BCS052
Valid upto April 2016
1.(a) Why would an application use UDP instead of TCP? Discuss.
Ans:1(aUDP provides an unreliable service and datagram may arrive out of
order, appear duplicated, or go missing without notice. UDP assumes that error
checking and correction is either not necessary or performed in the application,
avoiding the overhead of such processing at the network interface level. Timesensitive applications often use UDP because dropping packets is preferable to
wait for delayed packets, which may not be an option in a real-time system.
The User Datagram Protocol (UDP) is a transport layer protocol for use with the
IP network layer protocol. It provides a best-effort datagram service to an end
system (IP host). UDP provides no guarantee for delivery and no protection from
duplication, but the simplicity of UDP reduces overhead from the protocol and
can be adequate for some applications.
A computer may send UDP packets without first establishing a connection to a
recipient. The computer completes the appropriate fields in the UDP header
(PCI) and forwards the data together with the header for transmission by the IP
network layer.
Typically, use UDP in applications where speed is more critical than reliability.
For example, it may be better to use UDP in an application sending data from a
fast acquisition where it is acceptable to lose some data points. You can also use
UDP to broadcast to any machine(s) listening to the server.
(b) What is the purpose of VPNs and what are the main features they
provide?
VPN gives extremely secure connections between private networks linked
through the Internet. It allows remote computers to act as though they were on
the same secure, local network.
A VPN is useful facility and is essential if you travel with
a laptop computer, tablet or smartphone. It can be used by both private users and
businesses, but in different ways. There are free and paid versions, and each has
pros and cons, so let's take a look at what one is and what it does.
A Virtual Private Network (VPN) connects two computers securely and privately
over the internet, even though that is a public network. A VPN client on one
computer connects to a VPN server on another computer and by using encryption
and other security measures, no-one can see what information is being
exchanged.
One use of this technology is to extend a private network across the internet to
another location. For example, a businesses can enable workers with laptops on
BCS052
Valid upto April 2016
the road or at home to connect to the company network as if they were sat at a
desk in the office. The network traffic is routed across the internet from the user
to the company, but it is encrypted and therefore secure from eavesdropping and
interception. A company that has offices in two locations can connect them using
a VPN across the internet so there appears to be one network.
VPNs aren't just for businesses and because the connection is private and secure,
another use is to access the internet anonymously. Anyone that wants to protect
their privacy and security online should use a VPN. Everywhere online someone
is tracking your activities. ISPs monitor internet usage and may restrict the
bandwidth if they detect certain activities. P2P file sharing and BitTorrent traffic
is speed-limited for instance. Websites you visit get your IP address, location,
browser and operating system, screen resolution, ISP and more. To see what
information you reveal, go to stayinvisible.com. A VPN stops websites spying on
you by hiding data that could identify you.
2. (a) Draw the IP datagram header format. ―IP datagram has a checksum
field still and it’s called an unreliable protocol.‖ Justify.
IP DATAGRAM HEADER FORMAT 1
While it has a checksum field (error detection), it has no way to recover if an
error is found (error correction). In TCP, the packet is NACK'd and resent (or
dropped and resent after the ack timer expires on the sender, I don't remember).
IP will just drop the packet if an error is detected at that level.
(b) What is an ―internetwork? State and compare internetworking devices
used to connect different LAN segments.
An internetwork is a collection of individual networks, connected by
intermediate networking devices, that functions as a single large network.
BCS052
Valid upto April 2016
Internetworking refers to the industry, products, and procedures that meet the
challenge of creating and administeringinternetworks.
An Internet working device used to connect different LAN segments is called a
Modem. A Modem can be either hard wired to the computer or use a Wi-Fi
connection to connect to the computer. Dial up Modems were also used that ran
through telephone lines.
3. (a) Describe the activities to be performed at every layer in the TCP
model when information flows from layer to another layer.
The TCP/IP protocol system is subdivided into layered components, each of
which performs specific dutiesThis model, or stack, comes from the early days of
TCP/IP, and it is sometimes called the TCP/IP model. The official TCP/IP
protocol layers and their functions are described in the following list. Compare
the functions in the list with the responsibilities listed earlier in this section, and
you’ll see how the responsibilities of the protocol system are distributed among
the layers.
