CN 4340703 Gtu Questionpaper Solution

Download as pdf or txt
Download as pdf or txt
You are on page 1of 67

UNIT 1 Basics of Computer Network

Q-1: Explain characteristics of computer network.

 Communication speed
Network provides us to communicate over the network in a fast and efficient manner.

 File sharing
File sharing is one of the major advantages of the computer network. Computer network provides us to
share the files with each other.

 Back up and Roll back is easy


Since the files are stored in the main server which is centrally located. Therefore, it is easy to take the
back up from the main server.
 Software and Hardware sharing

We can install the applications on the main server; therefore, the user can access the applications
centrally. So, we do not need to install the software on every machine. Similarly, hardware can also be
shared

 Security

Network allows the security by ensuring that the user has the right to access the certain files and
applications.

 Scalability

Scalability means that we can add the new components on the network. Network must be scalable so that
we can extend the network by adding new devices. But, it decreases the speed of the connection and data
of the transmission speed also decreases, this increases the chances of error occurring. This problem can
be overcome by using the routing or switching devices.

 Reliability

Computer network can use the alternative source for the data communication in case of any hardware
failure.

Q-2 What is proxy server? Write its two Advantage and Disadvantage.

proxy server
 A proxy server is which service the requests of its client by forwarding requests to other server
 A client connects to the proxy server requesting some service such as file connection, webpage, or
other resource available from a different server.
 A proxy server provides the resource by connecting to the specified server and requesting the service
on behalf of the client.
 A server that sits between a client application such as a web browser and a real server.
 Proxy server is a computer that acts as getaway between a local network and internet with in company
 Advantage
 Provide a fast internet experience
 Reduce the bandwidth consumed over the internet link
 Disadvantage
 Not cost effective for low bandwidth internet use.
 Can be sticky setup

Q-3 Explain BUS, STAR and RING Topology.

 Bus Topology:

 In this arrangement, the nodes (computers) are connected through interface connectors to a single
communication line (central cable) that carries the message in both the directions.
 The central cable to which all the nodes are connected is the backbone of the network. It is called a
bus.

 The signal in this arrangement travels in both directions to all the machines until it finds the recipient
machine.
 It is easy to set up than other topologies as it uses only a single central cable to establish the network.

 Advantages:

 Configuration of the network is easy.


 Less costly because a single cable is used to connect all nodes.
 The Bus topology supports a maximum of 10 Mbps speed by using the network's coaxial or twisted pair
cables.

 Disadvantages

 Due to the multipoint communication model, it is difficult to identify and isolate the faulty terminals.
 The reconfiguration will affect the network and slows down the performance.
 Signal interference is another drawback of the bus topology; if two or more nodes transmit the messages
simultaneously, their signals will collide.
 A single node failure also causes the breakdown of the whole network.

 Star Topology

 in Star Topology, all the devices are connected to a single hub through a cable.
 This hub is the central node and all other nodes are connected to the central node.
 The hub can be passive in nature
 Coaxial cables or RJ-45 cables are used to connect the computers.

Passive hub: - passive hub not amplify received signal but it is forwarded that signal as it is. And passive
hub does not required electric power

Active hub: active hub amplify the received signal and forwarded to that signal next device active required
the electrical power to run. active also called multiport repeater.

 Advantages of star topology

 Centralized management of the network through the use of the central computer, hub, or switch.
 Easy to add another computer to the network.
 If one computer on the network fails, the rest of the network continues to function normally.
 Disadvantages of star topology

 It may have a higher cost to implement, especially when using a switch or router as the central network
device.
 The central network device determines the performance and number of nodes the network can handle.
 If the central computer, hub, or switch fails, the entire network goes down, and all computers are
disconnected from the network.

 Ring Topology

 In a ring topology, each node is linked with its neighbor to form a closed network.
 This configuration see the data move from one node to another, either unidirectionally or bidirectionally.
 Such network topology is used in smaller networks, like those in schools.
 Token passing is a method of sending data in ring which system has token then server send packet to that
system. After completion of data transfer token passing to another device those system want to transfer
data it wait for token.

 Advantages
 The data transmission is high-speed.
 The possibility of collision is minimum in this type of topology.
Cheap to install and expand.
It is less costly than a star topology.
 Disadvantage
 The failure of a single node in the network can cause the entire network to fail.
 Troubleshooting is difficult in this topology.
 The addition of stations in between or the removal of stations can disturb the whole topology.
 Less secure.

Q-4 List the types of networks. Explain any one type in detail.

Depending up on geographical area computer network classified as

1.LAN (local area network)


2.MAN (Metropolitan area Network)
3.WAN (Wireless area Network)

1.LAN (Local Area Network)

 A local area network may be a wired or wireless network or a combination of both.


 A LAN is a network that is use for communicating among the computer device usually efficient within an
office building or home.
 It allows user to share devices like printer and other network resources
 The ownership of LAN is generally private.
 Transfer the data at high speed approximately 1mbps to 1000 mbps.
 It is covered very less geographical area. (up to few kilo meters)
 LAN Have lower error rate.
 LAN Technology is less expensive.

 Features of LAN

 The network size is small, which consists of only a few kilometers.


 The data transmission rate is high, ranging from 100 Mbps to 1000 Mbps.
 LAN is included in bus, ring, mesh, and star topologies.
 Some network devices connected to the LAN will be limited.
 If more devices are added than prescribed network may fail.

 Advantage of LAN

 It offers a higher operating speed than WAN and MAN.


 It is less expensive and easy to install and maintain.
 It perfectly fulfills the requirement of a specific organization, such as an office, school, etc.
 It can be wired or wireless or a combination of both.
 It is more secure than other networks as it is a small set up that can be easily taken care of it.

Q-5 Define Computer Network. List out all its applications.

Define network
A network is a group of two or more computers or other electronic devices that are interconnected for the purpose
of exchanging data and sharing resources

Computer Network
Computer network define as two or more computer are connected each other for sharing information or data is
called computer network

Computer network establish two ways


1.Wired Computer Network
2.Wireless Computer Network

 Application of Computer Network

1. Resource Sharing

Resource sharing is an application of a computer network. Resource sharing means you can share one Hardware
and Software among multiple users. Hardware includes printers, Disks, Fax Machines, etc. Computing devices.
And Software includes Atom, Oracle VM Virtual Box, Postman, Android Studio, etc.

2. Information Sharing

Using a Computer network, we can share Information over the network, and it provides Search capabilities such
as WWW. Over the network, a single information can be shared among the many users over the internet.
3. Communication

Communication includes email, calls, message broadcast, electronic funds transfer system etc.

4. Entertainment Industry
In Entertainment industry also uses computer networks widely. Some of the Entertainment industries are Video
on demand, Multiperson real-time simulation games, movie/TV programs, etc.

5. Access to Remote Databases


Computer networks allow us to access the Remote Database of the various applications by the end-users. Some
applications are Reservation for Hotels, Airplane Booking, Home Banking, Automated Newspaper, Automated
Library etc.

6. Home applications
There are many common uses of the computer network are as home applications. For example, you can consider
user-to-user communication, access to remote instruction, electronic commerce, and entertainment. Another way
is managing bank accounts, transferring money to some other banks, paying bills electronically. A computer
network arranges a robust connection mechanism between users.

7. Business applications
The result of business application here is resource sharing. And the purpose of resource sharing is that without
moving to the physical location of the resource, all the data, plans, and tools can be shared to any network user.
Most of the companies are doing business electronically with other companies and with other clients worldwide
with the help of a computer network.

8. Mobile users
The rapidly growing sectors in computer applications are mobile devices like notebook computers and PDAs
(personal digital assistants). Here mobile users/device means portable device. The

computer network is widely used in new-age technology like smartwatches, wearable devices, tablets, online
transactions, purchasing or selling products online, etc.

9. Social media
Social media is also a great example of a computer network application. It helps people to share and receive any
information related to political, ethical, and social issues.

Q-6 Compute no of cables required to connect 8 computers using Mesh topology and Ring topology.

ANS:

 Calculation for Mesh Topology

here n is no of node(computers) that is 8


so, no of cables required for mesh = n(n-1)/2

= 8(8-1)/2

= 28 cables required for mesh topology.

 Calculation for ring Topology

According to structure of ring topology no. of cable required equal to no of nodes or computers
Here 8 computers is given.
So, here n = no of computer
n= 8
So, there 8 cables required for ring topology

Q-7 Define server. List out various type of servers and explain any two in detail

 Definition of Server
A server is a computer or system that provides resources, data, services, or programs to other computers,
known as clients, over a network. In theory, whenever computers share resources with client machines,
they are considered servers. There are many types of servers, including web servers, mail servers, and
virtual servers.

 Types of Server
1. File server
2. Print server
3. Mail server
4. Web server
5. Proxy server

1.File server
 The central server in a computer network that is responsible for the storage and management of data
files is called a File Server.
 In a File Server, users access a central storage space that acts as a medium to store the internal data. The
users can share information over a network without having to physically transfer files.

 The server administrator has given strict rules that which users have the access to the files. These rules
include opening, closing, adding, deleting, and editing a file.

 Advantages:
 Helps in resource and information sharing.
 Helps in central storage of data.
 Helps in connecting with multiple computers for sending and receiving information when accessing
the network.
 Faster-problem-solving.
 Boots Storage Capacity.
 Highly flexible and reliable.
 Disadvantages:
 Costly setup.
 The risk from viruses and malware.
 It lacks independence.
 Requires time for constant administration.
 It lacks Robustness.

2.proxy server
 A proxy server is which service the requests of its client by forwarding requests to other server
 A client connects to the proxy server requesting some service such as file connection, webpage, or
other resource available from a different server.
 A proxy server provides the resource by connecting to the specified server and requesting the service
on behalf of the client.
 A server that sits between a client application such as a web browser and a real server.
 Proxy server is a computer that acts as getaway between a local network and internet with in company

 Advantage
 Provide a fast internet experience
 Reduce the bandwidth consumed over the internet link
 Disadvantage
 Not cost effective for low bandwidth internet use.
 Can be sticky setup

Q-8 Compare LAN, MAN & WAN in detail.

