DEC 2023

Q1.

Write the linux/unix commands for

a) (i) List all hidden files in a directory

(ii) List all processes currently running on the system.
(iii) Set permission to a file, say “sample.txt” so that the file can be read by
owner only
(iv) Print the last 10 lines of a file.
(v) Show all users currently logged on.

(b) Why do we need a firewall ? Explain the working of the firewall in detail . Also
explain the limitation of using firewalls.

(c) Differentiate between FAT32 and FAT16 file systems. Explain the features of NTFS
in context of Windows 2000 OS.

(d) What is X-Windows? Explain the major components of Unix-based GUI's in

X-Windows.

Answer
Sure, here are the answers:

(i) To list all hidden files in a directory in Linux/Unix, you can use the following command:

bash
ls -a

(ii) To list all processes currently running on the system, you can use the following command:

bash
ps -aux
(iii) To set permission to a file, say "sample.txt", so that the file can be read by the owner
only, you can use the following command:

bash
chmod 400 sample.txt

(iv) To print the last 10 lines of a file, you can use the following command:

bash
tail -n 10 filename

(v) To show all users currently logged on, you can use the following command:

bash
who

(b) Firewall: A firewall is a network security system that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. Its primary purpose is to
establish a barrier between your internal network and incoming traffic from external sources
(such as the internet), allowing only authorised traffic to pass through while blocking or
filtering out unauthorised or potentially harmful traffic.

Working of Firewall: Firewalls work by examining packets of data passing through them
and determining whether to allow or block them based on a set of predefined rules. These
rules can be based on various criteria such as source and destination IP addresses, ports,
protocols, and the state of the connection.

Firewalls can operate at different layers of the OSI model, including the network layer (using
techniques like packet filtering), the transport layer (using techniques like stateful
inspection), and the application layer (using techniques like proxy servers).

Limitations of Using Firewalls: While firewalls are an essential component of network

security, they have certain limitations:

1. Limited Visibility: Firewalls cannot inspect encrypted traffic beyond the header
information, which means they may not detect certain types of threats hidden within
encrypted data.
 2. Application Layer Threats: Firewalls may not effectively protect against threats that
exploit vulnerabilities in specific applications or protocols, especially if those threats
are not explicitly blocked by firewall rules.
3. Advanced Threats: Sophisticated attacks, such as zero-day exploits or targeted
malware, may bypass traditional firewall defenses.
4. Insider Threats: Firewalls cannot prevent threats originating from within the network,
such as malicious insiders or compromised devices.

(c) FAT32 vs. FAT16 and NTFS:

Differentiation between FAT32 and FAT16:

● FAT16 (File Allocation Table 16-bit): It is an older file system introduced with DOS
3.0 and limited to a maximum partition size of 2GB. It uses 16-bit file allocation
tables, which means it has limitations in terms of maximum partition size and file size.
● FAT32 (File Allocation Table 32-bit): It is an extension of FAT16 introduced with
Windows 95 OSR2. It supports larger partition sizes (up to 2TB) and file sizes (up to
4GB). FAT32 uses 32-bit file allocation tables, providing better efficiency and support
for larger storage devices.

Features of NTFS (New Technology File System):

● Security: NTFS supports access control lists (ACLs), which allow fine-grained
control over who can access files and folders, providing better security compared to
FAT file systems.
● Compression: NTFS supports file and folder compression, allowing users to save
disk space by compressing data on-the-fly.
● Encryption: NTFS supports file-level encryption using the Encrypting File System
(EFS), providing a way to encrypt sensitive data stored on disk.
● Journaling: NTFS uses a journaling file system, which helps in recovering from
system crashes and ensures the integrity of the file system.
● Large Volume and File Support: NTFS supports much larger volumes and file sizes
compared to FAT file systems, with maximum volume size of up to 16 exabytes and
maximum file size of up to 16 terabytes (depending on the version of Windows).

(d) X-Windows: X-Windows, also known as X11 or X, is a windowing system used to

provide a graphical user interface (GUI) for Unix-like operating systems. It provides the basic
framework and protocols for building GUI environments, allowing applications to display
graphical elements such as windows, icons, and menus on the screen.
Major Components of Unix-based GUI's in X-Windows:

1. X Server: The X server is responsible for managing the display hardware and
handling input devices such as keyboards and mice. It communicates with client
applications and renders their graphical output on the screen.
2. Window Manager: The window manager controls the placement and appearance of
windows on the screen. It allows users to manipulate windows (move, resize,
minimise, maximise, etc.) and provides features like window decorations and
taskbars.
3. Desktop Environment: A desktop environment is a collection of software
components that provide a complete user interface experience, including a window
manager, file manager, panel, and various desktop utilities. Examples include
GNOME, KDE, Xfce, and LXDE.
4. Widgets and Toolkits: Widgets are graphical elements such as buttons, text boxes,
and sliders, while toolkits are libraries that provide programming interfaces for
creating and managing widgets. Common toolkits used in Unix-based GUIs include
GTK (used by GNOME), Qt (used by KDE), and Motif.
5. Display Manager: The display manager is responsible for managing user sessions
and handling login screens. It provides a graphical login interface where users can
enter their credentials to access the system.

These components work together to create a graphical user interface environment on

Unix-based systems, allowing users to interact with their computers using visual elements
rather than command-line interfaces.

Q2
(a) What do you mean by Packet Switching? Explain the Datagram and Virtual Circuit
approach of packet switching.
(b) Explain POP3 and IMAP Protocols.
(c) What are Guided and Unguided Media ?Explain optical fibre. List the advantages
and disadvantages of unguided media.

Answer:-
(a) Packet Switching: Packet switching is a method used in data networking for transmitting
and routing data across a network. In packet switching, data is broken down into smaller
units called packets, which are then transmitted individually across the network. Each packet
contains not only the data being transmitted but also header information, including the
source and destination addresses.