Network Access layer: Provides an interface with the physical network. Formats
the data for the transmission medium and addresses data for the subnet based on
physical hardware addresses. Provides error control for data delivered on the
physical network.
Internet layer: Provides logical, hardware-independent addressing so that data
can pass among subnets with different physical architectures. Provides routing to
reduce traffic and support delivery across the internetwork. (The
term internetwork refers to an interconnected, greater network of local area
networks (LANs), such as what you find in a large company or on the Internet.)
Relates physical addresses (used at the Network Access layer) to logical
addresses.
Transport layer: Provides flow-control, error-control, and acknowledgment
services for the internetwork. Serves as an interface for network applications.
Application layer: Provides applications for network troubleshooting, file
transfer, remote control, and Internet activities. Also supports the network
application programming interfaces (APIs) that enable programs written for a
particular operating environment to access the network.
BCS052
Valid upto April 2016
When the TCP/IP protocol software prepares a piece of data for transmission
across the network, each layer on the sending machine adds a layer of
information to the data that is relevant to the corresponding layer on the receiving
machine. For instance, the Internet layer of the computer sending the data adds a
header with some information that is significant to the Internet layer of the
computer receiving the message. This process is sometimes referred to as
encapsulation. At the receiving end these headers are removed as the data is
passed up the protocol stack.
(b) Classify the problems faced by network administrator. Make a chart to
explain the available solutions for each problem.
A number of challenges as it is more than just installing computers and networks.
You have to make sure your network:
o Is designed efficiently,
o Is capable of mass management – updating multiple machines at once
o Is secured from threats, and internal and external hackers
o Meets all of your users requirements and needs
And not only for your network, you to have to also:
o Understand the users and organisations needs and wants
o Be able to troubleshoot and fix problems and errors quickly
o Be up to date with the latest technical knowledge and computer news
o Be able to write documentation and instructions
The basics steps for solving a computer related problem are:
1. Detect the fault of problem
2. Isolate the problem
3. Troubleshoot on how to fix the problem
o (Make sure you document your steps or make a backup before you do
anything)
4. Carry out tests and use tools to diagnose the problem
5. Solve the problem and document a fix
If your network is critical, you cannot just simply reboot a machine, or click a
few random buttons to see if you can fix the problem. You have plan how you
will fix the problem in the quickest amount of time without causing more
disruption to your users, or break it even more.
1. First of all – be systematic. Try the simple things first. If a computer won’t
start, make sure the power is turned on.
2. Read logs – Logs provide a lot of information on when things go wrong. So
make sure you read and understand what the logs are telling you
3. Pay attention to all the facts
BCS052
Valid upto April 2016
4. Read the documentation – yes, it does help and it’s not always there to take
up space in the packaging
5. Talk to others – get on the internet, forums, blogs because other people would
likely have faced your issue or know how to help, and ask your colleagues
6. Use test environments – see if you can cause the issue again, and then test the
ways on how you can fix it. In a test environment, you know you can’t break
the production server any more
7. Know your tools – you usually need something to work out how to fix the
problem, or even to find out what the problem actually is. You might not
know you have a virus if you don’t conduct a scan
8. Work out the root cause of the problem – hardware failure, user interaction,
external event?
9. Have a backup in place – make sure that you can restore the system to what it
was like before the problem
10. Do it quickly – Users are being affected and can have a large financial loss
to the organisation if the system is down. Fix it first, and then discuss the
politics
4. (a) Explain the connection oriented & connection less services using bind,
connect, listen & accept system calls.
Connection Oriented Service
The typical set of system calls on both the machines in a connection-oriented
setup is shown in Figure below.
BCS052
Valid upto April 2016
The sequence of system calls that have to be made in order to setup a connection
is given below.
1. The socket system call is used to obtain a socket descriptor on both the
client and the server. Both these calls need not be synchronous or related in
the time at which they are called.
