EC3401 Networks Security Department of ECE 2022-2023

EC3401 NETWORKS AND SECURITY

UNIT I NETWORK MODELS AND DATALINK LAYER

Overview of Networks and its Attributes – Network Models – OSI, TCP/IP, Addressing – Introduction to
Datalink Layer – Error Detection and Correction – Ethernet (802.3)- Wireless LAN – IEEE 802.11,
Bluetooth – Flow and Error Control Protocols – HDLC – PPP.
UNIT-I / PART-A CO.1
1. Compare LAN and WAN.
LAN WAN
Scope of Local Area Network is restricted Scope of Wide Area Network spans over
to a small/ single building large geographical area country/ Continent
LAN is owned by some organization. A part of n/w asserts are owned or not owned.
Data rate of LAN 10-100mbps. Data rate of WAN is Gigabyte.
2. Define Full Duplex and simplex transmission system.
With Full duplex transmission, two stations can simultaneously send and receive data from each
other. This mode is known as two-way simultaneous. The signals are transmitted in only one
direction. One is the sender and another is the receiver.
3. Why sliding window flow control is more efficient than stop and wait flow control?
In sliding window flow control, the transmission link is treated as a pipeline that may be filled with
frames in transit. But with stop-and-wait flow control only one frame may be in the pipe at a time.
4. What is OSI?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over
a network. It is partitioned into seven layers. It was developed by the International Organization for
Standardization (ISO).
5. What is a protocol? What are the key elements of a protocol?
Protocol is used for communications between entities in a system and must speak the same
language. Protocol is the set of rules governing the exchange of data between two entities. It defines
what is communicated, how it is communicated, when it is communicated. The Key elements of a
Protocol are as follows,
 Syntax – It refers to the structure of data meaning the order in which they are presented.
 Semantics – It refers to the meaning of each section of bit. How to do interpretation.
 Timing – When data should be sent and how fast they can be sent.
6. What are the uses of transport layer?
 Reliable data exchange
 Independent of network being used
 Independent of application
7. What is Protocol Data Unit (PDU)?
At each layer, protocols are used to communicate and Control information is added to user data at
each layer. Transport layer may fragment user data. Each fragment has a transport header added and
header consists of destination SAP, sequence number and error detection code.
8. What are the uses of internet layer in TCP/IP?
 Systems may be attached to different networks
 Routing functions across multiple networks
 Implemented in end systems and routers
9. What is a layered Network Architecture?
 A layer is created when a different level of abstraction occurs at protocol. Each layer should
perform a well-defined function.
 Function of each layer should be chosen using internationality standardized protocols.
Jayaraj Annapackiam CSI College of Engineering 1
 EC3401 Networks Security Department of ECE 2022-2023

 A set of layers and protocol is called network architecture. A list of protocols used by a system
is called protocol stack.
10. Compare OSI and TCP.
Open System Interconnection Transmission Control Protocol
It distinguishes between Service, It does not distinguish between Service,
Interface, Protocol Interface, Protocol
Protocols are well hidden Protocols are not just hidden
Dejure standard Fit Model Defacto standard Fit Model
In transport layer only connection- In Transport layer choice is for connection
oriented services are available oriented and connectionless
Contains 7 layers Contains 5 layers
11. How do layers of the internet model correlate to the layers of the OSI model?
OSI TCP/IP
Physical Layer Physical Layer
Data Link Layer Network Access Layer
Network Layer IP Layer
Transport Layer TCP Layer
Session Layer Application Layer
12. What is the use of data link layer in OSI?
Frame synchronization: Data is divided by data link layer as frames, a manageable unit.
Flow Control: Sending station does not overwhelm receiving station.
Error Control: Any error in bits must be detected and corrected using some mechanism.
Addressing: Two stations in a multi-point that involved in transmission must be specified using
physical address
Access Control: When two or more devices are connected to the same link, Access control
mechanism is needed to determine which device has control over the link at any given time.
13. Why is flow control and error control duplicated in different layers?
Like the data link layer, the transport layer is responsible for flow and error control. Flow control
and error control at data link layer is node-to-node level. But at transport layer, flow control and
error control is performed end-end rather than across a single link.
14. What are the functions of physical layer and presentation layer?
Functions of Physical Layer-
 Encoding/ decoding of signals
 Preamble generation/removal (for synchronization)
 Bit transmission/ reception
Functions of Presentation Layer-
 Translation, Encryption / Decryption, Authentication and Compression
15. What do you mean by Flow Control?
Flow control is a technique for assuring that a transmitting entity does not overwhelm a receiving
entity with data. It is a feedback mechanism by which the receiver is able to regulate the sender.
Such a mechanism is used to keep the sender from overrunning the receiver, i.e., from transmitting
more data than the receiver can process
16. Define error detection and correction. (Nov 2011)
Error detection: Sender transmits every data unit twice. Receiver performs bit-by-bit comparison
between those two versions of data. Any mismatch would indicate an error, which needs error
correction. Error Correction is the process or analyzing and rectifying the errors and the code
17. What are the functions of Application Layer? (May 2011)
It enables the user (human/software) to access the network. It provides user interfaces and support
for services such as electronic mail, remote file access and transfer, shared database management
Jayaraj Annapackiam CSI College of Engineering 2
 EC3401 Networks Security Department of ECE 2022-2023