Q-9 What is file server? Write its two applications.

1.File server
 The central server in a computer network that is responsible for the storage and management of data
files is called a File Server.
 In a File Server, users access a central storage space that acts as a medium to store the internal data. The
users can share information over a network without having to physically transfer files.

 The server administrator has given strict rules that which users have the access to the files. These rules
include opening, closing, adding, deleting, and editing a file.

 Advantages:
 Helps in resource and information sharing.
 Helps in central storage of data.
 Helps in connecting with multiple computers for sending and receiving information when accessing
the network.
 Faster-problem-solving.
 Boots Storage Capacity.
 Highly flexible and reliable.
 Disadvantages:
 Costly setup.
 The risk from viruses and malware.
 It lacks independence.
 Requires time for constant administration.
 It lacks Robustness.

Q-10 Explain line configuration in detail.

A network is two or more devices connected through a link. A link is a communication pathway that
transfers data from one device to another. Devices can be a computer, printer, or any other device that
is capable to send and receive data.

1. Point-to-Point Connection
2. Multipoint Connection

 Point-to-Point Connection:
1. A point-to-point connection provides a dedicated link between two devices.
2. The entire capacity of the link is reserved for transmission between those two devices.
3. Most point-to-point connections use an actual length of wire or cable to connect the two ends, but
other options such as microwave or satellite links are also possible.

point to point connection


Example: Point-to-Point connection between the remote control and Television for changing the
channels.
There are three types of point-to-point connection
a. Unicasting
b. Multicasting
c. Broad casting

a. Unicasting: In Unicasting, the data traffic flows from a single source node to a single destination
node on the network. It is a 'one-to-one' type of data transmission between the sender and receiver.

b) multicasting: Multicast is a kind of transmission type in which a single source communicates a


message to a group of devices.
c. Broad Casting: Broadcasting is a transmission type in which the data traffic flow from a single
source to all the devices on the network.

2.Multipoint connection

1. It is also called Multidrop configuration. In this connection, two or more devices share a single link.
2. If more than two devices share the link then the channel is considered a ‘shared channel’.

A B

Multi point link


B
Unit 2 Reference Model for Network Communication
Q-1 Give difference between TCP/IP and OSI reference model.

 Differences between OSI Model and TCP/IP Model


Parameters OSI Model TCP/IP Model

Full Form OSI stands for Open Systems TCP/IP stands for Transmission
Interconnection. Control Protocol/Internet Protocol.

Layers It has 7 layers. It has 4 layers.

Usage It is low in usage. It is mostly used.

Approach It is vertically approached. It is horizontally approached.

Delivery Delivery of the package is Delivery of the package is not


guaranteed in OSI Model. guaranteed in TCP/IP Model.

Replacement Replacement of tools and changes Replacing the tools is not easy as it is
can easily be done in this model. in OSI Model.

Reliability It is less reliable than TCP/IP Model. It is more reliable than OSI Model.
Q-2 Draw OSI reference model. Give functionality of each layer of the OSI model.

If we go from bottom to top the 7 layers of this model are as given below
1. Physical Layer
2. Data Link Layer
3. Network Layer
4. Transport Layer
5. Session Layer
6. Presentation Layer
7. Application Layer

1. Physical Layer

 The lowest layer of the OSI reference model is the physical layer.
 It is responsible for the actual physical connection between the devices.
 The physical layer contains information in the form of bits.
 It is responsible for transmitting individual bits from one node to the next.
 When receiving data, this layer will get the signal received and convert it into 0s and 1s and send them
to the Data Link layer

 Functions of the Physical Layer

 Bit synchronization: The physical layer provides the synchronization of the bits by providing a clock.
This clock controls both sender and receiver thus providing synchronization at the bit level.
 Bit rate control: The Physical layer also defines the transmission rate i.e. the number of bits sent per second.
 Physical topologies: Physical layer specifies how the different, devices/nodes are arranged in a network i.e.
bus, star, or mesh topology.
 Transmission mode: Physical layer also defines how the data flows between the two connected devices.
The various transmission modes possible are simplex, half-duplex and full-duplex.

2. Data link layer


 The data link layer is responsible for the node-to-node delivery of the message.
 The main function of this layer is to make sure data transfer is error-free from one node to another, over
the physical layer.
 When a packet arrives in a network, it is the responsibility of the DLL to transmit it to the Host using its
MAC address.

The Data Link Layer is divided into two sub layers:


1. Logical Link Control (LLC)
2. Media Access Control (MAC)

The packet received from the Network layer is further divided into frames depending on the frame size of the
NIC(Network Interface Card). DLL also encapsulates Sender and Receiver’s MAC address in the header.
The Receiver’s MAC address is obtained by placing an ARP(Address Resolution Protocol) request onto the
wire asking “Who has that IP address?” and the destination host will reply with its MAC address.

Functions of the Data Link Layer

 Framing: Framing is a function of the data link layer. It provides a way for a sender to transmit a set of
bits that are meaningful to the receiver. This can be accomplished by attaching special bit patterns to the
beginning and end of the frame.
 Physical addressing: After creating frames, the Data link layer adds physical addresses (MAC addresses)
of the sender and/or receiver in the header of each frame.
 Error control: The data link layer provides the mechanism of error control in which it detects and
retransmits damaged or lost frames.
 Flow Control: The data rate must be constant on both sides else the data may get corrupted thus, flow
control coordinates the amount of data that can be sent before receiving an acknowledgment.
 Access control: When a single communication channel is shared by multiple devices, the MAC sub-layer
of the data link layer helps to determine which device has control over the channel at a given time.

3. Network Layer
 The network layer works for the transmission of data from one host to the other located in different
networks.
 It also takes care of packet routing i.e. selection of the shortest path to transmit the packet, from the
number of routes available.
 The sender & receiver’s IP addresses are placed in the header by the network layer.

Functions of the Network Layer

 Routing: The network layer protocols determine which route is suitable from source to destination. This
function of the network layer is known as routing.
 Logical Addressing: To identify each device on Internetwork uniquely, the network layer defines an
addressing scheme. The sender & receiver’s IP addresses are placed in the header by the network layer.
Such an address distinguishes each device uniquely and universally.

4. Transport Layer
 The transport layer provides services to the application layer and takes services from the network layer.
 The data in the transport layer is referred to as Segments.
 It is responsible for the End to End Delivery of the complete message.
 The transport layer also provides the acknowledgment of the successful data transmission and re-
transmits the data if an error is found.
At the sender’s side: The transport layer receives the formatted data from the upper layers,
performs Segmentation, and also implements Flow & Error control to ensure proper data transmission. It
also adds Source and Destination port numbers in its header and forwards the segmented data to the Network
Layer.

Functions of the Transport Layer

 Segmentation and Reassembly: This layer accepts the message from the (session) layer, and breaks the
message into smaller units. Each of the segments produced has a header associated with it. The transport
layer at the destination station reassembles the message.
 Service Point Addressing: To deliver the message to the correct process, the transport layer header
includes a type of address called service point address or port address. Thus by specifying this address, the
transport layer makes sure that the message is delivered to the correct process.
Services Provided by Transport Layer
1. Connection-Oriented Service
2. Connectionless Service
1. Connection-Oriented Service: It is a three-phase process that includes
 Connection Establishment
 Data Transfer
 Termination/disconnection
In this type of transmission, the receiving device sends an acknowledgment, back to the source after a packet
or group of packets is received. This type of transmission is reliable and secure.
2. Connectionless service: It is a one-phase process and includes Data Transfer. In this type of transmission,
the receiver does not acknowledge receipt of a packet. This approach allows for much faster communication
between devices. Connection-oriented service is more reliable than connectionless Service.

5. Session Layer
This layer is responsible for the establishment of connection, maintenance of sessions, and authentication, and
also ensures security.

Functions of the Session Layer

 Session establishment, maintenance, and termination: The layer allows the two processes to
establish, use and terminate a connection.
 Synchronization: This layer allows a process to add checkpoints that are considered synchronization
points in the data. These synchronization points help to identify the error so that the data is re-
synchronized properly, and ends of the messages are not cut prematurely and data loss is avoided.
 Dialog Controller: The session layer allows two systems to start communication with each other in
half-duplex or full-duplex.

6. Presentation Layer
The presentation layer is also called the Translation layer. The data from the application layer is extracted here
and manipulated as per the required format to transmit over the network.

Functions of the Presentation Layer

 Translation: For example, ASCII to EBCDIC.


 Encryption/ Decryption: Data encryption translates the data into another form or code. The encrypted
data is known as the cipher text and the decrypted data is known as plain text. A key value is used for
encrypting as well as decrypting data.
 Compression: Reduces the number of bits that need to be transmitted on the network.

7. Application Layer
At the very top of the OSI Reference Model stack of layers, we find the Application layer which is implemented
by the network applications. These applications produce the data, which has to be transferred over the network.
This layer also serves as a window for the application services to access the network and for displaying the
received information to the user.
Example: Application – Browsers, Skype Messenger, etc.
Q-3 Give comparisons of connection oriented and connection less service.
OR
Give the comparisons between TCP and UDP.

NO Connection-oriented Service Connection-less Service

Connection-oriented service is related to the Connection-less service is related to the


1. telephone system. postal system.

Connection-oriented service is preferred by long and Connection-less Service is preferred by


2. steady communication. bursty communication.

3. Connection-oriented Service is necessary. Connection-less Service is not compulsory.

4. Connection-oriented Service is feasible. Connection-less Service is not feasible.

In connection-oriented Service, Congestion is not In connection-less Service, Congestion is


5. possible. possible.

Connection-oriented Service gives the guarantee of Connection-less Service does not give a
6. reliability. guarantee of reliability.