2. Both the client and the server 'bind' to a particular port on their machines
using the bind system call. This function has to be called only after a socket
has been created and has to be passed the socket descriptor returned by
the socket call. Again this binding on both the machines need not be in any
particular order. Moreover the binding procedure on the client is entirely
optional. The bind system call requires the address family, the port number
and the IP address. The address family is known to be AF_INET, the IP
address of the client is already known to the operating system. All that
remains is the port number. Of course the programmer can specify which
port to bind to, but this is not necessary. The binding can be done on a
random port as well and still everything would work fine. The way to make
this happen is not to call bind at all. Alternatively bind can be called with
the port number set to 0. This tells the operating system to assign a random
port number to this socket. This way whenever the program tries to connect
to a remote machine through this socket, the operating system binds this
socket to a random local port. This procedure as mentioned above is not
applicable to a server, which has to listen at a standard predetermined port.
3. The next call has to be listen to be made on the server.
4. The connect system call signifies that the server is willing to accept
connections and thereby start communicating.
5. The connect function is then called on the client with three arguments,
namely the socket descriptor, the remote server address and the length of
the address data structure.
6. The request generated by this connect call is processed by the remote server
and is placed in an operating system buffer, waiting to be handed over to
the application which will be calling the acceptfunction. The accept call is
the mechanism by which the networking program on the server receives
that requests that have been accepted by the operating system..
The accept call is a blocking system call. In case there are requests present
in the system buffer, they will be returned and in case there aren't any, the
call simply blocks until one arrives.
7. Finally when both connect and accept return the connection has been
established.
Connectionless Service
BCS052
Valid upto April 2016
The typical set of system calls on both the machines in a connectionless setup is
shown in Figure below.





The socket and bind system calls are called in the same way as in the
connection-oriented case. Again the bind call is optional at the client side.
The connect function is not called in a connectionless communication with
the sane intention as above. Instead, if we call a connect() in this case, then
we are simply specifying a particular server address to which we have to
send, and from which we have to receive the Datagrams
Every time a packet has to be sent over a socket, the remote address has to
be mentioned. This is because there is no concept of a connection that can
remember which remote machine to send that packet to.
The calls sendto and recvfrom are used to send datagram packets. Both
these calls block until a packet is sent in case of sendto and a packet is
received in case of recvfrom. In the strict sense though sendto is not
blocking as the packet is sent out in most cases andsendto returns
immediately.
Suppose if the program desires to communicate only to one particular
machine and make the operating system discard packets from all other
machines, it can use the connect call to specify the address of the machine
with which it will exclusively communicate. All subsequent calls do not
require the address field to be given. It will be understood that the remote
address is the one specified in connect called earlier.
(b) List and explain the features of any four popular enterprisesecurity
solutions.
BCS052
Valid upto April 2016
Hexaware’s Enterprise Security Solutions
 Real-time analysis of security data helps in detecting attacks in progress
 Analyzing both firewall and intrusion detection data raises the awareness of
security threats exponentially
 Correlating external threat activity with the unique requirements of your
organization’s environment results in actionable, prioritized remediation
recommendations
 Seamlessly integrate compliance reporting with fully-customizable
configuration auditing standards, to provide “one stop shop” for both
internal and external auditors
 Automatically collect and compare configuration and asset data against
established baselines
 Collect real-time information regarding file integrity and the transfer of
data to removable media devices on servers and workstations, and correlate
with other relevant security information including other configuration and
asset data, performance metrics, and network flow data
Dynamic Enterprise Security Solutions LTD.
Is an independent integrated security and life safety systems solution provider.
Our staff have enviable reputations and a proven track record of providing high
quality installations within all sectors of the security industry.
Based from our office in Manchester we offer nationwide coverage with works
ranging from basic installations to project consultations accounting for design
from Procurement and Installation of major integrated systems.
Within the industry it is all too common to encounter an adversarial relationship
between contractor/client and sub-contractor, we aim to bring a partnering
approach to all our projects and foster long term relationships. We believe in
providing a well engineered solution to fit all our clients’ needs.