Datagram Approach: In the datagram approach of packet switching, each packet is treated
independently and can follow different paths to reach its destination. Each packet is
forwarded based on the destination address contained within the packet itself. Routers and
switches in the network make independent decisions about how to route each packet, often
choosing the most efficient path available at the time of transmission. This approach is used
in IP (Internet Protocol) networks, where each packet is treated as a separate entity and can
take different routes through the network.

Virtual Circuit Approach: In the virtual circuit approach of packet switching, a predefined
path or circuit is established between the source and destination before data transmission
begins. Once the circuit is established, each packet follows the same path through the
network. This path is determined during the setup phase and remains fixed for the duration
of the communication session. Virtual circuits provide more predictable routing and may offer
better quality of service (QoS) compared to datagram networks. This approach is used in
protocols like ATM (Asynchronous Transfer Mode) and Frame Relay.

(b) POP3 and IMAP Protocols: POP3 (Post Office Protocol version 3): POP3 is an email
retrieval protocol used by email clients to retrieve emails from a remote server. When a user
accesses their email account using a POP3 client, the client downloads emails from the
server to the user's device. By default, POP3 downloads emails to the client device and
typically deletes them from the server, although there are options to leave copies on the
server.

IMAP (Internet Message Access Protocol): IMAP is another email retrieval protocol used
by email clients to access emails stored on a remote server. Unlike POP3, IMAP allows
users to view and manage emails directly on the server without downloading them to the
client device. This means users can access their full mailbox from multiple devices while
keeping emails synchronised across all devices. IMAP also supports folder management
and searching capabilities.

(c) Guided and Unguided Media and Optical Fibre: Guided Media: Guided media refers
to communication channels that use physical conductors or cables to transmit data signals.
Examples include twisted pair cables, coaxial cables, and fibre optic cables. Guided media
provide a controlled environment for signal transmission, reducing the chances of signal
interference and attenuation.

Unguided Media: Unguided media, also known as wireless or unbounded media, refers to
communication channels that transmit data signals through the air or free space. Examples
include radio waves, microwaves, and infrared signals. Unguided media are susceptible to
various environmental factors such as interference, attenuation, and multipath propagation.

Optical Fibre: Optical fibre is a type of guided media that uses thin strands of glass or
plastic fibres to transmit data signals using light waves. Optical fiber offers several
advantages over other guided and unguided media, including: Advantages:

● High Bandwidth: Optical fibre has a much higher bandwidth compared to traditional
copper cables, allowing for faster data transmission over longer distances.
● Low Attenuation: Light signals in optical fibre experience low attenuation, meaning
they can travel longer distances without significant loss of signal strength.
● Immunity to Electromagnetic Interference: Optical fibre is immune to electromagnetic
interference, making it ideal for use in environments with high levels of electrical
noise.
● Security: Optical fibre is difficult to tap into, providing a higher level of security
compared to wireless or copper-based communication channels.

Disadvantages:

● Cost: Optical fibre installation and maintenance can be expensive compared to other
communication mediums.
● Fragility: Optical fibre cables are delicate and can be damaged easily if mishandled,
requiring careful installation and maintenance.
● Limited Flexibility: Optical fibre cables are less flexible than copper cables, which can
make installation in certain environments more challenging.
Overall, optical fibre is widely used in telecommunications networks for high-speed data
transmission over long distances, offering advantages in terms of bandwidth, reliability, and
security.

Q3
(a) Define Topology in the context of Computer Networks. List the advantages of
Computer Network.
(b) Explain the working of Ring Topology.
(c) Explain the process of ApacheServer setting in Linux in detail.

Ans:-
(a) Topology in Computer Networks: Topology refers to the physical or logical layout of
devices and connections in a computer network. It defines how devices are interconnected
and how data is transmitted between them. Different types of network topologies include
bus, star, ring, mesh, and hybrid topologies.

Advantages of Computer Networks:

1. Resource Sharing: Computer networks allow for the sharing of hardware resources
such as printers, scanners, and storage devices, as well as software resources such
as applications and databases.
2. Communication: Networks facilitate communication and collaboration among users,
allowing them to share information and communicate in real-time via email, instant
messaging, video conferencing, etc.
3. Centralised Data Management: Networks enable centralised data storage and
management, making it easier to back up, retrieve, and secure data.
4. Cost Efficiency: By sharing resources and infrastructure, networks can reduce
hardware and software costs for organisations.
5. Scalability: Networks can easily scale to accommodate growing numbers of users
and devices by adding or upgrading network components.
6. Improved Flexibility: Networks allow users to access data and applications from
anywhere, using any device connected to the network, providing greater flexibility
and mobility.
7. Enhanced Security: Networks can implement security measures such as firewalls,
encryption, and access controls to protect data and systems from unauthorised
access and cyber threats.

(b) Working of Ring Topology: In a ring topology, all devices in the network are connected
in a closed loop or ring configuration. Each device in the network is connected to exactly two
other devices, forming a continuous pathway for data transmission. Data travels around the
ring in one direction, passing through each device until it reaches its destination.

Working Steps:

1. Data Transmission: When a device wants to send data to another device, it adds
the data onto the network in the form of a signal.
 2. Passing through Nodes: The data signal travels around the ring, passing through
each device in the network.
3. Destination Reached: Eventually, the data signal reaches its destination device,
which processes the data.
4. Feedback Signal: After processing, the destination device may send a feedback
signal back around the ring to confirm receipt of the data.

Advantages of Ring Topology:

● Equal Access: Each device in the network has equal access to the network's
resources, as there is no central node controlling access.
● No Collisions: Since data travels in only one direction around the ring, there are no
collisions between data packets.
● Simple Design: Ring topology is relatively simple to design and implement,
especially in small networks.
● Fault Isolation: If a single device or cable in the ring fails, it does not affect the rest
of the network, as data can still travel in the opposite direction.

