Networking Question Papers With answers

(Share this only with those who share with you)

1.Explain IPV6 addresses schemes in details?

IPv4 produces 4 billion addresses, and the developers think that these addresses are
enough, but they were wrong. IPv6 is the next generation of IP addresses. The main
difference between IPv4 and IPv6 is the address size of IP addresses. The IPv4 is a 32-bit
address, whereas IPv6 is a 128-bit hexadecimal address. IPv6 provides a large address
space, and it contains a simple header as compared to IPv4.

This hexadecimal address contains both numbers and alphabets. Due to the usage of
both the numbers and alphabets, IPv6 is capable of producing over 340 undecillion
(3.4*1038) addresses.

--->

1. The version field in IPv6 is a 4-bit field in the IPv6 header that
specifies the version of the IP protocol being used. The value of the
version field for IPv6 is "0110" in binary or "6" in decimal. This value
distinguishes IPv6 packets from IPv4 packets, which use a value of
"0100" in binary or "4" in decimal for their version field. The version
 field is a fundamental component of the IPv6 header, as it enables
network devices to properly identify and process IPv6 packets .

2. The Traffic Class field in IPv6 is an 8-bit field in the IPv6 header that is
used to classify packets based on their priority or type of service. It is
used to differentiate traffic flows and can be used to provide quality
of service (QoS) guarantees for different types of traffic. The Traffic
Class field can be used for traffic shaping, traffic policing, or other
traffic management techniques.

3. The Flow Label field in IPv6 is a 20-bit field in the IPv6 header that is
used to identify packets that belong to the same flow or session. The
Flow Label field is used to provide a way to identify packets that are
part of the same communication session and to provide a hint to
routers to perform certain optimizations for that flow, such as
reserving resources or providing priority treatment.

4. The Payload Length field in IPv6 is a 16-bit field in the IPv6 header
that specifies the length of the payload or data portion of the IPv6
packet, in octets. The Payload Length field is used to enable network
devices to correctly identify the length of the data portion of the
packet, so that they can properly handle and process the packet. The
maximum value of the Payload Length field is 65,535 octets. If the
value of the Payload Length field is set to zero, it indicates that the
IPv6 packet contains no payload data.

5.The Next Header field in IPv6 is an 8-bit field in the IPv6 header that
specifies the type of the next header or extension header that follows the
IPv6 header. The Next Header field is used to identify the protocol or
extension header that is carried in the packet and to enable network
devices to correctly identify and process the packet. The value of the Next
Header field determines the format and content of the extension header, if
present, or the transport layer protocol that follows the IPv6 header. Some
possible values of the Next Header field include TCP, UDP, ICMPv6, Hop-
by-Hop Options, Routing, Fragment, and Destination Options.

6.The Hop Limit field in IPv6 is an 8-bit field in the IPv6 header that
specifies the maximum number of routers or network devices that a packet
can pass through before it is discarded. The Hop Limit field is used to
prevent packets from circulating indefinitely on the network, and to limit
the scope of the packet to a specific area of the network. Each router that
processes the packet decrements the value of the Hop Limit field by 1, and
when the Hop Limit field reaches zero, the packet is discarded.

7.The Source Address field in IPv6 is a 128-bit field in the IPv6

header that specifies the IPv6 address of the sender of the packet. The
Source Address field is used to enable network devices to properly identify
the source of the packet and to route the packet back to the sender if
necessary. The IPv6 address in the Source Address field uniquely identifies
the source of the packet on the network and provides a means for network
devices to differentiate between different senders. The Source Address field
is a fundamental component of the IPv6 header.

8.The Destination Address field in IPv6 is a 128-bit field in the IPv6 header
that specifies the IPv6 address of the intended recipient of the packet. The
Destination Address field is used to enable network devices to properly
identify the destination of the packet and to route the packet to the correct
recipient. The IPv6 address in the Destination Address field uniquely
identifies the recipient of the packet on the network and provides a means
for network devices to deliver the packet to the intended destination. The
Destination Address field is a critical component of the IPv6 header, as it
enables network devices to properly handle and process IPv6 packets, and
to deliver packets to the correct recipient.
2.Compare IVP4 and IPV6?

--->IPv4 and IPv6 are internet protocol version 4 and internet protocol version
6, IP version 6 is the new version of Internet Protocol, which is way better than
IP version 4 in terms of complexity and efficiency.
Difference Between IPv4 and IPv6:

IPv4 IPv6

IPv4 has a 32-bit address length IPv6 has a 128-bit address length

It Supports Manual and DHCP It supports Auto and renumbering address

address configuration configuration

In IPv4 end to end, connection

integrity is Unachievable In IPv6 end to end, connection integrity is Achievable

It can generate 4.29×109 address Address space of IPv6 is quite large it can produce
space 3.4×1038 address space

The Security feature is dependent IPSEC is an inbuilt security feature in the IPv6
on application protocol

Address representation of IPv4 is

in decimal Address Representation of IPv6 is in hexadecimal

Fragmentation performed by
Sender and forwarding routers In IPv6 fragmentation performed only by the sender

In IPv4 Packet flow identification In IPv6 packet flow identification are Available and
is not available uses the flow label field in the header

In IPv4 checksum field is

available In IPv6 checksum field is not available

It has broadcast Message In IPv6 multicast and anycast message transmission

Transmission Scheme scheme is available
 IPv4 IPv6

In IPv4 Encryption and

Authentication facility not In IPv6 Encryption and Authentication are provided
provided

IPv6 has header of 40 bytes fixed

IPv4 has a header of 20-60 bytes.

IPv4 can be converted to IPv6 Not all IPv6 can be converted to IPv4

IPv4 consist of 4 fields which are IPv6 consist of 8 fields, which are separated by colon
separated by dot (.) (:)

IPv4’s IP addresses are divided

into five different classes. Class A
, Class B, Class C , Class D ,
Class E. IPv6 does not have any classes of IP address.

IPv4 supports VLSM(Variable

Length subnet mask). IPv6 does not support VLSM.

Example of IPv6:
Example of IPv4: 66.94.29.13 2001:0000:3238:DFE1:0063:0000:0000:FEFB

3. What is HTTP ? Explain HTTP transaction in details.

o ---> HTTP stands for HyperText Transfer Protocol.

o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency
that allows us to use in a hypertext environment where there are rapid jumps
from one document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to another
host. But, HTTP is simpler than FTP as HTTP uses only one connection, i.e., no
control connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The
HTTP differs from the SMTP in the way the messages are sent from the client to
the server and from server to the client. SMTP messages are stored and
forwarded while HTTP messages are delivered immediately.
o
o Get an introduction to the basics of HTTP transactions,
keeping in mind that an HTTP transaction consists of a single
HTTP request and the corresponding HTTP response. You will
also learn when multiple transactions are required so that you
will be on your way to full comprehension of the process.
o HTTP traffic consists of requests and responses. All HTTP traffic can be
associated with the task of requesting content or responding to those requests.
Every HTTP message sent from a Web browser to a Web server is classified as
an HTTP request, whereas every message sent from a Web server to a Web
browser is classified as an HTTP response.

o HTTP is often referred to as a stateless protocol. Although this is accurate, it

does little to explain the nature of the Web. All this means, however, is that each
transaction is atomic, and there is nothing required by HTTP that associates one
request with another. A transaction refers to a single HTTP request and the
corresponding HTTP response. Another fundamental topic related to the nature
of the Web is the topic of connections.

o Connections
o When I speak of a connection in HTTP, I refer to a TCP connection. As illustrated
in Figure 3.1, a TCP connection requires three separate messages.

o Figure 3.1 A TCP connection requires three messages.

o SYN and ACK are two flags within the TCP segment of a packet. Because TCP is
such a common transport layer protocol to be used in conjunction with IP, the
 combined packet of an IP packet containing a TCP segment is sometimes called
a TCP/IP packet, even though it would best be described as a packet within a
packet. By this example, you can see that a connection is unlike what you might
otherwise expect. After this exchange, both computers simply consider
themselves connected. In terms of HTTP, this simply means the server is ready
to receive requests from this specific client. There is no real active connection in
the traditional sense. It is better described as an understanding between the two
computers that they are connected.
o An example of this type of connection is a two-way radio. If you and a friend both
have two-way radios, you can establish a similar method for ensuring that you
are both able to send and receive messages properly. To do this, you can send a
message (by talking into the radio) asking to establish a connection. Your friend
sends back a confirmation message acknowledging your request and agreeing to
the connection. At this point, you feel confident that each of you can both send
and receive messages, but your friend cannot be assured of this without knowing
whether you received the confirmation. You send back a final message
acknowledging the receipt of your friend's confirmation. At this point, you both
have confidence in your ability to communicate with these radios. This series of
events is very similar to a TCP connection.

o NOTE

o A single connection can support multiple HTTP transactions. In many cases,

multiple HTTP transactions are required to properly render a URL in a Web
browser due to images and other associated content.

o Example HTTP Request

o Here is an example of making an HTTP request and handling the
response in Java using the built-in HttpURLConnection class:import
java.io.BufferedReader;
o import java.io.InputStreamReader;
o import java.net.HttpURLConnection;
o import java.net.URL;
o
o public class HttpExample {
o public static void main(String[] args) throws Exception
{
o // set up the URL for the HTTP request
o URL url = new URL("https://www.example.com");
o
o // create a connection to the URL
o HttpURLConnection con = (HttpURLConnection)
url.openConnection();
o
o // set the HTTP request method
o con.setRequestMethod("GET");
o
o // read the response from the server
o BufferedReader in = new BufferedReader(new
InputStreamReader(con.getInputStream()));
o String inputLine;
o StringBuffer response = new StringBuffer();
o while ((inputLine = in.readLine()) != null) {
o response.append(inputLine);
o }
o in.close();
o
o // print the response from the server
o System.out.println(response.toString());
o }
o
o }

Example HTTP Response

o To handle an HTTP response, you can check the response code to see if the
request was successful, and use the response body to extract the information you
need.
o Here's an example of how to check the response code and handle the response
body:
o // check the response code
o int responseCode = con.getResponseCode();
o if (responseCode == HttpURLConnection.HTTP_OK) {
o // read the response body
o BufferedReader in = new BufferedReader(new
InputStreamReader(con.getInputStream()));
o String inputLine;
o StringBuffer response = new StringBuffer();
o while ((inputLine = in.readLine()) != null) {
o response.append(inputLine);
o }
o in.close();
o
o // do something with the response
o System.out.println(response.toString());
o } else {
o System.out.println("HTTP request failed: " +
responseCode);
o }

The majority of the response is HTML (omitted for brevity). Only the first few lines
are HTTP. Thus, as intended, HTTP does not have much overhead. Lower-level
protocols such as TCP and IP have even less overhead than HTTP, however,
due mostly to the fact that HTTP is intentionally readable. This makes it easy to
study and comprehend.

o Example Transaction
o A good example transaction to review is a search on Google. Being one of the
most popular sites on the Web, most people have interacted with this site at one
time or another. When performing a search on HTTP (see Figure 3.2), you enter
HTTP into the form field and click the button labeled Google Search.

o When using my Web browser to perform this search, the following HTTP request
is sent when I click the button:
o GET /search?hl=en&q=HTTP&btnG=Google+Search HTTP/1.1

o Host: http://www.google.com

o User-Agent: Mozilla/5.0 Galeon/1.2.0 (X11; Linux i686; U;)

Gecko/20020326

o Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=
0.9,

o text/plain;q=0.8,video/x-
mng,image/png,image/jpeg,image/gif;q=0.2,

o text/css,*/*;q=0.1

o Accept-Language: en

o Accept-Encoding: gzip, deflate, compress;q=0.9

o Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66

o Keep-Alive: 300

o Connection: keep-alive

5. What is email explain different email protocols.

E-mail is defined as the transmission of messages on the Internet. It is
one of the most commonly used features over communications
networks that may contain text, files, images, or other attachments.
 Generally, it is information that is stored on a computer sent through
a network to a specified individual or group of individuals .

Email protocols are a collection of protocols that are used to send and receive
emails properly. The email protocols provide the ability for the client to transmit
the mail to or from the intended mail server. Email protocols are a set of
commands for sharing mails between two computers. Email protocols establish
communication between the sender and receiver for the transmission of email.
Email forwarding includes components like two computers sending and
receiving emails and the mail server. There are three basic types of email
protocols.

Types of Email Protocols:

Three basic types of email protocols involved for sending and receiving mails
are:
• SMTP
• POP3
• IMAP

SMTP (Simple Mail Transfer Protocol):

Simple Mail Transfer Protocol is used to send mails over the internet. SMTP is
an application layer and connection-oriented protocol. SMTP is efficient and
reliable for sending emails. SMTP uses TCP as the transport layer protocol. It
handles the sending and receiving of messages between email servers over a
TCP/IP network. This protocol along with sending emails also provides the
feature of notification for incoming mails. When a sender sends an email then
the sender’s mail client sends it to the sender’s mail server and then it is sent to
the receiver mail server through SMTP. SMTP commands are used to identify
the sender and receiver email addresses along with the message to be sent.
Some of the SMTP commands are HELLO, MAIL FROM, RCPT TO, DATA,
QUIT, VERIFY, SIZE, etc. SMTP sends an error message if the mail is not
delivered to the receiver hence, reliable protocol.
For more details please refer to the Simple Mail Transfer Protocol
(SMTP) article.

POP(Post Office Protocol):

Post Office Protocol is used to retrieve email for a single client. POP3 version is
the current version of POP used. It is an application layer protocol. It allows to
access mail offline and thus, needs less internet time. To access the message it
has to be downloaded. POP allows only a single mailbox to be created on the
mail server. POP does not allow search facilities
Some of the POP commands are LOG IN, STAT, LIST, RETR, DELE, RSET,
and QUIT. For more details please refer to the POP Full-Form article.

IMAP(Internet Message Access Protocol):

Internet Message Access Protocol is used to retrieve mails for multiple clients.
There are several IMAP versions: IMAP, IMAP2, IMAP3, IMAP4, etc. IMAP is
an application layer protocol. IMAP allows to access email without downloading
them and also supports email download. The emails are maintained by the
remote server. It enables all email operations such as creating, manipulating,
delete the email without reading it. IMAP allows you to search emails. It allows
multiple mailboxes to be created on multiple mail servers and allows concurrent
access. Some of the IMAP commands are: IMAP_LOGIN, CREATE, DELETE,
RENAME, SELECT, EXAMINE, and LOGOUT.
For more details please refer to the Internet Message Access Protocol
(IMAP) article.
MIME(Multipurpose Internet Mail Extension Protocol):

Multipurpose Internet Mail Extension Protocol is an additional email protocol

that allows non-ASCII data to be sent through SMTP. It allows users to send
and receive different types of data like audio, images, videos and other
application programs on the Internet. It allows to send multiple attachments with
single message. It allows to send message of unlimited length.