and other types of distributed information services. Services provided by the application layer are
Network Virtual terminal, File transfer, and management. Mail services, Directory services.
18. What do you mean by error control? (Nov 2010, May 2015)
Error control refers to mechanism to detect and correct errors that occur in the transmission of
frames.
19. What are the major duties of Network Layer? (May 2012)
It is used to send the data from source to destination with help of logical address.
20. What are the two types of errors occurred during data transmission? (May 2012)
Single bit error and burst error
21. Define networks. (Nov 2012)
A computer network is a group of computer systems and other computing hardware devices that are
linked together through communication channels to facilitate communication and resource-sharing
among a wide range of users. Networks are commonly categorized based on their characteristics.
22. Write the parameters used to measure network performance. (May 2016)
Latency, Throughput, Delay and Bandwidth.
23. Compare error detection and correction. (Nov 2012)
Error Detection Error Correction
Only the occurrence of an error is checked The exact number of bit that are corrupted
and location of error in the message are
known.
24. What do you meant by framing? (Nov 2013 and Nov 2014)
The data link layer divides the stream of bits received from the network layer into manageable data
units called frames. The ways to address the framing problem are
 Byte-Oriented Protocols (PPP),
 Bit-Oriented Protocols (HDLC)
 Clock-Based Framing (SONET)
25. What is the purpose of layering? (May 2013)
 It decomposes the problem of building a network into more manageable components.
 It provides a more modular design.
26. List the services provided by data link layer.(Nov 2016)
The three major types of services offered by data link layer are:
1. Unacknowledged connectionless service 2. Acknowledged connectionless service.
3. Acknowledged connection-oriented service.
27. Write the mechanism of stop and wait protocol. (Nov 2016)
In this method of flow control, the sender sends a single frame to receiver & waits for an
acknowledgment. The next frame is sent by sender only when acknowledgment of previous frame is
received. This process of sending a frame & waiting for an acknowledgment continues as long as
the sender has data to send. To end up the transmission sender transmits end of transmission (EOT)
28. Give the format of Ethernet format. (Dec 2017)
Preamble Dest addr Src addr Type Body CRC
64 48 48 16 (variable length) 32
UNIT-I / PART-B CO.1
1. Explain in detail the method of error detection and error correction

2. Explain in detail about: (i) HDLC (ii) PPP

3. Explain in detail about internet architecture

Jayaraj Annapackiam CSI College of Engineering 3
 EC3401 Networks Security Department of ECE 2022-2023

4. Discuss in detail about the layers in OSI model.

5. Explain the various flow control mechanisms.

6. The message 11001001 is to be transmitted, using CRC error detection algorithm. Assuming the
CRC polynomial to be x3+1, determine the message that should be transmitted. If the second left
most bit is corrupted, show that it is detected by the receiver
7. Given a remainder of 111, a data unit of 10110011 and a divisor of 1001, is there an error in the data
unit. Justify your answer with necessary principles.
8. Obtain the 4-bit CRC code for the data bit sequence 10011011100 using the polynomial x4 +
x2 + 1.
9. Describe the architecture and protocol stack of Bluetooth technology.

10. Explain in detail about the IEEE 802.11 protocol architecture, explain the physical layer and MAC
layer
11. Explain sliding window flow control and stop and wait flow control in detail

12. Discuss in detail about the network performance measures and selective-repeat ARQ flow
control method.
UNIT II NETWORK LAYER PROTOCOLS
Network Layer – IPv4 Addressing – Network Layer Protocols (IP, ICMP and Mobile IP) Unicast and
Multicast Routing – Intradomain and Interdomain Routing Protocols – IPv6 Addresses – IPv6 –
Datagram Format - Transition from IPv4 to IPv6.
UNIT-II / PART-A CO.2
1. What is meant by ICMP? (May 2016)
ICMP stands for Internet Control Message Protocol. It is a supporting protocol in the Internet
protocol suite. It is used by network devices, including routers, to send error messages and
operational information indicating, for example, that a requested service is not available or that a
host or router could not be reached.
2. List out the functions of IP.
 IP stands for Internet Protocol. It performs routing function and finds a path from source to
destination. IP includes a set of rules that provides unreliable, best-effort, connectionless packet
delivery services.
 Unreliable – delivery is not guaranteed,
 Connectionless – each packet is treated independent from others,
 Best-effort delivery – it makes an earnest attempt to deliver packets. It defines basic unit of
data transfer through TCP/IP.
3. What is the network address in a class A subnet with the IP address of one of the hosts as
25.34.12.56 and mask 255.255.0.0? (May 2014)
IP Address - 25.34.12.56
Mask - 255.255.0.0
Network Address - 25.34.0.0
4. When is ICMP redirect message used?(May 2017)
An ICMP redirect is an error message sent by a router to the sender of an IP packet
Jayaraj Annapackiam CSI College of Engineering 4
 EC3401 Networks Security Department of ECE 2022-2023

Redirects are used when a router believes a packet is being routed sub optimally and it would like to
inform the sending host that it should forward subsequently packets to that same destination through
a different gateway.
5. What details are provided by DHCP other than IP address? (NOV 2018)
The DHCP server manages a pool of IP addresses and information about client configuration
parameters such as default gateway, domain name, the name servers, and time servers
6. List the difference between Packet Switching and Circuit Switching. (May14,May 17)
Issue Packet switching Circuit Switching
Circuit setup Not Required Required
Transmission path No Transmission path Dedicated path
Addressing Each packet contains the full Only data is sent
source and destination address
Bandwidth Dynamic Bandwidth Fixed Bandwidth
Routing Each packet is routed Entire data is sent through the same
independently path
Congestion control Difficult Easy if enough buffers can be located
in advance for each VC set up
7. Differentiate Physical Address and Logical Address.

Physical Address Logical Address

It is implemented by data link layer It is implemented by n/w layer
It contains 48 bits It contains 32 bits
It is a local addressing system It is an universal address system
Another name is MAC address Another name is IP address
It is flat in nature Hierarchical in nature
Does not give any clue for routing Its structure gives clue for routing
8. Define ARP. (Nov 2015)
ARP stands for Address Resolution Protocol. It is used to find the physical address of the node
when its Internet address is known. Any time a host/router needs to find the physical address of
another host on its network, it formats an ARP query packet that includes the IP address and
broadcasts it. All hosts in the network process the ARP packet but only the required station sends
back physical address
9. Define RARP.
RARP stands for Reverse Address Resolution Protocol. It allows a host to discover its internet
address when it knows only its physical address (a diskless computer). The host wishing to retrieve
its internet address broadcasts an RARP query packet that contains its physical address to every host
on its physical network
10. Define routing. (Nov 2012, Nov 2015)
Routing is a process which is performed by layer 3 (or network layer) devices in order to deliver
the packet by choosing an optimal path from one network to another
11. Write on the packet cost referred in distance vector and link state routing. (May 2012)
In distance vector routing, cost refer to hop count while in case of link state routing, cost is a
weighted value based on a variety of factors such as security, traffic, or the state of the link.
12. What is source routing? (Nov 2013)
A sender of a packet to partially or completely specify the route the packet takes through the
network.
13. What is the function of a router? (Nov 2010)
The main purpose of a router is to connect multiple networks and forward packets destined either
for its own networks or other networks. It has to determine the best possible transmission path
Jayaraj Annapackiam CSI College of Engineering 5
 EC3401 Networks Security Department of ECE 2022-2023

among several available paths.