Microsoft Services will help you identify and implement the best enterprise
security solutions to address your company’s unique challenges and goals.
Cyber Threat Assistance: Experts when you need them to respond to cyber
threats or attacks within your environment
Assessment: Comprehensive threat and vulnerability assessments of your
enterprise data security and identity infrastructure and processes
Strategy and Architecture: Guidance, mitigation steps and prescriptive roadmaps
Identity and Access Control: Efficient and effective identity design, architecture
and processes to help protect critical information and secure administrative
accounts while preparing you to adopt mobility and cloud solutions
BCS052
Valid upto April 2016
Fundamentals: Technical assistance to help you implement infrastructure,
network, and core operating system security
Symantec Protection Suite Enterprise
 Symantec Insight separates files at risk from those that are safe, for faster
and more accurate malware detection on Windows and Mac laptops,
desktops, servers, messaging and web gateways--protection beyond
antivirus.
 Real Time SONAR 3 examines programs as they run, identifying and
stopping malicious behavior even of new and previously unknown threats.
 Protection for Virtual Environments helps secure your virtual infrastructure
and automatically identify and manage virtual clients.
 Catch more than 99% of spam and prevent data loss with advanced content
filtering to identify and control the flow of sensitive data in email and IM.
 Web gateway security that protects against web threats, including malicious
software, spyware, botnets, viruses, and malware.
 Deeper security insights from the world’s largest civilian threat intelligence
network provides deeper understanding into local and global threat
landscape.
IBM Security Solutions
IBM Security solutions help you establish a holistic and mature security posture
that can helpreduce costs, improve service, manage risk and enable innovation.
 Security intelligence and analytics -Apply analytics and automation to data
and incidents to detect threats, perform forensic analysis and automate
compliance.
 Identity and access management- Govern and enforce access across
multiple channels, including mobile, social and cloud.
 Application security - Test and verify applications before deployment to
reduce risks and costs.
 Advanced fraud protection - Detect and prevent attack vectors responsible
for the majority of online, mobile and cross-channel fraud.
 Data security and privacy- Prevent data loss and enable data access to
support business operations, growth and innovation.
 Infrastructure protection- Achieve in-depth security across your networks,
servers, virtual servers, mainframes and endpoints.
BCS052
Valid upto April 2016
5. (a) What is a mail server? Briefly explain specifying the protocols
involved how a sender can send a mail to the server and the recipient
retrieves it from the server?
A mail server (also known as a mail transfer agent or MTA, a mailtransport agent,
a mail router or an Internet mailer) is an application that receives incoming email from local users (people within the same domain) and remote senders and
forwards outgoing e-mail for delivery.
our Internet Service Provider has a special computer called mail server, which is
responsible for collecting mail from their customers. When you click the send
button, your computer connects to the mail server and transmits the message along
with the list of recipients.
The message is transmitted with Simple Mail Transfer Protocol (SMTP). SMTP
is a language that your mail program uses to speak to the mail server. SMTP lets
your mail program specify the list of recipients and the text of the message.The mail
server that understands SMTP is frequently called Outgoing SMTP Server.Your
destination recipient also has an Internet Service Provider. They have a mail server
too.When your SMTP server decides that it's time to send your email, it connects to
the destination mail server and transmits the message to it. They use SMTP to speak
to each other. Therefore the destination mail server is frequently called Destination
SMTP Server.Destination SMTP server stores the email message until your
recipient decides to check if some email arrived.When the recipient decides to
check the email, his email program connects to the destination SMTP server and
retrieves mail from the server. This time, they usePost Office Protocol Version 3
(POP3), which is a language used to receive mail. Therefore, this server is usually
called Incoming POP3 Server.
Destination SMTP server for you is Incoming POP3 server for your recipient.
When your recipient replies, the situation reverses - now your mail server becomes
a Destination SMTP server from the viewpoint of the reply sender.
POP3 service is not necessary. There are other means to access mail on the
destination mail server. For example, you can use Web browser to access Hotmail®
or Yahoo Mail without downloading all the mail to your computer.