(c) Apache Server Setting in Linux: Setting up an Apache web server on Linux involves
several steps:

1. Installation: Install the Apache package using the package manager of your Linux
distribution. For example, on Ubuntu, you can use the following command:
bash

sudo apt-get install apache2

Start the Apache Service: After installation, start the Apache service using the following
command:
bash
sudo systemctl start apache2

Enable Autostart: To ensure that Apache starts automatically at boot time, enable the
Apache service:
bash
sudo systemctl enable apache2
 1.
2. Basic Configuration: Apache's main configuration file is usually located at
/etc/apache2/apache2.conf. You can customize settings such as server name,
port, and document root in this file.
3. Virtual Hosts: Apache allows you to host multiple websites on the same server using
virtual hosts. Configuration files for virtual hosts are typically stored in the
/etc/apache2/sites-available/ directory. You can create a new virtual host
configuration file for each website you want to host and enable them using the
a2ensite command.
4. Firewall Configuration: If you have a firewall enabled on your Linux server, you may
need to open the necessary ports (usually 80 for HTTP and 443 for HTTPS) to allow
incoming web traffic.
5. Testing: Once Apache is configured, you can test if it's working by accessing your
server's IP address or domain name in a web browser. You should see the default
Apache welcome page if everything is set up correctly.

These steps provide a basic overview of setting up an Apache web server on Linux.
Depending on your specific requirements and configuration, additional steps such as
SSL/TLS certificate installation, security hardening, and performance tuning may be
necessary.

Q4
(a) Explain the different user authentication methods. Differentiate symmetric and
asymmetric cryptography.
(b) Explain the Computer-Security Classification in detail.
Ans:-
(a) User Authentication Methods: User authentication is the process of verifying the
identity of a user who is trying to access a system or application. Different authentication
methods include:

● Password-based Authentication: Users provide a username and password to

authenticate themselves. It's widely used but susceptible to password guessing and
phishing attacks.
● Biometric Authentication: Uses unique biological traits like fingerprints, iris scans,
or facial recognition for authentication. It provides a high level of security but can be
costly to implement.
● Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA): Requires
users to provide two or more forms of authentication, such as a password and a
one-time code sent to their mobile device. Enhances security by adding an extra
layer of verification.
● Public Key Infrastructure (PKI): Utilises digital certificates issued by a trusted
Certificate Authority (CA) to authenticate users. It ensures secure communication
over insecure networks.

Symmetric vs. Asymmetric Cryptography:

● Symmetric Cryptography: Uses the same key for both encryption and decryption.
It's faster and more efficient but requires secure key distribution.
● Asymmetric Cryptography: Uses a pair of keys (public and private) for encryption
and decryption. It's slower but eliminates the need for secure key exchange. Public
keys are shared openly, while private keys are kept secret.

(b) Computer Security Classification: Computer security classification categorises

information assets based on their sensitivity and the level of protection required. It typically
includes:

● Unclassified: Information that doesn't require any special protection.

● Sensitive but Unclassified (SBU): Information that's not classified but still requires
some level of protection.
● Confidential: Information that's sensitive and requires protection from unauthorized
access.
● Secret: Information that's highly sensitive and requires strict protection measures to
prevent unauthorised disclosure.
 ● Top Secret: Information that's of the highest sensitivity and requires the most
stringent security controls to protect from unauthorised disclosure.

Q5
Write short notes on the following( i have to write in exams so i can score max)
(a) Serial Processing
(b) System calls
(c) Virtual Machines
(d) Wide Area Network
(e) Virtual Private Network.

Ans:-
(a) Serial Processing: Serial processing refers to executing tasks one after the other,
sequentially. It's a traditional computing model where instructions are processed in order,
without parallelism. It's simple but can lead to longer processing times.

(b) System Calls: System calls are interfaces provided by the operating system that allow
user-level processes to request services from the kernel. They provide a way for applications
to interact with hardware and perform privileged operations like file I/O, process
management, and networking.

(c) Virtual Machines: Virtual machines (VMs) are software-based representations of

physical computers that emulate the hardware and software functionality of a physical
machine. They allow multiple operating systems to run concurrently on a single physical
machine, providing isolation and flexibility.

(d) Wide Area Network (WAN): A Wide Area Network (WAN) is a network that spans a
large geographical area, connecting multiple local area networks (LANs) or other WANs. It
uses routers and public or private telecommunications links to transmit data between
different locations.

(e) Virtual Private Network (VPN): A Virtual Private Network (VPN) is a secure network
connection that extends a private network across a public network like the internet. It
enables users to securely access and transmit data over an encrypted connection,
protecting their privacy and security. VPNs are commonly used for remote access, secure
communication, and bypassing geographical restrictions.
 JUNE 2023

Q1
(a) Define WINDOWS NT Registry. What does it consist of? Discuss how you can
secure the Registry and audit its critical components.

(b) Define a firewall. What are its functions? List its limitations.

(c) In context to RAID, explain Mirroring, Duplexing and Striping with parity.

(d) Discuss the file system in Windows-XP and also explain how the office file
features in Windows-XP are enabled?

(e) Discuss the absolute and relative pathnames in LINUX with the help of suitable
examples for each.

Ans:-

(a) WINDOWS NT Registry: The Windows NT Registry is a centralised database used by

the Windows operating system to store configuration settings and options for the system and
installed applications. It consists of hierarchical keys and subkeys, similar to a file system's
directory structure. Each key can contain values, which are used to store configuration data.

Securing the Registry: Securing the Windows NT Registry involves implementing

measures to prevent unauthorised access, modification, or deletion of registry keys and
values. This can be achieved through the following methods:

● Access Control Lists (ACLs): Assign appropriate permissions to registry keys and
values to restrict access to authorised users or groups.
● Registry Auditing: Enable auditing policies to monitor and track changes made to
critical components of the registry, such as sensitive system settings or
security-related keys.
● Registry Backup: Regularly backup the registry to restore it in case of accidental
deletion or corruption.
● Encryption: Encrypt sensitive registry data to protect it from unauthorised access.