14. Write the difference between Distance vector routing and Link state routing.
Distance Vector Routing Link state routing
Basic idea is each node sends its knowledge Basic idea is every node sends its
about the entire network to its neighbors. knowledge about its neighbors to the entire
network
It is dynamic routing It is dynamic routing
RIP uses Distance vector routing OSPF uses link state routing
15. Identify the class of the following IP Address: (Nov /Dec2015)
(a) 110.34.56.45
(b) 212.208.63.23
(a) 110.34.56.45 – Class A
(b) 212.208.63.23- Class C
16. Define MTU.
A maximum transmission unit (MTU) is the largest size packet or frame, specified in octets (eight-
bit bytes), that can be sent in a packet- or frame-based network such as the Internet. The Internet's
Transmission Control Protocol (TCP) uses the MTU to determine the maximum size of each packet
in any transmission
17. What does Border Gateway Protocol (BGP) mean? (Dec 2017)
Border Gateway Protocol (BGP) is a routing protocol used to transfer data and information between
different host gateways, the Internet or autonomous systems. BGP is a Path Vector Protocol (PVP),
which maintains paths to different hosts, networks and gateway routers and determines the routing
decision based on that. It does not use Interior Gateway Protocol (IGP) metrics for routing
decisions, but only decides the route based on path, network policies and rule sets. Sometimes, BGP
is described as a reach ability protocol rather than a routing protocol.
18. Explain IPV6 protocol.
IPv6 (Internet Protocol version 6) is a set of basics of IPv6 are similar to those of IPv4. The most
obvious improvement in IPv6 over IPv4 is that IP addresses are lengthened from 32 bits to 128 bits.
IPv6 also supports auto-configuration to help correct most of the shortcomings in version 4, and it
has integrated security and mobility features.
19. What is RIP?
RIP (Routing Information Protocol) is a widely-used protocol for managing router information
within a self-contained network such as a corporate local area network or an interconnected group
of such LANs. Using RIP, a gateway host (with a router) sends its entire routing table (which lists
all the other hosts it knows about) to its closest neighbor host every 30 seconds.
20. Explain about OSPF. (May 2018)
OSPF (Open Shortest Path First) is a router protocol used within larger autonomous
system networks in preference to the Routing Information Protocol (RIP), an older routing protocol
that is installed in many of today's corporate networks.Using OSPF, a host that obtains a change to a
routing table or detects a change in the network immediately multicasts the information to all
other hosts in the network so that all will have the same routing table information.
21. Explain Multicast routing? (May 2018)
Multicast IP Routing protocols are used to distribute data (for example, audio/video streaming
broadcasts) to multiple recipients. Using multicast, a source can send a single copy of data to a
single multicast address, which is then distributed to an entire group of recipients.
22. What is PIM?
Protocol-Independent Multicast (PIM) is a family of multicast routing protocols for Internet
Protocol (IP) networks that provide one-to-many and many-to-many distribution of data over
a LAN, WAN or the Internet. It is termed protocol-independent because PIM does not include its
Jayaraj Annapackiam CSI College of Engineering 6
 EC3401 Networks Security Department of ECE 2022-2023

own topology discovery mechanism, but instead uses routing information supplied by other routing
protocols.
There are four variants of PIM:
 PIM Source-Specific Multicast
 Bidirectional PIM
 PIM Dense Mode
 PIM Sparse Mode
23. What is DVMRP?
The Distance Vector Multicast Routing Protocol (DVMRP), is a routing protocol used to share
information between routers to facilitate the transportation of IP multicast packets among networks.
The protocol is based on the RIP protocol. The router generates a routing table with the multicast
group of which it has knowledge with corresponding distances. When a multicast packet is received
by a router, it is forwarded by the router's interfaces specified in the routing table.
24. What are the differences between IPV4 and IPV6?
IPV4 IPV6
A 32-bit numeric address in IPv4 is written IPv6 addresses are 128-bit IP address
in decimal as four numbers separated by written in hexadecimal and separated by
periods. Each number can be zero to 255. colons.
For example, 1.160.10.240 could be an IP An example IPv6 address could be written
address. like
this: 3ffe:1900:4545:3:200:f8ff:fe21:67cf
Checksum field is available in IPv4 header No checksum field in IPv6 header.
25. Give the comparison of unicast, multicast and broadcast routing. (Nov16,May17)

S.No Unicast Multicast Broadcast

1. One source and one One source and group of One source and all destinations
destination destinations
2. Relationship is one to Relationship is one to many Relationship is one to all
one
26. Check whether the following IPv6 address notations are correct? (NOV 2018)
a) ::0F53:6382:AB00:67DB:BB27:7332 - Incorrect
b) 7803:42F2:::88EC:D4BA:B75D:11CD - Incorrect
27. Why is IPv4 to IPv6 transition required? (May 2017)
The migration from IPv4 to IPv6 must be implemented node by node by using auto configuration
procedures to eliminate the need to configure IPv6 hosts manually. This way, users can immediately
benefit from the many advantages of IPv6 while maintaining the possibility of communicating with
IPv4 users. The advantages are More Efficient Routing, More Efficient Packet Processing, Directed
Data Flows, security.
28. What are the metrics used by routing protocols? (May 2015)
Metrics used by routing protocols are Hop count, Link cost , Delay , Bandwidth
UNIT-II / PART-B CO.2
1. What is the need for ICMP? Mention ICMP MESSAGES and their purpose.

2. Briefly explain the Border Gateway Protocol used for Inter domain routing in internetwork. (NOV
2018)
3. Explain in detail about IP v4 addressing methods. (Nov 2012).