There are millions of SMTP servers all around the world. How your SMTP server
knows where to send the message?
This information is stored in so called MX records. MX is not an abbreviation, it
doesn't mean anything. The MX record shows which destination SMTP server must
be used for the specific email address. For example, the MX record for
aysoft@aysoft.com points to the server called slim.aysoft.com.
The database of MX records is maintained by a network called Domain Name
Service (DNS). To get access to the MX records, you must have access to the
DNS server and have a permission to retrieve MX records.
BCS052
Valid upto April 2016
You can look up MX records for any e-mail address with special software, such
as AY Spy.
there are two SMTP servers involved in sending each message. Your outbound
SMTP server is working as a relay - it accepts your message and relays it to the
other server.When Internet just started, any SMTP server used to work as relays the message used to be passed from server to server freely. As the email system
got abused by spammers, fewer and fewer servers were working this way. Now
all open relays are closed. The only server that will relay for you is the one given
to you by your Internet Service Provider.
It is also possible to bypass all relays and send email directly to the destination
server.
5 (b) Explain the importance of three-way handshake method for connection
establishment in TCP/IP with the help of suitable diagram.
To establish a connection, each device must send a SYN and receive an ACK for
it from the other device. Thus, conceptually, we need to have four control
messages pass between the devices. However, it's inefficient to send a SYN and
an ACK in separate messages when one could communicate both simultaneously.
Thus, in the normal sequence of events in connection establishment, one of
the SYNs and one of the ACKs is sent together by setting both of the relevant bits
(a message sometimes called a SYN+ACK). This makes a total of three messages,
and for this reason the connection procedure is called a three-way handshake
A three-way-handshake is primarily used to create a TCP socket connection. It
works when:
BCS052
Valid upto April 2016
A client node sends a SYN data packet over an IP network to a server on
the same or an external network. The objective of this packet is to ask/infer
if the server is open for new connection.
 The target server must have open ports that can accept and initiate new
connections. When the server receives the SYN packet from the client
node, it responds and returns a confirmation receipt - the ACK packet or
SYN/ACK packet.
 The client node receives the SYN/ACK from the server and responds with
an ACK packet.
6. (a) Draw the TCP header and list its components. Also, explain how can
TCP handle urgent data?

Following is the brief description of all the different sections of TCP Header:(1) Source Port Number
This is a 16-bit number which specifies the source port number corresponding to
the application which is sending the segment.
(2) Destination Port Number
It is a 16-bit number which specifies the port number of the application program
that is receiving the TCP segments at the destination computer.
(3) Sequence Number( 32 bits)
It specifies the number assigned to the first byte of the data portion of the TCP
segment. Each byte to be transmitted is numbered in an increasing sequence.
Since sequence number refers to a byte count rather than a segment count,
sequence numbers in contiguous TCP segments are not numbered sequentially.
(4) Acknowledgment Number (32 bits)
This is used by the receiver to acknowledge the received data. It indicates the
sequence number of the next byte expected from the sender.
For example: On receiving a segment with sequence number X, the receiver
BCS052
Valid upto April 2016
sends back X+1 as the acknowledgement number. It defines the sequence
number which the receiver is expecting next.
(5) HLEN (Header Length: 4 bits)
It indicates the length of the TCP Header. The length of the TCP header can be
between 20 bytes to 60 bytes.
(6) Reserved (6 bits)
It is reserved for future use. The values set in this field must be zero.
(7) Control Flags (6 bits)
This field contains six different control flags that are used to control certain
aspects of the TCP connection such as connection establishment, connection
termination and flow control. The flags include:
(a) URG (Urgent Pointer): When this control flag is set, the ACK indicates that
the current segment contains urgent (or high priority) data and that the urgent
pointer field value is valid.
(b) ACK (Acknowledgement): When this control flag is set, it indicates that the
value contained in the acknowledgement number field is valid. It is usually set,
except during the first message during connection establishment.
(c) PSH (Push): It is used when the transmitting application want s to force TCO
to immediately transmit the data that is currently buffered to the application
without waiting for the buffer to fill.
