NM&A(Network Management & Administration)

Past Papers 2014-2017

 SHORT QUESTIONS

Q1 Define the access list and its types? (20142, 20152, 20162)
 Access control list:
Access control list is a set of rules that are used to filter network traffic. Access control
list is configured on a router. By using access control list we can protect our sensitive
data by allowing only authorized person to access the network.
 Types of Access control list:
We have two types of access lists
1. Standard Access control List
2. Extended Access control List
I. Standard Access Control List:
• With standard access, you can filter only the source IP address of the packet.
• Standard access is not powerful as extended access list.
• Standard access list consume less processor time of the router.
• It easy to configure on router.
II. Extended Access Control List:
• With extended access control list you can filter both source and destination IP
addresses.
• It is more powerful than standard access list.
• It consume more processor time of the router.
• It is harder to configure on router.
Q2 Differentiate between SNMP2 and SNMP3? (20142,20172)
 SNMP:
Simple Network Management Protocol is used to monitor a network and the devices
that are attached to that network.
 Versions:
1. SNMP1
2. SNMP2
3. SNMP3
I. SNMP1:
It is the network management protocol that assures the message integrity by protecting
message packets with protection mechanism.
II. SNMP2:
It is a network management protocol that assures the message integrity by protecting
the message packets with party based security system. It adds several improvements in
performance along with advancement in security over SNMP1.You can retrieve large
 amount of data with a single request called GetBulkRequest. It adds improvement in
manager to manager communication.
III. SNMP3:
It is a network management protocol that assures the message integrity by protecting
the message packets with Cryptographic security system. It adds several improvements
in performance along with advancement in security over SNMP2. SNMP3 introduce
many conventions that are not available in SNMP2.
Q3 Differentiate between Manager and Agent? (20142, 20172)
 Manager:
In computer network, group of devices are attached together. Manager Key function is
to monitor and manage the entire network and the devices that are attached to it.
Manager gets the information from network agent and takes decisions about the
network on the bases of that information.
A manager is an application that manages SNMP agents on a network by issuing
requests, getting responses, and listening for and processing agent-issued traps.
 Agent:
Agent is software that is installed in a network device. The key function of the agents is
to provide information about the network devices to manager through SNMP.
An agent is a software process that responds to SNMP queries to provide status and
statistics about a network node
Q4 Differentiate between MIB and SMI? (20142, 20172)
 MIB: MIB stands for management information base. It is a database that is used to
manage the entities in the communication network. MIB contains the information of
different network segments and manager can use this information for the purpose of
troubleshooting and for improving the performance of the network.
 SMI:
SMI stands for structure management information. SMI operates in SNMP to define the
set of modules of related managed objects in MIB. It is a framework that can be
manipulated by SNMP. It provides the building block that specifies the basic format of
management data.
Q5 Define SNMP Proxy server? (20142)
 Proxy Server:
You need proxy server when there is no direct communication between manager and
agent is possible. This happens if hosts are located in a network with private RFC 1918
addresses behind a firewall. The management station can only communicate with one
proxy host in that network.
Q6 What is Firewall, what are the available firewalls in the market (any two)? (20142)
 Firewall:
A firewall is a hardware or software system that prevents the unauthorized access to or
from a network. Firewall can be implemented in both hardware and software or a
combination of both.
  Available Firewall:
• Packet Filtering Firewall
• Proxy
• State full inspection
Q7 what is RFC, mention any two RFCs? (20142)
 RFC:
RFC stands for Request for Comment. RFC connections can always be used across the
entire system. This means that if you define RFC connection in client 000 than you can
access and use this connection in client 100 too.
 Available RFCs:
RFC 20 – ASCII format for network interchange
RFC 868 – Time Protocol
RFC 863 – Discard Protocol
Q8 what function is performed by “Ping” monitoring tool? (20142)
 Ping Monitoring Tool:
Ping monitoring tool is available on any operating system. It is a network connections
detecting tool. Ping monitoring tool acts as a test to see if a networked devices are
reachable or not. It displays the list of available network connections. It connects client
computer to the server computer.
Q9 what is RMON monitoring? (20142)
 RMON:
RMON stands for remote monitoring. RMON facilitates in monitoring the operational
activities of the network. RMON use monitoring device called probe to monitor the
network. RMON assists the network administrator with efficient network infrastructure