6. Explain RIP in detail.

RIP stands for Routing Information Protocol. RIP is an intra-domain routing protocol
used within an autonomous system. Here, intra-domain means routing the packets in a
defined domain, for example, web browsing within an institutional area. To understand
the RIP protocol, our main focus is to know the structure of the packet, how many fields
it contains, and how these fields determine the routing table.

Before understanding the structure of the packet, we first look at the following
points:

o RIP is based on the distance vector-based strategy, so we consider the entire structure as
a graph where nodes are the routers, and the links are the networks.
o In a routing table, the first column is the destination, or we can say that it is a network
address.
o The cost metric is the number of hops to reach the destination. The number of hops
available in a network would be the cost. The hop count is the number of networks
required to reach the destination.
o In RIP, infinity is defined as 16, which means that the RIP is useful for smaller networks or
small autonomous systems. The maximum number of hops that RIP can contain is 15
hops, i.e., it should not have more than 15 hops as 16 is infinity.
o The next column contains the address of the router to which the packet is to be sent to
reach the destination.

How is hop count determined?

When the router sends the packet to the network segment, then it is counted as a single
hop.
In the above figure, when the router 1 forwards the packet to the router 2 then it will
count as 1 hop count. Similarly, when the router 2 forwards the packet to the router 3
then it will count as 2 hop count, and when the router 3 forwards the packet to router 4,
it will count as 3 hop count. In the same way, RIP can support maximum upto 15 hops,
which means that the 16 routers can be configured in a RIP.

Pause

Unmute

Current Time 0:07

Duration 18:10

Loaded: 4.04%

Fullscreen

RIP Message Format

Now, we look at the structure of the RIP message format. The message format is used to
share information among different routers. The RIP contains the following fields in a
message:
 o Command: It is an 8-bit field that is used for request or reply. The value of the request is
1, and the value of the reply is 2.
o Version: Here, version means that which version of the protocol we are using. Suppose
we are using the protocol of version1, then we put the 1 in this field.
o Reserved: This is a reserved field, so it is filled with zeroes.
o Family: It is a 16-bit field. As we are using the TCP/IP family, so we put 2 value in this
field.
o Network Address: It is defined as 14 bytes field. If we use the IPv4 version, then we use 4
bytes, and the other 10 bytes are all zeroes.
o Distance: The distance field specifies the hop count, i.e., the number of hops used to
reach the destination.

How does the RIP work?

If there are 8 routers in a network where Router 1 wants to send the data to Router 3. If
the network is configured with RIP, it will choose the route which has the least number
of hops. There are three routes in the above network, i.e., Route 1, Route 2, and Route 3.
The Route 2 contains the least number of hops, i.e., 2 where Route 1 contains 3 hops,
and Route 3 contains 4 hops, so RIP will choose Route 2.

Let's look at another example.

Suppose R1 wants to send the data to R4. There are two possible routes to send data
from r1 to r2. As both the routes contain the same number of hops, i.e., 3, so RIP will
send the data to both the routes simultaneously. This way, it manages the load
balancing, and data reach the destination a bit faster.

Disadvantages of RIP
The following are the disadvantages of RIP:

o In RIP, the route is chosen based on the hop count metric. If another route of better
bandwidth is available, then that route would not be chosen. Let's understand this
scenario through an example.

We can observe that Route 2 is chosen in the above figure as it has the least hop count.
The Route 1 is free and data can be reached more faster; instead of this, data is sent to
the Route 2 that makes the Route 2 slower due to the heavy traffic. This is one of the
biggest disadvantages of RIP.

o The RIP is a classful routing protocol, so it does not support the VLSM (Variable Length
Subnet Mask). The classful routing protocol is a protocol that does not include the
subnet mask information in the routing updates.
o It broadcasts the routing updates to the entire network that creates a lot of traffic. In RIP,
the routing table updates every 30 seconds. Whenever the updates occur, it sends the
copy of the update to all the neighbors except the one that has caused the update. The
sending of updates to all the neighbors creates a lot of traffic. This rule is known as a
split-horizon rule.
 o It faces a problem of Slow convergence. Whenever the router or link fails, then it often
takes minutes to stabilize or take an alternative route; This problem is known as Slow
convergence.
o RIP supports maximum 15 hops which means that the maximum 16 hops can be
configured in a RIP
o The Administrative distance value is 120 (Ad value). If the Ad value is less, then the
protocol is more reliable than the protocol with more Ad value.
o The RIP protocol has the highest Ad value, so it is not as reliable as the other routing
protocols.

Advantages of RIP
The following are the advantages of a RIP protocol:

o It is easy to configure
o It has less complexity
o The CPU utilization is less.

7.

6.What is DHCP? Explain DHCP scope resolution protocol in detail.

Dynamic Host Configuration Protocol (DHCP) is a network management protocol used

to dynamically assign an IP address to nay device, or node, on a network so they can
communicate using IP (Internet Protocol). DHCP automates and centrally manages these
configurations. There is no need to manually assign IP addresses to new devices.
Therefore, there is no requirement for any user configuration to connect to a DHCP
based network.

DHCP can be implemented on local networks as well as large enterprise networks. DHCP
is the default protocol used by the most routers and networking equipment. DHCP is
also called RFC (Request for comments) 2131.

DHCP does the following:

 o DHCP manages the provision of all the nodes or devices added or dropped from
the network.
o DHCP maintains the unique IP address of the host using a DHCP server.
o It sends a request to the DHCP server whenever a client/node/device, which is
configured to work with DHCP, connects to a network. The server acknowledges
by providing an IP address to the client/node/device.

DHCP is also used to configure the proper subnet mask, default gateway and DNS server
information on the node or device.

There are many versions of DCHP are available for use in IPV4 (Internet Protocol Version 4)
and IPV6 (Internet Protocol Version 6).

Play Video

How DHCP works

DHCP runs at the application layer of the TCP/IP protocol stack to dynamically assign IP
addresses to DHCP clients/nodes and to allocate TCP/IP configuration information to the DHCP
clients. Information includes subnet mask information, default gateway, IP addresses and domain
name system addresses.

DHCP is based on client-server protocol in which servers manage a pool of unique IP addresses,
as well as information about client configuration parameters, and assign addresses out of those
address pools.

The DHCP lease process works as follows:

o First of all, a client (network device) must be connected to the internet.

o DHCP clients request an IP address. Typically, client broadcasts a query for this
information.
o DHCP server responds to the client request by providing IP server address and
other configuration information. This configuration information also includes
time period, called a lease, for which the allocation is valid.
o When refreshing an assignment, a DHCP clients request the same parameters,
but the DHCP server may assign a new IP address. This is based on the policies
set by the administrator.
Components of DHCP
When working with DHCP, it is important to understand all of the components. Following are
the list of components:

o DHCP Server: DHCP server is a networked device running the DCHP service that
holds IP addresses and related configuration information. This is typically a server
or a router but could be anything that acts as a host, such as an SD-WAN
appliance.
o DHCP client: DHCP client is the endpoint that receives configuration information
from a DHCP server. This can be any device like computer, laptop, IoT endpoint
or anything else that requires connectivity to the network. Most of the devices
are configured to receive DHCP information by default.
o IP address pool: IP address pool is the range of addresses that are available to
DHCP clients. IP addresses are typically handed out sequentially from lowest to
the highest.
o Subnet: Subnet is the partitioned segments of the IP networks. Subnet is used to
keep networks manageable.
o Lease: Lease is the length of time for which a DHCP client holds the IP address
information. When a lease expires, the client has to renew it.
o DHCP relay: A host or router that listens for client messages being broadcast on
that network and then forwards them to a configured server. The server then
sends responses back to the relay agent that passes them along to the client.
DHCP relay can be used to centralize DHCP servers instead of having a server on
each subnet.

Benefits of DHCP
There are following benefits of DHCP:

Centralized administration of IP configuration: DHCP IP configuration information can

be stored in a single location and enables that administrator to centrally manage all IP address
configuration information.

Dynamic host configuration: DHCP automates the host configuration process and eliminates
the need to manually configure individual host. When TCP/IP (Transmission control
protocol/Internet protocol) is first deployed or when IP infrastructure changes are required.
Seamless IP host configuration: The use of DHCP ensures that DHCP clients get accurate
and timely IP configuration IP configuration parameter such as IP address, subnet mask, default
gateway, IP address of DND server and so on without user intervention.

Flexibility and scalability: Using DHCP gives the administrator increased flexibility,
allowing the administrator to move easily change IP configuration when the
infrastructure changes.

7.Define a threat and attacks. Explain active attack.

A threat is any potential occurrence, malicious or otherwise, that could harm an asset. In other words, a
threat is any bad thing that can happen to your assets.

 An attack is an action that exploits a vulnerability or enacts a threat. Examples of attacks include
sending malicious input to an

Active attacks: An Active attack attempts to alter system resources or affect

their operations. Active attacks involve some modification of the data stream or
the creation of false statements. Active attacks involve an attacker intentionally
altering or destroying data, or disrupting the normal operation of a system.
Examples of active attacks include denial of service (DoS), where an attacker
floods a system with traffic in an attempt to make it unavailable to legitimate
users, and malware, where an attacker installs malicious software on a system
to steal or destroy data.
Types of active attacks are as follows:
• Masquerade
• Modification of messages
• Repudiation
• Replay
• Denial of Service
Masquerade –
A masquerade attack takes place when one entity pretends to be a different
entity. A Masquerade attack involves one of the other forms of active attacks. If
an authorization procedure isn’t always absolutely protected, it is able to grow
to be extraordinarily liable to a masquerade assault. Masquerade assaults may
be performed using the stolen passwords and logins, with the aid of using
finding gaps in programs, or with the aid of using locating a manner across the
authentication process.

Masquerade Attack

Modification of messages –
It means that some portion of a message is altered or that message is delayed
or reordered to produce an unauthorized effect. Modification is an attack on the
integrity of the original data. It basically means that unauthorized parties not
only gain access to data but also spoof the data by triggering denial-of-service
attacks, such as altering transmitted data packets or flooding the network with
fake data. Manufacturing is an attack on authentication. For example, a
message meaning “Allow JOHN to read confidential file X” is modified as “Allow
Smith to read confidential file X”.
 Modification of messages

Repudiation –
This attack occurs when the network is not completely secured or the login
control has been tampered with. With this attack, the author’s information can
be changed by actions of a malicious user in order to save false data in log
files, up to the general manipulation of data on behalf of others, similar to the
spoofing of e-mail messages.
Replay –
It involves the passive capture of a message and its subsequent transmission to
produce an authorized effect. In this attack, the basic aim of the attacker is to
save a copy of the data originally present on that particular network and later on
use this data for personal uses. Once the data is corrupted or leaked it is
insecure and unsafe for the users.
 Replay

Denial of Service –
It prevents the normal use of communication facilities. This attack may have a
specific target. For example, an entity may suppress all messages directed to a
particular destination. Another form of service denial is the disruption of an
entire network either by disabling the network or by overloading it with
messages so as to degrade performance.
 Denial of Service

Passive attacks: A Passive attack attempts to learn or make use of information

from the system but does not affect system resources. Passive Attacks are in
the nature of eavesdropping on or monitoring transmission. The goal of the
opponent is to obtain information that is being transmitted. Passive attacks
involve an attacker passively monitoring or collecting data without altering or
destroying it. Examples of passive attacks include eavesdropping, where an
attacker listens in on network traffic to collect sensitive information, and sniffing,
where an attacker captures and analyzes data packets to steal sensitive
information.
Types of Passive attacks are as follows:
• The release of message content
• Traffic analysis

8.Write a simple socket program to find out IP address of host.

An IP(Internet Protocol) address is an identifier assigned to each computer

and another device (e.g., router, mobile, etc) connected to a TCP/IP network
that is used to locate and identify the node in communication with other nodes
on the network. IP addresses are usually written and displayed in human-
readable notation such as 192.168.1.35 in IPv4(32-bit IP address).
An IP address serves two principal functions: host or network interface
identification and local addressing. Its role has been characterized as follows:
 “A name indicates what we seek. An address indicates where it is. A route
indicates how to get there.”
Recommended: Please try your approach on {IDE} first, before moving on to
the solution.

Prerequisites : Networking in Java | Set 1 (InetAddress class), trim() in Java.

InetAddress.getLocalHost() is used to find the private IP addresses used in
LAN or any other local network.
To find public IP, we use http://bot.whatismyipaddress.com (An online utility to
find your public IP), we open the URL, read a line and print the line.
Below is the Java implementation of the above steps.

• Java

// Java program to find IP address of your computer

// java.net.InetAddress class provides method to get

// IP of any host name

import java.net.*;

import java.io.*;

import java.util.*;

import java.net.InetAddress;

public class JavaProgram

public static void main(String args[]) throws Exception

 {

// Returns the instance of InetAddress containing

// local host name and address

InetAddress localhost = InetAddress.getLocalHost();

System.out.println("System IP Address : " +

(localhost.getHostAddress()).trim());

// Find public IP address

String systemipaddress = "";

try

URL url_name = new

URL("http://bot.whatismyipaddress.com");

BufferedReader sc =

new BufferedReader(new
InputStreamReader(url_name.openStream()));

// reads system IPAddress

 systemipaddress = sc.readLine().trim();

catch (Exception e)

systemipaddress = "Cannot Execute Properly";

System.out.println("Public IP Address: " +

systemipaddress +"\n");

Output:
System IP Address : 10.0.8.204
Public IP Address : 35.166.48.97

9.Write PCB server socket program which accept request from client to capitalize
string and sending the response in the form of capitalizes sentence block to client.

