CNS Notes (Unit 1-5 English)

Computer Networks and Security
UNIT - I
Part – A
1. Define data communication.
Data communications refers to the transmission of digital data between two or more computers or
devices
2. What is data flow?
The classification of data transmission is based on which of the communicating devices can send data
and how the transmission can take place.
3. List the types of data flow.
 Simplex  Half-duplex  Full-duplex
4. Define topology.
Network Topology refers to the physical layout of a network. It determines how different nodes in a
network are connected to each other and how they communicate is determined by the network's
topology.
5. What are the different topologies?
1. Bus 4. Mesh
2. Ring 5. Hybrid
3. Star
6. Define simplex.
In the simplex communication the direction of signal of data flow is in only one direction i.e.
unidirectional only.
Example: Radio station broadcasting the programs and the receiver receives the signal and listen to the
program.
7. Give any three types of networks.
 LAN (Local Area Network)
 Man (Metropolitan Area Network)
 WAN (Wide Area Network)
8. Define internet.
The Internet is a global wide area network that connects computer systems across the world.
9. Define intranet.
Intranet is an Internal or private network of an organization based on internet technology (such as
hypertext and TCP/IP protocols) and accessed over the internet
10. Define guided and unguided media.
Guided media - In this, the signals are guided by a physical transmission media for transmitting
between different devices.
Computer Engineering Page 1

Unguided media- Unguided media transport electromagnetic waves without using a physical
conductor
11. Give the full form of VSAT.
VSAT stands for Very Small Aperature Terminal.
12. Define gateways.
A gateway is defined as an internet working system. This is used to join two networks that use
different base protocols for communication.
PART - B
1. Discuss about Point- to –point and Multipoint.
I. Point-to-Point connection
 This type of connection provides a dedicated link between two devices.
 The entire capacity of the link is used only for transmission between those device connected
point-to-point.
 Example: TV controlled by remote control hence point-to-point connection established between
the two devices.
II. Multipoint
 A multipoint connection is one in which more than two specific devices share a single link.
 In this type of connections the link is shared by the devices either spatially i.e. if the devices
connected can use the link simultaneously or time shared connection.
2. Discuss Wide area network (WAN)

A network connection implemented within a large geographical distance between countries or
continents is called WAN.
Uses :
 It covers large distance

 It can be used by all types of users.

 The cost of data communication is low.
 Any type of resources can be shared.
3. Explain client server .
A computer network in which one centralized, powerful computer (called the server) is a hub to
which many less powerful personal computers or workstations (called clients) are connected. The
clients run programs and access data that are stored on the server.
4. Discuss about Low orbit satellite( LOS)

A low Earth orbit (LEO) is generally defined as an orbit below an altitude of approximately 2,000
kilometers
 A Low Earth Orbit (LEO) typically is a circular orbit about 400 kilometers (250 mi) above the earth's
surface and, correspondingly, a period (time to revolve around the earth) of about 90 minutes a
period (time to revolve around the earth) of about 90 minutes.
 Low earth orbiting satellites are less expensive to launch and due to proximity to the ground, do not
require as high signal strength
PART - C
1. Explain the Components of data communication.
The basic components of data communications are as follows:
1. Message 4. Transmission Medium
2. Sender 5. Protocol
3. Receiver

1. Message
It is the information to be communicated. Popular forms of information include text, pictures, audio,
video etc.
2. Sender
It is the device which sends the data messages. It can be a computer, workstation, telephone handset
etc.
3. Receiver
It is the device which receives the data messages. It can be a computer, workstation, telephone handset
etc.
4. Transmission Medium
It is the physical path by which a message travels from sender to receiver. Some examples include
twisted-pair wire, coaxial cable, radio waves etc.
5. Protocol
It is a set of rules that governs the data communications. It represents agreement between the
communicating devices. Without a protocol, two devices may be connected but cannot communicate.
2. Explain VSAT .
 Very Small Aperture Terminal, an earthbound station used in satellite communications of data,
voice and video signals.
 A VSAT consists of two parts, a transceiver that is placed outdoors in direct line of sight to the
satellite and a device that is placed indoors to interface the transceiver with the end user's
communications device, such as a PC
 The satellite sends and receives signals from a ground station computer that acts as a hub for the
system
 Each end-user is interconnected with the hub station via the satellite
 The hub controls the entire operation of the network. For one end-user to communicate with
another, each transmission has to first go to the hub station that then retransmits it via the satellite
to the other end-user’s VSAT