In connection-oriented Service, Packets follow the In connection-less Service, Packets do not


7. same route. follow the same route.

Connection-oriented services require a bandwidth of Connection-less Service requires a bandwidth


8. a high range. of low range.

9. Ex: TCP (Transmission Control Protocol) Ex: UDP (User Datagram Protocol)

Connection-less Service does not require


Connection-oriented requires authentication.
10. authentication.
Q-4 Explain TCP/IP model with function of each layer.

 TCP/IP model
o he TCP/IP model was developed prior to the OSI model.
o The TCP/IP model is not exactly similar to the OSI model.
o The TCP/IP model consists of five layers: the application layer, transport layer, network layer, data link
layer and physical layer.
o The first four layers provide physical standards, network interface, internetworking, and transport
functions that correspond to the first four layers of the OSI model and these four layers are represented
in TCP/IP model by a single layer called the application layer.
o TCP/IP is a hierarchical protocol made up of interactive modules, and each of them provides specific
functionality.

Here, hierarchical means that each upper-layer protocol is supported by two or more lower-level protocols.

 Functions of TCP/IP layers:

 Network Access Layer


o A network layer is the lowest layer of the TCP/IP model.
o A network layer is the combination of the Physical layer and Data Link layer defined in the OSI
reference model.
o It defines how the data should be sent physically through the network.
o This layer is mainly responsible for the transmission of the data between two devices on the same
network.
o The functions carried out by this layer are encapsulating the IP datagram into frames transmitted by the
network and mapping of IP addresses into physical addresses.
o The protocols used by this layer are ethernet, token ring, FDDI, X.25, frame relay.

 Internet Layer
o An internet layer is the second layer of the TCP/IP model.
o An internet layer is also known as the network layer.
o The main responsibility of the internet layer is to send the packets from any network, and they arrive at
the destination irrespective of the route they take.

Following are the protocols used in this layer are:

o IP Protocol: IP protocol is used in this layer, and it is the most significant part
o of the entire TCP/IP suite.

Following are the responsibilities of this protocol:

o IP Addressing: This protocol implements logical host addresses known as IP addresses. The IP
addresses are used by the internet and higher layers to identify the device and to provide internetwork
routing.
o Host-to-host communication: It determines the path through which the data is to be transmitted.
o Data Encapsulation and Formatting: An IP protocol accepts the data from the transport layer protocol.
An IP protocol ensures that the data is sent and received securely, it encapsulates the data into message
known as IP datagram.
o Fragmentation and Reassembly: The limit imposed on the size of the IP datagram by data link layer
protocol is known as Maximum Transmission unit (MTU). If the size of IP datagram is greater than the
MTU unit, then the IP protocol splits the datagram into smaller units so that they can travel over the
local network. Fragmentation can be done by the sender or intermediate router. At the receiver side, all
the fragments are reassembled to form an original message.
o Routing: When IP datagram is sent over the same local network such as LAN, MAN, WAN, it is known
as direct delivery. When source and destination are on the distant network, then the IP datagram is sent
indirectly. This can be accomplished by routing the IP datagram through various devices such as routers.

ARP Protocol

o ARP stands for Address Resolution Protocol.


o ARP is a network layer protocol which is used to find the physical address from the IP address.
o The two terms are mainly associated with the ARP Protocol:
o ARP request: When a sender wants to know the physical address of the device, it broadcasts the
ARP request to the network.
o ARP reply: Every device attached to the network will accept the ARP request and process the
request, but only recipient recognize the IP address and sends back its physical address in the
form of ARP reply. The recipient adds the physical address both to its cache memory and to the
datagram header

ICMP Protocol

o ICMP stands for Internet Control Message Protocol.


o It is a mechanism used by the hosts or routers to send notifications regarding datagram problems back
to the sender.
o A datagram travels from router-to-router until it reaches its destination. If a router is unable to route the
data because of some unusual conditions such as disabled links, a device is on fire or network
congestion, then the ICMP protocol is used to inform the sender that the datagram is undeliverable.
o An ICMP protocol mainly uses two terms:
o ICMP Test: ICMP Test is used to test whether the destination is reachable or not.
o ICMP Reply: ICMP Reply is used to check whether the destination device is responding or not.
o The core responsibility of the ICMP protocol is to report the problems, not correct them. The
responsibility of the correction lies with the sender.
o ICMP can send the messages only to the source, but not to the intermediate routers because the IP
datagram carries the addresses of the source and destination but not of the router that it is passed to.

 Transport Layer
The transport layer is responsible for the reliability, flow control, and correction of data which is being sent
over the network.
The two protocols used in the transport layer are User Datagram protocol and Transmission control
protocol.

o User Datagram Protocol (UDP)

It provides connectionless service and end-to-end delivery of transmission.

It is an unreliable protocol as it discovers the errors but not specify the error.

User Datagram Protocol discovers the error, and ICMP protocol reports the error to the sender that user
datagram has been damaged.

UDP consists of the following fields:


Source port address: The source port address is the address of the application program that has created the
message.
Destination port address: The destination port address is the address of the application program that
receives the message.
Total length: It defines the total number of bytes of the user datagram in bytes.
Checksum: The checksum is a 16-bit field used in error detection.

UDP does not specify which packet is lost. UDP contains only checksum; it does not contain any ID of a data
segment.

Transmission Control Protocol (TCP)

It provides a full transport layer services to applications.

It creates a virtual circuit between the sender and receiver, and it is active for the duration of the transmission.

TCP is a reliable protocol as it detects the error and retransmits the damaged frames. Therefore, it ensures all
the segments must be received and acknowledged before the transmission is considered to be completed and a
virtual circuit is discarded.
At the sending end, TCP divides the whole message into smaller units known as segment, and each segment
contains a sequence number which is required for reordering the frames to form an original message.

At the receiving end, TCP collects all the segments and reorders them based on sequence numbers.

 Application Layer
o An application layer is the topmost layer in the TCP/IP model.
o It is responsible for handling high-level protocols, issues of representation.
o This layer allows the user to interact with the application.
o When one application layer protocol wants to communicate with another application layer, it forwards
its data to the transport layer.
o There is an ambiguity occurs in the application layer. Every application cannot be placed inside the
application layer except those who interact with the communication system. For example: text editor
cannot be considered in application layer while web browser using HTTP protocol to interact with the
network where HTTP protocol is an application layer protocol.

Following are the main protocols used in the application layer:

o HTTP: HTTP stands for Hypertext transfer protocol. This protocol allows us to access the data over the
world wide web. It transfers the data in the form of plain text, audio, video. It is known as a Hypertext
transfer protocol as it has the efficiency to use in a hypertext environment where there are rapid jumps
from one document to another.
o SNMP: SNMP stands for Simple Network Management Protocol. It is a framework used for managing
the devices on the internet by using the TCP/IP protocol suite.
o SMTP: SMTP stands for Simple mail transfer protocol. The TCP/IP protocol that supports the e-mail is
known as a Simple mail transfer protocol. This protocol is used to send the data to another e-mail
address.
o DNS: DNS stands for Domain Name System. An IP address is used to identify the connection of a host
to the internet uniquely. But, people prefer to use the names instead of addresses. Therefore, the system
that maps the name to the address is known as Domain Name System.
o TELNET: It is an abbreviation for Terminal Network. It establishes the connection between the local
computer and remote computer in such a way that the local terminal appears to be a terminal at the
remote system.

FTP: FTP stands for File Transfer Protocol. FTP is a standard internet protocol used for transmitting
the files from one computer to another computer.
Q-5 List out full forms of OSI, TCP/IP and ISO, UDP.FTP, LAN.WAN.MAN, HTTP,
SNMP,SMTP,DNS,ARP,RARP,ICMP
OSI: - open system Interconnection
TCP/IP: Transmission control protocol/internet Protocol
ISO: international Standard Organization
UDP: - User Datagram protocol
FTP: File transfer protocol
LAN: local Area Network
WAN: Wide Area Network
MAN; Metropolitan Area Network
HTTP: Hypertext transfer protocol
SNMP: Simple Network Management Protocol
SMTP: Simple mail transfer protocol
DNS: Domain Name System.
ARP: Address Resolution Protocol.

RARP: Reverse Address Resolution Protocol.

ICMP: Internet Control Message Protocol.

LLC: Logical link control


MAC: Media access control
IP: Internet protocol
UNIT 3 Transmission Media &Network devices
Q-1 List out various advantages and disadvantages of fiber optic cable

 Advantages of Fiber Optic Cable

 Fiber optic has several advantages over metallic cable:

 Higher bandwidth

 Less signal attenuation

 Immunity to electromagnetic interference

 Resistance to corrosive materials

 Light weight

 Greater immunity to tapping

 Disadvantages of Fiber Optic Cable


 Skill person required

 Installation and maintenance

 Unidirectional light propagation

 High Cost

Q-3 List out various advantages and disadvantages of Infrared waves.

 ADVANTAGES
1) Infrared transmission requires minimum power to operate and can be set up at a low cost.
2) This is a secure way to transfer data between devices as the signal cannot pass beyond a room or
chamber.

 DISADVANTAGES

1)The speed of data transfer in infrared is slow.

2) Infrared can be used for a small range distance.

3) Infrared signals are interpreted by objects and people.

4) These signals are impacted by weather conditions.

Q-4 Identify on which layer of OSI model bridge works? Explain Bridge in detail.

Bridges work at Datalink Layer of OSI model.

 BRIDGES

 Bridges work at Datalink Layer of OSI model.

 It is designed to connect two or more LAN segments.

 At layer 1, it is used to regenerate a signal.

 At layer 2, it is used to filter traffic on a LAN and to keep local traffic local and also allow
connectivityto other segments of the network.

 To provide security, it Filters traffic by looking at the MAC address and prevent unauthorized access.

 If the frame is addressed to a MAC address on the local side of the bridge, it is not
forwarded to theother segment. Frames having MAC addresses on the other segment only
are forwarded.