Auditing Critical Components: To audit critical components of the Registry, you can
enable auditing policies using the Group Policy Editor or Security Configuration and Analysis
tool. Define audit policies to monitor key activities such as changes to registry keys and
values, access attempts, and modifications made by specific users or groups. Regularly
review audit logs to identify and investigate suspicious or unauthorised activities.

(b) Firewall: A firewall is a network security device or software that monitors and controls
incoming and outgoing network traffic based on predetermined security rules. Its primary
functions include:
 ● Packet Filtering: Examining packets of data entering or leaving the network and
allowing or blocking them based on predefined rules.
● Stateful Inspection: Tracking the state of active connections and allowing only
legitimate traffic that corresponds to established connections.
● Network Address Translation (NAT): Hiding internal network addresses by
translating them to a single public IP address, thus enhancing security and privacy.
● Application Layer Filtering: Analysing data packets at the application layer to filter
out malicious content or unauthorised applications.

Limitations of Firewalls:

● Inability to Inspect Encrypted Traffic: Firewalls may not be able to inspect

encrypted traffic beyond the header information, making it challenging to detect
certain types of threats hidden within encrypted data.
● Limited Protection Against Insider Threats: Firewalls primarily focus on external
threats and may not effectively prevent insider threats originating from within the
network.
● Complexity: Configuring and managing firewall rules can be complex and requires
expertise to ensure proper security without impacting legitimate network traffic.
● Single Point of Failure: A firewall can become a single point of failure, potentially
compromising the entire network's security if it malfunctions or is bypassed by
attackers.

(c) RAID (Redundant Array of Independent Disks):

● Mirroring (RAID 1): Mirroring involves creating an exact copy (mirror) of data onto
another disk in real-time. This provides redundancy and fault tolerance, as data
remains accessible even if one disk fails.
● Duplexing: Duplexing is similar to mirroring but involves two separate controllers
and paths for each disk. It provides higher fault tolerance and performance compared
to mirroring.
● Striping with Parity (RAID 5): Striping with parity distributes data across multiple
disks along with parity information, which is used for error detection and recovery.
This provides fault tolerance and improved performance by distributing data and
parity information across multiple disks.

(d) File System in Windows XP: Windows XP primarily uses the NTFS (New Technology
File System) as its default file system, which provides features such as file-level security,
encryption, compression, and disk quotas. NTFS offers improved reliability, scalability, and
performance compared to the older FAT (File Allocation Table) file systems.

Office File Features in Windows XP: Office file features in Windows XP are enabled by
installing Microsoft Office applications such as Microsoft Word, Excel, PowerPoint, etc.
These applications provide features such as document creation, editing, formatting, and
collaboration. Office files can be saved and accessed using the file system provided by the
operating system (e.g., NTFS).

(e) Absolute and Relative Pathnames in Linux:

 ● Absolute Pathname: An absolute pathname specifies the complete path from the
root directory ("/") to a specific file or directory. It begins with the root directory
followed by a series of directory names separated by slashes ("/"). For example:
"/home/user/documents/file.txt".
● Relative Pathname: A relative pathname specifies the path to a file or directory
relative to the current working directory. It does not begin with the root directory and
relies on the current context. For example, if the current working directory is
"/home/user", and you want to access "file.txt" located in the "documents" directory,
you can use the relative pathname "documents/file.txt".

These examples illustrate how absolute and relative pathnames are used to navigate the file
system in Linux.
Q2
(a) Describe the file and directory systems of LINUX with suitable examples.

(b) Describe various file permission modes in LINUX and associated commands for
granting/revoking file permissions.

(c) Explain the purpose of the following commands in LINUX with an example for
each:
(i) cp (ii) mv

Ans :-

(a) File and Directory Systems of Linux: Linux uses a hierarchical file system that
organises files and directories in a tree-like structure. The root directory ("/") is the top-level
directory from which all other directories and files stem. Here are some key directories in
Linux and their purposes:

● /bin: Contains essential binary files and commands required for system booting and
basic system functionality.
● /etc: Stores system configuration files and scripts.
● /home: Home directories for user accounts are typically located here.
● /var: Contains variable data files, such as logs, mail, and print spools.
● /tmp: Temporary files are stored here. These files are typically deleted upon system
reboot.
● /usr: Contains user binaries, libraries, documentation, and source code.
● /dev: Contains device files representing physical and virtual devices.
● /proc: A virtual filesystem that provides information about processes and system
resources.

Example: To create a directory named "documents" in the current directory, you can use the
following command:

bash
mkdir documents

(b) File Permission Modes in Linux: Linux uses three types of permissions: read (r), write
(w), and execute (x). These permissions can be set for three categories of users: owner,
group, and others. Here are the various permission modes:

● Numeric Mode: Each permission mode is represented by a numeric value:

○ Read (4)
○ Write (2)
○ Execute (1)
● Symbolic Mode: Uses symbols to represent permissions:
○ Owner (u)
○ Group (g)
 ○ Others (o)
● Combination Mode: Allows combinations of permissions:
○ Add (+)
○ Remove (-)
○ Set (=)

Commands for granting/revoking permissions:

● chmod: Used to change file permissions.

● chown: Used to change file ownership.
● chgrp: Used to change file group ownership.

Example: To grant read and write permissions to the owner, and only read permission to the
group and others for a file named "example.txt", you can use the following command:

bash
chmod 644 example.txt

(c) Purpose of Commands in Linux: (i) cp (Copy): Copies files or directories from one
location to another. Example: To copy a file named "file1.txt" from the current directory to a
directory named "backup", you can use the following command:

bash
cp file1.txt backup/

(ii) mv (Move): Moves files or directories from one location to another or renames them.
Example: To move a file named "file1.txt" from the current directory to a directory named
"archive", you can use the following command:

bash
mv file1.txt archive/

These commands are fundamental for managing files and directories in Linux systems.
Q3
(a) Differentiate the role and responsibilities of "user mode" and "kernel mode" of
Windows-2000 systems.

(b) What is Kerberos? Explain the complete process of client authentication through
Kerberos.

c) What is a Virtual Private Network (VPN)? Describe the step by step procedure to
configure VPN in Windows-XP.