Advantages:
“Always on”, two way/bidirectional data communication
 Cost-effective
 Speed
3. Explain Twisted pair :
 The most popular network cabling is twisted pair. It is a light weight, easy to install, inexpensive and
support many different types of network.
 Twisted pair cabling is made of pairs of solid or stranded copper twisted along each other.
 A twisted pair consists of two conductors usually copper with its own plastic insulation, twisted
together as shown in the Figure.
 One of the wires is used to carry the signal and another for ground reference. The receiver uses the
difference between the two.

 Twisted pair is the ordinary copper wire that connects home and many business computers to the
telephone company. To reduce crosstalk or electromagnetic induction between pairs of wires, two
insulated copper wires are twisted around each other.
 The twists are done to reduce vulnerably to EMI and cross talk.
 The number of pairs in the cable depends on the type.
 The copper core is usually 22-AWG or 24-AWG, asmeasured on the American wire gauge standard.
 There are two types of twisted pairs cabling
1. Unshielded twisted pair (UTP)
2. Shielded twisted pair (STP)
1. Unshielded twisted pair (UTP)
 UTP is more common. It can be either voice grade or data grade depending on the condition.
 UTP cable normally has an impedance of 100 ohm. UTP cost less than STP and easily available due to
its many use.
 There are five levels of data cabling

i. Category 1: These are used in telephone lines and low speed data cable.
ii. Category 2: These cables can support up to 4 mps implementation.
iii. Category 3: These cable supports up to 16 mps and are mostly used in 10 mps.
iv. Category 4: These are used for large distance and high speed. It can support 20mps.
v. Category 5: This is the highest rating for UTP cable and can support up to 100mps.
UTP cables consist of 2 or 4 pairs of twisted cable. Cable with 2 pair use RJ-11 connector and 4 pair
cable use RJ-45 connector.
Characteristics of UTP
 low cost  High attenuation
 easy to install  Effective to EMI
 High speed capacity  100 meter limit
Advantages of UTP
 Easy installation
 Capable of high speed for LAN
 Low cost
Disadvantages of UTP

 Short distance due to attenuation

2. Shielded twisted pair (STP)
 It is similar to UTP but has a mesh shielding that’s protects it from EMI which allows for higher
transmission rate.
 IBM has defined category for STP cable.

Type 1: STP features two pairs of 22-AWG
Type 2: This type include type 1 with 4 telephone pairs
Type 6: This type feature two pairs of standard shielded 26-AWG
Type 7: This type of STP consists of 1 pair of standard shielded 26-AWG
Type 9: This type consist of shielded 26-AWG wire
Characteristics of STP
 Medium cost  Higher attenuation, but same as UTP
 Easy to install  Medium immunity from EMI
 Higher capacity than UTP  100 meter limit
Advantages of STP:
 Shielded
 Faster than UTP and coaxial
Disadvantages of STP:
 More expensive than UTP and coaxial
 More difficult installation
 High attenuation rate
UNIT – II
PART - A
1. Define Protocol.
Protocol is defined as a set of rules that controls the communication between two or
more devices
2. Define Switching.
Switching is defined as a process of routing and delivery of data between sender and
receiver devices.

3. Define Packet.
Packet is defined as a manageable group of data.
4. Define FDDI.
This is used to transport data over fiber optic cable using token ring topology.
5. Define ISDN.
Integrated Service Digital network is designed to provide digital communication using
the existing telephone network.
6. Explain standard.
A standard gives a common international model for products design and manufacturing.
This enables the products to work uniformly irrespective of the manufactures. Standards
provide an internationally accepted uniform communication principle.
PART - B
1. Write short notes on Ethernet.
Ethernet is the most widely installed local area technology specified in IEEE 802.3
standard. This was developed by XEROX and further developed by XEROX, DEC and Intel IEEE
802.3 defines two categories. They are
(i) Base band
(ii) Broad band
The word base specifies a digital signal and broad specifies a analog signal. There are
four base band standards and one broad band standard.
Example
(i) 10 Base 5, 10 Base 2, 10 Base T, 1 Base 5.
(ii) 10 Broad 36
2. What are the advantages of FDDI.
The full form of FDDI is fiber distributed data This is a LAN protocol developed by ANSI
and ISO. This is used to transport data over fiber optic cable using token ring topology
Features
(i) It supports data rate up to 100 Mbps
(ii) This supports distance over 200 km.
(iii) Gives equal time for all, devices to transmit data.
(iv) It operates in the physical and MAC layers of OSI.
3. Write short notes on B- ISDN.
B-ISDN is an extension of ISDN. This is used to do digital transmission service over a
broadband network consists of fiber optic or radio media. The data transfer rate is 600 Mbps. B-
ISDN, provides two types of services. They are