--> This article describes a very basic one-way Client and Server setup where a
Client connects, sends messages to the server and the server shows them
using a socket connection. There’s a lot of low-level stuff that needs to happen
for these things to work but the Java API networking package (java.net) takes
care of all of that, making network programming very easy for programmers.
Client-Side Programming
Establish a Socket Connection
 To connect to another machine we need a socket connection. A socket
connection means the two machines have information about each other’s
network location (IP Address) and TCP port. The java.net.Socket class
represents a Socket. To open a socket:
Socket socket = new Socket(“127.0.0.1”, 5000)
• The first argument – IP address of Server. ( 127.0.0.1 is the IP address of
localhost, where code will run on the single stand-alone machine).
• The second argument – TCP Port. (Just a number representing which
application to run on a server. For example, HTTP runs on port 80. Port
number can be from 0 to 65535)
Communication
To communicate over a socket connection, streams are used to both input and
output the data.
Closing the connection
The socket connection is closed explicitly once the message to the server is
sent.
In the program, the Client keeps reading input from a user and sends it to the
server until “Over” is typed.
Java Implementation
• Java

// A Java program for a Client

import java.io.*;

import java.net.*;

public class Client {

// initialize socket and input output streams

private Socket socket = null;

private DataInputStream input = null;

private DataOutputStream out = null;

// constructor to put ip address and port

public Client(String address, int port)

// establish a connection

try {

socket = new Socket(address, port);

System.out.println("Connected");

// takes input from terminal

input = new DataInputStream(System.in);

// sends output to the socket

out = new DataOutputStream(

socket.getOutputStream());

catch (UnknownHostException u) {

System.out.println(u);
 return;

catch (IOException i) {

System.out.println(i);

return;

// string to read message from input

String line = "";

// keep reading until "Over" is input

while (!line.equals("Over")) {

try {

line = input.readLine();

out.writeUTF(line);

catch (IOException i) {

System.out.println(i);

}
 }

// close the connection

try {

input.close();

out.close();

socket.close();

catch (IOException i) {

System.out.println(i);

public static void main(String args[])

Client client = new Client("127.0.0.1", 5000);

Server Programming
Establish a Socket Connection
 To write a server application two sockets are needed.
• A ServerSocket which waits for the client requests (when a client makes a
new Socket())
• A plain old Socket to use for communication with the client.
Communication
getOutputStream() method is used to send the output through the socket.
Close the Connection
After finishing, it is important to close the connection by closing the socket as
well as input/output streams.
• Java

// A Java program for a Server

import java.net.*;

import java.io.*;

public class Server

//initialize socket and input stream

private Socket socket = null;

private ServerSocket server = null;

private DataInputStream in = null;

// constructor with port

public Server(int port)

 {

// starts server and waits for a connection

try

server = new ServerSocket(port);

System.out.println("Server started");

System.out.println("Waiting for a client

...");

socket = server.accept();

System.out.println("Client accepted");

// takes input from the client socket

in = new DataInputStream(

new
BufferedInputStream(socket.getInputStream()));

String line = "";

// reads message from client until "Over"

is sent

while (!line.equals("Over"))

try

line = in.readUTF();

System.out.println(line);

catch(IOException i)

System.out.println(i);

System.out.println("Closing connection");

// close connection

socket.close();

in.close();
 }

catch(IOException i)

System.out.println(i);

public static void main(String args[])

Server server = new Server(5000);

Important Points
• Server application makes a ServerSocket on a specific port which is 5000.
This starts our Server listening for client requests coming in for port 5000.
• Then Server makes a new Socket to communicate with the client.
socket = server.accept()
• The accept() method blocks(just sits there) until a client connects to the
server.
• Then we take input from the socket using getInputStream() method. Our
Server keeps receiving messages until the Client sends “Over”.
• After we’re done we close the connection by closing the socket and the input
stream.
• To run the Client and Server application on your machine, compile both of
them. Then first run the server application and then run the Client
application.
To run on Terminal or Command Prompt
Open two windows one for Server and another for Client
1. First run the Server application as,
$ java Server
Server started
Waiting for a client …
2. Then run the Client application on another terminal as,
$ java Client
It will show – Connected and the server accepts the client and shows,
Client accepted
3. Then you can start typing messages in the Client window. Here is a sample
input to the Client
Hello
I made my first socket connection
Over
Which the Server simultaneously receives and shows,
Hello
I made my first socket connection
Over
Closing connection
Notice that sending “Over” closes the connection between the Client and the
Server just like said before.
If you’re using Eclipse or likes of such-
1. Compile both of them on two different terminals or tabs
2. Run the Server program first
3. Then run the Client program
4. Type messages in the Client Window which will be received and shown by
the Server Window simultaneously.
5. Type Over to end.
This article is contributed by Souradeep Barua. If you like GeeksforGeeks and
would like to contribute, you can also write an article and mail your article to
[email protected]. See your article appearing on the
GeeksforGeeks main page and help other Geeks.
10.Describe TCP/IP protocol surf in detail.

TCP/IP model
o The TCP/IP model was developed prior to the OSI model.
o The TCP/IP model is not exactly similar to the OSI model.
o The TCP/IP model consists of five layers: the application layer, transport layer, network
layer, data link layer and physical layer.
o The first four layers provide physical standards, network interface, internetworking, and
transport functions that correspond to the first four layers of the OSI model and these
four layers are represented in TCP/IP model by a single layer called the application layer.
o TCP/IP is a hierarchical protocol made up of interactive modules, and each of them
provides specific functionality.

Here, hierarchical means that each upper-layer protocol is supported by two or more
lower-level protocols.

Functions of TCP/IP layers:

Network Access Layer

o A network layer is the lowest layer of the TCP/IP model.

o A network layer is the combination of the Physical layer and Data Link layer defined in
the OSI reference model.
o It defines how the data should be sent physically through the network.
o This layer is mainly responsible for the transmission of the data between two devices on
the same network.
o The functions carried out by this layer are encapsulating the IP datagram into frames
transmitted by the network and mapping of IP addresses into physical addresses.
o The protocols used by this layer are ethernet, token ring, FDDI, X.25, frame relay.

Internet Layer

o An internet layer is the second layer of the TCP/IP model.

o An internet layer is also known as the network layer.
o The main responsibility of the internet layer is to send the packets from any network, and
they arrive at the destination irrespective of the route they take.

Following are the protocols used in this layer are:

IP Protocol: IP protocol is used in this layer, and it is the most significant part of the
entire TCP/IP suite.

Following are the responsibilities of this protocol:

o IP Addressing: This protocol implements logical host addresses known as IP addresses.

The IP addresses are used by the internet and higher layers to identify the device and to
provide internetwork routing.
o Host-to-host communication: It determines the path through which the data is to be
transmitted.
o Data Encapsulation and Formatting: An IP protocol accepts the data from the
transport layer protocol. An IP protocol ensures that the data is sent and received
securely, it encapsulates the data into message known as IP datagram.
 o Fragmentation and Reassembly: The limit imposed on the size of the IP datagram by
data link layer protocol is known as Maximum Transmission unit (MTU). If the size of IP
datagram is greater than the MTU unit, then the IP protocol splits the datagram into
smaller units so that they can travel over the local network. Fragmentation can be done
by the sender or intermediate router. At the receiver side, all the fragments are
reassembled to form an original message.
o Routing: When IP datagram is sent over the same local network such as LAN, MAN,
WAN, it is known as direct delivery. When source and destination are on the distant
network, then the IP datagram is sent indirectly. This can be accomplished by routing the
IP datagram through various devices such as routers.

ARP Protocol

Play Video

o ARP stands for Address Resolution Protocol.

o ARP is a network layer protocol which is used to find the physical address from the IP
address.
o The two terms are mainly associated with the ARP Protocol:
o ARP request: When a sender wants to know the physical address of the device, it
broadcasts the ARP request to the network.
o ARP reply: Every device attached to the network will accept the ARP request and
process the request, but only recipient recognize the IP address and sends back
its physical address in the form of ARP reply. The recipient adds the physical
address both to its cache memory and to the datagram header

ICMP Protocol

o ICMP stands for Internet Control Message Protocol.

o It is a mechanism used by the hosts or routers to send notifications regarding datagram
problems back to the sender.
o A datagram travels from router-to-router until it reaches its destination. If a router is
unable to route the data because of some unusual conditions such as disabled links, a
device is on fire or network congestion, then the ICMP protocol is used to inform the
sender that the datagram is undeliverable.
 o An ICMP protocol mainly uses two terms:
o ICMP Test: ICMP Test is used to test whether the destination is reachable or not.
o ICMP Reply: ICMP Reply is used to check whether the destination device is
responding or not.
o The core responsibility of the ICMP protocol is to report the problems, not correct them.
The responsibility of the correction lies with the sender.
o ICMP can send the messages only to the source, but not to the intermediate routers
because the IP datagram carries the addresses of the source and destination but not of
the router that it is passed to.

Transport Layer
The transport layer is responsible for the reliability, flow control, and correction of data
which is being sent over the network.

The two protocols used in the transport layer are User Datagram protocol and
Transmission control protocol.

o User Datagram Protocol (UDP)

o It provides connectionless service and end-to-end delivery of transmission.
o It is an unreliable protocol as it discovers the errors but not specify the error.
o User Datagram Protocol discovers the error, and ICMP protocol reports the error
to the sender that user datagram has been damaged.
o UDP consists of the following fields:
Source port address: The source port address is the address of the application
program that has created the message.
Destination port address: The destination port address is the address of the
application program that receives the message.
Total length: It defines the total number of bytes of the user datagram in bytes.
Checksum: The checksum is a 16-bit field used in error detection.
o UDP does not specify which packet is lost. UDP contains only checksum; it does
not contain any ID of a data segment.
 o Transmission Control Protocol (TCP)
o It provides a full transport layer services to applications.
o It creates a virtual circuit between the sender and receiver, and it is active for the
duration of the transmission.
o TCP is a reliable protocol as it detects the error and retransmits the damaged
frames. Therefore, it ensures all the segments must be received and
acknowledged before the transmission is considered to be completed and a
virtual circuit is discarded.
o At the sending end, TCP divides the whole message into smaller units known as
segment, and each segment contains a sequence number which is required for
reordering the frames to form an original message.
o At the receiving end, TCP collects all the segments and reorders them based on
sequence numbers.

Application Layer

o An application layer is the topmost layer in the TCP/IP model.

o It is responsible for handling high-level protocols, issues of representation.
o This layer allows the user to interact with the application.
o When one application layer protocol wants to communicate with another application
layer, it forwards its data to the transport layer.
 o There is an ambiguity occurs in the application layer. Every application cannot be placed
inside the application layer except those who interact with the communication system.
For example: text editor cannot be considered in application layer while web browser
using HTTP protocol to interact with the network where HTTP protocol is an application
layer protocol.

Following are the main protocols used in the application layer:

o HTTP: HTTP stands for Hypertext transfer protocol. This protocol allows us to access the
data over the world wide web. It transfers the data in the form of plain text, audio, video.
It is known as a Hypertext transfer protocol as it has the efficiency to use in a hypertext
environment where there are rapid jumps from one document to another.
o SNMP: SNMP stands for Simple Network Management Protocol. It is a framework used
for managing the devices on the internet by using the TCP/IP protocol suite.
o SMTP: SMTP stands for Simple mail transfer protocol. The TCP/IP protocol that supports
the e-mail is known as a Simple mail transfer protocol. This protocol is used to send the
data to another e-mail address.
o DNS: DNS stands for Domain Name System. An IP address is used to identify the
connection of a host to the internet uniquely. But, people prefer to use the names
instead of addresses. Therefore, the system that maps the name to the address is known
as Domain Name System.
o TELNET: It is an abbreviation for Terminal Network. It establishes the connection
between the local computer and remote computer in such a way that the local terminal
appears to be a terminal at the remote system.
o FTP: FTP stands for File Transfer Protocol. FTP is a standard internet protocol used for
transmitting the files from one computer to another computer.

Question 1 complete

11.Explain IPV4 address classes and IPV6 addressing .How they can exist
same time?
 IPv4 addresses are 32-bit addresses and are divided into five classes: A, B, C, D, and E.
These classes are determined by the value of the first octet of the IP address, which is
used to identify the network portion of the address and the host portion of the address.
The classes are as follows:

• Class A addresses are used for large networks and have the first octet reserved for the
network portion of the address, while the remaining three octets are used for the host
portion. The range of Class A addresses is from 1.0.0.0 to 126.0.0.0.
•
• Class B addresses are used for medium-sized networks and have the first two octets
reserved for the network portion of the address, while the remaining two octets are
used for the host portion. The range of Class B addresses is from 128.0.0.0 to
191.255.0.0.
•
• Class C addresses are used for small networks and have the first three octets reserved
for the network portion of the address, while the remaining octet is used for the host
portion. The range of Class C addresses is from 192.0.0.0 to 223.255.255.0.
•
• Class D addresses are used for multicast addresses and have the first four bits of the first
octet set to 1. The range of Class D addresses is from 224.0.0.0 to 239.255.255.255.

• Class E addresses are reserved for experimental use and have the first four bits of the
first octet set to 1. The range of Class E addresses is from 240.0.0.0 to 255.255.255.255.

IPV6 addressing:

IPv6 addressing is a system used to assign unique numerical identifiers to

devices on a network using 128-bit addresses. IPv6 addressing is necessary
due to the exhaustion of the IPv4 address space, and it provides a much larger
address space than IPv4, allowing for more efficient routing and addressing of
devices on a network.

IPv6 addresses are represented using hexadecimal notation and are divided
into eight groups of four hexadecimal digits separated by colons, like this:

2001:0db8:85a3:0000:0000:8a2e:0370:7334
 However, since IPv6 addresses can contain long sequences of zeros, there are
several ways to abbreviate the address. One common method is to use double
colons to replace one or more groups of consecutive zeros, like this:

2001:0db8:85a3::8a2e:0370:7334

IPv6 addresses are divided into different types of addresses:

1. Unicast Addresses: These are unique addresses that identify a single interface
on a network. There are three types of unicast addresses:
• Global unicast addresses: These are public addresses that are used for
communication over the Internet. They are similar to IPv4 public addresses.
• Link-local addresses: These addresses are used for communication within a
single network segment, such as a LAN. They are similar to IPv4 APIPA
addresses.
• Site-local addresses: These addresses are used for communication within a
specific organization or site. They are similar to IPv4 private addresses.
•
2. Multicast Addresses: These addresses are used for one-to-many
communication, where a single packet is sent to multiple interfaces on a
network. Multicast addresses start with the prefix ff00::/8.

3. Anycast Addresses: These addresses are used to identify a group of interfaces

on a network, and a packet sent to an anycast address is delivered to the
nearest interface in the group. Anycast addresses start with the prefix 2000::/3.

IPv6 addressing provides a more efficient way to assign unique numerical

identifiers to devices on a network, allowing for more devices to be connected
and communicated with over the Internet.