 Bridges maintain a MAC address table for both segments to which they are connected.
 Types of bridges:

1. Simple bridge:

● It links two segments only.

● It is having lowest cost among other types.

● It require manual updating of bridging table.

● Requires more time to maintain devices.

2. Multiport bridges:

● It links more then two segments.

● Three table are created , each stores physical address of stations


reachable throughcorresponding port.
3. Transparent Bridges:

 It builds its tables of physical station address on its own.

 It performs bridge functions by its own.

 Table is automatically built by frame movement in a network.

Q-5 Explain Repeater, Hub, Switch & router in detail

 REPEATERS

• Repeater is a Electronics device It works on physical layer of OSI model.


• The signal that carries information with in network can travel a fixed distance
• Repeaters clean, amplify, and resend signals that are weakened by long cable length.
• Repeaters installed in a network, receives weak signals and regenerates it to original strength to forward
refreshed copy on a link.
• They can Built-in to hubs or switches.
Repeaters does not amplify”-Justify.
 An amplifier cannot differentiate between original signal and noise signal.

Repeaters does not amplify the signal, it regenerates it. When it receives a signal affected by noise signal, it
creates a copy bit to its original strength

 Advantage of Repeaters
 Extend the network physical distance
 Do not seriously affect the performance of network
 Disadvantages Of Repeaters
 Cannot connect different network architectures
 Token Ring and Ethernet (Star)
 Cannot reduce network traffic
 Repeaters do not filter data
 Do not segment (divide) the network
 Repeat everything without discrimination
 Number of repeaters must be limited

 SWITCHES
 It works on Datalink layer of OSI model.
 It provides bridging with greater efficiency.
 They have buffer for each link to which it is connected
Switch

Switch sends
signal out to
Station A a single Port
Transmits
to Station C

Station Station B Station C


A

 Types of switches:
1. Store and Forward Switches:

 Do error checking on each frame after the entire frame has arrived into the switch.

 It stores the frame into buffer until whole packet arrives.

 The switch looks in its MAC address table for the port to which to forward the destination device.

 Highly reliable because doesn’t forward bad frames.


 Slower than other types of switches because it holds on to each frame until it is completely for
errors before forwarding

2. Cut Through Switches:

 Faster than store and forward because does not

 perform error checking on frames.

 It Forwards bad frames too.

 Reads address information for each frame as the frames enter the switch.

 After looking up the port of the destination device, frame is forwarded without waiting for entire packet
to arrive.

 Advantages of switches
 Increase available network bandwidth by reducing its workload, computers only receive
packets intended for them specifically
 Increase network performance
 Smaller collision domains
 Disadvantages of switches
 More expensive than hubs and bridges
 Difficult to trace network connectivity problems through a switch
 Does not filter broadcast traffic

 HUB
 It works on physical layer of OSI model.
 Hubs is a central network device that network nodes and provide central management
 They connect devices centrally in a star topology.
 They cannot filter network traffic.
 They cannot determine best path.
 They are also known as network “concentrators”.
 They have multiple inputs and outputs active at the same time.
 It provides connections for all guided media types.
 They provide high speed communication
 TYPES OF HUB:

1. Active hubs:

 Active hubs work similar to repeaters.

 They need electrical power to run.

 Also called multiport repeater.

2. Passive hubs:

 A passive hub serves simply provides connection between devices, enabling data to go from one
device (or segment) to another.

 They don’t need electrical power to run.

3. Intelligent hubs:

 A third type of hub, called a intelligent hub, actually reads the destination addressof each
packet and then forwards the packet to the correct port. Intelligent hubs are also called manageable
hubs.

 ROUTERS
 It operates on Physical, Datalink and Network layer of OSI model.
 It is most active in Network layer of OSI model.
 Different networks can be connected via routers.
 It stores IP address of the devices of networks in a table called routing table.
 Function of router is to receive packets from one network and forward to another network based on
information stored in routing table.
 Routing strategies:
 Adaptive Routing
 In adaptive routing, router may selectnew route for each packet.
 Non-Adaptive Routing
 In non-adaptive routing router choose same path for all the packets whose destination is same.
 Routing table contains:
 Network address of each device,
 Possible paths between routers,
 Cost of sending data over paths
 Types of routers:
1.Static router:
1. They use same path for all packets of same destination.
2. More secure.
3. Needs to maintain manually.
4. Cannot updated automatically.
2. Dynamic router:
1. It uses a routing protocol such as OSPF or BGP to select best paths for packets.
2. Each packet is sent via different path.
3. Less secure.
4. Can be updated and maintained automatically.

 Advantages of routers
• Can connect networks of different architecture

• Token Ring to Ethernet


• Choose best path through or to a network

• Create smaller collision domains

• Create smaller broadcast domains

 Disadvantages of routers

• Only work with routable protocols such as RIP, OSPF, or BGP

• More expensive than hubs, bridges, and switches

• Routing table updates consume bandwidth

• Increase delay due to a greater degree of packet filtering and/or analyzing

Q-7 Identify on which layer of OSI model router works? Explain Router in detail
 ROUTERS
 It operates on Physical, Datalink and Network layer of OSI model.
 It is most active in Network layer of OSI model.
 Different networks can be connected via routers.
 It stores IP address of the devices of networks in a table called routing table.
 Function of router is to receive packets from one network and forward to another network based on
information stored in routing table.

 Routing strategies:
 Adaptive Routing
 In adaptive routing, router may selectnew route for each packet.
 Non-Adaptive Routing
 In non-adaptive routing router choose same path for all the packets whose destination is same.
 Routing table contains:
 Network address of each device,
 Possible paths between routers,
 Cost of sending data over paths
 Types of routers:
1.Static router:
5. They use same path for all packets of same destination.
6. More secure.
7. Needs to maintain manually.
8. Cannot updated automatically.
3. Dynamic router:
1. It uses a routing protocol such as OSPF or BGP to select best paths for packets.
2. Each packet is sent via different path.
3. Less secure.
4. Can be updated and maintained automatically.

 Advantages of routers
• Can connect networks of different architecture

• Token Ring to Ethernet

• Choose best path through or to a network

• Create smaller collision domains

• Create smaller broadcast domains

 Disadvantages of routers

• Only work with routable protocols such as RIP, OSPF, or BGP

• More expensive than hubs, bridges, and switches

• Routing table updates consume bandwidth

• Increase delay due to a greater degree of packet filtering and/or analyzing


Q-8 Compare layer 2 and layer 3 switches in detail

Layer 2 switch Layer 3 switch

Works on Datalink layer. Works on network layer.

It uses MAC address for filtering and provide It uses MAC address to provide packet forwarding.
bridging
It behaves as a multiport transparent bridge. It behaves as a router.

It is used to connect server and clients. It is used to connect hosts in a large network like
VLAN.

It is having buffer to store frames like cut- it is having faster table lookup and forwarding
through switches. capacity.

Q-9 Give difference between Guided and Unguided media .

S.No.
Guided Media Unguided Media

The guided media is also called wired


The unguided media is also called wireless
1. communication or bounded transmission
communication or unbounded transmission media.
media.

The signal energy propagates through wires The signal energy propagates through the air in
2.
in guided media. unguided media.

Guided media is used for point-to-point Unguided media is generally suited for radio
3.
communication. broadcasting in all directions.

4. It is cost-effective. It is expensive.

Discrete network topologies are formed by Continuous network topologies are formed by the
5.
the guided media. unguided media.

Signals are in the form of voltage, current, Signals are in the form of electromagnetic waves in
6.
or photons in the guided media. unguided media.
S.No.
Guided Media Unguided Media

Examples of guided media are twisted pair


Examples of unguided media are microwave or
7. wires, coaxial cables, and optical fiber
radio links and infrared light.
cables.

By adding more wires, the transmission It is not possible to obtain additional capacity in
8.
capacity can be increased in guided media. unguided media.

It sends out a signal that indicates which


9. It does not indicate which way to travel.
way to go.

For a shorter distance, this is the best


10. For longer distances, this method is used.
option.

11. It is unable to pass through walls. It can pass through walls.

Q-10 Give the difference between Bridge and Router

S.NO Bridge Router

1. Bridge works in data link layer. While Router works in network layer.

Through bridge, data or information is not store While through router, data or information
2.
and sent in the form of packet. is store and sent in the form of packet.

While there are more than two ports in


3. There are only two ports in bridge.
router.

While router is used by LAN as well


4. Bridge connects two different LANs.
as MAN for connection.

5. In bridge, routing table is not used. While in routers, routing table is used.
S.NO Bridge Router

While router works on more than single


6. Bridge works on single broadcast domain.
broadcast domain.

While Routers are difficult to setup and


7. Bridges are easy to configure.
configure.

8. Bridge focuses on MAC address . While Router focuses on protocol address.

While Router is relatively expensive


9. Bridge is comparatively inexpensive.
device.

Bridges are good for segment network and While Routers are good for joining remote
10.
extends the existing network. networks.

Q-11 List out guided media explains any one in detail.

Guided media, which are those that provide a conduit from one device to another, include Twisted-
Pair Cable,Coaxial Cable, and Fiber-Optic Cable.

• Coaxial Cable

• Twisted pair cable

• Fiber optic cable

 Coaxial Cable:

• Coaxial is called by this name because it contains two conductors that are parallel to each other.
Copper is used in this as Centre conductor which can be a solid wire or a standard one. It is
surrounded by PVC installation, a sheath which is encased in an outer conductor of metal foil,
barid or both.

• Outer metallic wrapping is used as a shield against noise and as the second conductor which
completes the circuit. The outer conductor is also encased in an insulating sheath. The outermost
part is the plastic cover which protects the whole cable.
 Advantages of Coaxial Cable
• Bandwidth is high

• Used in long distance telephone lines.

• Transmits digital signals at a very high rate of 10Mbps.

• Much higher noise immunity

• Data transmission without distortion.

• The can span to longer distance at higher speeds as they have better shielding when compared
to twistedpair cable
 Disadvantages of Coaxial Cable
• Single cable failure can fail the entire network.