control and management. Without leaving the office network administrator can manage
the whole network, troubleshoot the problem and increase the performance.
Q10 what is the different between public and private IPs? (20142,20152, 20162)
 Public IP's:
Public IP is an external IP address that is used across the entire network to locate
computer systems and devices. Public IP is basically a server IP that is used by all client
devices on the network to access the server.
 Private IP's:
Private IP is a local IP address that is used to locate the particular computer on a
network. The IP of each computer is called private IP.
Q1 what are the five functional areas of Network Management? (20152, 20172)
 Functional Areas of Networking:
• Configuration Management
• Fault Management
• Performance Management
• Security Management
 • Accounting Management
• Asset Management
• Planning Management
Q2 what is the process of detecting problems in fault management? (20152, 20162, 20175)
 Fault Management:
Fault is a network normally associated with the failure of a network components and loss of
connectivity.
 Process:
Fault management process is consists of 5 steps.
1- Fault Detection
The fault should be detected as quickly as possible by central management system.
2-Fault Location:
Fault location involves where the problem is located.
3-Restoration of Service:
Try to restore the service to the user by alternative means quickly as possible.
4-Identification of Real Cause of the problem:
It is very complex process. In this process we identify the real cause of the problem.
5- Problem Resolution:
After identifying a problem we try to resolve the problem.
Q3 what is the functionality of probe in RMON? (20152, 20162, 20172)
 Functionality Of Probe In RMON:
Probe is a monitoring device that monitors the entire network and its traffic. Probe set
the alarm for certain condition and when that certain condition occurs it notifies the
network manager. Probes are always placed permanently into a network.
Q4 what are the versions/editions of windows server 2003? (20152, 20162, 20172)
 Window Server 2003 Editions:
• Standard Edition
• Enterprise Edition
• Data Center Edition
• Web Edition
 Standard Edition:
It is designed for every day’s needs of small and medium businesses. It provides file and
printer services, secure internet connectivity and centralized management of network
resources.
 Enterprise Edition:
 Generally used for medium to large businesses. It is designed for organizations that
require better performance, reliability and availability than standard edition provides.
 Data Center Editions:
It is designed for data centers. It is used to store very large amount of data.
 Web Editions:
 It is a low cost edition. It is used for hosting and deploying web services and
applications. It is designed for all types of data businesses.
Q5 what are the three roles for a Windows Server 2003 system in a network? (20152, 20162,
20172)
 File Server Role:
File servers enables the users to store file in central location and share the files with
another user.
 Printing Server Role:
Printing server role provides printing service for the network.
 Mail Server Role:
Mail server role provides mail service for the network.
Q6 How to add a folder to the favorites list in Windows XP? (20152, 20162)
 Steps:
1. First launch window explorer and open the folder that you want to add into
favorite list.
2. Once the desire folder is open, navigate to the left pane and right click the
favorite menu.
3. The click on “ add current location to favorite” option.
Q7 what are the limitations of firewall? (20152, 20162)
 Firewall limitations:
• Cannot protect from attacks bypassing it
• Cannot protect against internal threats
• Cannot Fix Administrator mistakes
Q9 what’s difference between Ad-hoc and Infrastructure mode Wireless network? (20152,
20162, 20172)
Ad-hoc Infrastructure
1. An Ad-hoc network allows each device to 1. An Infrastructure mode network requires
communicate directly with each other. the use of an Access Point.
2. There is no central Access Point 2. The Access Point controls Wireless
controlling device communication. communication and offers several
3. Ad-hoc networks are only able to important advantages over an Ad-hoc
communicate with other Ad-hoc devices, network.
they are not able to communicate with 3. An Infrastructure based network
any Infrastructure devices or any other supports increased levels of security,
devices connected to a wired network. In potentially faster data transmission
addition, Ad-hoc mode security is less speeds and integration with a wired
sophisticated. network.
Q1 what is the difference between share and security permissions? (20162, 20172, 20145)
 Share Permission Vs Security Permission

Share Permissions Security Permissions

Share permissions are the permissions you NTFS permissions determine the action
set for a folder when you share that folder. users can take for a folder or file both across
The share permissions determine the type of the network and locally.
access others have to the shared folder
across the network.
There are three types of share permissions: Unlike share permissions, NTFS permissions
Full Control, Change, and Read. offer several other permissions besides Full
Control, Change, and Read that can be set
for groups or individually.