(d) RST (Reset): When set, RST immediately terminates the process to process
TCP connection.
(e) SYN (Synchronize): It is set in initial segments used to establish a
connection, when a client sends request to the server by generating sequence
number.
(f) FIN (Finish): It is set to request normal termination of the TCP connection in
the direction this segment is travelling. Complete closure of the connection
requires one FIN segment in each direction.
(8) Window Size (16 bits)
This field is used for flow control the segments. It determines the size of the
window of the other party must maintain to receive the segments. It is basically
the number of transmitted bytes that the receiver of the segment is willing to
accept from the sender.
(9) Checksum (16 bits)
It provides bit error detection for the segment (including the header and data).
(10) Urgent Pointer (16 bits)
This field is used in situations when the segment contains urgent data. It indicates
the position of the first octet of non-printing data in the segment.
(11) Options
This field contains 40 bytes of optional information about connection
BCS052
Valid upto April 2016
establishment. For example: SACK option which stands for Selective
Acknowledgement. It allows out of sequence segments to be accepted by a
receiver.
When an interactive hits the DEL or CTRL-C key to break-off a remote
computation that has already begun, the sending application puts some control
information in the data stream and gives it to TCP along with the URGENT flag.
This even causes TCP to stop accumulating data and transmit everything it has
for that connection immediately.
The receiving application is interrupted so it can stop whatever it was doing so
that it can read the data stream to find the urgent data.
(b) What do you understand by a domain name? How is a domain name
translated to an equivalent IP address?
In its most simple definition, a domain name is a unique name that serves as an
identifier for a website. This name, commonly known as a Web address, is how
websites across the World Wide Web are accessed. It is done by either physically
entering the address into a browser's address bar or by clicking on a link or
hyperlink that is embedded in a webpage, email address, or other resource. All
domain names end with a suffix, the trailing .es, .org, .net, and so forth, that
serves as an indication of what type of website the address belongs to, or in some
cases, a country code that indicates the website's general geographic locality. On
a final note, whenever a website is accessed, a service that is referred to as a
Domain Name Service (DNS), silently and dynamically translates the domain
name into an IP address, the actual address that computers use to identify and
communicate with each other.
Translating a domain name to IP address is handled by a Domain Name Service
(DNS). They map domain names to IP addresses that are stored in a database.
Networked computers use IP addresses to effectively communicate with and
identify each other. Domain names were created so that humans, applications,
and singular computers do not have to be concerned with trying to remember IP
addresses. For a domain name to function, it has to be mapped through a process
known as DNS name resolution, and it is simply a DNS server taking a name,
matching it with an IP number, and then returning a resource to the requesting
client. Additional information about domain names, IP addresses, DNS, their
purpose and how they all work together, follows.
7. (a) List the protocols presently supported by Intranet and explain the use
of each protocol in Intranet administration.
HTTPd
It stands for HTTP daemon. A daemon is a UNIX background process
that implements the server side of a protocol. For example, FTPd is the
BCS052
Valid upto April 2016
File Transfer Protocol daemon. HTTP daemon, a software program that
runs in the background of a Web server and waits for incoming server
requests. The daemon answers the requests automatically and serves the
hypertext and multimedia documents over the Internet using HTTP.
HTTPd is the program you would run on a UNIX platform to establish a
web server. Daemons are unique to UNIX on other platforms, such as
Microsoft Windows NT, the web server is a background process
implemented as a system service.
SOCKS
SOCKS is an Intranetprotocol that facilitates the routing of network
packets between client–server applications via a proxy server. SOCKS
perform at Layer 5 of the OSI model—the Session Layer Port 1080 is
the well-known port designated for the SOCKS server.
The SOCKS5 protocol was originally a security protocol that made
firewalls and other security products easier to administer. It was
approved by the IETF in 1996. The protocol was developed in
collaboration with Aventail Corporation, which markets the technology
outside of Asia.
#ARP / RARP (Address resolution protocol & Reverse Address
resolution Protocol):- It is a basic communication protocol that is used
to identify IP address if physical address is known. It is used by
networking equipment.