IPv4 and IPv6 addresses can exist at the same time because they are
different protocols used to assign unique numerical identifiers to devices
on a network. While IPv4 addresses are still widely used, IPv6 addresses
are becoming more common as the number of devices connected to the
internet increases and the need for a larger address space grows. Many
modern operating systems and networking equipment support both IPv4
and IPv6 protocols, which allows devices using either protocol to
communicate with each other on the same network. In some cases,
network administrators may use a mechanism called dual-stack, which
enables a device to support both IPv4 and IPv6 addresses simultaneously.

12.Explain IP routing concept. Explain mechanism of open shortest path first

routing protocol.

--> IP routing is one of the important topics in computer networks. IP routing is

performed on the data which describes the path that data follows to reach from
source to destination in the network. Through IP routing only the shortest path
for the data is determined to reach the destination which decreases cost and
data is sent in minimum time. IP routing uses different protocols and
technologies for different networks. For IP routing we require some basics of IP
addresses, routers, and different networks.

IP Routing:

IP routing is the process that defines the shortest path through which data
travels to reach from source to destination. It determines the shortest path to
send the data from one computer to another computer in the same or different
network. Routing uses different protocols for the different networks to find the
path that data follows. It defines the path through which data travel across
multiple networks from one computer to other. Forwarding the packets from
source to destination via different routers is called routing. The routing decision
is taken by the routers.
 IP Routing

Terminologies:

• Autonomous System (AS): The collection of networks managed and

supervised by a single entity or organization is called an autonomous
system.
• Router: A router is a device that forwards the data using routing through
multiple networks.
• Routing Table: A routing table is a table present in the router which stores
the routing information.

Different Types of Routing:

There are three different types of routing:

1. Static Routing
2. Dynamic Routing
3. Default Routing
Static Routing: In this type of routing the routing table is updated by the
network administrator.
Dynamic Routing: In this type of routing the routing table is automatically
updated using routing protocols.
Default Routing: In this type of routing the router is configured to send all the
data towards a specific router. This routing is generally used with the stub
routers.
Explain mechanism of open shortest path first routing protocol.

Open Shortest Path First (OSPF) is a link-state routing protocol that is used to
find the best path between the source and the destination router using its own
Shortest Path First). OSPF is developed by Internet Engineering Task Force
(IETF) as one of the Interior Gateway Protocol (IGP), i.e, the protocol which
aims at moving the packet within a large autonomous system or routing domain.
It is a network layer protocol which works on protocol number 89 and uses AD
value 110. OSPF uses multicast address 224.0.0.5 for normal communication
and 224.0.0.6 for update to designated router(DR)/Backup Designated Router
(BDR).
OSPF terms –

1. Router I’d – It is the highest active IP address present on the router. First,
the highest loopback address is considered. If no loopback is configured
then the highest active IP address on the interface of the router is
considered.

2. Router priority – It is an 8-bit value assigned to a router operating OSPF,

used to elect DR and BDR in a broadcast network.

3. Designated Router (DR) – It is elected to minimize the number of

adjacencies formed. DR distributes the LSAs to all the other routers. DR is
elected in a broadcast network to which all the other routers share their
DBD. In a broadcast network, the router requests for an update to DR, and
DR will respond to that request with an update.

4. Backup Designated Router (BDR) – BDR is a backup to DR in a broadcast

network. When DR goes down, BDR becomes DR and performs its
functions.

DR and BDR election – DR and BDR election takes place in the broadcast
network or multi-access network. Here are the criteria for the election:

1. Router having the highest router priority will be declared as DR.

2. If there is a tie in router priority then the highest router I’d be considered.
First, the highest loopback address is considered. If no loopback is
configured then the highest active IP address on the interface of the router is
 considered.

OSPF states – The device operating OSPF goes through certain states. These
states are:

1. Down – In this state, no hello packets have been received on the interface.
Note – The Downstate doesn’t mean that the interface is physically down.
Here, it means that the OSPF adjacency process has not started yet.

2. INIT – In this state, the hello packets have been received from the other
router.

3. 2WAY – In the 2WAY state, both the routers have received the hello packets
from other routers. Bidirectional connectivity has been established.
Note – In between the 2WAY state and Exstart state, the DR and BDR
election takes place.

4. Exstart – In this state, NULL DBD are exchanged. In this state, the master
and slave elections take place. The router having the higher router I’d
become the master while the other becomes the slave. This election decides
Which router will send its DBD first (routers who have formed neighbourship
will take part in this election).

5. Exchange – In this state, the actual DBDs are exchanged.

6. Loading – In this state, LSR, LSU, and LSA (Link State Acknowledgement)
are exchanged.
Important – When a router receives DBD from other router, it compares its
own DBD with the other router DBD. If the received DBD is more updated
than its own DBD then the router will send LSR to the other router stating
what links are needed. The other router replies with the LSU containing the
updates that are needed. In return to this, the router replies with the Link
State Acknowledgement.

7. Full – In this state, synchronization of all the information takes place. OSPF
routing can begin only after the Full state.
13.Explain various threats in Network Security.

Information Security threats can be many like Software attacks, theft of

intellectual property, identity theft, theft of equipment or information, sabotage,
and information extortion.
Threat can be anything that can take advantage of a vulnerability to breach
security and negatively alter, erase, harm object or objects of interest.
Software attacks means attack by Viruses, Worms, Trojan Horses etc. Many
users believe that malware, virus, worms, bots are all same things. But they are
not same, only similarity is that they all are malicious software that behaves
differently.
Malware is a combination of 2 terms- Malicious and Software. So Malware
basically means malicious software that can be an intrusive program code or
anything that is designed to perform malicious operations on system. Malware
can be divided in 2 categories:

1. Infection Methods
2. Malware Actions
Malware on the basis of Infection Method are following:

1. Virus – They have the ability to replicate themselves by hooking them to the
program on the host computer like songs, videos etc and then they travel all
over the Internet. The Creeper Virus was first detected on ARPANET.
Examples include File Virus, Macro Virus, Boot Sector Virus, Stealth Virus
etc.
2. Worms – Worms are also self-replicating in nature but they don’t hook
themselves to the program on host computer. Biggest difference between
virus and worms is that worms are network-aware. They can easily travel
from one computer to another if network is available and on the target
machine they will not do much harm, they will, for example, consume hard
disk space thus slowing down the computer.
3. Trojan – The Concept of Trojan is completely different from the viruses and
worms. The name Trojan is derived from the ‘Trojan Horse’ tale in Greek
mythology, which explains how the Greeks were able to enter the fortified
city of Troy by hiding their soldiers in a big wooden horse given to the
Trojans as a gift. The Trojans were very fond of horses and trusted the gift
blindly. In the night, the soldiers emerged and attacked the city from the
inside.
Their purpose is to conceal themselves inside the software that seem
legitimate and when that software is executed they will do their task of either
stealing information or any other purpose for which they are designed.
 They often provide backdoor gateway for malicious programs or malevolent
users to enter your system and steal your valuable data without your
knowledge and permission. Examples include FTP Trojans, Proxy Trojans,
Remote Access Trojans etc.

4. Bots –: can be seen as advanced form of worms. They are automated

processes that are designed to interact over the internet without the need for
human interaction. They can be good or bad. Malicious bot can infect one
host and after infecting will create connection to the central server which will
provide commands to all infected hosts attached to that network
called Botnet.
Malware on the basis of Actions:

1. Adware – Adware is not exactly malicious but they do breach privacy of the
users. They display ads on a computer’s desktop or inside individual
programs. They come attached with free-to-use software, thus main source
of revenue for such developers. They monitor your interests and display
relevant ads. An attacker can embed malicious code inside the software and
adware can monitor your system activities and can even compromise your
machine.
2. Spyware – It is a program or we can say software that monitors your
activities on computer and reveal collected information to an interested
party. Spyware are generally dropped by Trojans, viruses or worms. Once
dropped they install themselves and sits silently to avoid detection.
One of the most common example of spyware is KEYLOGGER. The basic
job of keylogger is to record user keystrokes with timestamp. Thus capturing
interesting information like username, passwords, credit card details etc.
3. Ransomware – It is type of malware that will either encrypt your files or will
lock your computer making it inaccessible either partially or wholly. Then a
screen will be displayed asking for money i.e. ransom in exchange.
4. Scareware – It masquerades as a tool to help fix your system but when the
software is executed it will infect your system or completely destroy it. The
software will display a message to frighten you and force to take some action
like pay them to fix your system.
5. Rootkits – are designed to gain root access or we can say administrative
privileges in the user system. Once gained the root access, the exploiter can
do anything from stealing private files to private data.
6. Zombies – They work similar to Spyware. Infection mechanism is same but
they don’t spy and steal information rather they wait for the command from
hackers.
14.Explain various Topologies used in networking.

The arrangement of a network that comprises nodes and connecting lines via
sender and receiver is referred to as network topology. The various network
topologies are:

Mesh Topology:
In a mesh topology, every device is connected to another device via a particular
channel. In Mesh Topology, the protocols used are AHCP (Ad Hoc
Configuration Protocols), DHCP (Dynamic Host Configuration Protocol), etc.

Figure 1: Every device is connected to another via dedicated channels. These

channels are known as links.

• Suppose, the N number of devices are connected with each other in a mesh
topology, the total number of ports that are required by each device is N-1.
In Figure 1, there are 5 devices connected to each other, hence the total
number of ports required by each device is 4. The total number of ports
required=N*(N-1).
• Suppose, N number of devices are connected with each other in a mesh
topology, then the total number of dedicated links required to connect them
is NC2 i.e. N(N-1)/2. In Figure 1, there are 5 devices connected to each other,
hence the total number of links required is 5*4/2 = 10.
Advantages of this topology:
• Communication is very fast between the nodes.
• It is robust.
• The fault is diagnosed easily. Data is reliable because data is transferred
among the devices through dedicated channels or links.
• Provides security and privacy.
Problems with this topology:
• Installation and configuration are difficult.
• The cost of cables is high as bulk wiring is required, hence suitable for less
number of devices.
• The cost of maintenance is high.
Star Topology:
In star topology, all the devices are connected to a single hub through a cable.
This hub is the central node and all other nodes are connected to the central
node. The hub can be passive in nature i.e., not an intelligent hub such as
broadcasting devices, at the same time the hub can be intelligent known as an
active hub. Active hubs have repeaters in them. Coaxial cables or RJ-45 cables
are used to connect the computers. In Star Topology, many popular Ethernet
LAN protocols are used as CD(Collision Detection), CSMA (Carrier Sense
Multiple Access), etc.

Figure 2: A star topology having four systems connected to a single point of

connection i.e. hub.
Advantages of this topology:
• If N devices are connected to each other in a star topology, then the number
of cables required to connect them is N. So, it is easy to set up.
• Each device requires only 1 port i.e. to connect to the hub, therefore the total
number of ports required is N.
• It is Robust. If one link fails only that link will affect and not other than that.
• Easy to fault identification and fault isolation.
• Star topology is cost-effective as it uses inexpensive coaxial cable.
Problems with this topology:
• If the concentrator (hub) on which the whole topology relies fails, the whole
system will crash down.
• The cost of installation is high.
• Performance is based on the single concentrator i.e. hub.
Bus Topology:
Bus topology is a network type in which every computer and network device is
connected to a single cable. It is bi-directional. It is a multi-point connection and
a non-robust topology because if the backbone fails the topology crashes. In
Bus Topology, various MAC (Media Access Control) protocols are followed by
LAN ethernet connections like TDMA, Pure Aloha, CDMA, Slotted Aloha, etc.

Figure 3: A bus topology with shared backbone cable. The nodes are
connected to the channel via drop lines.
Advantages of this topology:
• If N devices are connected to each other in a bus topology, then the number
of cables required to connect them is 1, known as backbone cable, and N
drop lines are required.
• Coaxial or twisted pair cables are mainly used in bus-based networks that
support up to 10 Mbps.
• The cost of the cable is less compared to other topologies, but it is used to
build small networks.
• Bus topology is familiar technology as installation and troubleshooting
techniques are well known.
Problems with this topology:
• A bus topology is quite simpler, but still, it requires a lot of cabling.
• If the common cable fails, then the whole system will crash down.
• If the network traffic is heavy, it increases collisions in the network. To avoid
this, various protocols are used in the MAC layer known as Pure Aloha,
Slotted Aloha, CSMA/CD, etc.
• Adding new devices to the network would slow down networks.
• Security is very low.
Ring Topology:
In this topology, it forms a ring connecting devices with exactly two neighboring
devices.
A number of repeaters are used for Ring topology with a large number of
nodes, because if someone wants to send some data to the last node in the
ring topology with 100 nodes, then the data will have to pass through 99 nodes
to reach the 100th node. Hence to prevent data loss repeaters are used in the
network.
The data flows in one direction, i.e.., it is unidirectional, but it can be made
bidirectional by having 2 connections between each Network Node, it is
called Dual Ring Topology. In-Ring Topology, the Token Ring Passing protocol
is used by the workstations to transmit the data.

Figure 4: A ring topology comprises 4 stations connected with each forming a

ring.
The most common access method of ring topology is token passing.
• Token passing: It is a network access method in which a token is passed
from one node to another node.
• Token: It is a frame that circulates around the network.
The following operations take place in ring topology are :
1. One station is known as a monitor station which takes all the responsibility
for performing the operations.
2. To transmit the data, the station has to hold the token. After the transmission
is done, the token is to be released for other stations to use.
3. When no station is transmitting the data, then the token will circulate in the
ring.
4. There are two types of token release techniques: Early token
release releases the token just after transmitting the data and Delayed
token release releases the token after the acknowledgment is received from
the receiver.
Advantages of this topology:
• The data transmission is high-speed.
• The possibility of collision is minimum in this type of topology.
• Cheap to install and expand.
• It is less costly than a star topology.
Problems with this topology:
• The failure of a single node in the network can cause the entire network to
fail.
• Troubleshooting is difficult in this topology.
• The addition of stations in between or the removal of stations can disturb the
whole topology.
• Less secure.
Tree Topology :
This topology is the variation of the Star topology. This topology has a
hierarchical flow of data. In Tree Topology, protocols like DHCP and SAC
(Standard Automatic Configuration ) are used.