Jayaraj Annapackiam CSI College of Engineering 7

 EC3401 Networks Security Department of ECE 2022-2023

4. Explain about IPV6. Compare IPV4 and IPV6. (May 2016) (May 2018)

5. Explain the Routing Information protocol/Distance vector routing in detail. (Nov 2013) (May 2018)

6. Explain the shortest path algorithm with suitable illustrations. (May 2015)

7. Explain in detail the operation of OSPF protocol by considering a suitable network.(Nov

2016May 2017)
8. Outline the need of Distance Vector Multicasting Routing Protocol (May 18, Nov 2018)

9. i) Explain the link-state algorithm in details.

ii) Consider the network shown in Fig. Compute the shortest path from C to all other nodes using
link-state algorithm. Also update the forwarding table of node C. (NOV 2018)

10. For the network given in Figure 1, give global distance – vector tables when
(i) Each node knows only the distance to its immediate neighbours.
(ii) Each node has reported the information it had in the preceding step to its immediate neighbors
(iii) Step (ii) happens a second time. (Dec 2017)

11. Explain details about Transition from IPv4 to IPv6.

12. Explain working of Protocol Independent Multicast (PIM) in detail

UNIT III TRANSPORT AND APPLICATION LAYERS

Transport Layer Protocols – UDP and TCP Connection and State Transition Diagram - Congestion
Control and Avoidance (DEC bit, RED)- QoS - Application Layer Paradigms – Client – Server
Programming – Domain Name System – World Wide Web, HTTP, Electronic Mail
UNIT-III / PART-A CO.3
1. What are the services provided by Transport layer protocol. (May 2018)
Transport layer protocol provides
 Connection oriented services
 Reliable service by using Error Control and Flow Control.
 Multiplexing: Transport layer performs multiplexing/demultiplexing function. Multiple
applications employ same transport protocol, but use different port number. According to
lower layer n/w protocol, it does upward multiplex or downward multiplexing.
2. Mention the various adaptive retransmission policy of TCP.
 Simple average
Jayaraj Annapackiam CSI College of Engineering 8
 EC3401 Networks Security Department of ECE 2022-2023

 Exponential / weighted average

 Exponential RTT backoff
 Jacobson’s Algorithm
3. Define congestion. (Nov 2011)
Congestion in a network occurs if user sends data into the network at a rate greater than that
allowed by network resources. Any given node has a few I/O ports attached to it. There are two
buffers at each port. One to accept arriving packets and another one to hold packets that are waiting
to depart. If packets arrive too fast to the node than to process them or faster than packets can be
cleared from the outgoing buffers, then there will be no empty buffer.
4. Give the datagram format of UDP?
The basic idea of UDP is for a source process to send a message to a port and for the destination
process to receive the message from a port.
Source Port Address 16 bits Destination Port Address 16 bits
Total Length 16 bits Checksum 16 bits
 Source port address: Address of the application program that has created the message.
 Destination port address: Address of the application program that will receive the message.
 Total Length: It defines the total length of the user datagram in bytes.
 Checksum: It is a 16 bit field used in error correction.
5. What is the main difference between TCP & UDP? (Nov 2014,Nov 2016)
TCP UDP
It provides Connection oriented service Provides connectionless service.
Connection Establishment delay will be there No connection establishment delay
Provides reliable service Provides unreliable, but fast service
It is used by FTP, SMTP It is used by DNS, SNMP, audio, video and
multimedia applications.
6. What are the advantages of using UDP over TCP? (Nov 2010)
UDP is very useful for audio or video delivery which does not need acknowledgement. It is useful
in the transmission of multimedia data. Connection Establishment delay will occur in TCP.
7. What is TCP? (Nov 2011)
Transmission Control Protocol provides Connection oriented and reliable services. TCP
guarantees the reliable, in order delivery of a stream of bytes. It is a full-duplex protocol, meaning
that each TCP connection supports a pair of byte streams, one flowing in each direction. It is used
by FTP, SMTP. The different phases in TCP state machine are Connection Establishment, Data
transfer and Connection Release. TCP services to provide reliable communication are Error control,
Flow control, Connection control and Congestion control.
8. Name the policies that can prevent (avoid) congestion.
DEC (Digital Equipment Corporation) bit, Random Early Detection (RED) and Source based
congestion avoidance. The congestion may be avoided by two bits:
BECN - Backward Explicit Congestion Notification, FECN - Forward Explicit Congestion
Notification.
9. List out various congestion control techniques.
Various congestion control techniques are AIMD (Additive Increase Multiplicative Decrease), Slow
start Fast retransmit/Recovery.
10. What are the two categories of QoS attributes? (May 2015)
User Oriented and Network Oriented.
User related attributes are SCR – Sustainable Cell Rate, PCR – Peak Cell Rate, MCR- Minimum
Cell Rate , CVDT – Cell Variation Delay Tolerance.
The network related attributes are, Cell loss ratio (CLR), Cell transfer delay (CTD), Cell delay
variation (CDV), Cell error ratio (CER).
Jayaraj Annapackiam CSI College of Engineering 9
 EC3401 Networks Security Department of ECE 2022-2023

11. Define congestion control. (May 2018)

Congestion control is the process of preventing the source from sending data that will end up getting
dropped by a router because its queue is full.
12. What is meant by slow start in TCP congestion? (May 2016)
TCP Slow Start is part of the congestion control algorithms to help control the amount of data
flowing through to a network. It balances the speed of a network connection. Slow start gradually
increases the amount of data transmitted until it finds the network’s maximum carrying capacity.
13. What is UDP?
It stands for User Datagram Protocol. It is part of the TCP/IP suite of protocols used for data
transferring. UDP is a known as a "stateless" protocol, meaning it doesn't acknowledge that the
packets being sent, have been received.
14. List the different phases used in TCP Connection. (May 2016)
Three phases used in TCP Connection are 1. Connection establishment 2. Data transfer
3. Connection termination

