that, it is usually used when needed during debugging or when you need system tuning. Also, this command is used to assign the IP address and netmask to an interface or to enable or disable a given interface. 34. What is NIC? The NIC stands for the network interface controller. NIC is a device or module that controls and configures the interface of a processor system to a network or other interconnection. There are many different types of interfaces in electronic systems. NICs generally configure, maintain the current state, handle faults, and provide algorithm implementation to transfer data to and from the interface successfully. 35. When you move the NIC cards from one PC to another PC, does the MAC address get transferred as well? Yes, if we move the NIC cards from one PC to another PC, then the MAC address also gets transferred, because the MAC address is hard-wired into the NIC circuit, not the personal computer. This also means that a PC can have a different MAC address when another one replaces the NIC card. 36. Explain clustering support? What is Brouter? Clustering support refers to the ability of a network operating system to connect multiple servers in a fault-tolerant group. The main purpose of this is that in the event that one server fails, all processing will continue on with the next server in the cluster. Brouter – It is also known as the bridging router is a device that combines features of both bridge and router. It can work either at the data link layer or a network layer. Working as a router, it is capable of routing packets across networks, and working as the bridge, it is capable of filtering local area network traffic. 37. Explain the features of VPN? 1. VPN also ensures security by providing an encrypted tunnel between client and vpn server. 2. VPN is used to bypass many blocked sites. 3. VPN facilitates anonymous browsing by hiding your ip address. 4. Also, the most appropriate Search engine optimization (SEO) is done by analyzing the data from VPN providers which provide country-wise states for browsing a particular product. This method of SEO is used widely by many internet marketing managers to form new strategies. 38. What are the important differences between MAC address and IP address? MAC Address IP Address MAC Address stands for Media Access Control Address. IP Address stands for Internet Protocol Address. MAC Address is a six byte hexadecimal address. IP Address is either four byte (IPv4) or eight byte (IPv6) address. A device attached with MAC Address can retrieve by ARP protocol. A device attached with IP Address can retrieve by RARP protocol. NIC Card’s Manufacturer provides the MAC Address. Internet Service Provider provides IP Address. MAC Address is used to ensure the physical address of computer. IP Address is the logical address of the computer. MAC Address operates in the data link layer. IP Address operates in the network layer. MAC Address helps in simply identifying the device. IP Address identifies the connection of the device on the network. MAC Address of computer cannot be changed with time and environment. IP Address modifies with the time and environment. MAC Address can’t be found easily by third party. IP Address can be found by third party. 39. What is 127.0.0.1? In IPv4, IP addresses that start with decimal 127 or that has 01111111 in the first octet are loopback addresses (127.X.X.X). Typically 127.0.0.1 is used as the local loopback address. This leads to the wastage of many potential IP addresses. But in IPv6:1 is used as local loopback address and therefore there isn’t any wastage of addresses. 40. What is a DNS? What is its purpose? DNS is a host name to IP address translation service. DNS is a distributed database implemented in a hierarchy of name servers. It is an application layer protocol for message exchange between clients and servers. DNS servers are a critical component of the internet infrastructure. They are essential for allowing users to access websites and other network resources. It is done by using easy-to-remember domain names. 41. Differentiate between ‘forward lookup’ and ‘reverse lookup’ in DNS. Following are the major differences between a forward lookup and a reverse lookup in DNS: Forward DNS lookup Reverse DNS lookup Converts a human input or a domain Converts an IP address into a domain name name to an IP address Has a mapping between hostnames and IP addresses Has a mapping that relates IP addresses to hostnames Used for a website or other server access Used for network troubleshooting Utilizes different servers with different IP addresses Resolves reverse lookup queries where a client requests a hostname by providing an IP address Uses A Records (basic) to identify any IP address for a particular hostname Uses DNS pointer record to identify a hostname for a given IP address 42. What is the use of a proxy server? Proxy server refers to a server that acts as an intermediary between the request made by clients, and a particular server for some services or requests for some resources. There are different types of proxy servers available that are put into use according to the purpose of a request made by the clients to the servers. The basic purpose of Proxy servers is to protect the direct connection of Internet clients and internet resources. The proxy server also prevents the identification of the client’s IP address when the client makes any request is made to any other servers. 43. What is the importance of APIPA in networking? Automatic Private IP Addressing is important in networking because communication can be established properly if you don’t get a response from DHCP Server. APIPA regulates the service, by which the response and status of the main DHCP server at a specific period of time. Apart from that, it can be used as a backup to DHCP because when DHCP stops working, APIPA has the ability to assign IP to the networking hosts.It stops unwanted broadcasting. It uses ARP (Address Resolution Protocol) to confirm the address isn’t currently in use. 44. What is the difference between Firewall and Antivirus? Firewall Antivirus Firewall is implemented in both hardware and software. Antivirus is implemented in software only. Firewall deals with external threats only. Antivirus deals with both external threats and internal threats. In firewall counter attacks are possible such as IP Spoofing and routing attacks. In antivirus no counter attacks are possible after removing the malware.> Firewall works on monitoring and filtering. Antivirus works on Scanning of infected files and software. Firewall checks the threat from incoming packets. Antivirus checks the threat from malicious software. Firewall saves the system from all kinds of threats to the system. Antivirus saves the system only from viruses. Firewall’s programming is complex than antivirus. Antivirus’s programming is simpler as comparison to firewall. 