Q5 What are the four differences between Workgroup and Domain in windows networking?
(20172, 20155, 20165)
 Workgroup Vs Domain:

Workgroup Domain

Peer-to-peer Windows computer

Network type Client/server network
network

User needs to have separate log User can log on at any

Log in in id and password at each workstation via their account
workstation and access domain resources

Computers are limited to There can be up to 2000

Workstations
maximum 10 computers

Each user controls the resources One administrator to administer

Administrator and security locally on their the domain and its users and
PC's resources.

The computers can be on

All computers must be on the
Location different local networks, i.e.
same local network or subnet.
anywhere in the world.

Each user controls the settings One can make only limited
Computer's settings on their own computer. No changes to a computer's settings
central settings. because network administrators
often want to ensure consistency
 among computers.

Each computer must be changed Changes made to one are

Changes manually or once changed must automatically made to all
be transferred to each computer. computers

User needs to have separate log Domain users must provide a

in id and password at each password or other credentials
Security
workstation, but once logged in each time they access the
can access the computer. domain.

 I

Long QUESTIONS

Q3.a) what is the role of DNS server in Network and what’s type of DNS, Briefly explain it
with example? (20145, 20175)
DNS:
The DNS translates Internet domain and host names to IP addresses. DNS automatically
converts the names we type in our Web browser address bar to the IP addresses of Web
servers hosting those sites.
We do so because it is easy to remember names than to remember long decimal numbers.
For example www.uta.edu maps to 129.107.56.31
DNS SERVER:
DNS Server store information about domain names and their corresponding DNS records. DNS
records hold information regarding the address, web host, domain registration.
Whenever the request for information is made the DNS server responds with relevant
information.
Types of DNS Server:
DNS server is classified on the basis of the function they perform.
 Zone Master Server:
Zone master server is the authoritative server. It will have a database of all the data
associated with the particular zone. This data is available on two server namely the
primary master server and secondary slave server. Whenever particular information is
requested, the zone computer consults the master server.
 Primary Master Server:
The primary master server contains the master copy of the domain data. This master
data loaded on the disk when its operations start. This is the main server which is
referred to when relevant information is needed.
 Secondary Slave Server:
In the cases of master server failure the secondary slave server provides the relevant
information. It is also used as a backup server that contains the backup of the master
server.
 Caching only server:
The caching only server stores results of the queries that are made. The next time this
information is needed the server fetches it immediately instead of waiting. These
servers are not authorized for any domain and they only perform queries.
 Forwarding Server: These servers are known as proxy, client, or remote servers. These
Servers forward all requests to other DNS and cache the results.

Q3.b) what is the difference between share and security permission? (20145, 20175)

 Share Permission Vs Security Permission

Share Permissions Security Permissions

Share permissions are the permissions you NTFS permissions determine the action
set for a folder when you share that folder. users can take for a folder or file both across
The share permissions determine the type of the network and locally.
access others have to the shared folder
across the network.
There are three types of share permissions: Unlike share permissions, NTFS permissions
Full Control, Change, and Read. offer several other permissions besides Full
Control, Change, and Read that can be set
for groups or individually.

Q4) Write the procedure for client and server to Remote Disk access with NFS in Linux?
(201410)

 Network File System (NFS):

 Network File System (NFS) is a popular distributed file system protocol that enables
users to mount remote directories on their server. The system lets you leverage storage
space in a different location and write onto the same space from multiple servers in an
effortless manner. It, thus, works fairly well for directories that users need to access
frequently.
 Procedure
Procedure for accessing remote disk with NFS in Linux Consists of followings Steps.
1. Download and install the components on both host and clients servers.
2. Create the share directory on the host server.
3. Configure the NFS exports on the host server.
4. Create the mount points and mount remote shares on the client server.
5. Test NFS access.
6. Make remote NFS directory mounting automatic
7. Un mount the NFS Remote Share
8. Wrap Up.