It obtains the MAC address for requesting device. It is also used to
translate MAC address to IP address & vice-versa.
The Address Resolution Protocol uses a simple message format that
contains one address resolution request or response. The size of the
ARP message depends on the upper layer and lower layer address sizes,
which are given by the type of networking protocol (usually IPv4) in
use and the type of hardware or virtual link layer that the upper layer
protocol is running on. The message header specifies these types, as
well as the size of addresses of each. The message header is completed
with the operation code for request (1) and reply (2). The payload of the
packet consists of four addresses, the hardware and protocol address of
the sender and receiver hosts.
BCS052
Valid upto April 2016
#SSLSecure Socket Layer (SSL), are cryptographic protocols that
provide security for communications over networks such as the Internet.
TLS and SSL encrypt the segments of network connections at the
Transport Layer end-to-end.
Several versions of the protocols are in widespread use in applications
like web browsing, electronic mail, Internet faxing, instant messaging
and voice-over-IP (VoIP).
# SSH Secure Shell or SSH is a network protocol that allows data to
be exchanged using a secure channel between two networked devices.
Used primarily on GNU/Linux and Unix based systems to access shell
accounts, SSH was designed as a replacement for Telnet and other
insecure remote shells, which send information, notably passwords, in
plaintext, rendering them susceptible to packet analysis. The encryption
used by SSH provides confidentiality and integrity of data over an
insecure network, such as the Internet.
#RSH The remote shell (rsh) is a command linecomputer program
that can execute shell commands as another user, and on another
computer across a computer network.
The remote system to which rsh connects runs the rshddaemon. The
rshd daemon typically uses the well-knownTransmission Control
Protocol (TCP) port number 514.
(b) How many networks can each IP address class (A, B and C) can have?
Calculate and justify your answer using a suitable example for each.
Class A Address
The first bit of the first octet is always set to 0 (zero). Thus the first octet ranges
from 1 – 127, i.e.
Class A addresses only include IP starting from 1.x.x.x to 126.x.x.x only. The IP
range 127.x.x.x is reserved for loopback IP addresses.
The default subnet mask for Class A IP address is 255.0.0.0 which implies that
Class A addressing can have 126 networks (27-2) and 16777214 hosts (2242).Class A IP address formatisthus:
0NNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH
BCS052
Valid upto April 2016
Class B Address
An IP address which belongs to class B has the first two bits in the first octet set
to 10, i.e.
Class B IP Addresses range from 128.0.x.x to 191.255.x.x. The default subnet
mask for Class B is 255.255.x.x.
Class B has 16384 (214) Network addresses and 65534 (216-2) Host addresses.
Class B IP address format is:
10NNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH
Class C Address
The first octet of Class C IP address has its first 3 bits set to 110, that is:
Class C IP addresses range from 192.0.0.x to 223.255.255.x. The default subnet
mask for Class C is 255.255.255.x.
Class C gives 2097152 (221) Network addresses and 254 (28-2) Host addresses.
Class C IP address format is:
110NNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH
8. (a) What is the purpose of DNS? What is the function of a secondary or
tertiary DNS server? In which case will the lookups be transferred to
additional DNS servers?
DNS
Stands for "Domain Name System." Domain names serve as memorable names
forwebsites and other services on the Internet. However, computers access
Internet devices by their IP addresses. DNS translates domain names into IP
addresses, allowing you to access an Internet location by its domain name.
Thanks to DNS, you can visit a website by typing in the domain name rather than
the IP address. For example, to visit the Tech Terms Computer Dictionary, you
can simply type "techterms.com" in the address bar of your web browser rather
than the IP address (67.43.14.98). It also simplifies email addresses, since DNS
translates the domain name (following the "@" symbol) to the appropriate IP
address.
The major point in having a secondary DNS server is as backup in the event the
primary DNS server handling your domain goes down. In this case, your server
would be still up, and so without having a backup, nobody could get to your
server possibly costing you lots of lost customers (i.e. REAL MONEY).