Figure 5: In this, the various secondary hubs are connected to the central hub
which contains the repeater. This data flow from top to bottom i.e. from the
central hub to the secondary and then to the devices or from bottom to top i.e.
devices to the secondary hub and then to the central hub. It is a multi-point
connection and a non-robust topology because if the backbone fails the
topology crashes.
Advantages of this topology :
• It allows more devices to be attached to a single central hub thus it
decreases the distance that is traveled by the signal to come to the devices.
• It allows the network to get isolated and also prioritize from different
computers.
• We can add new devices to the existing network.
• Error detection and error correction are very easy in a tree topology.
Problems with this topology :
• If the central hub gets fails the entire system fails.
• The cost is high because of the cabling.
• If new devices are added, it becomes difficult to reconfigure.
Hybrid Topology :
This topological technology is the combination of all the various types of
topologies we have studied above. It is used when the nodes are free to take
any form. It means these can be individuals such as Ring or Star topology or
can be a combination of various types of topologies seen above. Each
individual topology uses the protocol that has been discussed earlier.

Hybrid Topology

Figure 6: The above figure shows the structure of the Hybrid topology. As seen
it contains a combination of all different types of networks.
Advantages of this topology :
• This topology is very flexible.
• The size of the network can be easily expanded by adding new devices.
Problems with this topology :
• It is challenging to design the architecture of the Hybrid Network.
• Hubs used in this topology are very expensive.
• The infrastructure cost is very high as a hybrid network requires a lot of
cabling and network devices.

15.Write a short note on

1)HDLC
A high-level data link control defines rules for transmitting data between
network points. Data in an HDLC is organized into units called frames and is
sent across networks to specified destinations. HDLC also manages the pace
at which data is transmitted. HDLC is commonly used in the open systems
interconnection (OSI) model's layer 2.

HDLC frames are transmitted over synchronous links or asynchronous links,

which do not mark the start and end of frames. This is done using a frame
delimiter or flag, which contains unique sequence of bits that are not visible
inside a frame.

There are three types of HDLC frames:

• Information frames/User data (I-frames)

• Supervisory frames/Control data (S-frames)
• Unnumbered frames (U-frames)

The common fields within an HDLC frame are:

• Flag
• Address
• Control information
• Frame check sequence

The HDLC protocol is used by a variety of standards implemented in the

protocol stacks of X.25, V.42 and ISDN and many other protocol stacks.

2)TCP-a reliable pipe:

The reason that Transmission Control Protocol (TCP) is considered 'reliable'

is that the protocol itself checks to see if everything that was transmitted was
delivered at the receiving end (it may not have been due to packet loss). TCP
allows for the retransmission of lost packets, thereby making sure that all data
transmitted is (eventually) received.

3)Telnet:

o The main task of the internet is to provide services to users. For example, users
want to run different application programs at the remote site and transfers a
 result to the local site. This requires a client-server program such as FTP, SMTP.
But this would not allow us to create a specific program for each demand.
o The better solution is to provide a general client-server program that lets the user
access any application program on a remote computer. Therefore, a program that
allows a user to log on to a remote computer. A popular client-server program
Telnet is used to meet such demands. Telnet is an abbreviation for Terminal
Network.
o Telnet provides a connection to the remote computer in such a way that a local
terminal appears to be at the remote side.

4) WiMax:
WiMAX is one of the hottest broadband wireless technologies around today. WiMAX
systems are expected to deliver broadband access services to residential and
enterprise customers in an economical way.
Loosely, WiMax is a standardized wireless version of Ethernet intended primarily as an
alternative to wire technologies (such as Cable Modems, DSL and T1/E1 links) to
provide broadband access to customer premises.
More strictly, WiMAX is an industry trade organization formed by leading
communications, component, and equipment companies to promote and certify
compatibility and interoperability of broadband wireless access equipment that conforms
to the IEEE 802.16 and ETSI HIPERMAN standards.
WiMAX would operate similar to WiFi, but at higher speeds over greater distances and
for a greater number of users. WiMAX has the ability to provide service even in areas
that are difficult for wired infrastructure to reach and the ability to overcome the physical
limitations of traditional wired infrastructure.
WiMAX was formed in April 2001, in anticipation of the publication of the original 10-66
GHz IEEE 802.16 specifications. WiMAX is to 802.16 as the WiFi Alliance is to 802.11.

5)Firewall:

A Firewall is a network security device that monitors and filters incoming and
outgoing network traffic based on an organization’s previously established
security policies. At its most basic, a firewall is essentially the barrier that sits
 between a private internal network and the public Internet. A firewall’s main
purpose is to allow non-threatening traffic in and to keep dangerous traffic out.

Types of Firewalls
• Packet filtering

A small amount of data is analyzed and distributed according to the filter’s

standards.

• Proxy service

Network security system that protects while filtering messages at the

application layer.

• Stateful inspection

Dynamic packet filtering that monitors active connections to determine which

network packets to allow through the Firewall.

• Next Generation Firewall (NGFW)

Deep packet inspection Firewall with application-level inspection.

16.Generate CRC code for the data word 1010001011 using the divisor 11101.
17.Define the subnet mask to be used in Class-B addressing to support 30 subnets
and also find the most hosts possible in each subnet.
18.Define HTTP. What are the features of HTTP. What are the different types of
HTTP request? Explain each of them.

The Hypertext Transfer Protocol (HTTP) is application-level protocol for collaborative,

distributed, hypermedia information systems. It is the data communication protocol
used to establish communication between client and server.

HTTP is TCP/IP based communication protocol, which is used to deliver the data like
image files, query results, HTML files etc on the World Wide Web (WWW) with the
default port is TCP 80. It provides the standardized way for computers to communicate
with each other.

There are three fundamental features that make the HTTP a simple and powerful
protocol used for communication:

o HTTP is media independent: It specifies that any type of media content can be
sent by HTTP as long as both the server and the client can handle the data
content.
o HTTP is connectionless: It is a connectionless approach in which HTTP client i.e.,
a browser initiates the HTTP request and after the request is sent the client
disconnects from server and waits for the response.
o HTTP is stateless: The client and server are aware of each other during a current
request only. Afterwards, both of them forget each other. Due to the stateless
 nature of protocol, neither the client nor the server can retain the information
about different request across the web pages.

o GET: GET request is used to read/retrieve data from a web server. GET
returns an HTTP status code of 200 (OK) if the data is successfully
retrieved from the server.
o POST: POST request is used to send data (file, form data, etc.) to the
server. On successful creation, it returns an HTTP status code of 201.
o PUT: A PUT request is used to modify the data on the server. It replaces
the entire content at a particular location with data that is passed in the
body payload. If there are no resources that match the request, it will
generate one.
o PATCH: PATCH is similar to PUT request, but the only difference is, it
modifies a part of the data. It will only replace the content that you want to
update.
o DELETE: A DELETE request is used to delete the data on the server at a
specified location.

19.What are the options of DHCP ? What are the advantages of DHCP? List and
Explain the characteristics of DHCP.
Here is the list of the most common DHCP options exchanged with clients:

• DHCP option 1: subnet mask to be applied on the interface asking for an IP address
• DHCP option 3: default router or last resort gateway for this interface
• DHCP option 6: which DNS (Domain Name Server) to include in the IP configuration for name
resolution
• DHCP option 51: lease time for this IP address

DHCP servers offer a number of advantages over earlier methods of getting IP

addresses. Here are the features a DHCP server can offer.

• Automatic management of IP addresses, including the prevention of duplicate

IP address problems
• Allows support for BOOTP clients, so you can easily transition your networks
from BOOTP to DHCP
• Allows the administrator to set lease times, even on manually allocated IP
addresses.
• Allows limiting which MAC addresses are served with dynamic IP addresses
 • Allows the administrator to configure additional DHCP option types, over and
above what is possible with BOOTP
• Allows the definition of the pool or pools of IP addresses that can be allocated
dynamically. A user might have a server that forces the pool to be a whole
subnet or network. The server should not force such a pool to consist of
contiguous IP addresses.
• Reliable IP address configuration. DHCP minimizes configuration errors caused
by manual IP address configuration, such as typographical errors, or address
conflicts caused by the assignment of an IP address to more than one computer
at the same time.
• Reduced network administration. DHCP includes the following features to
reduce network administration:
o Centralized and automated TCP/IP configuration.
o The ability to define TCP/IP configurations from a central location.
o The ability to assign a full range of additional TCP/IP configuration values
by means of DHCP options.
o The efficient handling of IP address changes for clients that must be
updated frequently, such as those for portable devices that move to
different locations on a wireless network.
o The forwarding of initial DHCP messages by using a DHCP relay agent,
which eliminates the need for a DHCP server on every subne

20. Explain with example the function of SMTP and POP. What are the
advantages of IMAP.

Working-

• SMTP server is always on a listening mode.

• Client initiates a TCP connection with the SMTP server.
• SMTP server listens for a connection and initiates a connection on that port.
• The connection is established.
• Client informs the SMTP server that it would like to send a mail.
• Assuming the server is OK, client sends the mail to its mail server.
• Client’s mail server use DNS to get the IP Address of receiver’s mail server.
• Then, SMTP transfers the mail from sender’s mail server to the receiver’s mail server.

While sending the mail, SMTP is used two times-

1. Between the sender and the sender’s mail server

2. Between the sender’s mail server and the receiver’s mail server
Working:
POP’s working is based on its five important equipment which are:
1. Base stations – A central point of reference to an access point and
bandwidth management to ensure evenly distribution of the connection
speed of the customer.
2. Client equipment – utilized by customers to link with the base stations
3. Network switches – Used for proper distribution
4. Routers – Provides multiple paths for the data to be shared in the network
5. Firewall – Used for securing the network from threats (internal and
external)

Examples:
• Carrier hotels :
These buildings are extremely secure with size averaging around 54, 000
square feet. These hotels offer hardware and software installation, updation
and several other services.

• Meet-me rooms :
Meet-Me Rooms (MMRs) are small space inside carrier hotels, averaging
around 5, 000 square feet. These small rooms house interconnects
networking equipment owned by many telecommunication companies.
Figure – Post Office Protocol (POP)
POP3 Advantages IMAP Advantages
-Does not have multiple variations, making it -Supports storage of mail on the server, locally, or
easier to support both
-More software vendors support POP3 across -Supports multiple mailboxes and mailbox
different platforms operations
-By default, messages are deleted from the -Through online access, multiple clients can
server, once they are stored locally. access the same mailbox
-Can be used to access non-mail documents
-The IMAP offline mode conserves server
resources (bandwidth and disk space)
- Can manipulate persistent message status flags
such as 'seen', 'deleted', 'answered' and user-
defined

21.Define and explain Symmetric Key Cryptography? Why digital signature is

used?

-->What is Symmetric Encryption?

Symmetric encryption is a type of encryption where only one key (a secret key) is
used to both encrypt and decrypt electronic data. The entities communicating via
symmetric encryption must exchange the key so that it can be used in the decryption
process. This encryption method differs from asymmetric encryption where a pair of
keys - one public and one private - is used to encrypt and decrypt messages.
 By using symmetric encryption algorithms, data is "scrambled" so that it can't be
understood by anyone who does not possess the secret key to decrypt it. Once the
intended recipient who possesses the key has the message, the algorithm reverses its
action so that the message is returned to its original readable form. The secret key that
the sender and recipient both use could be a specific password/code or it can be
random string of letters or numbers that have been generated by a secure random
number generator (RNG). For banking-grade encryption, the symmetric keys must be
created using an RNG that is certified according to industry standards, such as FIPS
140-2.
There are two types of symmetric encryption algorithms:

1. Block algorithms. Set lengths of bits are encrypted in blocks of electronic data with
the use of a specific secret key. As the data is being encrypted, the system holds the
data in its memory as it waits for complete blocks.
2. Stream algorithms. Data is encrypted as it streams instead of being retained in the
system’s memory.
Some examples of symmetric encryption algorithms include:

• AES (Advanced Encryption Standard)

• DES (Data Encryption Standard)

• IDEA (International Data Encryption Algorithm)

• Blowfish (Drop-in replacement for DES or IDEA)

• RC4 (Rivest Cipher 4)

• RC5 (Rivest Cipher 5)

• RC6 (Rivest Cipher 6)

AES, DES, IDEA, Blowfish, RC5 and RC6 are block ciphers. RC4 is stream cipher.

DES
In “modern” computing, DES was the first standardized cipher for securing electronic
communications, and is used in variations (e.g. 2-key or 3-key 3DES). The original
DES is not used anymore as it is considered too “weak”, due to the processing power
of modern computers. Even 3DES is not recommended by NIST and PCI DSS 3.2, as
well as all 64-bit ciphers. However, 3DES is still widely used in EMV chip cards
because of legacy applications that do not have a crypto-agile infrastructure.
 AES
The most commonly used symmetric algorithm is the Advanced Encryption Standard
(AES), which was originally known as Rijndael. This is the standard set by the U.S.
National Institute of Standards and Technology in 2001 for the encryption of
electronic data announced in U.S. FIPS PUB 197. This standard supersedes DES,
which had been in use since 1977. Under NIST, the AES cipher has a block size of
128 bits, but can have three different key lengths as shown with AES-128, AES-192
and AES-256.

What is Symmetric Encryption Used For?

While symmetric encryption is an older method of encryption, it is faster and more
efficient than asymmetric encryption, which takes a toll on networks due to
performance issues with data size and heavy CPU use. Due to the better performance
and faster speed of symmetric encryption (compared to asymmetric), symmetric
cryptography is typically used for bulk encryption / encrypting large amounts of data,
e.g. for database encryption. In the case of a database, the secret key might only be
available to the database itself to encrypt or decrypt. Industry standard symmetric
encryption is also less vulnerable to advances in quantum computing compared to the
the current standards for asymmetric algorithms (at the time of writing).

Some examples of where symmetric cryptography is used are:

• Payment applications, such as card transactions where PII needs to be protected to

prevent identity theft or fraudulent charges

• Validations to confirm that the sender of a message is who he claims to be

• Random number generation or hashing

Why digital signature is used?

Digital signatures are used to provide authenticity, integrity, and non-
repudiation of electronic documents, transactions, and communications. Here
are some of the key reasons why digital signatures are used:

1. Authentication: Digital signatures help verify the identity of the sender of an

electronic message or document, ensuring that the message or document was
indeed sent by the claimed sender.
2. Integrity: Digital signatures help ensure that the contents of an electronic
message or document have not been altered or tampered with during
transmission.
3. Non-repudiation: Digital signatures help prevent the sender of an electronic
message or document from denying that they sent it or that its contents are
accurate.
4. Security: Digital signatures provide a high level of security by using
cryptographic techniques to ensure that only the intended recipient can
access the message or document.
5. Legal compliance: Digital signatures are recognized by many countries as
legally binding and admissible in court, providing a secure and efficient way to
sign contracts and other legal documents.

Overall, digital signatures offer a secure and efficient way to sign, send, and
receive electronic documents and messages, ensuring their authenticity,
integrity, and non-repudiation.