Q5.a) what’s the purpose of Active directory, User Administration, Domain controller,
Additional Domain controller? (20145, 20165)
 Active Directory:
Active Directory is a Directory Service which Contains Information of All User Accounts
and Shared Recourses on a Network. Active Directory is a Centralized Hierarchical
Directory Database. It Provide User Logon and Authentication Services. It is used to
organize and manage: User Accounts, Computers, Groups, and Network Resources
.Enables authorized Users to easily locate Network Resources.
 User Administration:
User Administration (UADM) is an application used to manage ERA (Electronic Research
Administration) user accounts across all ERA applications.

 Domain Controller:
A domain controller (DC) is a server that responds to security authentication requests
within a Windows Server domain. It is responsible for allowing host access to Windows
domain resources. A domain controller is the centerpiece of the Windows Active
Directory service. It authenticates users, stores user account information and enforces
security policy for a Windows domain.
 Additional Domain Controller
Having one Domain Controller is not safe for the organization’s network because, it
would be a single point of failure in case of any technical breakdown. Entire network will
 be down and would lead to big outage. For eliminating the risk of network breakdown
we need to have an Additional Domain Controller (ADC) in our environment.

Q5.b) Define the scope of DHCP server, configure a range 192.168.0.1 – 192.168.0.200, first 20
IPs are for servers, last 5 IPs are reserves. Write its configuration step by step. (20145, 20165)

SORRY! Answer Not Found

Q1.a) what is the difference between workgroup and domain in window networking (20155)
 Workgroup Vs Domain:


Workgroup Domain

Peer-to-peer Windows computer

Network type Client/server network
network

User needs to have separate log User can log on at any

Log in in id and password at each workstation via their account
workstation and access domain resources

Computers are limited to There can be up to 2000

Workstations
maximum 10 computers

Each user controls the resources One administrator to administer

Administrator and security locally on their the domain and its users and
PC's resources.

The computers can be on

All computers must be on the
Location different local networks, i.e.
same local network or subnet.
anywhere in the world.

Each user controls the settings One can make only limited
Computer's settings on their own computer. No changes to a computer's settings
central settings. because network administrators
often want to ensure consistency
 among computers.

Each computer must be changed Changes made to one are

Changes manually or once changed must automatically made to all
be transferred to each computer. computers

User needs to have separate log Domain users must provide a

in id and password at each password or other credentials
Security
workstation, but once logged in each time they access the
can access the computer. domain.

 I

Q1.b) what is configuration control? – explain. (20155)