 Interactive services
 Distributive services
4. Explain Token ring (802.5)
Token ring is a local area network standard in which all computers are connected in a
ring or star topology as shown in the figure given below.
This standard uses a three byte frame called a token that travels around the ring. This
acts as a empty vessel for transporting data frame from one terminal to another. The
terminal which holds the token can only do communication. The steps given below explains
the working of token ring.
PART - C
1. Discuss Token ring.
Token ring is a local area network standard in which all computers are connected in a
ring or star topology as shown in the figure given below.

(i) When a terminal has a message to send, it captures the free token. It then writes the
data and the destination address on to the token.
(ii) The data frame (token) is made to circulate on the ring. The data frame passes from
terminal to terminal in the ring
(iii) When the token reaches the correct destination address, the receiver copies the
message.
(iv) After reading, the receiver sends the acknowledgment message back to the sender
about the reception of data.
(v) The token then reaches the correct address who sends the data. The sender accepts
the acknowledgment.
(vi) When the time period is over or the terminal finishes transmission, the token is
freed and it is made to circulate along the ring.
2. Explain packet switching and Message switching.

i. Packet switching
Packet is defined as a manageable group of data. Packet switching is a process of
breaking down the message into small packets and sent across the communication
network as independent entities. In this no physical path is established between sender and
receiver. The figure given below shows the structure of a packet switching network.

Working principle
The steps given below show how communication takes place between different terminals in the
network.
i. The message sent is broken into packets of equal size. Then in each packet the
information such as packet number, address of the receiver etc., are written.
ii. The sender places the packets in the communication channel without making a physical
connection with the receiver.
iii. The routers route the packets to destination in the shortest possible route.
iv. In the receiving end the packets wont arrive in the order send by the sender.
The figure given below shows the timing diagram for the communication between any
two terminals A and D in the network.

(ii) Message switching

In message switching no physical communication path is established between the
sender and the receiver. But, if a sender wants to send a data block to a receiver, it is sent to its
switching office. Here it is stored until any intermediate switching office between sender and
receiver is ready to receive the whole data. This process is continued until the data block
reaches the destination switching office. The figure given below shows the structure of message
switching network.
Working principle
The steps given below show the communication between a terminal in switching office
B and a terminal in switching office D.
(i) The terminal sends the whole data block to the switching office B.
(ii) The data block is stored until a intermediate switch A or E is ready to receive the data.
(iii) If switching office A is ready to receive, it is sent to A. Their it is stored until
(iv) Switching office C is ready to receive.
(v) Once C is ready, it is sent to C and from C issent to the destination terminal switch D.
The figure given below shows the timing diagram for the communication between switching
office B and D.

3. Explain ISDN and explain its services.

ISDN stands for Integrated Service Digital Network or Subscriber Digital Network.
This is designed to digital communication using the existing telephone The figure given
below shows the structure. The main components are
(i) Network termination device (NT1)
(ii) Router
NTI
This device serves as an interface between the ISDN line and the ISDN equipment’s, such
as phone, Fax, LAN, computer etc.
Router
This device is used to connect the existing LAN connection to a single ISDN connection.
Features
i. It has two channels namely bearer channel (B channel) and data channel (D channel). B
channel is used to transmit user information at high speed and D channel is used to
carry call setup, signalling etc.