22.Write a short Notes on:

a)Wireless LAN:

Wireless LAN stands for Wireless Local Area Network. It is also called LAWN (Local
Area Wireless Network). WLAN is one in which a mobile user can connect to a Local
Area Network (LAN) through a wireless connection.

The IEEE 802.11 group of standards defines the technologies for wireless LANs. For path
sharing, 802.11 standard uses the Ethernet protocol and CSMA/CA (carrier sense
multiple access with collision avoidance). It also uses an encryption method i.e. wired
equivalent privacy algorithm.

Wireless LANs provide high speed data communication in small areas such as building
or an office. WLANs allow users to move around in a confined area while they are still
connected to the network.
In some instance wireless LAN technology is used to save costs and avoid laying cable,
while in other cases, it is the only option for providing high-speed internet access to the
public. Whatever the reason, wireless solutions are popping up everywhere.

Examples of WLANs that are available today are NCR's waveLAN and Motorola's ALTAIR.

Advantages of WLANs

o Flexibility: Within radio coverage, nodes can communicate without further

restriction. Radio waves can penetrate walls, senders and receivers can be placed
anywhere (also non-visible, e.g., within devices, in walls etc.).
o Planning: Only wireless ad-hoc networks allow for communication without
previous planning, any wired network needs wiring plans.
o Design: Wireless networks allow for the design of independent, small devices
which can for example be put into a pocket. Cables not only restrict users but
also designers of small notepads, PDAs, etc.
o Robustness: Wireless networks can handle disasters, e.g., earthquakes, flood etc.
whereas, networks requiring a wired infrastructure will usually break down
completely in disasters.
o Ease of Use: Wireless LAN is easy to use and the users need very little new
information to take advantage of WLANs.

Disadvantages of WLANs

o Restrictions: Several govt. and non-govt. institutions world-wide regulate the

operation and restrict frequencies to minimize interference.
o Global operation: Wireless LAN products are sold in all countries so, national
and international frequency regulations have to be considered.
o Low Power: Devices communicating via a wireless LAN are typically power
consuming, also wireless devices running on battery power. Whereas the LAN
design should take this into account and implement special power saving modes
and power management functions.
o License free operation: LAN operators don't want to apply for a special license
to be able to use the product. The equipment must operate in a license free
band, such as the 2.4 GHz ISM band.
 o Robust transmission technology: If wireless LAN uses radio transmission, many
other electrical devices can interfere with them (such as vacuum cleaner, train
engines, hair dryers, etc.).Wireless LAN transceivers cannot be adjusted for
perfect transmission is a standard office or production environment.

b)Loop-back addressing:

A loopback address is a distinct reserved IP address range that starts from

127.0.0.0 ends at 127.255.255.255 though 127.255.255.255 is the broadcast
address for 127.0.0.0/8. The loopback addresses are built into the IP domain
system, enabling devices to transmit and receive the data packets. The
loopback address 127.0.0.1 is generally known as localhost.

TCP/IP protocol manages all the loopback addresses in the operating system. It
mocks the TCP/IP server or TCP/IP client on the same system. These loopback
addresses are always accessible so that the user can use them anytime for
troubleshooting TCP/IP.
Whenever a protocol or program sends any data from a computer with any
loopback IP address, that traffic is processed by a TCP/IP protocol stack within
itself, i.e., without transmitting it to the network. That is, if a user is pinging a
loopback address, they’ll get the reply from the same TCP/IP stack running on
their computer. So, all the data transmitted to any of the loopback addresses
as the destination address will not pop up on the network.
127.0.0.1 is the most commonly used loopback address; generally, 127.0.0.1
and localhost are functionally similar, i.e., the loopback address 127.0.0.1 and
the hostname localhost; are internally mapped. Though, other loopback
addresses are also accessible and can be used.
IPv4 and IPv6 Loopback Addresses:
• The IPv4 loopback address is 127.0.0.0/8 and the most commonly used
loopback address is 127.0.0.1.
• The IPv6 loopback address is ::1
How to use the “ping” Command:
• To use the “ping” command go to the windows start menu.
• Search for “Command prompt”.
• Type in “ping” followed by the loopback address. and,
• Hit enter.
For example, as can be seen below, the outputs of four different IPv4 loopback
addresses (127.0.0.0, 127.0.0.1, 127.15.90.69, and 127.255.255.255) the
network and broadcast addresses are unreachable loopback addresses and
IPv6 loopback address ::1.
ping output for 127.0.0.0 (Network address).
C:\Users\bklad>ping 127.0.0.0

Pinging 127.0.0.0 with 32 bytes of data:

General failure.
General failure.
General failure.
General failure.

Ping statistics for 127.0.0.0:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
ping output for 127.0.0.1
C:\Users\bklad>ping 127.0.0.1

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Advantages of loopback address:
• It is an efficient method to find a device on the network.
• It can be configured as the router ID for protocols such as BGP and OSPF.
• It is used as a source and destination address for testing network
connectivity.
• It can also be used for testing IP software.
Disadvantages:
• Just like physical interfaces, it needs a unique address.

c)Addressing scheme of IPV6:

-->

IP v6 was developed by Internet Engineering Task Force (IETF) to deal with the problem
of IP v4 exhaustion. IP v6 is a 128-bits address having an address space of 2^128, which
is way bigger than IPv4. In IPv6 we use Colon-Hexa representation. There are 8 groups
and each group represents 2 Bytes.

In IPv6 representation, we have three addressing methods :

• Unicast
• Multicast
• Anycast
1. Unicast Address –
Unicast Address identifies a single network interface. A packet sent to a unicast address
is delivered to the interface identified by that address.
2. Multicast Address –
Multicast Address is used by multiple hosts, called as Group, acquires a multicast
destination address. These hosts need not be geographically together. If any packet is sent
to this multicast address, it will be distributed to all interfaces corresponding to that
multicast address.
3. Anycast Address –
Anycast Address is assigned to a group of interfaces. Any packet sent to an anycast
address will be delivered to only one member interface (mostly nearest host possible).
Note: Broadcast is not defined in IPv6.

d)Telnet:

Telnet
o The main task of the internet is to provide services to users. For example, users want to
run different application programs at the remote site and transfers a result to the local
 site. This requires a client-server program such as FTP, SMTP. But this would not allow us
to create a specific program for each demand.
o The better solution is to provide a general client-server program that lets the user access
any application program on a remote computer. Therefore, a program that allows a user
to log on to a remote computer. A popular client-server program Telnet is used to meet
such demands. Telnet is an abbreviation for Terminal Network.
o Telnet provides a connection to the remote computer in such a way that a local terminal
appears to be at the remote side.

There are two types of login:

Local Login

o When a user logs into a local computer, then it is known as local login.
o When the workstation running terminal emulator, the keystrokes entered by
the user are accepted by the terminal driver. The terminal driver then passes
these characters to the operating system which in turn, invokes the desired
application program.

Remote login

o When the user wants to access an application program on a remote computer,

then the user must perform remote login.

e)IEEE 802.11:

→ IEEE 802.11 standard, popularly known as WiFi, lays down the architecture and
specifications of wireless LANs (WLANs). WiFi or WLAN uses high-frequency radio
waves instead of cables for connecting the devices in LAN. Users connected by
WLANs can move around within the area of network coverage.

IEEE 802.11 Architecture

The components of an IEEE 802.11 architecture are as follows −
• Stations (STA) − Stations comprises of all devices and equipment that are
connected to the wireless LAN. A station can be of two types−
 o Wireless Access Point (WAP) − WAPs or simply access points (AP) are
generally wireless routers that form the base stations or access.
o Client. Clients are workstations, computers, laptops, printers, smartphones,
etc.
• Each station has a wireless network interface controller.
• Basic Service Set (BSS) − A basic service set is a group of stations
communicating at the physical layer level. BSS can be of two categories
depending upon the mode of operation−
o Infrastructure BSS − Here, the devices communicate with other devices
through access points.
o Independent BSS − Here, the devices communicate in a peer-to-peer basis
in an ad hoc manner.
• Extended Service Set (ESS) − It is a set of all connected BSS.
• Distribution System (DS) − It connects access points in ESS.

Frame Format of IEEE 802.11

The main fields of a frame of wireless LANs as laid down by IEEE 802.11 are −
• Frame Control − It is a 2 bytes starting field composed of 11 subfields. It
contains control information of the frame.
• Duration − It is a 2-byte field that specifies the time period for which the frame
and its acknowledgment occupy the channel.
• Address fields − There are three 6-byte address fields containing addresses of
source, immediate destination, and final endpoint respectively.
• Sequence − It a 2 bytes field that stores the frame numbers.
• Data − This is a variable-sized field that carries the data from the upper layers.
The maximum size of the data field is 2312 bytes.
• Check Sequence − It is a 4-byte field containing error detection information.
22.Find the maximum number of hosts available on a the class-B address with a
subnet mask of 255.2555.255.192.[5m]
23.Find the subnet ID for the IP address 202.127.19.94 with a subnet mask of
255.255.255.248.[5m]
 24 . Describe the meaning and purpose of DNS. Explain Name resolutions and
inverse resolutions. Define partially qualified and fully qualified.[10m]

--> DNS stands for Domain Name System. It is a decentralized system that
translates domain names (e.g., www.example.com) into IP addresses (e.g.,
93.184.216.34) that are used to identify and locate web servers on the Internet.

The purpose of DNS is to make it easier for humans to access websites and
other resources on the Internet by providing a hierarchical naming system that
maps domain names to IP addresses. Without DNS, we would have to
remember the IP addresses of every website we wanted to visit, which would
be impractical and confusing.

Name Resolution:

Name resolution is the process of mapping a human-readable name, such

as a domain name or hostname, to a numerical IP address that computers
can use to communicate with each other over a network. Name resolution
is a critical component of networking, as it allows computers to
communicate with each other using familiar names rather than complicated
numerical addresses.

There are two main methods of name resolution in networking:

1. Domain Name System (DNS): DNS is a distributed database system that

maps domain names to IP addresses. When a computer needs to
communicate with another computer, it sends a DNS query to a DNS
server, which then responds with the corresponding IP address. DNS is the
most common method of name resolution on the internet.
2. Hosts file: The hosts file is a local file on a computer that maps hostnames
to IP addresses. When a computer needs to communicate with another
computer, it first checks its hosts file to see if the hostname is listed there. If
the hostname is listed, the computer uses the corresponding IP address to
communicate with the other computer. The hosts file is typically used in
small local networks or for testing purposes.
In addition to these two methods, some operating systems and applications
also support other name resolution methods, such as NetBIOS name
resolution and mDNS (multicast Domain Name System ).

Inverse Resolution:

Inverse resolution, also known as reverse name resolution, is the process of

resolving an IP address to a hostname. This is the opposite of the more
common name resolution process, which maps hostnames to IP addresses.

Inverse resolution is performed using the Domain Name System (DNS) by

querying a special type of DNS resource record called a PTR (Pointer)
record. A PTR record is associated with an IP address and maps the IP
address to a hostname. To perform inverse resolution, a DNS client sends a
PTR query to a DNS server, providing the IP address it wants to resolve. The
DNS server then looks up the corresponding PTR record and responds with
the associated hostname.

Inverse resolution is not used as frequently as forward resolution (mapping

hostnames to IP addresses), but it can be useful in certain situations, such
as troubleshooting network issues, identifying hosts on a network, and
monitoring network activity.

It is important to note that not all IP addresses have corresponding PTR

records, and some DNS servers may not support inverse resolution.
Additionally, in some cases, multiple hostnames may be associated with the
same IP address, which can make inverse resolution more complex.

Partially Qualified:

A partially qualified domain name (PQDN) is a domain name that is not

fully specified, but contains enough information to be resolved relative to a
specific domain. A PQDN is often used to refer to a domain name within a
local network or organization, and does not include the top-level domain
(TLD) or the root domain. For example, "mailserver" is a PQDN, as it is not
fully qualified and does not include the TLD or root domain.
Fully Partially Qualified

A fully qualified domain name (FQDN) is a domain name that specifies the
full path to a resource on the internet, including the TLD and the root
domain. An FQDN is used to uniquely identify a specific resource on the
internet, such as a website or an email server. For example,
"mailserver.example.com" is a fully qualified domain name, as it specifies
the TLD ".com" and the root domain "example.com".

25 .What are the purpose of ARP,RARP,ICMP and IGMP of IP layer? Explain each
of them.

ARP :ARP stands for Address Resolution Protocol, and its purpose is to map
a network address (such as an IP address) to a physical address (such as a
MAC address) in a local network. This allows devices to communicate with
each other using higher-level network protocols, which use network
addresses, while using the physical addresses that are required for actual
data transmission.

RARP:

RARP stands for Reverse Address Resolution Protocol, and its purpose is to
map a physical address (such as a MAC address) to a network address (such
as an IP address) in a local network. This is the reverse process of what ARP
does.

ICMP :

ICMP (Internet Control Message Protocol) is a network-layer protocol in the

Internet Protocol (IP) suite, and its primary purpose is to provide error
reporting and network diagnostic functions.
 IGMP:

IGMP (Internet Group Management Protocol) is a network-layer protocol in

the Internet Protocol (IP) suite, and its primary purpose is to manage IP
multicast group membership.

26 .Explain Passive and Active attack.

A passive attack is a type of cyber attack where an attacker eavesdrops on

network communications or data without modifying or interfering with the
data. The goal of a passive attack is to gain information without being
detected.

Passive attacks can be executed by monitoring unencrypted network traffic

or by intercepting encrypted traffic and using a decryption key to read the
content. Attackers can also use various tools and techniques to sniff
network traffic, such as packet sniffers or network analyzers.

The types of information that can be obtained through a passive attack can
be sensitive and may include login credentials, personal information,
financial data, or other confidential information. Passive attacks can be used
to gather information that can be used to launch further attacks or exploit
vulnerabilities.

Some examples of passive attacks include:

• Packet sniffing: Capturing network traffic and analyzing it to obtain

sensitive data or information.
• Port scanning: Identifying open ports on a network device to gather
information about the device or its vulnerabilities.
• Traffic analysis: Analyzing the patterns and volume of network traffic to
obtain information about network behavior, such as identifying high-traffic
periods or popular websites.

Passive attacks are typically less harmful than active attacks because they
do not directly interfere with network communications or data. However,
 they can still be dangerous because they can be used to gather sensitive
information that can be used to launch further attacks or exploit
vulnerabilities. To protect against passive attacks, organizations should use
encryption, access control, network monitoring, and intrusion detection
systems (IDS) to detect and prevent eavesdropping and unauthorized
access to network data.