• Difficult to install and expensive when compared with twisted pair.

• If the shield is imperfect, it can lead to grounded loop.

 Applications of Coaxial Cable


• Coaxial cable was widely used in analog telephone networks, where a single coaxial
network couldcarry 10,000 voice signals.

• Cable TV networks also use coaxial cables. In the traditional cable TV network, the entire network
usedcoaxial cable. Cable TV uses RG-59 coaxial cable.

• In traditional Ethernet LANs. Because of it high bandwidth, and consequence high data rate,
coaxial cable was chosen for digital transmission in early Ethernet LANs. The 10Base-2, or Thin
Ethernet, usesRG-58 coaxial cable with BNC connectors to transmit data at 10Mbps with a range
of 185 m.

Q-12 List out unguided media. Explain any one in detail.


OR
Explain radio wave and microwave in detail

 Unbounded or Unguided Transmission Media

Unguided medium transport electromagnetic waves without using a physical conductor. This type
of

communication is often referred to as wireless communication.

We can divide wireless transmission into three broad groups:

• Radio waves

• Micro waves

• Infrared waves

 Radio Waves

• Electromagnetic waves ranging in frequencies between 3 KHz and 1 GHz are normally called radio
waves.

• Radio waves are omnidirectional. When an antenna transmits radio waves, they are propagated
in all directions. This means that the sending and receiving antennas do not have to be aligned.

• A sending antenna send waves that can be received by any receiving antenna. The
omnidirectional property has disadvantage, too. The radio waves transmitted by one antenna
are susceptible to interference by another antenna that may send signal suing the same
frequency or band.
• Radio waves, particularly with those of low and medium frequencies, can penetrate walls. This
characteristic can be both an advantage and a disadvantage. It is an advantage because, an AM
radio can receive signals inside a building. It is a disadvantage because we cannot isolate a
communication to just inside or outside a building.

 Applications of Radio Waves

• The omnidirectional characteristics of radio waves make them useful for multicasting in which
there is one sender but many receivers.

• AM and FM radio, television, maritime radio, cordless phones, and paging are examples of
multicasting.

 Micro Waves

Electromagnetic waves having frequencies between 1 to 300 GHz are called micro waves. Micro waves
are unidirectional. When an antenna transmits microwaves, they can be narrowly focused. This means that
the sending and receiving antennas need to be aligned. The unidirectional property has an obvious
advantage. A pair of antennas can be aligned without interfering with another pair of aligned antennas.

 Applications of Micro Waves

• Microwaves, due to their unidirectional properties, are very useful when unicast(one-to-
one)communication is needed between the sender and the receiver.

• They are used in cellular phones, satellite networks and wireless LANs.

 Advantages of Microwave Transmission

• Used for long distance telephone communication

• Carries 1000's of voice channels at the same time

 Disadvantages of Microwave Transmission

• It is very costly

 Infrared Waves

• Infrared waves, with frequencies from 300 GHz to 400 THz, can be used for short-range
communication. Infrared waves, having high frequencies, cannot penetrate walls.

• This advantageous characteristic prevents interference between one system and another, a
short-range communication system in on room cannot be affected by another system in the next
room.

• we cannot use infrared waves outside a building because the sun's rays contain infrared waves
that can interfere with the communication.

 Applications of Infrared Waves

• The infrared band, almost 400 THz, has an excellent potential for data transmission. Such a wide
bandwidth can be used to transmit digital data with a very high data rate.

• The Infrared Data Association (IrDA), an association for sponsoring the use of infrared waves, has
established standards for using these signals for communication between devices such as
keyboards, mouse, PCs and printers.

Q-13 Difference between switch and bridge


.NO. Switch Bridge
1. It is a device which is responsible for It is basically a device which is responsible for
channeling the data that is coming into the dividing a single network into various network
various input ports to a particular output port segments.
which will further take the data to the
desired destination.

2. A switch can have a lot of ports. A bridge can have 2 or 4 ports only.
3. The switch performs the packet forwarding The bridge performs the packet forwarding by
by using hardware such as ASICS hence, it using software so it is software based.
is hardware based.

4. The switching method in case of a switch The switching method in case of a bridge is store
can thus be store, forward, fragment free or and forward.
cut through.

5. The task of error checking is performed by a A bridge cannot perform the error checking.
switch.

6. A switch has buffers. A bridge may not have a buffer.


UNIT 4 IP PROTOCOL

Q-1 Explain the IPV4 datagram format

 IPv4 datagram format


 Version number: These 4 bits specify the IP protocol version of the datagram. It
determines how to interpret the header. Currently the only permitted values are 4 (0100)
or 6 (0110).
 Header length: Specifies the length of the IP header, in 32-bit words.
 Type of service: The type of service (TOS) bits were included in the IPv4 header to allow
different types of IP datagrams (for example, datagrams particularly requiring low delay,
high throughput, or reliability) to be distinguished from each other.
 Datagram length: This is the total length of the IP datagram (header plus data), measured
in bytes.
 Identifier: Uniquely identifies the datagram. It is incremented by 1 each time a datagram
is sent. All fragments of a datagram contain the same identification value. This allows the
destination host to determine which fragment belongs to which datagram.
 Flags: In order for the destination host to be absolutely sure it has received the last
fragment of the original datagram, the last fragment has a flag bit set to 0, whereas all the
other fragments have this flag bit set to 1.
 Fragmentation offset: When fragmentation of a message occurs, this field specifies the
offset, or position, in the overall message where the data in this fragment goes. It is
specified in units of 8 bytes (64 bits).

 Time-to-live: Specifies how long the datagram is allowed to “live” on the network. Each
router decrements the value of the TTL field (reduces it by one) prior to transmitting it.
If the TTL field drops to zero, the datagram is assumed to have taken too long a route
and is discarded.
 Protocol: This field is used only when an IP datagram reaches its final destination. The
value of this field indicates the specific transport-layer protocol to which the data portion
of this IP datagram should be passed. For example, a value of 6 indicates that the data
portion is passed to TCP, while a value of 17 indicates that the data is passed to UDP.
 Header checksum: The header checksum aids a router in detecting bit errors in a
received IP datagram.
 Source and destination IP addresses: When a source creates a datagram, it inserts its
IP address into the source IP address field and inserts the address of the ultimate
destination into the destination IP address field.
 Options: The options fields allow an IP header to be extended.
 Data (payload): The data to be transmitted in the datagram, either an entire higher-layer
message or a fragment of one

Q-2 Explain classful addressing in detail

OR

Explain IPV4 classes in detail

 Classful Addressing
The 32-bit IP address is divided into five sub-classes. These are given below:
 Class A
 Class B
 Class C
 Class D
 Class E
Each of these classes has a valid range of IP addresses. Classes D and E are reserved for multicast
and experimental purposes respectively. The order of bits in the first octet determines the classes
of the IP address. The IPv4 address is divided into two parts:
 Network ID
 Host ID
The class of IP address is used to determine the bits used for network ID and host ID and the
number of total networks and hosts possible in that particular class. Each ISP or network
administrator assigns an IP address to each device that is connected to its network.

Classful Addressing
Class A

IP addresses belonging to class A are assigned to the networks that contain a large number of
hosts.
 The network ID is 8 bits long.
 The host ID is 24 bits long.
The higher-order bit of the first octet in class A is always set to 0. The remaining 7 bits in the
first octet are used to determine network ID. The 24 bits of host ID are used to determine the
host in any network. The default subnet mask for Class A is 255.x.x.x. Therefore, class A has a
total of:
 2^24 – 2 = 16,777,214 host ID
IP addresses belonging to class A ranges from 0.0.0.0 – 127.255.255.255.

Class B

IP address belonging to class B is assigned to networks that range from medium-


sized to large-sized networks.
 The network ID is 16 bits long.
 The host ID is 16 bits long.
The higher-order bits of the first octet of IP addresses of class B are always set to 10. The
remaining 14 bits are used to determine the network ID. The 16 bits of host ID are used to
determine the host in any network. The default subnet mask for class B is 255.255.x.x. Class B
has a total of:
 2^14 = 16384 network address
 2^16 – 2 = 65534 host address
IP addresses belonging to class B ranges from 128.0.0.0 – 191.255.255.255.
Class C

IP addresses belonging to class C are assigned to small-sized networks.


 The network ID is 24 bits long.
 The host ID is 8 bits long.
The higher-order bits of the first octet of IP addresses of class C is always set to 110. The
remaining 21 bits are used to determine the network ID. The 8 bits of host ID are used to
determine the host in any network. The default subnet mask for class C is 255.255.255.x. Class
C has a total of:
 2^21 = 2097152 network address
 2^8 – 2 = 254 host address
IP addresses belonging to class C range from 192.0.0.0 – 223.255.255.255.

Class C

Class D

IP address belonging to class D is reserved for multi-casting. The higher-order bits of the first
octet of IP addresses belonging to class D is always set to 1110. The remaining bits are for the
address that interested hosts recognize.
Class D does not possess any subnet mask. IP addresses belonging to class D range from
224.0.0.0 – 239.255.255.255.

Class D

Class E

IP addresses belonging to class E are reserved for experimental and research purposes. IP
addresses of class E range from 240.0.0.0 – 255.255.255.254. This class doesn’t have any subnet
mask. The higher-order bits of the first octet of class E are always set to 1111.
Class E

Range of Special IP Addresses


169.254.0.0 – 169.254.0.16 : Link-local addresses
127.0.0.0 – 127.255.255.255 : Loop-back addresses
0.0.0.0 – 0.0.0.8: used to communicate within the current network.