ii. It can handle all type of information such as voice, data, video, sound.
iii. It can handle many devices.
iv. It can support up to three calls at the same time. That is two voice, fax or PC
communication and one data communication.
v. It offers inexpensive dialed digital access throughout the world.
ISDN services
The purpose of ISDN is to provide fully integrated digital services to users. The following
are the important ISDN services
(i) Bearer services
(ii) Network services
(iii) Supplementary services
(i) Bearer services
The important bearer services are
 Carry data between two users. For example voice of tax information.
 To know the call activity of an user at any given time.
(ii) Network services
The important network services are
 It manages the interaction between the user and the network. For example
setting up calls and disconnecting calls.
 It has the facility for making a call, clearing a call, transferring calls to another
user etc.
(iii) Supplementary service
The important supplementary services are
 Call reversing
 Call waiting
 Message handling
Broad band ISDN (B-ISDN)
B-ISDN is an extension of ISDN. This is used to do digital transmission service over a
broadband network consists of fiber optic or radio media. The data transfer rate is 600 Mbps. B-
ISDN, provides two types of services. They are
 Interactive services
 Distributive services
(i) Interactive services
This service provides two way data exchange between either two subscribers or
between a subscriber and service provider. The following are the different services.

Conversational -Telephone calls, video telephony, video conferencing etc.

Messaging - This service is bidirectional
Retrieval - To retrieve information from central source called
information center. Example - library etc.
(ii) Distributive service
This service is unidirectional and is sent from a provider to a subscriber. The
subscriber need not request for service. Example - Commercial TV program
UNIT –III
PART - A
1. Define TCP.
Transmission Control Protocol (TCP). TCP manages the grouping of data that are
transmitted in the form of packets over the internet.
2. What are the layers present in TCP/IP.
 Application layer
 Transport layer
 Internet layer
 Host to network layer
3. Define UDP.
User Datagram Protocol is a set of rules to send data between computers over internet.
This protocol needs no connection between the computers.
4. Define socket.
A socket is defined as a software on endpoints that establishes two way communication
between a server and one or more clients in a internet protocol based computer network.
5. What is IP address?
IP addresses are used to identify a computer or device called host connected to the
internet. Every host terminal has an IP address.
6. Define subnetting.
Subnetting is defined as a process by which a single network id can be sharedby more
numbers of networks. Each network is called a subnetwork.
7. Define supernetting.
Supernetting is also called as classless inter domain routing (CIDR). This is a method
used to combine (aggregate) multiple internet address of same class.
8. What is FTP?
The full form of FTP is File Transfer Protocol. This is a standard used to copy files from
one host to another through internet.

9. Define HTTP.
The full form of HTTP is Hyper Text Transfer Protocol. This is used to access data from
the World Wide Web. The client and server interaction can be established using HTTP.
PART – B
1. Explain connection oriented and connection less service.
 In connection oriented service, a physical connection must be established between the
sender and the receiver. Example- TCP
 Connection less service data packet are sent from the sender to the receiver without
establishing any physical connection.
2. Explain IGMP.
Internet group management protocol is an internet protocol used to enable
communication between a sender and multiple receivers on the network.
3. Explain ICMP.
Internet Control message Protocol. It will not carry any data but it contains the
following information about the status of the network.
4. Explain IPV6.
IP stands for Internet Protocol and V6 indicates version 6. This protocol routes data
packets between networks.IP addresses specify the location of the source and destination
computers.This address is a 128 bit number.This is represented by 8 groups of 16 bit
values.Each group is represented as a four hexa decimal digits separated by colon (:).
Example : 2001 : odb8 : 0000 : ff00 : 0042 : 8329 :000.
PART - C
1. Explain Transport Layer Protocol.
The transport layer protocol sits above the network or internet layer and just below
the application and other upper layer protocols. The general service provided by transport
layer protocol is the end-to-end transport of data from the sender to receiver and vice versa.
This protocol divides the sender information in to discreate message packets. Then it
delivers it to the receiver in the internet using a physical connection between them. At the
receiving end it reassembles the received message packets into original data. This also
controls the data flow between the sender and receiver.
The figure given below shows the position of transport layer in the four layer internet model.