Ans :-

(a) User Mode vs. Kernel Mode in Windows 2000:

User Mode:

● Responsibilities: User mode is where user applications and processes run. It

provides a restricted environment where applications can execute without direct
access to hardware or critical system resources.
● Access: User mode processes have limited access to system resources and must
request services from the kernel through system calls.
● Isolation: User mode processes are isolated from each other and cannot directly
interfere with the operation of other processes or the operating system.
● Examples: Applications such as web browsers, word processors, and media players
run in user mode.

Kernel Mode:

● Responsibilities: Kernel mode has full access to system resources and controls the
hardware. It manages system memory, CPU scheduling, device drivers, and other
core operating system functions.
● Access: Kernel mode has unrestricted access to system memory and hardware
resources, allowing it to perform privileged operations.
● Privileged Instructions: Kernel mode can execute privileged CPU instructions that
are not available in user mode.
● Examples: Device drivers, the memory manager, and the process scheduler run in
kernel mode.

(b) Kerberos: Kerberos is a network authentication protocol that provides secure

authentication for users and services over non-secure networks. It uses symmetric key
cryptography and operates based on the concept of tickets. The complete process of client
authentication through Kerberos involves the following steps:

1. Authentication Request: The client sends an authentication request to the Key

Distribution Center (KDC), typically when attempting to access a network resource.
2. Ticket Granting Ticket (TGT) Request: The KDC verifies the client's identity and
issues a Ticket Granting Ticket (TGT) encrypted with a secret key derived from the
user's password.
 3. Ticket Granting Service (TGS) Request: The client sends the TGT to the Ticket
Granting Service (TGS) along with a request for a service ticket to access a specific
resource.
4. Service Ticket Issuance: The TGS verifies the TGT and issues a service ticket
encrypted with the secret key of the requested service.
5. Service Authentication: The client presents the service ticket to the requested
service. The service decrypts the ticket using its secret key and verifies the client's
identity.
6. Access Granted: If the service successfully authenticates the client, access to the
requested resource is granted.

(c) Virtual Private Network (VPN): A Virtual Private Network (VPN) is a secure network
connection that allows users to access a private network over a public network such as the
internet. It encrypts data transmitted between the user's device and the VPN server,
ensuring confidentiality and security.

Step-by-Step Procedure to Configure VPN in Windows XP:

1. Open Network Connections: Go to Control Panel > Network Connections.

2. Create a New Connection: Click on "Create a new connection" from the Network
Tasks pane.
3. Start the Wizard: Click "Next" on the Welcome to the New Connection Wizard
screen.
4. Select Connection Type: Choose "Connect to the network at my workplace" and
click "Next".
5. Choose Network Connection: Select "Virtual Private Network connection" and click
"Next".
6. Enter VPN Server Address: Enter the IP address or domain name of the VPN
server and click "Next".
7. Enter Connection Name: Provide a name for the VPN connection and click "Next".
8. Completing the Wizard: Click "Finish" to complete the wizard.
9. Connect to VPN: To connect to the VPN, go back to Network Connections,
right-click on the VPN connection you created, and select "Connect".
10. Enter Credentials: Enter your username and password provided by the VPN
provider and click "Connect".

Once connected, you will have access to the private network resources securely through the
VPN tunnel.
Q4
(a) Differentiate LAN, MAN and WAN in context of its geographical distribution, size,
access mechanism, hardware devices and communication.

(b) Discuss the following briefly w.r.t. Windows-2000:

(i) NTFS (New Technology File System)

(ii) EFS Services (Encrypting File System)

Ans :-
(a) Differentiation of LAN, MAN, and WAN:

LAN (Local Area Network):

● Geographical Distribution: LANs typically cover a small geographical area, such as

a single building, campus, or office floor.
● Size: LANs usually consist of a limited number of interconnected devices, ranging
from a few to several hundred.
● Access Mechanism: LANs commonly use Ethernet or Wi-Fi technology for
communication, with protocols like TCP/IP for data transmission.
● Hardware Devices: LANs may include devices such as switches, routers, hubs, and
network interface cards (NICs).
● Communication: Communication within a LAN is typically high-speed and
low-latency, making it suitable for local data sharing and resource access.

MAN (Metropolitan Area Network):

● Geographical Distribution: MANs cover a larger geographical area than LANs,

such as a city or metropolitan area.
● Size: MANs typically connect multiple LANs within a city or town, serving a larger
number of users and organisations.
● Access Mechanism: MANs may use technologies like fibre-optic cables, microwave
links, or WiMAX for communication over longer distances.
● Hardware Devices: MANs may include networking equipment similar to LANs but
with additional infrastructure for long-distance communication.
● Communication: MANs provide intermediate-speed connectivity between LANs,
enabling data sharing and resource access over a wider area.

WAN (Wide Area Network):

● Geographical Distribution: WANs cover the widest geographical area, often

spanning across countries or continents.
● Size: WANs connect multiple MANs, LANs, or other networks over vast distances,
serving a large number of users and organisations.
● Access Mechanism: WANs rely on telecommunications links such as leased lines,
satellites, or public networks (e.g., the internet) for communication.
 ● Hardware Devices: WANs require specialised networking equipment such as
routers, modems, and multiplexers to manage long-distance communication and data
transmission.
● Communication: WANs provide slower but long-distance connectivity between
geographically dispersed networks, enabling global data sharing and resource
access.