 Configuration Control:
Configuration control is important function in configuration management system. Its
purpose is to ensure that all the changes to a complex system are performed with the
knowledge of management.
 Task of configuration control:
Configuration control task includes initiating, preparing, analyzing, evaluating and
authorizing proposals for change to a system.
 Process of Configuration Control:
• Identification and documentation of the need for a change in a change request.
• Analysis and evaluation of the change request and production of change
proposal.
• Approval or disapproval of change proposal.
• Verification, Implementation and release of a change.
 Need of Configuration Control:
Configuration control is important for risk management.
Q2.a) Write short notes on Transport mapping. (20155, 20165, 20175)
 Transport Mapping:
The transport mapping can be used with any version of SNMP. The SNMP over
TCP transport mapping is an optional transport mapping. SNMP protocol engines
that implement the SNMP over TCP transport mapping MUST also implement
the SNMP over UDP. SNMP over TCP is an optional transport mapping. It is
primarily defined to support more efficient bulk transfer mechanisms within the
SNMP framework. The originator of a request-response transaction chooses the
transport protocol for the entire transaction. The transport protocol must not
 change during a transaction. When selecting the transport, it is useful to consider
how SNMP interacts with TCP acknowledgments and timers. It is possible to
exchange multiple SNMP request/response pairs over a single TCP connection.
TCP connections are by default full-duplex and data can travel in both directions
at different speeds. It is therefore possible to send multiple SNMP messages to
a remote SNMP engine before receiving responses from the same SNMP
engine. Note that an SNMP engine is not required to return responses in the
same order as it received the requests. It is RECOMMENDED that administrators
configure their SNMP entities containing command responders to listen on TCP
port 161 for incoming connections. It is also RECOMMENDED that SNMP
entities containing notification receivers be configured to listen on TCP port 162
for connection requests. SNMP over TCP is intended to be used when the size of
the transferred data is large since TCP offers flow control and efficient
segmentation. The transport of large amounts of management data via SNMP
over UDP requires many request/response interactions with small-sized SNMP
over UDP messages, which causes latency to increase excessively.
The transport of SNMP messages over TCP results in a reliable exchange of
SNMP messages between SNMP engines. In particular, TCP guarantees (in the
absence of security attacks) that the delivered data is not damaged, lost,
duplicated, or delivered out of order. There is an important difference between an
unconfirmed protocol operation sent over a reliable transport and a confirmed
protocol operation. A reliable transport such as TCP only guarantees that
delivered data is not damaged, lost, duplicated, or delivered out of order. It does
not guarantee that the delivered data was actually processed in any way by the
application process. Furthermore, even a reliable transport such as TCP cannot
guarantee that data sent to a remote system is eventually delivered on the
remote system. Even a graceful close of the TCP connection does not
guarantee that the receiving TCP engine has actually delivered all the data to an
application process.
Q2.b) Write short notes on Administrative models. (20155)
 Administrative Model:
Administrative model fall under the category of communication model of SNMP
that deals with the communication between SNMP agent and manager.
Administrative model describes the relationship among entities that participate in
SNMP communication model. Here question arises what kind of entities: the
entities may be management stations and network elements. Both of these
entities are called SNMP application entities. Peer processes that implement and
support SNMP application entities are called protocol entities.
Application entity residing in management station is called SNMP manager and
application entity residing in network element is called SNMP agent. The pairing
of two entities is called SNMP community. SNMP manager monitors traffic on
network element. SNMP manager has MIB (Management Information Base) that
stores the information about the network elements.
 In administrative model, we can control the communication between SNMP agent
and manager through some access modes. There are four access modes like
no-accessible, Read-Only, Write-Only, Read-Write.
SNMP agent with Read-Write mode can perform all operations Get, Set, Trap
etc. SNMP manager with No-Accessible mode cannot access any SNMP
manager in community. SNMP agent with Read-Only can only read like perform
only Get operations etc and SNMP agent with Write-Only can only make
changes without reading the parameters like performing Set operations only.
We use these access modes to define access policy for our SNMP community
profiles. Each Community has its multiple community profiles which contains
information about the network elements reside in that community. There are
different agents and managers belonging to different communities that are why
we have to manager them according to our defined access policy. Administrative
model actually made for reliable and secure communication between agents and
managers.
Q3.a) Write short notes on standard MIB’s. (20155)

 RMON1 MIB:
• With the RMON1 MIB, network managers can collect information from re-mote
Network segments for the purposes of troubleshooting and performance.
• An RMON implementation typically operates in a client/server model.
• Monitoring devices (commonly called “probes” in this context) contain RMON
software agents that collect information and analyze packets. These probes act
as servers and the Network Management applications that communicate with
them act as clients.

 The RMON1 MIB Provides:

• Statistics: real-time LAN statistics, e.g., utilization, collisions, CRC errors.
• History: history of selected statistics.
• Alarm: definitions for RMON SNMP traps to be sent when statistics exceed
defined thresholds.
• Hosts: host specific LAN statistics, e.g., bytes sent/received, frames
sent/received.
• Hosts top N: record of N most active connections over a given time period.
• Matrix: the sent-received traffic matrix between systems.
• Filter: defines packet data patterns of interest, e.g., MAC address or TCP port.
• Capture: collect and forward packets matching the Filter.
• Event: send alerts (SNMP traps) for the Alarm group.
• Token Ring: extensions specific to Token Ring.
  Capabilities of RMON1:
• Without leaving the office, a network manager can watch the traffic on a LAN
segment.
• Deploying network management staff resources more efficiently means that
one expert at a central site can be working on several problems by getting
information from several probes at remote sites.
 RMON2 MIB:
• RMON2 follows client/server model.
• Applications communicating to the "server" agents using the Simple Network
Management Protocol (SNMP).
• RMON2 agents will be found in dedicated devices and/or embedded in network
infrastructure devices.
• With the increased volume of traffic statistics being collected by RMON2, the
processor power and memory of the agent will be very important
considerations.