15. Compare flow control versus congestion control. (Nov 2015, Dec 17)
Congestion Control Flow Control
 Congestion control means preventing the source  Flow control means preventing the source from
from sending data that will end up getting sending data that the receiver will end up
dropped by a router because its queue is full. dropping because it runs out of buffer space.
congestion control is concerned with how hosts  It is an end to an end issue
and networks interact
 This is more complicated, because packets from This is fairly easy with a sliding window
different sources travelling different paths can protocol
converge on the same queue.
Techniques Techniques
 AIMD (Additive Increase Multiplicative  Stop and wait
Decrease)  Sliding window
 Slow start
 Fast retransmit/Recovery.
16. How do fast retransmit mechanism of TCP works. (May 2017)
In TCP/IP, fast retransmit and recovery (FRR) is a congestion control algorithm that makes it
possible to quickly recover lost data packets. With FRR, if a receiver receives a data segment that is
out of order, it immediately sends a duplicate acknowledgement to the sender. If the sender receives
three duplicate acknowledgements, it assumes that the data segment indicated by the
acknowledgements is lost and immediately retransmits the lost segment.
17. Suppose TCP operates over 10-Gbps link. Assuming TCP could utilize the full bandwidth
continuously, how long would it take the sequence numbers to wrap around completely? Is the
sequence number space adequate? (NOV 2018)
The minimum packet size is 40 bytes.
2^32 packets * 320 bits per packet = 1.4 * 10^12 bits
1.4 * 10^12 bits / 1 * 10^10 bits per second = 1.4 * 10^2 seconds About 2.3 minutes.
18. Define QoS. (May 2012, Nov 2014, May 2015, Nov 2015 ,NOV 2018)
The quality of service defines a set of attributes related to the performance of the connection. For
each connection, the user can request a particular attribute each service class is associated with a set
of attributes. The attributes are-Bandwidth, Latency or Delay, Jitter, Packet loss ratio.
19. What is DNS? (May 2018)
Domain Name System converts domain names into IP addresses so browsers can load Internet
resources. It is mainly used for a memorable way of identifying hosts because IP numbers uniquely
identify hosts on the Internet but are difficult to remember.. A DNS Resolver is responsible for
making requests of the local DNS server on behalf of clients
Jayaraj Annapackiam CSI College of Engineering 10
 EC3401 Networks Security Department of ECE 2022-2023

20. What is WWW and SMTP? (Nov 2010,May 2014, May 2015)
World Wide Web is an internet application that allows user to view pages and move from one web
page to another. It helps to store and share data across varied distances. The TCP/IP protocol that
supports electronic mail on the Internet is called Simple Mail Transfer (SMTP). It is a system for
sending messages to other computer users based on e-mail addresses. SMTP provides mail
exchange between users on the same or different computers.
21. What is PGP? (Nov 2010, May 2012,May 2014) Pretty
Good Privacy (PGP) is used to provide security for electronic mail. It provides authentication,
confidentiality, data integrity, and non repudiation. It is a program using public key encryption
popularly used with email.
22. Present the information contained in a DNS resource record.(May 2017)
Resource Records define data types in the Domain Name System (DNS).Resource
Records identified by RFC 1035 are stored in binary format internally for use by DNSsoftware.
But resource records are sent across a network in text format while they perform zone transfers.
23. What is the use of MIME Extension?(Nov 2014)
Multipurpose Internet Mail Extensions (MIME) is a supplementary protocol that allows non-
ASCII data to be sent through SMTP. MIME transforms non-ASCII data at the sender site to NVT
ASCII data and deliverers it to the client SMTP to be sent through the Internet. MIME converts
binary files, executed files into text files. Then only it can be transmitted using SMTP.
24. What is POP3?(Nov 2016)
POP3 (Post Office Protocol 3) is the most recent version of a standard protocol for receiving e-mail.
POP3 is a client/server protocol in which e-mail is received and held for you by your Internet
server.
25. What is IMAP?
Internet Message Access Protocol (IMAP) is a standard protocol for accessing e-mail from your
local server. IMAP is a client/server protocol in which e-mail is received and held for you by your
Internet server. IMAP can be thought of as a remote file server. POP3 can be thought of as a "store-
and-forward" service.
26. Mention the different levels in domain name space. (May 2012,16)
Domain name space is divided into three different sections: generic domains, country domains &
inverse domain.
 Generic domain: Define registered hosts according to their generic behavior, uses generic
suffixes.
 Country domain: Uses two characters to identify a country as the last suffix.
 Inverse domain: Finds the domain name given the IP address.
27. State the usage of conditional get in HTTP.(May 2017)
A conditional GET is an HTTP GET request that may return an HTTP 304 response. An HTTP 304
response indicates that the resource has not been modified since the previous GET, and so the
resource is not returned to the client in such a response.
28. Write short notes on Email.
E-mail (electronic mail) is the exchange of computer-stored messages by telecommunication. Email
messages are usually encoded in ASCII text. The architecture of the email system consists of two
kinds of subsystems: the user agents, which allow people to read and send email, and the message
transfer agents, which move the messages from the source to the destination.
29. Consider an HTTP client that wants to retrieve a Web document at a given URL. The IP
address of the HTTP server is initially unknown. What transport and application layer
protocols are needed in this scenario? (NOV 2018)
Application layer protocol: DNS and HTTP
Transport layer protocol : UDP for DNS and TCP for HTTP
30. Write the use of Hyper Text Transfer Protocol (HTTP). (Dec2017, May 2018))
The browser uses HTTP, which is carried over TCP/IP to communicate to the server and retrieve
Web content for the user. HTTP is a widely used protocol and has been rapidly adopted over the
Internet because of its simplicity. It is a stateless and connectionless protocol.
PART-B CO.3
1. What is meant by QoS in networking? State the techniques to improve QoS. (May 2012)
Jayaraj Annapackiam CSI College of Engineering 11
 EC3401 Networks Security Department of ECE 2022-2023

2. Why does TCP uses adaptive retransmission and describe its mechanism.(Nov/Dec 2013)

3. Write Short notes on i) DNS ii) WWW iii) HTTP iv) E-Mail

4. Define UDP. Discuss the operations of UDP. Explain UDP checksum with one example. (May
2016)
5. With TCPs slow start and AIMD for congestion control, show how the window size will vary for
transmission where every 5th packet is lost. Assume an advertised window size of 50 MSS. (May
2017)
6. Explain congestion avoidance using random early detection in transport layer with an
example(May 2017)
7. i) Draw a TCP state transition diagram for connection management. (7) (Dec2017)
ii) Brief about approaches used for TCP congestion control. (6)
8. Discuss the working of E Mail in detail (May 2015,May 2018)

9. Discuss about MIME, IMAP and POP3. (Nov 2010)

10. (i) Describe how SMTP protocol is used in E-mail applications.