As shown in the above figure the transport layer receives services from the network layer and
provides services to the application layer. The functions of the transport layer are
(i) Packetizing
This is a process of dividing a long message into smaller units called packets.
Headers are added in each packet. In the receiving side, the data packets are reassembled to
form the data string.
(ii) Connection control
This is responsible for establishing connection between the sender and the receiver.
This can be either connection oriented or connectionless.
(iii) Addressing
The client needs the address of the remote computer to complete the
communication. This addressing is implemented in the network layer.
(iv) Providing reliability
To gurantee the reliable delivery of data, acknowledgment and retransmission
timers are used. Each time the data is sent a timer is started. If the receiver receives the data
packet, it sends back the acknowledgment to the sender. If the sender wont receive the
acknowledgment packet with in the time, the data packet is retransmitted.
2. Explain VLSM .
The full form of VLSM is variable length subnet mask. It is a technique used by
network administrators to divide an 1P address space into subnets of different sizes, unlike
simple same-size subnetting. It means subnetting a subnet. This is done by varying the hosti id
party subnet mask of the IP address by borrowing bits from network part.
VLSM breaks down the IP addresses into multiple level and allocating it according to
the individual need of a network.

It can be a classless IP addressing or classful addressing. Where classful addressing

follows the general rules and has been proven less 1P address wastage.
Explanations
Consider a class C address. The subnet mask is 255.255.255.0.
The binary equivallent of 255.255.255.0 is 111111.11111111.11111111.00000000
The Network Id part contains 24 bits called mask and’ this can be written in the IP address as IP
address/24.
The host Id part of the subnet mask can be varied by borrowing bits from the network part to
create subnets of different size as shown in the table
Bits
Slash No. of hosts/
borrowed C-class subnet mask
notation subnet 2n -2
from host
0 255.255.255.0 /24 254
1 255.255.255.128 /25 126
3 255.255.255.192 /26 62
4 255.255.255.224 /27 30
5 255.255.255.240 /28 14
6 255.255.255.248 /29 6
7 255.255.255.252 /30 2
Example
Create 4 subnets of size 100, 50, 25 and 5 for a class C address 192.168.1.0/25
The table given below shows this
3.
Subnet No. of
Starting IP Ending IP
number hosts
1 192.168.1.1/25 192.168.1.100/25 100
2 192.168.1.128/26 192.168.1.178/26 50
3 192.168.1.192/27 192.168.1.21/27 25
4 192.168.1.224/29 192.168.1.228/29 5
4. Explain SMTP.
The full form of SMTP is simple mail transfer protocol. This gives the standards for e-
mail communication through internet. To communicate through e-mail an addressing system
is needed. The general form is
Localpart@domain name
Where

localpart - this part contains the name of the mail domain name box in the ISP
mail server.
In this the user mails are received and stored.
domain name - name of the mail server in which the user has mail account.
The figure given below shows the structure of e-mail communication.
The operation of SMTP starts from the sender of the mail. If an user wants to send a
mail, the SMTP pushes the mail to the receivers mail box even if the receiver does not want it. If
the receiver wants to read the mail, it uses a pull protocol namely POP or IMAP to access the
mail.
SMTP can send messages only in 7 bit ASCI[ format. The services offered to the users are
composing messages, reading messages, replaying messages, forwarding messages and
handling mail boxes.
5. Explain DNS.
The full form of DNS is Domain Name System. DNS is used to translate the domain
names to numerical IP address. Normally Internet resources in the web server are addressed
by a numeric address called IP address and it is very difficult to recognize. To solve this
difficulty domain names are used.
Domain names are defined as a easily recognizable names to numeric IP addresses.
The domain name system (DNS) translate the domain names to numerical IP address for
accessing the Internet resource.
Domain name consists of one or more parts called levels. The general form is
domainname.level1.level2.level3. . . . . . .
6.
Where
domain name - numeric equivalent to IP address
level1,Ievel2,level3 - domain levels. It is referred from right to left
- delimiter (dot).
The commonly used domain levels are
a. Gov - government agencies

b. corn - commercial business

c. org - organization (Non profit)
d. edu - educational institution
Example
(i) dtt.org
(ii) xyz.edu.jp
top level domain

middle level domain
UNIT – IV
PART - A
1. Define cryptography .
Cryptography is defined as a process of converting electronics messages called plain
text into unreadable form called cipher text and back to plain text.
2. Define digest function.
A digest function or hash function is a mathematical function. This is used to
convert the input message (digital data) of any length into another compressed message of
fixed length. The compressed message return by the hash function is called message digest
or hash value.
3. What is digital signature?
Digital signature is a digital code that can be attached to any electronically
transmitted message that uniquely identifies the sender. It is similar to written
signature.The purpose of a digital signature is to identify the individual sending the
message.
PART – B
1. Give the important needs for security.
 To protect the users secret information over the network from unauthorized access.
 To protect the information from unauthorized modification.
 To deliver the information to the correct destination.
 To protect the information from unwanted delay in delivery.
 To protect the information from virus and worms