(b) Windows 2000 Features:

(i) NTFS (New Technology File System): NTFS is the primary file system used by
Windows 2000 and subsequent Windows operating systems. It offers several advantages
over the older FAT file system, including:

● Support for larger file sizes and volumes

● Improved reliability and fault tolerance through features like file encryption, disk
quotas, and disk mirroring
● Enhanced security with file and folder permissions, access control lists (ACLs), and
auditing capabilities

(ii) EFS Services (Encrypting File System): EFS is a feature of NTFS that provides
file-level encryption for data security and confidentiality. It encrypts files and folders using
cryptographic algorithms, making them unreadable without the appropriate decryption key.
Key features of EFS include:

● Seamless integration with Windows Explorer for easy encryption and decryption of
files and folders
● Support for multiple encryption algorithms, including RSA and DESX
● Granular control over encryption settings, including recovery agents and
certificate-based encryption
● Integration with Active Directory for centralised management of encryption policies
and keys

Overall, NTFS and EFS are essential features of Windows 2000 that provide enhanced file
system capabilities and data security for users and organisations.
Q5
Write short notes on the following:

(a) Gateways Network device

(b) Backup and restoration in LINUX

(c) Distributed operating system

(d) Managing user profiles in Windows-2000.

Ans :-

(a) Gateways Network Device: A gateway is a network device that connects two or more
disparate networks, allowing them to communicate and exchange data. It acts as an entry
and exit point for data traffic between networks with different protocols, addressing schemes,
or communication standards. Gateways operate at the network layer (Layer 3) of the OSI
model and perform protocol translation, data encapsulation, and routing functions. They
enable seamless connectivity and interoperability between networks of varying types, such
as local area networks (LANs), wide area networks (WANs), and the internet.

(b) Backup and Restoration in Linux: Backup and restoration in Linux involves the
process of creating copies of data files and system configurations to safeguard against data
loss, corruption, or system failure. Key components of backup and restoration in Linux
include:

● Backup Utilities: Linux provides various backup utilities such as tar, rsync, and
dump for creating backups of files and directories.
● Backup Storage: Backups can be stored on local storage devices (e.g., hard drives,
USB drives) or remote servers using network protocols like SSH, FTP, or NFS.
● Backup Strategies: Backup strategies include full backups (copying all data),
incremental backups (copying only changed data since the last backup), and
differential backups (copying changed data since the last full backup).
● Restoration Process: To restore data from backups, users can use the appropriate
backup utility to extract files and directories from backup archives to their original
locations.

(c) Distributed Operating System: A distributed operating system is a software system that
manages resources and provides services across multiple networked computers. Key
characteristics of distributed operating systems include:

● Resource Sharing: Distributed operating systems enable sharing of hardware

resources (e.g., CPU, memory, storage) and software resources (e.g., files, printers)
across multiple nodes in the network.
● Transparency: Distributed operating systems aim to provide transparency to users
and applications regarding the distribution of resources, hiding the complexities of the
underlying network infrastructure.
 ● Concurrency: Distributed operating systems support concurrent execution of
multiple processes across distributed nodes, enabling parallel processing and
improved system performance.
● Fault Tolerance: Distributed operating systems incorporate fault-tolerant
mechanisms to ensure system reliability and availability in the event of node failures
or network disruptions.

(d) Managing User Profiles in Windows 2000: Managing user profiles in Windows 2000
involves configuring and customising user settings and preferences for individual users or
groups of users. Key aspects of managing user profiles in Windows 2000 include:

● User Profile Creation: User profiles are automatically created when users log in to a
Windows 2000 system for the first time. Profiles store user-specific settings such as
desktop customization, application preferences, and network connections.
● Profile Types: Windows 2000 supports two types of user profiles: local profiles
stored on the local machine and roaming profiles stored on a network server.
Roaming profiles allow users to access their settings from any computer in the
network.
● Profile Management: Administrators can manage user profiles using tools such as
the User Profiles applet in the Control Panel or Group Policy settings. They can
configure profile properties, permissions, and deletion policies to ensure efficient use
of system resources and data security.
● Profile Migration: Windows 2000 provides tools and utilities for migrating user
profiles between computers or domains, allowing seamless transition of user settings
and preferences during system upgrades or migrations.

These short notes provide an overview of gateways, backup and restoration in Linux,
distributed operating systems, and managing user profiles in Windows 2000.
 DEC 2022

Q1
(a) Discuss Pipes, Filters and Redirection commands in LINUX, along with suitable
examples and explanations.

b) Elucidate the following with reference to Windows XP Networking:

(i) TCP/IP Protocol settings
(ii) VPN and Remote Networking facilities

(c) In context to computer security, explain the following:

(i) Integrity
(ii) Confidentiality
(iii) Availability

(d) Define authentication tokens. With reference to authentication tokens, explain the
use of Hardware tokens and Software tokens.

(e) Discuss Trivial File Transfer Protocol (TFTP) and TELNET.

Ans:-
(a) Pipes, Filters, and Redirection in Linux:

Pipes: Pipes allow the output of one command to be used as the input for another
command. The pipe operator (|) is used to connect multiple commands together. For
example:

bash
ls | grep "file"

This command lists files in the current directory and passes the output to the grep command
to search for files containing "file" in their names.

Filters: Filters are commands that process input data and produce output based on specific
criteria. They are commonly used in combination with pipes to manipulate text or data.
Examples of filters include grep, sed, and awk. For example:

bash
cat file.txt | grep "keyword"

This command reads the contents of a file named file.txt and filters lines containing the
keyword "keyword".
Redirection: Redirection is used to control the input and output of commands. The greater
than (>) and less than (<) symbols are used for output and input redirection, respectively. For
example:

bash
ls > files.txt

This command lists files in the current directory and redirects the output to a file named
files.txt.

(b) Windows XP Networking:

(i) TCP/IP Protocol Settings: In Windows XP, TCP/IP protocol settings are configured
through the Internet Protocol (TCP/IP) properties dialog. Users can specify IP addresses,
subnet masks, default gateways, and DNS server addresses manually or obtain them
automatically through DHCP. This configuration is essential for network communication and
internet connectivity.

(ii) VPN and Remote Networking Facilities: Windows XP includes built-in support for
Virtual Private Network (VPN) connections and remote networking facilities. Users can
establish secure VPN connections to remote networks over the internet using protocols such
as PPTP (Point-to-Point Tunneling Protocol) or L2TP/IPsec (Layer 2 Tunneling
Protocol/Internet Protocol Security). Remote Desktop Connection allows users to access
and control remote computers over a network connection.