(ii) Explain HTTP with an example. (May 2016)
11. (i) Explain in detail about SNMP messages (Nov 2016,DEC 17)
(ii) Illustrate the role of POP3 in Electronic mail applications
12. Briefly explain the Domain Name Service protocol with an example (DEC17/NOV 2018)

UNIT IV NETWORK SECURITY

OSI Security Architecture – Attacks – Security Services and Mechanisms – Encryption –Advanced
Encryption Standard – Public Key Cryptosystems – RSA Algorithm – Hash Functions – Secure Hash
Algorithm – Digital Signature Algorithm.
UNIT-IV / PART-A CO.4
1. What is Security attack, Security mechanism and Security service?
Security attack: Any action that compromises the security of information owned by an
organization.
Security mechanism: A mechanism that is designed to detect, present or recover from a security
attack.
Security service: A service that enhances the security of the data processing systems and the
information transfer of an organization.
2. Define confidentiality.
Confidentiality ensures that the information in a computer system and transmitted information are
accessible only for reading by authorized parties. This type of access includes printing, displaying,
and other forms of disclosure.
3. Define integrity.
Integrity ensures that only authorized parties are able to modify computer system assets and
transmitted information. Modification includes writing, changing, deleting, creating and delaying
or replaying of transmitted messages.
4. Define Authentication, Nonrepudiation, Availability and Access control.
Authentication: Ensures that the origin of a message is correctly identified, with an assurance that
the identity is not false.
Nonrepudiation: Requires that neither the sender nor the receiver of a message be able to deny the
transmission.
Jayaraj Annapackiam CSI College of Engineering 12
 EC3401 Networks Security Department of ECE 2022-2023

Availability: Requires that computer system assets be available to authorized parties when needed.
Access control: Requires that access to information resource may be controlled by or for the target
system.
5. List 4 general categories of attack.
Interruption, Interception, Modification, Fabrication
6. List the components involved in network security (i.e. Model for network security)
Message, Two principals (Source and Destination), Trusted third party Opponent
7. List the 4 basic tasks in designing a particular security service.
Design an algorithm for performing the security-related Transformation
Generate the secret information to be used with the algorithm
Develop methods for the distribution and sharing of secret information
Specify a protocol to be used by the two principals.
8. List the five main components of a conventional encryption system.
Plaintext, Encryption algorithm, Ciphertext, Decryption algorithm
9. Define Plaintext, Ciphertext
Plaintext: Refers to the original message that is created and sent into encryption method.
Ciphertext: It is the text that is now scrambled and ready to send. It may look like a random
stream of data, and is unreadable.
10. How cryptographic systems are generally classified?
Cryptographic systems are generally classified along 3 independent dimensions.
The type of operations used for transforming plaintext into ciphertext
(permutation/substitution)
The number of keys used (single key/different key)
The way in which the plaintext is processed (Block cipher/Stream cipher)
11. Differentiate block cipher and stream cipher.
Block cipher: A block cipher processes the input one block of elements at a time,
producing an output block for each input block.
Stream cipher: A stream cipher processes the input elements continuously, producing
output one element at a time, as it goes along
12. What is steganography?
Steganography is the practice of concealing a file, message, image or video within another file,
message, image or video. i.e. It is hiding a secret message within an ordinary message and the
extraction of it at its destination.
13. Compare steganography and cryptography.
 The meaning of steganography is covered or hidden writing while cryptography
signifies secret writing.
 Steganography is an attempt to achieve secure and undictable communication.
Cryptography intends to make the message readable for only the target recipient and
not by others.
 In steganography, the main structure of the message is not changed whereas
cryptography imposes a change on the secret message before transferring it over the
network.
 The steganography can be employed on text, and in video and image while
cryptography is implemented only on the text file.
14. What is symmetric key encryption?
Symmetric key encryption is a type of encryption where only one key (a secret key) is used to
both encrypt and decrypt information. The entities communicating via symmetric encryption
must exchange the key so that it can be used in the decryption
process.
15. List the 5 main components of a symmetric encryption system.
Plaintext, Encryption algorithm, Secret key, Ciphertext, Decryption algorithm
16. Give the 5 modes of operations of block cipher. (Dec 2020)
Electronic codebook (ECB), Cipher block chaining (CBC), Cipher feedback (CFB), Output
feedback (OFB), Counter (CTR)
17. Define confusion and diffusion

Jayaraj Annapackiam CSI College of Engineering 13

 EC3401 Networks Security Department of ECE 2022-2023

Confusion refers to making the relationship between the key and the cipher text as complex
and involved as possible
Diffusion refers to the property that redundancy in the statistics of the plaintext is
dissipated in the statistics of plaintext.
18. List the 4 different stages of AES.
Substitute bytes, Shift rows, Mix column, Add round key
19. Why random numbers are use in network security?
Random numbers used to generate keys
 Symmetric keys
 RSA: Prime numbers
 Diffie-Hellman secret values Random
numbers used for nonce
 Sometimes a sequence is okay
 But sometimes nonce must be random Random
numbers also used in simulations.
20. What is public key cryptography?
Public key cryptography (or asymmetric cryptography) is an encryption scheme that uses two
mathematically related, but not identical keys – a public key and a private key. Each key
performs a unique function. The public key is used to encrypt and the private
key is used to decrypt.
21. List the 6 ingredients of public key encryption.
 Plaintext
 Encryption algorithm
 Public key
 Private key
 Cipher text
Decryption algorithm
22. Perform encryption for the plaintext M=88 using the RSA algorithm.
P=17, q=11 and public component e=7
i. p=17, q=11
ii. Calculate n=p*q = 17*11 =187
iii. Calculate (n) = (p-1)(q-1) = 16*10=160
iv. Select e=7
v. Determine d such that de  1(mod 60). The correct value of d is 23
Public key (7,187) and private key (23,187) Encryption: 887 mod 187 = 11
23. Perform encryption and decryption using the RSA algorithm for the following.
P=7, q=11, e=17 and M=8
i. p=7, q=11
ii. Calculate n=p*q = 7*11 =77
iii. Calculate (n) = (p-1)(q-1) = 6*10=60
iv. Select e=17
v. Determine d such that de  1(mod 60). The correct value of d is 53
Public key (17,77) and private key (53,77)
Encryption: 817 mod 77 = 56
Decryption: 5653 mod 77 = 8
24. List the 5 possible approaches to attacking the RSA algorithm
 Brute force
 Mathematical attacks
 Timing attacks
 Hardware fault-based attack
Jayaraj Annapackiam CSI College of Engineering 14
 EC3401 Networks Security Department of ECE 2022-2023