45. What is SLIP? SLIP stands for Serial Line Internet Protocol. It is a TCP/IP implementation which was described under RFC 1055 (Request for Comments). SLIP establishes point-to-point serial connections which can be used in dial-up connections, serial ports and routers. It frames the encapsulated IP packets across a serial line for establishing connection while using line speed between 12000 bps and 19.2 Kbps. SLIP was introduced in 1984 when Rick Adams used it to connect 4.2 Berkeley Unix and Sun Microsystems workstations. It soon caught up with the rest of the world as a credible TCP/IP implementation. It has now become obsolete after being replaced by PPP (Point to Point Protocol) which solves many deficiencies present in it. 46. What is Kerberos protocol? Kerberos provides a centralized authentication server whose function is to authenticate users to servers and servers to users. In Kerberos Authentication server and database is used for client authentication. Kerberos runs as a third-party trusted server known as the Key Distribution Center (KDC). Each user and service on the network is a principal. The main components of Kerberos are: Authentication Server (AS): The Authentication Server performs the initial authentication and ticket for Ticket Granting Service. Database: The Authentication Server verifies the access rights of users in the database. Ticket Granting Server (TGS): The Ticket Granting Server issues the ticket for the Server. 47. What is HSRP? Hot Standby Router Protocol (HSRP) is a CISCO proprietary protocol, which provides redundancy for a local subnet. In HSRP, two or more routers give an illusion of a virtual router. HSRP allows you to configure two or more routers as standby routers and only a single router as an active router at a time. All the routers in a single HSRP group share a single MAC address and IP address, which acts as a default gateway to the local network. The Active router is responsible for forwarding the traffic. If it fails, the Standby router takes up all the responsibilities of the active router and forwards the traffic. 48. Why is the MAC address called the Physical address? How is it used in networking? The MAC address is a physical address (also called a hardware address) because it physically identifies an item of hardware. MAC addresses use three types of number systems and all use the same format, only the size of the identifier differs. The addresses can be “Universally Managed” or “Locally Managed”. MAC addresses are used at the data link layer of the network stack. It controls access to the network media and ensures each device has a unique address. They are used by network devices such as switches to direct traffic to the correct destination device on the local network segment. MAC addresses are typically represented as a string of six pairs of hexadecimal digits, such as 00:1B:44:11:3A:B7. They are assigned by the network interface manufacturer and stored in the device's hardware. 49. Process of DHCP (DORA)? In DHCP, the client and the server exchange mainly 4 DHCP messages in order to make a connection. This process is known as DORA process (discovery, offer, request, and acknowledgment), but there are 8 DHCP messages in the process. 50. What is ‘APIPA’? APIPA stands for Automatic Private IP Addressing (APIPA). It is a feature or characteristic in operating systems (eg. Windows) which enables computers to selfconfigure an IP address and subnet mask automatically when their DHCP (Dynamic Host Configuration Protocol) server isn’t reachable. The IP address range for APIPA is (169.254.0.1 to 169.254.255.254) having 65, 534 usable IP addresses, with the subnet mask of 255.255.0.0. 51. Mention the uses of the Hamming code. Following are some of the common applications of using Hemming code: Modems Satellites PlasmaCAM Shielding wire Embedded Processor Computer Memory Open connectors 52. What is the difference between a hub, a switch, and a router? The following table consists of the difference between a hub, a switch, and a router. Property Layer Broadcasts Hub Physical Layer Broadcasts all incoming traffic to all connected devices. Does not have a MAC address. Shares a single collision domain. Switch Router Data Link Layer Network Layer Forwards traffic only to the Forwards traffic to the intended device. destination network. Packet Filtering Does not filter packets. Can filter packets based on MAC address. Routing Cannot route traffic. It cannot route traffic between networks, but can route traffic between different VLANs. Addresses Collision Domain It has a MAC address. Creates a separate domain for each port. collision It has a MAC and an IP address. Creates a separate collision domain for each port. Can filter packets based on MAC and IP addresses. Can route traffic between networks. 53. What is the difference between a static IP address and a dynamic IP address? The following is the difference between a static IP address and a dynamic IP address. Static IP Address Dynamic IP Address Assigned manually by a network Assigned automatically by a DHCP server. administrator or ISP. It remains constant and does not change. It can change each time a device connects to the network. Ideal for servers, web hosting, or devices that Ideal for home or small business networks with require a fixed IP address. devices that don't require a fixed IP address. They are more secure as they are not They are less secure as they can be more easily susceptible to IP spoofing or DNS attacks. targeted by IP spoofing or DNS attacks. They are more expensive, as they require They are more cost-effective, as they can be more configuration and administration. easily managed and do not require manual configuration. Requires manual reconfiguration if network Automatically adapts to network topology topology changes. changes. Provides better network performance as May experience slower network performance obtaining a new IP address upon connection due to the time needed to obtain a new IP address is unnecessary. upon connection 54. What is Quality of Service (QoS), and how is it used to prioritise network traffic? Quality of Service (QoS) is a networking technology that enables network administrators to prioritise certain types of network traffic over others. QoS ensures that important or timesensitive data, such as voice or video traffic, is given priority over less important data, such as email or web browsing. This helps improve network performance, reduce network congestion, and ensure critical applications or services receive the necessary bandwidth and resources to operate optimally.