(c) Computer Security Concepts:

(i) Integrity: Integrity ensures that data remains accurate, complete, and unaltered
throughout its lifecycle. It involves protecting data from unauthorized modification, deletion,
or corruption. Methods such as checksums, digital signatures, and access controls are used
to maintain data integrity.

(ii) Confidentiality: Confidentiality ensures that sensitive information is only accessible to

authorized individuals or entities. It involves protecting data from unauthorized disclosure or
access. Encryption, access controls, and secure communication protocols are used to
maintain confidentiality.

(iii) Availability: Availability ensures that data and resources are accessible and usable
when needed by authorized users. It involves protecting against disruptions, downtime, or
denial of service attacks. Redundancy, fault tolerance, and disaster recovery plans are used
to maintain availability.

(d) Authentication Tokens:

Authentication tokens are physical or digital devices used to verify a user's identity during the
authentication process. They provide a secure way to authenticate users without relying
solely on passwords.
Hardware Tokens: Hardware tokens are physical devices that generate one-time
passwords (OTPs) or cryptographic keys. Users must possess the token and enter the
generated OTP to authenticate. Examples include RSA SecurID tokens and YubiKeys.

Software Tokens: Software tokens are digital tokens generated and stored on a user's
device, such as a smartphone or computer. They can be used for two-factor authentication
(2FA) or multi-factor authentication (MFA) alongside passwords. Examples include Google
Authenticator and Microsoft Authenticator.

(e) Trivial File Transfer Protocol (TFTP) and TELNET:

TFTP: TFTP is a simple file transfer protocol used for transferring files between networked
devices. It operates on UDP port 69 and does not require authentication, making it suitable
for booting devices over a network or transferring configuration files between network
devices in a controlled environment.

TELNET: TELNET is a network protocol used for remote terminal access and control. It
allows users to log in to remote computers or networking devices over a network connection
and execute commands as if they were physically present at the remote console. TELNET
operates on TCP port 23 and transmits data in plain text, making it vulnerable to interception
and eavesdropping.
Q2
(a) Explain the features of Network Operating System and Distributed
Operating System.

(b) Define Domain Name System (DNS). In context to DNS, explain DNS
Architecture Zones.

Ans:-
(a) Features of Network Operating System (NOS) and Distributed Operating System
(DOS):

Network Operating System (NOS):

● Centralized Management: NOS provides centralized management of resources

such as files, printers, and users across a network.
● Shared Resources: It facilitates the sharing of resources among multiple users and
devices connected to the network.
● Security: NOS includes security features such as access control, authentication, and
encryption to protect network resources from unauthorized access.
● Scalability: NOS supports the addition of new devices and users to the network
without significant impact on performance or functionality.

Distributed Operating System (DOS):

● Resource Sharing: DOS enables the sharing of resources and services across
multiple interconnected computers in a distributed environment.
● Transparency: It provides transparency to users and applications regarding the
distribution of resources, hiding the complexities of the underlying network
infrastructure.
● Concurrency: DOS supports concurrent execution of processes and threads across
distributed nodes, enabling parallel processing and improved system performance.
● Fault Tolerance: DOS incorporates fault-tolerant mechanisms to ensure system
reliability and availability in the event of node failures or network disruptions.

(b) Domain Name System (DNS) and DNS Architecture Zones:

Domain Name System (DNS):

● Definition: DNS is a hierarchical decentralized naming system that translates

domain names into IP addresses and vice versa, facilitating the resolution of domain
names to IP addresses on the internet.
 ● Functionality: DNS resolves domain names to IP addresses through a distributed
database system, enabling users to access internet resources using human-readable
domain names.
● Components: DNS comprises multiple components, including DNS servers,
resolvers, zones, and resource records, each playing a specific role in the resolution
process.
● Hierarchy: DNS operates in a hierarchical structure, with top-level domains (TLDs)
at the top, followed by second-level domains (SLDs) and subdomains, forming a
tree-like structure.

DNS Architecture Zones:

● Definition: DNS architecture zones are logical divisions of the DNS namespace that
define administrative boundaries and delegation of authority within the DNS
hierarchy.
● Types of Zones: Common types of DNS zones include:
○ Forward Lookup Zone: Maps domain names to IP addresses, enabling
hostname resolution.
○ Reverse Lookup Zone: Maps IP addresses to domain names, facilitating
reverse hostname resolution.
○ Primary Zone: The primary source of zone data that is authoritative for the
zone and can be updated directly.
○ Secondary Zone: A read-only copy of zone data obtained from a primary
zone, providing fault tolerance and load distribution.
Q3
(a) Discuss process and thread management in LINUX.

(b) Discuss the file system, special files and file management in LINUX.

Ans :-
(a) Process and Thread Management in Linux:

● Processes: Processes are instances of executing programs managed by the Linux

kernel. Linux provides system calls such as fork(), exec(), and wait() for process
management, allowing creation, execution, and termination of processes.
● Threads: Threads are lightweight processes within a process, sharing the same
memory space and resources. Linux supports multi-threading using POSIX threads
(pthread), allowing concurrent execution of multiple threads within a single process.

(b) File System, Special Files, and File Management in Linux:

● File System: Linux uses a hierarchical file system structure, with the root directory
("/") at the top. Common file systems in Linux include ext4, XFS, and Btrfs, offering
features such as journaling, file permissions, and file attributes.
● Special Files: Special files in Linux include device files (/dev), symbolic links, and
named pipes (FIFOs). Device files represent physical and virtual devices, symbolic
links are pointers to other files or directories, and named pipes facilitate inter-process
communication.
● File Management: Linux provides commands such as ls (list files), cp (copy files),
mv (move files), and rm (remove files) for file management. Users can create, modify,
and delete files and directories using these commands, as well as set file
permissions and ownership using chmod and chown commands.
Q4
(a) Discuss the following (giving an example for each) with reference to shell scripting
in LINUX:

(i) variables

(ii) if... else statement

(iii) echo command

(iv) break and continue

(b) Briefly discuss the following network connecting devices, mentioning their
purpose, operating layer and working principle:

(i) Repeaters

(ii) Hubs

(iii) Bridges

(iv) Routers

Ans:-

(a) Shell Scripting in Linux:

(i) Variables:

● Definition: Variables in shell scripting are used to store data temporarily for later
use.
● Example:

bash
#!/bin/bash
name="John"
echo "Hello, $name!"
In this example, the variable "name" stores the value "John", which is then used in the echo
command to print "Hello, John!".