Chosen ciphertext attacks

25. Show how SHA is more secure than MD5
 It produces a largest digest (160-bit compared to 128 bits, so a brute force attack
would be more difficult to carry out)
 No known collisions have been formed for SHA
Never version have been introduced in SHA (SHA-256, SHA-384, SHA-512) that are much
more secure than the original.
26. What is digital signature?
A digital signature is an authentication technique that also includes measures to counter
repudiation by either source or destination
27. List the types of functions that may be used to produce an authenticator.
 Message encryption: The ciphertext of the entire message serves as its authenticator.
 Message Authentication Code(MAC): A public function of the message and a
secret key that produces a fixed length value that serves as the authenticator.
 Hash function: A public function that maps a message of any length into fixed-
length hash value, which serves as the authenticator.
29. What is hash(function) in cryptography?
A hash function is a mathematical function that converts a numerical input value into another
compressed numerical value. The input to the hash function is of arbitrary length but output is
always of fixed length.
30. What is the role of compression function in hash function?
The compression function is a function that transforms two fixed length inputs into a fixed
length output. The transformation is one-way, meaning that it is difficult given a particular
output to compute inputs which compress to that output. One-way compression function are
not related to conventional data compression algorithm, which
instead can be inverted exactly or approximately to the original data.
31. Specify the various types of authentication protocol
An authentication protocol is a type of computer communication protocol or cryptographic
protocol specifically designed for transfer of authentication data between two entities.
Different types are
 Password Authentication Protocol (PAP)
 Challenge Handshake Authentication Protocol (CHAP)
 Extensible Authentication Protocol (EAP)
 Remote Authentication Dial-In User Service (RADIUS)
Kerberos (Protocols)
32. What is digital signature?
A digital signature is an authentication mechanism that allows the sender to attach an
electronic code with the message in order to ensure its authenticity and integrity. This
electronic code acts as the signature of the sender and, hence is named digital signature.
Digital signature uses the public-key cryptographic technique. The sender uses his private
key and a signing algorithm creates a digital signature, and the signed document can be
made public. The receiver uses the public key of the sender and a verifying
algorithm to verify the digital signature.
PART-B CO.4
1. Explain OSI security architecture model with neat diagram (Dec 2020, Dec 2021)
Describe the various security mechanism (Dec 2020)
2. Explain the network security model and its important parameters with a neat block
diagram
3. Write note on different types of security attacks and services in detail.

4. Discuss examples from real life, where the following security objectives are needed :
i) Confidentiality.

Jayaraj Annapackiam CSI College of Engineering 15

 EC3401 Networks Security Department of ECE 2022-2023

ii) Integrity.
iii) Non-repudiation.
Suggest suitable security mechanisms to achieve them. (Dec 2020, Dec 2021)
5. Explain AES algorithm with all its round functions in detail

6. What do you mean by AES? Diagrammatically illustrate the structure of AES and
describe the steps in AES encryption process with example (Dec 2020)
7. Describe in detail the key generation in AES algorithm and its expansion format

8. Explain RSA algorithm, perform encryption and decryption to the system with
p=7, q=11, e=17, M=8
9. Describe RSA algorithm & Perform encryption and decryption using RSA algorithm for
the following: p=7, q=11, e=7, M=9
10. Explain the working of RSA and chose an application of your choice for RSA and explain
how encryption and decryption is carried out?
11. In a public-key system using RSA, you intercept the ciphertext C = 10 sent to a user
whose public key is e = 5, n = 35. What is the plaintext M. (Dec 2021)
12. List out the advantages of MD5 and SHA algorithms

13. Explain the concepts of digital signature algorithm with key generation and verification
in detail.
UNIT V HARDWARE SECURITY
Introduction to hardware security, Hardware Trojans, Side – Channel Attacks – Physical Attacks and
Countermeasures – Design for Security. Introduction to Blockchain Technology
PART A CO.5
1. What do you mean by hardware security?
Hardware security is vulnerability protection that comes in the form of a physical device rather
than software that's installed on the hardware of a computer system. Hardware security can
pertain to a device used to scan a system or monitor network traffic. Common examples include
hardware firewalls and proxy servers.
2. Why is hardware security important?
Hardware security protects physical devices from threats that allow unauthorized access to
enterprise systems. Hardware security is defined as the protection of physical devices from threats
that would facilitate unauthorized access to enterprise systems.
3. What are the 3 types of security?
There are three primary areas or classifications of security controls. These include management
security, operational security, and physical security controls
4. What are all Hardware Vulnerabilities
Physical Attacks (e.g. side channel attacks; microarchitectural vuln.) ● Trojan Horses (implemented
at different design levels) ● IP Piracy (cloning of IP) ● IC Piracy & Counterfeiting (cloning,
overproduction) ● Backdoors (modifications leaking secret) ● Tampering (e.g. FPGA bitstream
modifications) ● Reverse Engineering
5. What is Hardware Trojan?
A malicious addition or modification to the existing circuit elements
6. What hardware Trojans can do?
○ Change the functionality ○ Reduce the reliability ○ Leak valuable information
7. What is hardware Trojan detection?
Hardware Trojans (HTs) are identified as an emerging threat for the integrity of Integrated
Circuits (ICs) and their applications. Attackers attempt to maliciously manipulate the
Jayaraj Annapackiam CSI College of Engineering 16
 EC3401 Networks Security Department of ECE 2022-2023