Q-3 Give difference between IPV4 and IPV6

 Difference Between IPv6 and IPv4


IPv6 IPv4

IPv6 has a 128-bit address length IPv4 has a 32-bit address length

It supports Auto and renumbering address It Supports Manual and DHCP address
configuration configuration

The address space of IPv6 is quite large it


It can generate 4.29×109 address space
can produce 3.4×1038 address space

Address Representation of IPv6 is in


Address representation of IPv4 is in decimal
hexadecimal

In IPv6 checksum field is not available In IPv4 checksum field is available

IPv6 has a header of 40 bytes fixed IPv4 has a header of 20-60 bytes.

IPv4 supports VLSM(Variable Length


IPv6 does not support VLSM.
subnet mask).
Q-4 What is subnetting? Explain subnet masking with example.

 Subnetting
Dividing a large block of addresses into several contiguous sub-blocks and assigning these sub-
blocks to different smaller networks is called subnetting. It is a practice that is widely used when
classless addressing is done.
A subnet or subnetwork is a network inside a network. Subnets make networks more efficient.
Through subnetting, network traffic can travel a shorter distance without passing through
unnecessary routers to reach its destination.

EXAMPLE:
Five steps of subnetting are:

1. Identify class of IP address and note the Default Subnet Mask.


2. Convert Default subnet mask into binary
3. Note the number of hosts required per network and find the Subnet
Generator(SG) and Octet position
4. Generate new Subnet Mask
5. Use SG and generate network ranges (subnets) into the appropriate octet position

Let’s suppose we have purchased the address 192.168.100.0 we


required to break that address into 62 hosts per network.

Step 1: Identify class of IP address and note the Default Subnet Mask.

Here address 192.168.100.0 belongs to Class C and Default


Subnet Mask of Class C is 255.255.255.0. In class C we have
possibilities of 256 IP address but we can’t use first IP address
and last IP address as first IP address is network address and
last IP address is broadcast address. So we have 254 IP
addresses but here we need only 62.

Step 2: Identify Convert Default subnet mask into binary

255.255.255.0=11111111.11111111.11111111.00000000

Step 3: Note the number of hosts required per network and find the
Subnet Generator(SG) and Octet position

No. of hosts per subnet = 62 (So


convert 64 into binary) 62 = 111110
(6bits)

Reserve 6 bits in the subnet mask


So, we need 6 bits in the host portion of the address in our
default subnet mask. Our default subnet mask is

255.255.255.0=11111111.11111111.11111111.00000000

Here we need to reserve from right to left in last octet of


default subnet mask ie keeping rightmost 6 zeros and
remaining bits are to converted to 1’s
255.255.255.192=11111111.11111111.11111111.11000000

So the new subnet mask is 255.255.255.192 or /26. So, 62


hosts’ needs 6 bits in the host portion.

SG is 64 as first one is at 6th position and 26=64 and Octet


where we find first one is 4th octet so Octet position=4.

Step 4: Generate new Subnet Mask

The new subnet mask is 255.255.255.192 or /26 is already


generated in the last step.

Step 5: Network Ranges (Subnets)

Now for finding the network ranges, our increment is 64 (ie value of SG).

NETWORK NO NETWORK ID HOST ID BOARDCAST ID

0 192.168.100.0 192.168.100.1 192.168.100.63


192.168.100.62

1 192.168.100.64 192.168.100.65 192.168.100.127


192.168.100.126

2 192.168.100.128 192.168.100.129 192.168.100.191


192.168.100.190

3 192.168.100.192 192.168.100.193 192.168.100.255


192.168.100.254
Q-6 An organization is granted the block 130.56.0.0/16. The administrator wants to create
1024 subnets.
1. Find the Network ID.
2. Find the subnet mask.
3. Find the number of addresses in each subnet.

Step 1: Identify class of IP address and note the Default Subnet Mask.

Here address 130.56.0.0 belongs to Class B and Default Subnet Mask of Class C
is 255.255.0.0.

Step 2: Convert Default subnet mask into binary

255.255.0.0 = 11111111.11111111.00000000.00000000

Step 3: Note that 1024 subnet create and find the Subnet Generator (SG) and Octet
position

No. of subnet => 2


1024 => 2 where n is no of bits required to create 1024 subnets

(So convert 1024 into binary) 1024 = 1111111111 (10 bits)

Reserve 10 bits in the subnet mask

So, we need 10 bits in the network portion of the address in our default
subnet mask. Our default subnet mask is

255.255.255.0=11111111.11111111.11111111.00000000

Here we need to reserve from left to right in last octet of default subnet
mask ie keeping rightmost 6 zeros and remaining bits are to converted to 1’s
255.255.255.192 =11111111.11111111.11111111.11000000

So the new subnet mask is 255.255.255.192 or /26. So, 1024subnets’ needs 10


bits in the host portion.

SG is 64 as first one is at 4th position and 26=64

Step 4: Generate new Subnet Mask

The new subnet mask is 255.255.255.192 or /26 is already generated in the


last step.
1.Network id (perform logical and operation between binary of IP address and
new subnet mask
130. 56. 0. 0 = 10000010 00111000 00000000 00000000
255.255.255.192 =11111111.11111111.11111111.11000000
11010011 00010001 00000000 00000000

Ans 1: Network id = 130.56.0.0

2.Subnet mask =255.255.255.192

3.The number of addresses in each subnet

The number of addresses = 2 where h is no of host bits in host portion.


= 2 6 = 64

Q-7 An organization is granted the block 211.17.180.0/24. The administrator wants to create
32 subnets
1. Find the Network ID.
2. Find the subnet mask.
3. Find the number of addresses in each subnet

Step 1: Identify class of IP address and note the Default Subnet Mask.
Here address 211.17.180.0 belongs to Class C and Default
Subnet Mask of Class C is 255.255.255.0.

Step 2: Convert Default subnet mask into binary

255.255.255.0=11111111.11111111.11111111.00000000

Step 3: Note that 32 subnets create and find the Subnet Generator (SG) and Octet
position

No. of subnet => 2


32 => 2 where n is no of bits required to create 32 subnets

(So convert 32 into binary) 32 = 11111 (5bits)

Reserve 5 bits in the subnet mask

So, we need 5 bits in the network portion of the address in our default
subnet mask. Our default subnet mask is
255.255.255.0 = 11111111.11111111.11111111.00000000
Here we need to reserve from left to right in last octet of default subnet
mask i.e. keeping rightmost 3 zeros and remaining bits are to converted to 1’s
255.255.255.248 =11111111.11111111.11111111.11111000

So the new subnet mask is 255.255.255.248 or /29. So, 32subnets’ needs 5 bits
in the host portion.

SG is 8 as first one is at 4th position and 23=8

Step 4: Generate new Subnet Mask

The new subnet mask is 255.255.255.248 or /29 is already generated in the


last step.

1.Network id ( perform logical and operation between binary of IP address and


new subnet mask
211. 17.180. 0 = 11010011 00010001 10110100 00000000
255.255.255.248 =11111111.11111111.11111111.11111000
11010011 00010001 10110100 00000000

Ans 1: Network id = 211.17.180.0

2.Subnet mask =255.255.255.248


3.The number of addresses in each subnet

The number of addresses = 2 where h is no of host bits in host portion.


= 2 3= 8
Q-8 List out features of IPv6

 IPv4 could be a 32-Bit IP Address.


 IPv4 could be a numeric address, and its bits are separated by a dot.
 The number of header fields is twelve and the length of the header field is twenty.
 It has Unicast, broadcast, and multicast style of addresses.
 IPv4 supports VLSM (Virtual Length Subnet Mask).
 IPv4 uses the Post Address Resolution Protocol to map to the MAC address.
 RIP may be a routing protocol supported by the routed daemon.
 Networks ought to be designed either manually or with DHCP.
 Packet fragmentation permits from routers and causing host.

Q-9 Define subnetting and list out subnet mask of class A, class B, class C

 Subnetting
Dividing a large block of addresses into several contiguous sub-blocks and assigning these sub-
blocks to different smaller networks is called subnetting. It is a practice that is widely used when
classless addressing is done.
A subnet or subnetwork is a network inside a network. Subnets make networks more efficient.
Through subnetting, network traffic can travel a shorter distance without passing through
unnecessary routers to reach its destination.

Each IP address consists of a subnet mask. All the class types, such as Class A, Class B and
Class C include the subnet mask known as the default subnet mask. The subnet mask is intended
for determining the type and number of IP addresses required for a given local network. The
firewall or router is called the default gateway. The default subnet mask is as follows:

Class A: 255.0.0.0
Class B: 255.255.0.0
Class C: 255.255.255.0

The subnetting process allows the administrator to divide a single Class A, Class B, or Class C
network number into smaller portions. The subnets can be subnetted again into sub-subnets.

Q-10 Identify whether following IPv4 address are valid or not. If invalid then write the reason.
1) 204.10.2.3 Given IP belongs to class c it is valid ip address.

2) 10.5.310.4 Given IP is invalid because 3rd octet not in range 0-255.

3) 11011001.24.5.10 Given IP is invalid because in 1st octet given in binary remaining octet decimal so

it not allowed.