Active Attack:

An active attack is a type of cyber attack where an attacker modifies, alters, or

interferes with data or network communications. The goal of an active attack is
to cause harm or disrupt network operations.

Active attacks can take many forms, and they can be executed through various
means. Some common examples of active attacks include:

• Man-in-the-middle (MITM) attack: Intercepting network communications

between two parties to steal information or modify data.
• Denial-of-service (DoS) attack: Flooding a network device or server with traffic
to cause it to crash or become unavailable.
• Spoofing: Falsifying network identity to trick the victim into revealing sensitive
information or taking actions that would benefit the attacker.
• Malware or virus: Infecting a network device or server with malicious code to
steal data, disrupt operations, or gain unauthorized access.

Active attacks are typically more dangerous than passive attacks because they
can cause immediate damage or disruption to network operations or data.
Active attacks can be used to steal sensitive data, disrupt business operations,
or even destroy data or network infrastructure.
To protect against active attacks, organizations should use a combination of
security measures such as firewalls, intrusion detection and prevention
systems (IDPS), and access control systems. These measures can help detect
and prevent unauthorized access to the network, detect malicious activity, and
minimize the impact of an attack if one occurs. Organizations should also keep
their security systems up to date with the latest security patches and regularly
educate their staff about how to avoid falling victim to common active attacks
such as phishing or social engineering.

27 .What is MIME> Explain its purpose and format in detail.

--> MIME stands for Multipurpose Internet Mail Extensions. It is used to extend the
capabilities of Internet e-mail protocols such as SMTP. The MIME protocol allows the
users to exchange various types of digital content such as pictures, audio, video, and
various types of documents and files in the e-mail. MIME was created in 1991 by a
computer scientist named Nathan Borenstein at a company called Bell Communications.

MIME is an e-mail extension protocol, i.e., it does not operate independently, but it
helps to extend the capabilities of e-mail in collaboration with other protocols such
as SMTP. Since MIME was able to transfer only text written file in a limited size English
language with the help of the internet. At present, it is used by almost all e-mail related
service companies such as Gmail, Yahoo-mail, Hotmail.

Need of MIME Protocol

MIME protocol is used to transfer e-mail in the computer network for the following
reasons:

1. The MIME protocol supports multiple languages in e-mail, such as Hindi, French,
Japanese, Chinese, etc.
2. Simple protocols can reject mail that exceeds a certain size, but there is no word limit in
MIME.
 3. Images, audio, and video cannot be sent using simple e-mail protocols such as SMTP.
These require MIME protocol.
4. Many times, emails are designed using code such as HTML and CSS, they are mainly
used by companies for marketing their product. This type of code uses MIME to send
email created from HTML and CSS.

MIME Header
MIME adds five additional fields to the header portion of the actual e-mail to extend the
properties of the simple email protocol. These fields are as follows:

Play Video

1. MIME Version
2. Content Type
3. Content Type Encoding
4. Content Id
5. Content description

1. MIME Version

It defines the version of the MIME protocol. This header usually has a parameter value
1.0, indicating that the message is formatted using MIME.

2. Content Type

It describes the type and subtype of information to be sent in the message. These
messages can be of many types such as Text, Image, Audio, Video, and they also have
many subtypes such that the subtype of the image can be png or jpeg. Similarly, the
subtype of Video can be WEBM, MP4 etc.

3. Content Type Encoding

In this field, it is told which method has been used to convert mail information into
ASCII or Binary number, such as 7-bit encoding, 8-bit encoding, etc.

4. Content Id
In this field, a unique "Content Id" number is appended to all email messages so that
they can be uniquely identified.

5. Content description

This field contains a brief description of the content within the email. This means that
information about whatever is being sent in the mail is clearly in the "Content
Description". This field also provides the information of name, creation date, and
modification date of the file.

Example of Content description

Content-Description: attachment; filename = javatpoint.jpeg;

modification-date = "Wed, 12 Feb 1997 16:29:51 -0500";

Working diagram of MIME Protocol

Features of MIME Protocol

1. It supports multiple attachments in a single e-mail.

2. It supports the non-ASCII characters.
3. It supports unlimited e-mail length.
4. It supports multiple languages.

Advantage of the MIME

The MIME protocol has the following advantages:
 1. It is capable of sending various types of files in a message, such as text, audio, video files.
2. It also provides the facility to send and receive emails in different languages like Hindi,
French, Japanese, Chinese etc.
3. It also provides the facility of connecting HTML and CSS to email, due to which people
can design email as per their requirement and make it attractive and beautiful.
4. It is capable of sending the information contained in an email regardless of its length.
5. It assigns a unique id to all e-mails.

28 .Write a short Note on

a) X.25

--> X.25:
X.25 is a protocol suite defined by ITU-T for packet switched communications over
WAN (Wide Area Network). It was originally designed for use in the 1970s and became
very popular in 1980s. Presently, it is used for networks for ATMs and credit card
verification. It allows multiple logical channels to use the same physical line. It also
permits data exchange between terminals with different communication speeds.
X.25 has three protocol layers

• Physical Layer: It lays out the physical, electrical and functional characteristics
that interface between the computer terminal and the link to the packet switched
node. X.21 physical implementer is commonly used for the linking.
• Data Link Layer: It comprises the link access procedures for exchanging data
over the link. Here, control information for transmission over the link is attached to
the packets from the packet layer to form the LAPB frame (Link Access
Procedure Balanced). This service ensures a bit-oriented, error-free, and ordered
delivery of frames.
• Packet Layer: This layer defines the format of data packets and the procedures
for control and transmission of the data packets. It provides external virtual circuit
service. Virtual circuits may be of two types: virtual call and permanent virtual
circuit. The virtual call is established dynamically when needed through call set up
procedure, and the circuit is relinquished through call clearing procedure.
Permanent virtual circuit, on the other hand, is fixed and network assigned.
b) LAN access technique:

--> A local Area Network (LAN) is a data communication network connecting

various terminals or computers within a building or limited geographical area.
The connection among the devices could be wired or wireless. Ethernet, Token
Ring and Wireless LAN using IEEE 802.11 are examples of standard LAN
technologies.
LAN has the following topologies:

• Star Topology
• Bus Topology
• Ring Topology
• Mesh Topology
• Hybrid Topology
• Tree Topology
Ethernet:-
Ethernet is the most widely used LAN technology, which is defined under IEEE
standards 802.3. The reason behind its wide usability is Ethernet is easy to
understand, implement, maintain, and allows low-cost network implementation.
Also, Ethernet offers flexibility in terms of topologies that are allowed. Ethernet
generally uses Bus Topology. Ethernet operates in two layers of the OSI model,
Physical Layer, and Data Link Layer. For Ethernet, the protocol data unit is
Frame since we mainly deal with DLL. In order to handle collision, the Access
control mechanism used in Ethernet is CSMA/CD.
Manchester Encoding Technique is used in Ethernet.
Since we are talking about IEEE 802.3 standard Ethernet, therefore, 0 is
expressed by a high-to-low transition, a 1 by the low-to-high transition. In both
Manchester Encoding and Differential Manchester, the Encoding Baud rate is
double of bit rate.
Advantages of Ethernet:
Speed: When compared to a wireless connection, Ethernet provides
significantly more speed. Because Ethernet is a one-to-one connection, this is
the case. As a result, speeds of up to 10 Gigabits per second (Gbps) or even
100 Gigabits per second (Gbps) are possible.
Efficiency: An Ethernet cable, such as Cat6, consumes less electricity, even
less than a wifi connection. As a result, these ethernet cables are thought to be
the most energy-efficient.
Good data transfer quality: Because it is resistant to noise, the information
transferred is of high quality.

c) VSAT:

VSAT stands for Very Small Aperture Terminal. VSAT is of importance,

especially in remote areas such as the hilly mountain regions, where Internet
connectivity cannot be directly provided. There is no option left in such places
through which the Internet can be accessed anyway. These places could be the
Ocean region and the Sea region, where the citizens have a lack of utilities. In
such cases, VSAT is one of the technologies that make Internet Connectivity
possible so that people can access it. All the work is carried out in a workstation
group where the sending and receiving of signals takes place. The data such as
audio, video, etc, can be sent and received. Therefore, VSAT is considered to
be a private Earth Station. This Earth Station is designed in a way such that the
signals are transmitted and received with the help of satellites. The term ‘Very
Small’ in VSAT (Very Small Aperture Terminal ) refers to the antenna size that
is very small.

VSAT

Characteristics of VSAT:

• VSAT is a two-way communication earth satellite station that has an antenna

of less than 3 meters.
• The size of the VSAT antenna may vary from 75 cm to 1.2 meters.
• The data ranges between 4 kilobytes per second to 16 megabytes per
second in VSAT.

Working for VSAT:

• The end user of the set requires a box that acts as an interface between the
user and its system.
• The box consists of an antenna and a transceiver.
• The work of this transceiver is to send and receive signals to and from the
transponder located in space.
• Every workstation works like a hub. The satellite sends or receives a signal
from it.
• Each user is connected to each of the interconnected hub stations and
operates in the form of a Star Topology (There is a server in between and all
the nodes are connected to it, forming a star-like figure).
• With this medium, we can transmit data, voice, and video signals.

Advantages of VSAT:

• Audio, Video, and data signals can be transmitted and received efficiently.
• Internet Access: A VSAT Network also serves to provide internet access in
addition to pointing to a WAN link.
• Information from remote locations can be accessed using satellites.
• It is more used for connectivity in rural areas, ships, and coastal regions.
• Mobile access is another conventional strength of satellite networks. For
example, we can do online surfing, watch TV, use applications, and much
more.
• VSAT Networks are not affected by earthquakes, Cyclones, and other
natural calamities.
• VSAT Networks, with a low-cost architecture and extra powerful systems,
share digital information.

Disadvantages of VSAT:

• Delay: VSAT Technology uses satellites in Geosynchronous orbit. This type

of data transmission has an approximate delay of about 500 milliseconds for
each round trip. It introduces a problem with the application that requires a
consistent transmission.

• Environmental conditions: Like other satellite systems, the VSAT network

may also get affected by the weather and other environmental conditions.
The signal strength may be weak at times, although it depends upon the size
of the antenna, frequency band, and the power of the transmitters.
•
• Clear view: Since VSAT requires an external antenna, therefore to contact
the satellite, the location must have a clear view of the southern sky.

d) IP routing:
IP routing is one of the important topics in computer networks. IP routing is
performed on the data which describes the path that data follows to reach from
source to destination in the network. Through IP routing only the shortest path
for the data is determined to reach the destination which decreases cost and
data is sent in minimum time. IP routing uses different protocols and
technologies for different networks. For IP routing we require some basics of IP
addresses, routers, and different networks.

IP Routing:

IP routing is the process that defines the shortest path through which data
travels to reach from source to destination. It determines the shortest path to
send the data from one computer to another computer in the same or different
network. Routing uses different protocols for the different networks to find the
path that data follows. It defines the path through which data travel across
multiple networks from one computer to other. Forwarding the packets from
source to destination via different routers is called routing. The routing decision
is taken by the routers.

IP Routing

Terminologies:

• Autonomous System (AS): The collection of networks managed and

supervised by a single entity or organization is called an autonomous
system.
• Router: A router is a device that forwards the data using routing through
multiple networks.
• Routing Table: A routing table is a table present in the router which stores
the routing information.

Different Types of Routing:

There are three different types of routing:
1. Static Routing
2. Dynamic Routing
3. Default Routing
Static Routing: In this type of routing the routing table is updated by the
network administrator.
Dynamic Routing: In this type of routing the routing table is automatically
updated using routing protocols.
Default Routing: In this type of routing the router is configured to send all the
data towards a specific router. This routing is generally used with the stub
routers.

How does IP routing work?

When the data is sent from the source to the destination the TCP and other
protocols of the source work and form an IP packet that is sent to the network.
When an IP packet is sent to the network from the source it has to pass through
multiple routers to reach the destination. The router in the network gets the
destination address from the packet and through its routing table identifies the
next router information to which the data packet has to be passed. The routing
table of the router includes various information about the next router, its cost,
and other necessary information. The router takes the routing decision with the
help of routing protocols and a routing table to which next router the packet has
to be sent to find the best route to reach the destination. Different packets can
be sent through different paths but all the packets reach their intended
destination. When the packets reach the destination through different routers it
sends them to the TCP for further processing.

e)SNAP:

--> SNAP stands for Sub-Network Access Protocol, which is a protocol used
in computer networking to extend the capability of the Ethernet protocol.

The Ethernet protocol has a maximum frame size of 1518 bytes, which
limits the size of the network that can be addressed. To overcome this
limitation, SNAP was introduced to enable Ethernet frames to carry larger
network layer packets.
 SNAP works by adding a header to the Ethernet frame that contains
additional information about the network layer protocol being used. This
header includes a protocol identifier (PID) field that specifies the type of
protocol being carried in the frame. The header also includes an
organizationally unique identifier (OUI) field, which is used to identify the
manufacturer or organization that created the protocol.

29.What are Ethernet standards. Explain Ethernet 802.3 frame format in detail.

--> Ethernet is a family of wired networking technologies that is used to

connect devices in a local area network (LAN). Over time, a number of
different Ethernet standards have been developed to meet the evolving
needs of network users. Here are some of the most common Ethernet
standards:

1. 10BASE-T: This was the original Ethernet standard, introduced in the 1980s.
It used twisted-pair copper cables to transmit data at a rate of 10 megabits
per second (Mbps). 10BASE-T is now largely obsolete, but some legacy
systems may still use it.

2. Fast Ethernet (100BASE-T): This Ethernet standard increased the data

transfer rate to 100 Mbps using the same twisted-pair copper cables as
10BASE-T. Fast Ethernet became widely adopted in the 1990s and is still in
use in many networks today.

3. Gigabit Ethernet (1000BASE-T): This Ethernet standard increased the data

transfer rate to 1 gigabit per second (Gbps) over twisted-pair copper cables.
It is now a common standard for connecting devices in high-speed
networks.
4. 10 Gigabit Ethernet (10GBASE-T): This Ethernet standard increased the data
transfer rate to 10 Gbps over twisted-pair copper cables. It is primarily used
in data center and high-performance computing environments.

5. Ethernet over fiber: Ethernet can also be transmitted over fiber optic cables,
which offer higher data transfer rates and longer distances than twisted-
pair copper cables. There are a number of Ethernet standards for fiber optic
networks, including 1000BASE-SX, 1000BASE-LX, and 10GBASE-SR.