functionality of ICs by inserting HTs, potentially causing disastrous effects (Denial of Service,
sensitive information leakage, etc.).
8. What is meant by side-channel attack?
Share to Facebook Share to Twitter. Definition(s): An attack enabled by leakage of information
from a physical cryptosystem. Characteristics that could be exploited in a side-channel attack
include timing, power consumption, and electromagnetic and acoustic emissions.
9. Is Trojan a serious virus?
The effects of Trojans can be highly dangerous. Like viruses, they can destroy files or
information on hard disks. They can also capture and resend confidential data to an external address
or open communication ports, allowing an intruder to control the infected computer remotely.
10. What is side-channel attack on RSA?
Side channel attacks exploit information about timing, power consumption, electromagnetic
emanations or even sound to recover secret information about a cryptosystem . Timing attacks
exploit the timing variations in cryptographic operations.
11. What are hardware based attacks?
Hardware based attacks require the use of Rogue Devices which go under the radar of existing
security solutions by operating on the Physical Layer. Spoofed Peripherals impersonate
legitimate HIDs and, due to a lack of Physical Layer visibility, are recognized as the legitimate
device that they imitate.
12. What are 3 types of attacks?
The different types of cyber-attacks are malware attack, password attack, phishing attack, and
SQL injection attack.
13. What is the most common type of attacks?
Malware. Phishing, Man-in-the-middle attack (MITM), Distributed Denial-of-Service (DDoS)
Attack, SQL Injection, Zero-day Exploit, DNS Tunnelling., Business Email Compromise
14. What are the three 3 basic network security measures?
This includes within a corporate or home network and outside of those networks such as across the
internet or on a service provider's network, Secure Socket Layer (SSL)/Transport Layer Security
(TLS), Secure Shell (SSH), Internet Protocol Security (IPsec)
15. How do you design a secure network?
1. Physical security.
2. Get into VLANS with subnets and QoS.
3. Add more and better firewalls.
4. Use the DMZ.
5. Design for hierarchy.
6. Add port security.
16. What is design for security?
Security by design is an approach to software and hardware development that seeks to make
systems as free of vulnerabilities and impervious to attack as possible through such measures as
continuous testing, authentication safeguards and adherence to best programming practices.
17. What are secure network design principles?
We recommend that your network security design be grounded in the strategic principles
of compartmentalization, the weakest link, vulnerability testing, and layering
18. What are the 4 goals of a secure network?
Network security entails protecting the usability, reliability, integrity, and safety of network and
data. Effective network security defeats a variety of threats from entering or spreading on a network.
The primary goal of network security are Confidentiality, Integrity, and Availability.
19. What is the network design?
Network design is the practice of planning and designing a communications network. Network
design starts with identifying business and technical requirements and continues until just before the
network implementation stage
20. What is meant by blockchain technology?
Blockchain is a system of recording information in a way that makes it difficult or impossible
to change, hack, or cheat the system. A blockchain is essentially a digital ledger of transactions
that is duplicated and distributed across the entire network of computer systems on the blockchain
Jayaraj Annapackiam CSI College of Engineering 17
 EC3401 Networks Security Department of ECE 2022-2023

21. What is the main purpose of blockchain technology?

The purpose of the blockchain is to share information amongst all parties that access it via an
application. Access to this ledger in terms of reading and writing may be unrestricted
('permissionless'), or restricted ('permissioned').
22. What is an example of blockchain?
Bitcoin and Ethereum are popular examples of blockchains. Everyone is allowed to connect to the
blockchain and transact on them
23. What are the 3 technologies that form blockchain?
Blockchain is a combination of three leading technologies: Cryptographic keys. A peer-to-peer
network containing a shared ledger. A means of computing, to store the transactions and records of
the network
24. Which tool is used for blockchain?
Solidity is, undoubtedly, one of the most popular languages used by Blockchain Developers.
Influenced by C++, Python, and JavaScript, it was designed to target the Ethereum Virtual Machine
(EVM). Solidity is statically typed, supports inheritance, libraries, and complex user-defined types.
25. What are the disadvantages of blockchain?
One of the main disadvantages of blockchain technology is the immutability of data. It benefits
financial and supplies chain systems. Immutability can only exist if network nodes are distributed.
A blockchain network is vulnerable if one entity owns at least half the nodes.
26. What are physical attacks?
An actual and intentional striking of another person against his or her will, or the intentional causing
of bodily harm to an individual.
27. What are the basic types of attacks?
 Common Types of Cybersecurity Attacks.
 Phishing Attacks: A Deep Dive with Prevention Tips.
 SQL Injection Attacks (SQLi)
 Cross-Site Scripting (XSS) Explained and Preventing XSS Attacks.
 Man-in-the-Middle (MITM) Attacks.
 Malware Attacks: Examined and Best Practices.
 Denial-of-Service Attacks.
28. What is active attacks example?
Examples of active attacks include man-in- the middle (MitM), impersonation, and session
hijacking. An attack on the authentication protocol where the attacker transmits data to the claimant,
Credential Service Provider (CSP), verifier, or Relying Party (RP)
29. What are the different types of attacks in cryptography?
 Brute force attack.
 Ciphertext-only attack.
 Chosen plaintext attack.
 Chosen ciphertext attack.
 Known plaintext attack.
PART-B CO.5
1. Explain in details about Hardware Security.

2. Explain in details about Side Channel Attacks

3. What are the countermeasures in physical attacks?

4. Discuss in details about design for security

5. Explain in details about Block chain technology

6. What are the physical attacks explain in detail

7. Explain in detail about Hardware threat.

Jayaraj Annapackiam CSI College of Engineering 18
 EC3401 Networks Security Department of ECE 2022-2023

8. Explain detail about Hardware Vulnerabilities.

9. Explain in detail about Trojan Taxonomy.

10. How Block chain works.

11. Discuss in details about Bit coin.

12. How does a side channel attacks works.

Jayaraj Annapackiam CSI College of Engineering 19