BCS052
Valid upto April 2016
A secondary DNS server is always up, and ready to serve. It can help balance the
load on the network as there are now more than one authoritative place to get
your information. Updates are generally performed automatically from the
master DNS. Thus it is an exact clone of the master.
Generally a DNS server contains more information than just a single server, it
might contain mail routing information, information for many many hosts, mail
spam keys, etc. So resiliency and redundancy are of DEFINITE benefit to
domain holders.
(b) What are the NTFS, FAT, HPFS file systems?
FAT
The most common file system in the PC world is actually a family of file
systems. The basic name for this file system is FAT; the name comes from one of
the main logical structures that the file system uses: the file allocation table. This
file system is the one that was used by DOS on the first IBM PCs, and it became
the standard for the PCs that followed.
Advantages of FAT
It is not possible to perform an undelete under Windows NT on any of the
supported file systems. Undelete utilities try to directly access the hardware,
which cannot be done under Windows NT. However, if the file was located on a
FAT partition, and the system is restarted under MS-DOS, the file can be
undeleted. The FAT file system is best for drives and/or partitions under
approximately 200 MB, because FAT starts out with very little overhead.
Disadvantages of FAT
• As the size of the volume increases, performance with FAT will quickly
decrease.
• It is not possible to set permissions on files that are FAT partitions.
• FAT partitions are limited in size to a maximum of 4 Gigabytes (GB) under
Windows NT and 2 GB in MS-DOS.
HPFS
Under HPFS, directory entries hold more information than under FAT. As well
as the attribute file, this includes information about the modification, creation,
and access date and times. Instead of pointing to the first cluster of the file, the
directory entries under HPFS point to the FNODE. The FNODE can contain the
file's data, or pointers that may point to the file's data or to other structures that
will eventually point to the file's data. HPFS attempts to allocate as much of a file
in contiguous sectors as possible. This is done in order to increase speed when
BCS052
Valid upto April 2016
doing sequential processing of a file. HPFS organizes a drive into a series of 8
MB bands, and whenever possible a file is contained within one of these bands.
Between each of these bands are 2K allocation bitmaps, which keep track of
which sectors within a band have and have not been allocated. Banding increases
performance because the drive head does not have to return to the logical top
(typically cylinder 0) of the disk, but to the nearest band allocation bitmap to
determine where a file is to be stored.
Advantages of HPFS
HPFS is best for drives in the 200-400 MB range.
Disadvantages of HPFS
Because of the overhead involved in HPFS, it is not a very efficient choice for a
volume of under approximately 200 MB. In addition, with volumes larger than
about 400 MB, there will be some performance degradation. You cannot set
security on HPFS under Windows NT. HPFS is only supported under Windows
NT versions 3.1, 3.5, and 3.51. Windows NT 4.0 cannot access HPFS partitions.
NTFC
NTFS is a much more complex and capable file system than any of the FAT
family of file systems. It was designed with the corporate and business
environment in mind; it is built for networking and with the goals of security,
reliability and efficiency. It includes many features, including file-by-file
compression, full permissions control and attribute settings, support for very
large files, and transaction-based operation. It also does not have the problems
with cluster sizes and hard disk size limitations that FAT does, and has other
performance-enhancing features such as RAID support. Its most significant
drawbacks are increased complexity, and less compatibility with other operating
systems compared to FAT. The NTFS file system actually has more than one
version. The one used by Windows NT is commonly called either version 1.1 or
version 4.0, and has a few less features than the newer NTFS 5.0 used by
Windows 2000.
The goals of NTFS are to provide:
• Reliability, which is especially desirable for high end systems and file servers
• A platform for added functionality
• Support POSIX requirements
• Removal of the limitations of the FAT and HPFS file systems
Advantages of NTFS
NTFS is best for use on volumes of about 400 MB or more. This is because
performance does not degrade under NTFS, as it does under FAT, with larger
BCS052
Valid upto April 2016
volume sizes. The recoverability designed into NTFS is such that a user should
never have to run any sort of disk repair utility on an NTFS partition.