PART – C
1. Explain attacks.
An attack is an act that is an intentional or unintentional attempt to cause damage to
system or information. They are two types of attacks. They are
(i) Passive attack
(ii) Active attack
(i) Passive attack
Passive attack is a network attack in which the attacker monitors the data transmission.
This kind of attackers does not attempt to modify the data. Passive attacks are very difficult to
find out. The different types of passive attacks are
(a) Traffic analysis
In this type of attack the attacker tries to sense the communication path between the
sender and receiver. Using this the attacker found the amount of data communicated
between the sender and receiver. There is no alteration of data.
(b) Eavesdropping
In this type of attack, the attackers find out some secret information from
communication. This type of attack happened in mobile ad-hoc network.
(c) Monitoring
In this type of attack , the attacker see the confidential data , but it will not be
modified.
(ii) Active Attack
Active attack is a network attack in which the attacker monitors the data communication
and alters the data. These attackers can be in the form of interruption, modification and
fabrication. The different types of active attacks are
(a) Denial of service(DOS)
In this type of attack, the attacker sends a large number of unwanted information requests
to the target system. So that it can’t handle all. This makes the target system busy.
Therefore requests from valid users cannot be serviced. This leads to system crash.
(b) Modification
In this type of attack , the attacker generates a modification in the routing table.This
makes the sender to send the message over long route . This creates time delay and
communication delay between sender and receiver.
(c) Fabrication
In this type of attack, the attacker generates a false routing message. This crates false route
between devices in the network.

(d) Spoofing
In this type of attack, the attacker miss-present his identity as an original system. By this
the attacker steal data , spread malware and launch attacks against systems.
(e) Wormhole
In this type of attack , the attacker receives data packet addressed to receiver and
tunnels(Send) it to another malicious node in the network. The user of the network thinks
that he is sending the data packets in shortest path.
Security Services
Security services are used to manage or counter the security attacks on the network.
Some of the important services are,
(i) Authentication
This service gives the assurance that the communicating devices are valid to the
network
(ii) Access Control
This service is used to prevent unauthorized use resource.
(iii) Data Confidentiality
This service is used to protect the data from unauthorized access. This has four
specific services namely
 Connection Confidentiality
 Connectionless Confidentiality
 Selective field Confidentiality
 Traffic flow Confidentiality
(iv) Data Integrity
This service is used to protect the data from unauthorized modification during
transmission.
(v) Non-repudiation
This service provides protection against denial of the data sent by one of the
entities involved in communication.
Security Mechanism
Security mechanisms are used to implement the security services. Some of important
security mechanisms are
(i) Encipherment
This mechanism is used to provide data confidentiality service. This is achieved
by transforming the data in the forms that are not readable to unauthorized users.
(ii) Digital Signature

This mechanism is used to provide authenticity over the data sent. By verifying
the signature the receiver believes that the data was sent by a known sender.
(iii) Access Control
This mechanism is used to provide access control services. The different access
control mechanisms are
 Password or PIN
 Fingerprint verification etc.
(iv) Traffic padding
This mechanism is used to provide protection from traffic analysis attacks.
(v) Routing Control
This mechanism is used to select a physically secure route from the specific
routes for data packets when a security threat is suspected.
UNIT – V
PART - A
1. What is hacking?
Hacking is defined as a process of modifying or altering hardware and software of the
computers connected over network without the knowledge of the valid user. Hacking alters
the normal functionality of the computer system. The person involved in hacking activity is
called hacker.
2. Define intruder.
An intruder is a person who attempts to gain unauthorized access to a system. This is
to damage or to disturb data on the system.
3. What is eaves dropping?