Q-11 For a given IP address 151.40.5.6 Compute


1) Network ID
2) Last Host ID
3) Broadcast address

Step 1: Identify the class of given IP and default subnet mask.


given IP address 151.40.5.6 belong to class B
Default subnet mask = 255.255.0.0
1) Network ID (perform Logical AND operation between binary of IP address and
binary of subnet mask)
151.40. 5.6 = 10010111 00101000 00001001 00000110
255.255.0.0 = 11111111 11111111 00000000 00000000
10010111 00101000 00000000 00000000

So, Network id = 151.40.0.0


2) Last Host ID
Here we get last host from last broad cast id we get broad cast id when host portion
replaced with 255
So, 151.40.255.255
Last Host ID = Last Broad cast id -1

Last host ID = 151.40.255.254

3) we get broad cast id when host portion replaced with 255


151.40.255.255
Q-12 Change the following IPv4 addresses from dotted-decimal notation to binary notation.

DOTTED DECIMAL NOTATION BINARY NOTATION


1) 110.15.20.62 01101110 00001111 00010100 00111110
2) 201.62.64.10 11001001 00111110 01000000 00001010

3) 192.16.8.10 11000000 00010000 00001000 00001010

Q-13 For a given IP address 204.40.15.6 Compute


1) Class of IP = Given IP belong to class C
2) Subnet mask = Default subnet mast for class C 255.255.255.0
3) Network ID (perform Logical AND operation between binary of IP address and binary of subnet
mask)
204.40. 15.6 = 11001100 00101000 00001111 00000110
255.255.255.0 = 11111111 11111111 11111111 00000000
11001100 00101000 00001111 00000110

So, Network id = 204.40.15.0

Q-14 List types of classes in IPV4. Write IP range of different class

Classes of IPV4

Class A
Class B
Class C
Class D
Class E
 Write IP range of different class

Q-15 Explain MAC address and IP address

Both MAC Address and IP Address are used to uniquely define a device on the internet. NIC
Card’s Manufacturer provides the MAC Address, on the other hand, Internet Service Provider
provides IP Address.
The main difference between MAC and IP address is that MAC Address is used to ensure the
physical address of the computer. It uniquely identifies the devices on a network. While IP
addresses are used to uniquely identifies the connection of the network with that device takes
part in a network.

.NO MAC Address IP Address

MAC Address stands for Media IP Address stands for Internet Protocol
1.
Access Control Address. Address.

MAC Address is a six byte IP Address is either a four-byte (IPv4) or a


2.
hexadecimal address. sixteen-byte (IPv6) address.

A device attached with MAC Address A device attached with IP Address can
3.
can retrieve by ARP protocol. retrieve by RARP protocol.

NIC Card’s Manufacturer provides Internet Service Provider provides IP


4.
the MAC Address. Address.
.NO MAC Address IP Address

MAC Address is used to ensure the IP Address is the logical address of the
5.
physical address of a computer. computer.

MAC Address operates in the data


6. IP Address operates in the network layer.
link layer.

MAC Address helps in simply IP Address identifies the connection of the


7.
identifying the device. device on the network.

MAC Address of computer cannot be IP Address modifies with the time and
8.
changed with time and environment. environment.

MAC Addresses can’t be found easily


9. IP Addresses can be found by a third party.
by a third party.

It is a 48-bit address that contains 6


groups of 2 hexadecimal digits, IPv4 uses 32-bit addresses in dotted
separated by either hyphens (-) or notations, whereas IPv6 uses 128-bit
colons(.). addresses in hexadecimal notations.
10. Example: Example:
00:FF:FF:AB:BB:AA IPv4 192.168.1.1
or IPv6 FFFF:F200:3204:0B00
00-FF-FF-AB-BB-AA

No classes are used for MAC IPv4 uses A, B, C, D, and E classes for IP
11.
addressing. addressing.

In IP address multiple client devices can


12. MAC Address sharing is not allowed.
share the IP address.

MAC address help to solve IP address IP addresses never able to solve MAC
13.
issue. address issues.
.NO MAC Address IP Address

MAC addresses can be used for The IP address can be used for
14.
broadcasting. broadcasting or multicasting.

15. MAC address is hardware oriented. IP address is software oriented.

While communication, Switch needs While communication, Router need IP


16.
MAC address to forward data. address to forward data.

Q-16 Give the answer of following Questions.


(1) When calculating the maximum available valid host addresses in each subnet, why we
always minus 2 addresses from total addresses?

Ans : We minus 2 address from total addresses when we calculate valid host because first
address used for network address(network id) for to identify the network and last address
used for broad cast Address.

(2) How many subnets and maximum hosts per subnet can we get from the subnet network
172.27.0.0/23?

Ans :

Step 1: Identify the class of given IP and default subnet mask.


given IP address 172.27.0.0 belong to class B
Default subnet mask = 255.255.0.0

CIDR is given 23 (write 23 times 1’s)

So, New subnet mask = 11111111 11111111 11111111 11100000


Network Part Host part

= 255.255.255.224
NO of subnet = 2 where n is no of network bits in host portion.
=2
=8
The number of Host addresses = 2 where h is no of host bits in host portion.

= 2 5 = 32

UNIT 5 Network Security Aspects


Q-1 Explain confidentiality, integrity, availability in detail

 Confidentiality
 Confidentiality is the protection of information in the system so that an unauthorized
person cannot access it. This type of protection is most important in military and
government organizations that need to keep plans and capabilities secret from
enemies.
 However, it can also be useful to businesses that need to protect their proprietary
trade secrets from competitors or prevent unauthorized persons from accessing the
company’s sensitive information (e.g., legal, personal, or medical information).
Privacy issues have gained an increasing amount of attention in the past few years,
placing the importance of confidentiality on protecting personal information
maintained in automated systems by both government agencies and private-sector
organizations.
 Confidentiality must be well-defined, and procedures for maintaining confidentiality
must be carefully implemented. A crucial aspect of confidentiality is user
identification and authentication. Positive identification of each system user is
essential in order to ensure the effectiveness of policies that specify who is allowed
access to which data items.
Threats to Confidentiality: Confidentiality can be compromised in several ways. The
following are some of the commonly encountered threats to information confidentiality
 Hackers
 Unauthorized user activity
 Unprotected downloaded files
 Local area networks (LANs)
 Trojan Horses

 INTEGRITY:

In the world of information security, integrity refers to the accuracy and completeness of data.
Security controls focused on integrity are designed to prevent data from being modified or
misused by an unauthorized party. Integrity involves maintaining the consistency and
trustworthiness of data over its entire life cycle. Data must not be changed in transit, and
precautionary steps must be taken to ensure that data cannot be altered by unauthorized people.

For example, in a data breach that compromises integrity, a hacker may seize data and modify it
before sending it on to the intended recipient.

Some security controls designed to maintain the integrity of information include:


1. Encryption
2. User access controls
3. Version control
4. Backup and recovery procedures
5. Error detection software

 Availability
Data availability means that information is accessible to authorized users. It provides an assurance
that your system and data can be accessed by authenticated users whenever they’re needed. Similar
to confidentiality and integrity, availability also holds great value.

Availability is typically associated with reliability and system uptime, which can be impacted by
non-malicious issues like hardware failures, unscheduled software downtime, and human error, or
malicious issues like cyberattacks and insider threats. If the network goes down unexpectedly,
users will not be able to access essential data and applications. Information security policies and
security controls address availability concerns by putting various backups and redundancies in
place to ensure continuous uptime and business continuity.

Your information is more vulnerable to data availability threats than the other two components in
the CIA model. Making regular off-site backups can limit the damage caused to hard drives by
natural disasters or server failure. Information only has value if the right people can access it at
the right time. Information security measures for mitigating threats to data availability include:

1. Off-site backups
2. Disaster recovery
3. Redundancy
4. Failover
5. Proper monitoring
6. Environmental controls
7. Virtualization
8. Server clustering
9. Continuity of operations planning

Q-2 Explain intruders and insiders in detail


 INTRUDERS
“Intrude” means to put oneself purposefully (intentionally) into a situation or place where one
is not welcome or invited. An intruder is unauthorized individual trying to access resources
illegally. The main aim of intruders is to gain access to the system and intrude the privacy of
the network. Intruders may be insiders or may be outsiders. Intruders’ attacks range from the
gentle to the serious one. Intruders are mainly classified into three categories:

1. Masquerade: An individual who is not authorized to use the computer but he gets access to
the computer system and exploit (misuse or take advantage of) user data and account.
2. Misfeasor: A legal user who accesses data, programs or resources for which he is not
authorized.
3. Clandestine user: User who gains administrative access to the system. The masquerade is
likely to be an outsider, the misfeasor generally is an insider and clandestine user can be
either insider or outsider.
The risk of network intrusion

1. Corruption of Data
2. Financial Loss for the Organization
3. Theft of Data
4. Loss of Reputation
5. Operational Disruption

 INSIDERS
An insider threat is a malicious threat to an organization that comes from people within
the Organization. Insider attacks are typically passive attacks that are harder to detect
because they are carried Out by employees, former employees, contractors, partners, or
business associates who have inside information about an organization’s data, computer
systems, and security, Insiders are More dangerous than outside intruders.
Threats related to Insiders:
1. Fraud
2. Theft of confidential information. 3. Theft of intelligent property.
3. Damage of computer system.
4. Corruption, including participation in transnational organized crime
Damages caused by Insiders:
1. Loss of critical data
2. Financial Impact
3. Legal Impact
4. Loss of Reputation
5. Loss of Competitive Edge
6. Intellectual Property Theft
7. Market Value Reduction
8. Increased Expenses
The following steps will help reduce the risk of insider threats :
1. Protect critical assets
2. Enforce policies
3. Increase visibility
4. Promote culture changes
5. Encryption of data

Q-3 Write short notes on Virus

 Viruses
A virus is a software programs or pieces of code that is capable of copying itself and infecting a
system without the knowledge of the user.
It is a type of malware that spreads from of Computer to another cleaning up its trails as it goes.
It can harm other software programs Modifying them and it is a type of malware.
Generally, viruses are attached to the executable (exe) files and when user runs that program
viruses spread in the system. They may create mild effects and can cause crash of data software
may cause denial-of-service attack. Viruses may infect memory, a floppy disk, a t drive, a backup
tape, or any other type of storage.

Types of viruses are as under:

1. Parasitic Virus.

2. Memory Resident Virus.

3. Boot sector Virus.

4. Stealth Virus.

5. Metamorphic Virus.

6. Macro Virus.

7. Resident Virus

8. Multipartite Virus

9. Direct Action

10. Browser Hijacker

The following are the harmful effects of viruses:


1. Erase data
2. Can even control your device
3. Track your keystrokes
4. Hack password or data
5. Damage the hard disk permanently
6. Spam your email list
7. Corrupted files
Q-4 Explain working of firewall and list out its advantages and disadvantages

 A firewall is a type of network security device that filters incoming and outgoing network
traffic with security policies that have previously been set up inside an organization. A
firewall is essentially the wall that separates a private internal network from the open
Internet at its very basic level.