 The RMON2 MIB Provides:

• Protocol Directory: list of protocols the probe can monitor.
• Protocol Distribution: traffic statistics for each protocol.
• Address Map: maps network-layer (IP) to MAC-layer addresses.
• Network-Layer Host: layer 3 traffic statistics, per each host.
• Network-Layer Matrix: layer 3 traffic statistics, per source/destination pairs of
hosts.
• Application-Layer Host: traffic statistics by application protocol, per host.
• Application-Layer Matrix: traffic statistics by application protocol, per
source/destination pairs of hosts.
• User History: periodic samples of user-specified variables.
• Probe Configuration: remote configuration of probes.
• RMON Conformance: requirements for RMON2 MIB conformance
 Capabilities of RMON2:
• Higher Layer Statistics
• Address Translation
• User-Defined History
• Improved Filtering
• Probe Configuration

Q3.b) Write short notes on SNMP V2. (20155, 20165)

 SNMP V2:
• SNMP2 was released in 1996.
• SNMP2 adds several improvements in performance along with advancement in
security over SNMP1.
• SNMP2 adds improvement in manager to manager communication.
 • GetBulkRequest has been added to retrieve large data with single request.
• SNMP2 use party based security system to protect message packets.
• SNMP2 introduce many conventions that are not available in SNMP1.

Q3.a) Write short note on web based management. (20165)

 Web Based Management:
Web-based management is based on Web technology. In this configuration, the agent is
embedded in the network element as a Web server and can monitor and/or control the network
element.
Use of a management application and Web browser allows the information from the Web server
agent to be displayed on a Web-based display. Web based management used browser as a
interface to which user interacts and take information. Web based management is basically a
combination of website and desktop application interface. Web based management is very
popular in now a days. Web based management allow people to manage SNMP resources from
desktop environment.
Q1.b) Do you need an NMS? Why? (20175)
 Network Management System:
Network management system is designed for monitoring, maintaining, and optimizing the
network. It includes both hardware and software. NMS is not useful for small networks. It is
useful for large scale network.NMS provide multiple services.
• Network Monitoring:
NMS monitors network hardware to ensure all devices operating properly and are not
near or at full capacity. Alerts can be sent to network administrators if a problem
detected.
• Device detection:
When a new device is connected to the network, the NMS detects it so that it can be
recognized, configured and added to the network.
• Performance Analysis:
NMS analyze the current and historical performance of the network. This includes
overall performance of the network as well as performance of the individual devices and
connections.
• Fault Management:
NMS helps in fault management process. If a device or section of a network fails, an
NMS may be able to automatically reroute to limited downtime.
Q3.b) Write short note on SNMP V3. (20175)
SNMP V3:
SNMP V3 does not add any change to the SNMP protocol apart from the encryption.
In fact main motivation behind developing SNMP3 was to tackle the security concerns of earlier
versions of SNMP .SNMPv3 use cryptographic security system to protect the integrity of the
message by protecting message packet.
SNMP3 looks different from previous versions because in this version of SNMP new
conventions for text, concept and new terminology is introduces.
Extra Data
Kernal Mode vs User Mode
Kernal Mode User Mode
1) Crashes in kernel mode are 1) Crashes in user mode are always
catastrophic; they will halt the recoverable.
entire PC. 2) Comparatively slow as they have
2) Usually work faster, because, as to ask the system the permission
part of the system, it can directly to use more memory or more
use all the hardware resources it CPU resources.
needs.

DHCP(Dynamic Host Configuration Protocol):

DHCP was created by the Dynamic Host Configuration
Working Group of the Internet Engineering Task Force(IETF)
 Runs over UDP
 Utilizing ports:
 67 – connections to server
 68 – connections to client
 Extension of BOOTP (protocol used for simple interaction)-
DHCP enhances the capabilities of BOOTP
 DHCP is basically used for dynamic configuration
 Uses client–server models