6. Power over Ethernet (PoE): This Ethernet standard enables devices to be

powered over the Ethernet cable, eliminating the need for a separate power
source. PoE is used to power devices such as IP phones, security cameras,
and wireless access points.

Prerequisite – Introduction to Ethernet Basic frame format which is required for

all MAC implementation is defined in IEEE 802.3 standard. Though several
optional formats are being used to extend the protocol’s basic capability.
Ethernet frame starts with Preamble and SFD, both works at the physical layer.
Ethernet header contains both Source and Destination MAC address, after
which the payload of the frame is present. The last field is CRC which is used to
detect the error. Now, let’s study each field of basic frame format.

Ethernet (IEEE 802.3) Frame Format –

• PREAMBLE – Ethernet frame starts with 7-Bytes Preamble. This is a pattern

of alternative 0’s and 1’s which indicates starting of the frame and allow
 sender and receiver to establish bit synchronization. Initially, PRE
(Preamble) was introduced to allow for the loss of a few bits due to signal
delays. But today’s high-speed Ethernet don’t need Preamble to protect the
frame bits. PRE (Preamble) indicates the receiver that frame is coming and
allow the receiver to lock onto the data stream before the actual frame
begins.
• Start of frame delimiter (SFD) – This is a 1-Byte field which is always set to
10101011. SFD indicates that upcoming bits are starting of the frame, which
is the destination address. Sometimes SFD is considered the part of PRE,
this is the reason Preamble is described as 8 Bytes in many places. The
SFD warns station or stations that this is the last chance for synchronization.

• Destination Address – This is 6-Byte field which contains the MAC address
of machine for which data is destined.

• Source Address – This is a 6-Byte field which contains the MAC address of
source machine. As Source Address is always an individual address
(Unicast), the least significant bit of first byte is always 0.

• Length – Length is a 2-Byte field, which indicates the length of entire

Ethernet frame. This 16-bit field can hold the length value between 0 to
65534, but length cannot be larger than 1500 Bytes because of some own
limitations of Ethernet.

• Data – This is the place where actual data is inserted, also known
as Payload. Both IP header and data will be inserted here if Internet
Protocol is used over Ethernet. The maximum data present may be as long
as 1500 Bytes. In case data length is less than minimum length i.e. 46 bytes,
then padding 0’s is added to meet the minimum possible length.

• Cyclic Redundancy Check (CRC) – CRC is 4 Byte field. This field contains
a 32-bits hash code of data, which is generated over the Destination
Address, Source Address, Length, and Data field. If the checksum computed
by destination is not the same as sent checksum value, data received is
corrupted.

Brief overview on Extended Ethernet Frame (Ethernet II Frame) :

Standard IEEE 802.3 basic frame format is discussed above in detail. Now let’s
see the extended Ethernet frame header, using which we can get Payload even
larger than 1500
Bytes.

DA [Destination MAC Address] : 6 bytes SA [Source MAC Address] : 6

bytes Type [0x8870 (Ethertype)] : 2 bytes DSAP [802.2 Destination Service
Access Point] : 1 byte SSAP [802.2 Source Service Access Point] : 1
byte Ctrl [802.2 Control Field] : 1 byte Data [Protocol Data] : > 46
bytes FCS [Frame Checksum] : 4 bytes Although length field is missing in
Ethernet II frame, the frame length is known by virtue of the frame being
accepted by the network interface. GATE CS Corner Questions Practicing the
following questions will help you test your knowledge. All questions have been
asked in GATE in previous years or in GATE Mock Tests. It is highly
recommended that you practice them.

30.Explain message format. Explain MIME in electronic

communication.
-->Electronic Mail (e-mail) is one of the most widely used services of
the Internet. This service allows an Internet user to send a message in
a formatted manner (mail) to other Internet users in any part of the world.
Message in the mail not only contain text, but it also contains images, audio and
videos data. The person who is sending mail is called sender and person who
receives mail is called the recipient. It is just like postal mail service.
Format of E-mail :
An e-mail consists of three parts that are as follows :
1. Envelope
2. Header
3. Body
These are explained as following below.
1. Envelope :
The envelope part encapsulates the message. It contains all information that is
required for sending any e-mail such as destination address, priority and
security level. The envelope is used by MTAs for routing message.
2. Header :
The header consists of a series of lines. Each header field consists of a single
line of ASCII text specifying field name, colon and value. The main header fields
related to message transport are :

1. To: It specifies the DNS address of the primary recipient(s).

2. Cc : It refers to carbon copy. It specifies address of secondary recipient(s).

3. BCC: It refers to blind carbon copy. It is very similar to Cc. The only
difference between Cc and Bcc is that it allow user to send copy to the third
party without primary and secondary recipient knowing about this.

4. From : It specifies name of person who wrote message.

5. Sender : It specifies e-mail address of person who has sent message.

6. Received : It refers to identity of sender’s, data and also time message was
received. It also contains the information which is used to find bugs in
routing system.

7. Return-Path: It is added by the message transfer agent. This part is used to

specify how to get back to the sender.

3. Body:- The body of a message contains text that is the actual

content/message that needs to be sent, such as “Employees who are eligible
for the new health care program should contact their supervisors by next Friday
if they want to switch.” The message body also may include signatures or
automatically generated text that is inserted by the sender’s email system.
The above-discussed field is represented in tabular form as follows :
 Header Meaning

To: E-mail address of primary receipt(s).

Cc: E-mail address of secondary receipt(s).

Bcc: E-mail address for blind carbon copies.

From: Person or people who have created a message.

Sender: E-mail address of the actual sender.

 Header Meaning

Received: It is used to specify how to get back to the sender.

Return-Path It can be used to identify a path back to the sender.

In addition to above-discussed fields, the header may also contain a variety of

other fields which are as follows :

Header Meaning

Date: Date and time when the message was sent.

Reply-To: It contains e-mail address to which replies should be sent.

Message-Id: It refers to the unique number for referencing this message later.

In-Reply-To: Message-Id of a message to which this is as a reply.

References: It contains other relevant message-ids.

Keywords: User-chosen keywords.

Subject: It contains short summary of message for one-line display.

. Explain MIME in electronic communication:

Multipurpose Internet Mail Extension (MIME) is a standard that was

proposed by Bell Communications in 1991 in order to expand the limited
capabilities of email.
MIME is a kind of add-on or a supplementary protocol that allows non-ASCII
data to be sent through SMTP. It allows the users to exchange different kinds of
data files on the Internet: audio, video, images, application programs as well.
Why do we need MIME?

Limitations of Simple Mail Transfer Protocol (SMTP):

1. SMTP has a very simple structure
2. Its simplicity however comes with a price as it only sends messages in NVT
7-bit ASCII format.
3. It cannot be used for languages that do not support 7-bit ASCII format such
as French, German, Russian, Chinese and Japanese, etc. so it cannot be
transmitted using SMTP. So, in order to make SMTP more broad, we use
MIME.
4. It cannot be used to send binary files or video or audio data.

Purpose and Functionality of MIME –

Growing demand for Email Messages as people also want to express
themselves in terms of Multimedia. So, MIME another email application is
introduced as it is not restricted to textual data.
MIME transforms non-ASCII data at the sender side to NVT 7-bit data and
delivers it to the client SMTP. The message on the receiver side is transferred
back to the original data. As well as we can send video and audio data using
MIME as it transfers them also in 7-bit ASCII data.

Features of MIME –
1. It is able to send multiple attachments with a single message.
2. Unlimited message length.
3. Binary attachments (executables, images, audio, or video files) may be
divided if needed.
4. MIME provided support for varying content types and multi-part messages.

Working of MIME –
Suppose a user wants to send an email through a user agent and it is in a non-
ASCII format so there is a MIME protocol that converts it into 7-bit NVT ASCII
format. The message is transferred through the e-mail system to the other side
in the 7-bit format now MIME protocol again converts it back into non-ASCII
code and now the user agent of the receiver side reads it and then information
is finally read by the receiver. MIME header is basically inserted at the
beginning of any e-mail transfer.

MIME with SMTP and POP –

SMTP transfers the mail being a message transfer agent from the sender’s side
to the mailbox of the receiver side and stores it and MIME header is added to
the original header and provides additional information. while POP being the
message access agent organizes the mails from the mail server to the
receiver’s computer. POP allows the user agent to connect with the message
transfer agent.
MIME Header:
It is added to the original e-mail header section to define transformation. There
are five headers that we add to the original header:

1. MIME-Version – Defines the version of the MIME protocol. It must have the
parameter Value 1.0, which indicates that message is formatted using MIME.

2. Content-Type – Type of data used in the body of the message. They are of
different types like text data (plain, HTML), audio content, or video content.

3. Content-Type Encoding – It defines the method used for encoding the

message. Like 7-bit encoding, 8-bit encoding, etc.

4. Content Id – It is used for uniquely identifying the message.

5. Content description – It defines whether the body is actually an image,

video, or audio.

31.Write a short Notes on

a) HTTP:

--> HTTP, or Hypertext Transfer Protocol, is a protocol used for

communication between web browsers and web servers. It allows for the
transfer of text, images, and other multimedia files over the internet. HTTP
is a client-server protocol, meaning that the client (usually a web browser)
sends a request to the server, and the server responds with the requested
information.

The HTTP protocol is based on a request-response model. When a user

types a URL into their web browser, the browser sends an HTTP request to
the web server to retrieve the requested content. The request includes a
method (such as GET or POST) that specifies the action to be performed, as
well as any necessary data or parameters. The server then responds with an
HTTP response, which includes a status code that indicates whether the
request was successful, as well as the requested content.

HTTP is a stateless protocol, meaning that each request/response cycle is

independent of any previous or subsequent cycles. To enable stateful
communication between the client and server, HTTP uses cookies, which
are small data files stored on the client's computer that can be used to
store information about the user's session.

b) NIC:

--> NIC, or Network Interface Card, is a hardware component that is used to

connect a computer to a network. It is typically installed inside the
computer, either as a standalone expansion card or as a component
integrated into the motherboard.

The primary function of a NIC is to provide a physical connection between

the computer and the network, allowing data to be transmitted between
the two. It does this by converting digital data from the computer into an
electrical signal that can be transmitted over a network cable, and vice
versa. Most NICs support a variety of different network standards and
protocols, such as Ethernet, Wi-Fi, and Bluetooth, and can be configured to
work with different types of network equipment.

In addition to providing network connectivity, NICs may also include other

features such as hardware acceleration for network protocols, support for
VLANs (virtual local area networks), and power management capabilities.
Some NICs may also include additional security features, such as hardware-
based encryption and authentication, to help protect network traffic from
unauthorized access.

c) Peer-to-Peer Network?

-->A peer-to-peer (P2P) network is a type of network in which all devices or

nodes on the network are equal and can function as both clients and
servers. Unlike client-server networks, in which a central server manages all
network traffic, P2P networks allow devices to communicate and share
resources directly with one another.

In a P2P network, each device on the network can share its own resources,
such as files, data, processing power, and bandwidth, with other devices on
the network. This enables P2P networks to be highly scalable and resilient,
as there is no single point of failure that could bring down the entire
network. Instead, individual nodes can come and go without disrupting the
overall functionality of the network.

P2P networks can be used for a wide range of applications, such as file
sharing, online gaming, video conferencing, and distributed computing.
They can be implemented using a variety of different protocols and
technologies, such as BitTorrent, Skype, and Bitcoin.

However, P2P networks can also be vulnerable to security risks, such as

malware and viruses, as there is no central authority to enforce security
policies or to monitor network activity. In addition, P2P networks may also
be used for illegal activities, such as copyright infringement, which can
create legal and ethical issues.

d) Unguided Media
Unguided media, also known as wireless media, refers to any type of
communication medium that does not rely on a physical connection or a
fixed path to transmit data between devices. In other words, it allows data
to be transmitted through the air, using radio waves or other wireless
signals.

There are several types of unguided media that are commonly used for
wireless communication, including radio waves, microwaves, and infrared.
Each of these types of wireless signals has its own unique characteristics
and limitations.

Radio waves, for example, are used for a wide range of wireless
applications, including AM and FM radio, Wi-Fi, and Bluetooth. They are
able to penetrate walls and other solid objects, which allows them to be
used for wireless communication over long distances.

Microwaves, on the other hand, are used for higher frequency

communication, such as satellite and microwave radio. They are able to
transmit large amounts of data over long distances, but are also subject to
interference from other sources.

Infrared communication, which is used in applications such as remote

controls and some types of wireless keyboards and mice, uses light waves
to transmit data. It is relatively short-range and requires a clear line of sight
between the transmitting and receiving devices.

32 .Differentiate Virtual circuit and Datagram.

33 .Write a short Note on

a) Router:
b) Unguided media, also known as wireless media, refers to any type of
communication medium that does not rely on a physical connection or a
fixed path to transmit data between devices. In other words, it allows
 data to be transmitted through the air, using radio waves or other
wireless signals.
c) There are several types of unguided media that are commonly used for
wireless communication, including radio waves, microwaves, and
infrared. Each of these types of wireless signals has its own unique
characteristics and limitations.
d) Radio waves, for example, are used for a wide range of wireless
applications, including AM and FM radio, Wi-Fi, and Bluetooth. They are
able to penetrate walls and other solid objects, which allows them to be
used for wireless communication over long distances.
e) Microwaves, on the other hand, are used for higher frequency
communication, such as satellite and microwave radio. They are able to
transmit large amounts of data over long distances, but are also subject
to interference from other sources.

c) Remote Communication Protocol

Remote Communication Protocol (RCP) is a client-server protocol used for

remote command execution, remote file transfer, and remote process
management on a computer network. It was developed by Sun
Microsystems and is commonly used in Unix and Unix-like operating
systems.

RCP operates on top of the Remote Procedure Call (RPC) protocol and uses
the client-server model for communication. The client sends a request to
the server to execute a command or transfer a file, and the server responds
with the appropriate action. RCP can also be used to manage remote
processes and to monitor system performance.

One of the key advantages of RCP is its simplicity and ease of use. It is built
into many Unix-based operating systems, making it a convenient tool for
administrators and developers who need to manage remote systems. RCP
also supports authentication and encryption, which helps to ensure the
security of data transmission over the network.
However, RCP is also known for its security weaknesses and is considered to
be an insecure protocol. It is vulnerable to attacks such as eavesdropping,
data tampering, and password cracking. For this reason, it is recommended
that RCP be used only in trusted environments, and that more secure
protocols such as SSH or SFTP be used for remote access and file transfer in
untrusted environments.