Eaves dropping is defined as an unauthorized real-time access to communication
over computer network by unauthorized users.
PART - B
1. Write short note on virus .
The full form of virus is vital information resources under siege. It is a man-made
computer program. It infects a file or a program on computers. When the infected files or
programs are executed it spreads itself by infecting other programs on the same computer. The
following are the important damages caused by viruses.
i. It damage data or software on the computer.
ii. It deletes some or all files on the computer.

iii. It can destroy all the data by formatting hard drive.

iv. It displays false message.
v. The computer system gets slowed down.
2. Give the limitations of firewalls.
Some important limitations of firewall are
i. Firewall cannot resist the attacks which don’t pass through it.
ii. It firewall is not configured correctly, then the risk will be maximized.
iii. Firewall can’t protect the system from malicious code.
iv. Normally firewall don’t encrypt e-mail messages or confidential documents
which are sent or received.
v. Firewall works based on the set of rules and criteria mentioned by the
management during the planning of security policy.
vi. Firewall can’t give 1 00% security to the system.
PART - C
1. Describe the types of firewall.
A firewall is a network security system used to control incoming and outgoing network
traffic based on a set of rules. This acts as a barrier between a trusted network such as LAN and
a untrusted network such as Internet. The figure given below shows the structure.
Firewalls can be
implemented in both hardware and software or a combination of both. But the ideal firewall will
consists of both.
Types of firewalls
The important types of firewalls are,
i. Packet filtering firewall
ii. Application gateway firewall
(i)Packet filtering firewall
A packet filtering firewall examines each data packet and tests the packets according to
a set of rules. If the packet does not meet the rules, the packets will not be allowed. This firewall
is configured to screen packets based on TCP and UDP port numbers. Using the user implement

rules that tell the firewall to permit particular type of connection. Normally firewall is
configured to filter packets going in both directions.
Packet filters work by inspecting the source IP address, destination IP address and the
information about the port the connection is using. There are two types of packet filtering. They
are,
i. Stateless packet filtering
ii. Stateful packet filtering
In stateless packet filtering, the information about the packets passing are not
remembered by the firewalls. These firewalls can be easily fooled by the hackers.
In stateful packet filtering, the information about the packets passing are remembered
by the firewalls. These firewalls cannot be fooled by hackers.
(ii) Application gateways
Application gateway or application level gateway is a firewall proxy which gives
network security. The figure given below shows the structure.
As shown in the above figure, application gateway is an application program that runs
on a firewall system between two networks. When a client establishes a connection to a
destination, it connects to the application gateway or proxy. The proxy examine and filter
individual packets. Application specific proxies check the content of each packet and filter
particular kind of information and then it is connected to the destination.
This creates two connections one between client and the proxy server and one between
the proxy server and destination.

CNS Notes (Unit 1-5 English)

Uploaded by

Copyright:

Available Formats

CNS Notes (Unit 1-5 English)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CNS Notes (Unit 1-5 English)

Uploaded by

Copyright:

Available Formats

Computer Networks and Security

Computer Engineering Page 1

2. Discuss Wide area network (WAN)

Computer Engineering Page 2

 It can be used by all types of users.

4. Discuss about Low orbit satellite( LOS)

Computer Engineering Page 3

Computer Engineering Page 4

Computer Engineering Page 5

 There are five levels of data cabling

Computer Engineering Page 6

 Short distance due to attenuation

 IBM has defined category for STP cable.

Computer Engineering Page 7

Computer Engineering Page 8

Computer Engineering Page 9

2. Explain packet switching and Message switching.

Computer Engineering Page 10

Computer Engineering Page 11

(ii) Message switching

Computer Engineering Page 12

3. Explain ISDN and explain its services.

Computer Engineering Page 13

Computer Engineering Page 14

Conversational -Telephone calls, video telephony, video conferencing etc.

Computer Engineering Page 15

Computer Engineering Page 16

Computer Engineering Page 17

It can be a classless IP addressing or classful addressing. Where classful addressing

Computer Engineering Page 18

Computer Engineering Page 19

b. corn - commercial business

top level domain

Computer Engineering Page 20

Computer Engineering Page 21

Computer Engineering Page 22

3. What is eaves dropping?

Computer Engineering Page 23

iii. It can destroy all the data by formatting hard drive.

Computer Engineering Page 24

Computer Engineering Page 25

You might also like