 Firewall match the network traffic against the rule set defined in its table. Once the rule is
matched, associate action is applied to the network traffic. For example, Rules are defined
as any employee from Human Resources department cannot access the data from code
server and at the same time another rule is defined like system administrator can access the
data from both Human Resource and technical department. Rules can be defined on the
firewall based on the necessity and security policies of the organization. From the
perspective of a server, network traffic can be either outgoing or incoming.

 Advantages of using Firewall


 Protection from unauthorized access: Firewalls can be set up to restrict incoming
traffic from particular IP addresses or networks, preventing hackers or other
malicious actors from easily accessing a network or system. Protection from
unwanted access.
 Prevention of malware and other threats: Malware and other threat prevention:
Firewalls can be set up to block traffic linked to known malware or other security
concerns, assisting in the defense against these kinds of attacks.
 Control of network access: By limiting access to specified individuals or groups for
particular servers or applications, firewalls can be used to restrict access to particular
network resources or services.
 Monitoring of network activity: Firewalls can be set up to record and keep track of
all network activity.
 Regulation compliance: Many industries are bound by rules that demand the usage
of firewalls or other security measures.
 Network segmentation: By using firewalls to split up a bigger network into smaller
subnets, the attack surface is reduced and the security level is raised.
 Disadvantages of using Firewall
 Complexity: Setting up and keeping up a firewall can be time-consuming and
difficult, especially for bigger networks or companies with a wide variety of users
and devices.
 Limited Visibility: Firewalls may not be able to identify or stop security risks that
operate at other levels, such as the application or endpoint level, because they can
only observe and manage traffic at the network level.
 False sense of security: Some businesses may place an excessive amount of reliance
on their firewall and disregard other crucial security measures like endpoint security
or intrusion detection systems.
 Limited adaptability: Because firewalls are frequently rule-based, they might not
be able to respond to fresh security threats.
 Performance impact: Network performance can be significantly impacted by
firewalls, particularly if they are set up to analyze or manage a lot of traffic.
 Limited scalability: Because firewalls are only able to secure one network,
businesses that have several networks must deploy many firewalls, which can be
expensive.
 Limited VPN support: Some firewalls might not allow complex VPN features like
split tunneling, which could restrict the experience of a remote worker.
 Cost: Purchasing many devices or add-on features for a firewall system can be
expensive, especially for businesses.

Q-5 Explain various types of threats.


OR
Explain various types of threats to security.

threats can be categorized into four main categories:


1. External threats: A network has an external threat when it is caused by an external entity,
a person, or even a natural disaster that could negatively disrupt the network. It involves
exploiting a weakness, or vulnerability, or causing a loss of data that significantly affects
your business operations and network security.

2. Internal threats: This type of threat is posed by malicious insiders, such as disgruntled or
improperly vetted employees who are working for a competitor. According to a report from
Cybersecurity Insiders published in 2022, 57% of organizations believe that insider attacks
have Become more frequent in the recent past.

3. Structured threats: The term structured threats refer to attacks conducted by organized
groups of cybercriminals with a clear objective or goal in mind, such as state-sponsored
attacks

4. Unstructured attacks: Attacks that are unstructured usually originate from amateurs who
do not have a clear objective in mind.
Q-6 Explain viruses and worms

 Viruses
A virus is a software programs or pieces of code that is capable of copying itself and infecting a
system without the knowledge of the user.
It is a type of malware that spreads from of Computer to another cleaning up its trails as it goes.
It can harm other software programs Modifying them and it is a type of malware.
Generally, viruses are attached to the executable (exe) files and when user runs that program
viruses spread in the system. They may create mild effects and can cause crash of data software
may cause denial-of-service attack. Viruses may infect memory, a floppy disk, a t drive, a backup
tape, or any other type of storage.

Types of viruses are as under:

 1.Parasitic Virus.

 2.Memory Resident Virus.

 Boot sector Virus.

 Stealth Virus.

 Metamorphic Virus.

 Macro Virus.

 Resident Virus

 Multipartite Virus

 Direct Action

 Browser Hijacker

The following are the harmful effects of viruses:


 Erase data
 Can even control your device
 Track your keystrokes
 Hack password or data
 Damage the hard disk permanently
 Spam your email list
 Corrupted files

 WORMS

A computer worm is a subset of the Trojan horse malware that can propagate or self-replicate
from one computer to another without human activation after breaching a system. Typically, a
worm spreads across a network through your internet or LAN (Local Area Network)
connection. It does not require any host to spread. Worms can be remorselessly destructive .

Types of Worms are as under

1. P2P-Worm 2. Net-Worm
2. Email-Worm
3. IRC(Internet Relay Chat) –Worm
4. File sharing Worms
5. IM (Instant Messaging) – Worm

The following are the harmful effects of Worms:

 Performance issues
 Identity theft can even be caused by worms
 Delete or change our files
 Keep us out of important files
 Hard drive reformatting

Here are some tips on preventing worms:

1. Keep your files safe


2. Update your passwords
3. Software should be updated regularly
4. Use a VPN for torrenting
5. Open attachments and links with caution
6. While browsing, avoid pop-up ads

Q-7 Define firewall and explain its types.


A firewall is a type of network security device that filters incoming and outgoing network
traffic with security policies that have previously been set up inside an organization.
 Types of firewalls
1. Packet Filtering Firewall
Packet filtering firewall is used to control network access by monitoring outgoing and incoming
packets and allowing them to pass or stop based on source and destination IP address, protocols,
and ports. It analyses traffic at the transport protocol layer (but mainly uses first 3 layers). Packet
firewalls treat each packet in isolation. They have no ability to tell whether a packet is part of an
existing stream of traffic. Only It can allow or deny the packets based on unique packet headers.
Packet filtering firewall maintains a filtering table that decides whether the packet will be
forwarded or discarded.
2. Stateful Inspection Firewall
Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection
state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of
the state of networks connection travelling across it, such as TCP streams. So the filtering
decisions would not only be based on defined rules, but also on packet’s history in the state table.
3. Software Firewall
A software firewall is any firewall that is set up locally or on a cloud server. When it comes to
controlling the inflow and outflow of data packets and limiting the number of networks that can
be linked to a single device, they may be the most advantageous. But the problem with software
firewall is they are time-consuming.
4. Hardware Firewall
They also go by the name “firewalls based on physical appliances.” It guarantees that the
malicious data is halted before it reaches the network endpoint that is in danger.
5. Application Layer Firewall
Application layer firewall can inspect and filter the packets on any OSI layer, up to the
application layer. It has the ability to block specific content, also recognize when certain
application and protocols (like HTTP, FTP) are being misused. In other words, Application layer
firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection
between either side of the firewall, each packet has to pass through the proxy.
6. Next Generation Firewalls (NGFW)
NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and
many functionalities to protect the network from these modern threats.
7. Proxy Service Firewall
This kind of firewall filters communications at the application layer, and protects the network.
A proxy firewall acts as a gateway between two networks for a particular application.
8. Circuit Level Gateway Firewall
This works as the Sessions layer of the OSI Model’s . This allows for the simultaneous setup of
two Transmission Control Protocol (TCP) connections. It can effortlessly allow data packets to
flow without using quite a lot of computing power. These firewalls are ineffective because they
do not inspect data packets; if malware is found in a data packet, they will permit it to pass
provided that TCP connections are established properly.

Q-8 Explain characteristics of firewall.

1. Physical Barrier: A firewall does not allow any external traffic to enter a system or a
network without its allowance. A firewall creates a choke point for all the external data
trying to enter the system or network and hence can easily block access if needed.
2. Multi-Purpose: A firewall has many functions other than security purposes. It configures
domain names and Internet Protocol (IP) addresses. It also acts as a network address
translator. It can act as a meter for internet usage.
3. Flexible Security Policies: Different local systems or networks need different security
policies. A firewall can be modified according to the requirement of the user by changing
its security policies.
4. Security Platform: It provides a platform from which any alert to the issue related to
security or fixing issues can be accessed. All the queries related to security can be kept
under check from one place in a system or network.
5. Access Handler: Determines which traffic needs to flow first according to priority or can
change for a particular network or system. specific action requests may be initiated and
allowed to flow through the firewall.

Q-9 write a short notes Design principles of firewalls.

1. Developing Security Policy


Security policy is a very essential part of firewall design. Security policy is designed according
to the requirement of the company or client to know which kind of traffic is allowed to pass.
Without a proper security policy, it is impossible to restrict or allow a specific user or worker in
a company network or anywhere else. A properly developed security policy also knows what to
do in case of a security breach. Without it, there is an increase in risk as there will not be a proper
implementation of security solutions.
2. Simple Solution Design
If the design of the solution is complex. then it will be difficult to implement it. If the solution
is easy. then it will be easier to implement it. A simple design is easier to maintain. we can make
upgrades in the simple design according to the new possible threats leaving it with an efficient
but more simple structure. The problem that comes with complex designs is a configuration
error that opens a path for external attacks.
3. Choosing the Right Device
Every network security device has its purpose and its way of implementation. if we use the wrong
device for the wrong problem, the network becomes vulnerable. if the outdated device is used
for a designing firewall, it exposes the network to risk and is almost useless. Firstly the designing
part must be done then the product requirements must be found out, if the product is already
available then it is tried to fit in a design that makes security weak.
4. Layered Defense
A network defense must be multiple-layered in the modern world because if the security is
broken, the network will be exposed to external attacks. Multilayer security design can be set to
deal with different levels of threat. It gives an edge to the security design and finally neutralizes
the attack on the system.
5. Consider Internal Threats
While giving a lot of attention to safeguarding the network or device from external attacks. The
security becomes weak in case of internal attacks and most of the attacks are done internally as
it is easy to access and designed weakly. Different levels can be set in network security while
designing internal security. Filtering can be added to keep track of the traffic moving from lower-
level security to higher level.

You might also like