(ii) if... else Statement:

● Definition: The if... else statement in shell scripting is used to make decisions based
on conditions.
● Example:

bash
#!/bin/bash
age=20
if [ $age -ge 18 ]; then
echo "You are an adult."
else
echo "You are a minor."
fi

In this example, if the variable "age" is greater than or equal to 18, it prints "You are an
adult."; otherwise, it prints "You are a minor.".

(iii) echo Command:

● Definition: The echo command in shell scripting is used to display text or variables
on the terminal.
● Example:

bash
#!/bin/bash
echo "Hello, World!"

In this example, the echo command prints "Hello, World!" on the terminal.

(iv) break and continue:

● break: The break statement in shell scripting is used to exit from a loop prematurely.
● continue: The continue statement in shell scripting is used to skip the current
iteration of a loop and continue with the next iteration.
● Example:

bash
#!/bin/bash
for i in {1..5}; do
if [ $i -eq 3 ]; then
break
 fi
echo $i
done

In this example, the loop prints numbers from 1 to 5, but it breaks out of the loop when the
value of "i" is equal to 3.

(b) Network Connecting Devices:

(i) Repeaters:

● Purpose: Repeaters regenerate and retransmit signals to extend the reach of a

network segment.
● Operating Layer: Physical layer (Layer 1) of the OSI model.
● Working Principle: Repeaters amplify and clean up incoming signals before
retransmitting them to compensate for signal degradation over long distances.

(ii) Hubs:

● Purpose: Hubs connect multiple network devices within a single network segment,
allowing them to communicate with each other.
● Operating Layer: Physical layer (Layer 1) of the OSI model.
● Working Principle: Hubs receive data packets from connected devices and
broadcast them to all other devices within the network segment.

(iii) Bridges:

● Purpose: Bridges connect multiple network segments and forward traffic between
them to reduce network congestion and improve performance.
● Operating Layer: Data link layer (Layer 2) of the OSI model.
● Working Principle: Bridges analyze incoming data packets' destination MAC
addresses and forward them only to the appropriate segment if the destination is on
a different segment.

(iv) Routers:

● Purpose: Routers connect multiple networks together and forward data packets
between them based on destination IP addresses.
● Operating Layer: Network layer (Layer 3) of the OSI model.
● Working Principle: Routers examine destination IP addresses in data packets,
determine the best path for forwarding based on routing tables, and forward packets
accordingly to their destination networks.
Q5
(a) SNMP and UDP

(b) LINUX Utilities

(c) User-to-User Communication in LINUX

(d) Redundant Array of Independent Disks (RAID) and its Implementation

Ans:-

(a) SNMP and UDP:

● SNMP (Simple Network Management Protocol): SNMP is a protocol used for

network management and monitoring. It operates over UDP (User Datagram
Protocol), which is a connectionless transport layer protocol. SNMP allows network
administrators to manage network devices, monitor network performance, and
diagnose network issues remotely.

(b) Linux Utilities:

● Linux utilities are command-line tools and programs available in the Linux operating
system that perform various tasks and functions. These utilities range from basic
system administration tasks to advanced network management and troubleshooting
tools. Examples include ls (list directory contents), cp (copy files), mv (move files),
grep (search text patterns), and ssh (secure shell).

(c) User-to-User Communication in Linux:

● Linux provides several tools and methods for user-to-user communication, including:
○ Talk and write: Command-line utilities for real-time text-based
communication between users on the same system.
○ Wall: Broadcast messages to all users logged in to the system.
○ Messaging applications: Graphical applications like Empathy, Pidgin, and
Telegram for instant messaging and chat.
 ○ Email: Command-line utilities like mail and mutt, as well as graphical email
clients like Thunderbird, for sending and receiving emails.

(d) Redundant Array of Independent Disks (RAID) and its Implementation:

● RAID: RAID is a data storage technology that combines multiple physical disk drives
into a single logical unit to improve data performance, reliability, or both. RAID
configurations are categorised into several levels (e.g., RAID 0, RAID 1, RAID 5,
RAID 10), each offering different levels of performance, redundancy, and data
protection.
● Implementation: RAID can be implemented using hardware RAID controllers or
software RAID configurations within the operating system. Hardware RAID requires
dedicated RAID controller cards, while software RAID relies on the operating
system's built-in functionality to manage RAID arrays. RAID arrays can be configured
and managed using utilities like mdadm in Linux, allowing users to create, modify,
and monitor RAID configurations to suit their specific requirements.
 JUNE 2022

Q1
(a) Explain the output of the following Linux/Unix commands:
(i) date who
(ii) diff abc.txt xyz.txt
(iii) man who
(iv) ls-a
(v) pwd

Ans :-

(i) date who:

● date: This command displays the current date and time.

● who: This command displays a list of users currently logged into the system.
● date who together will not produce a meaningful output as it tries to run who
as an argument to date, which is incorrect. Instead, date and who should be
run separately.

(ii) diff abc.txt xyz.txt:

● This command compares the contents of the two files abc.txt and xyz.txt.
● It outputs the differences between the two files in a format that shows which
lines need to be changed in each file to make them identical.

(iii) man who:

● This command opens the manual page for the who command.
● It provides detailed information about the usage, options, and descriptions of
the who command.

(iv) ls-a:

● This is likely a typo. The correct command is ls -a.

● ls -a lists all files and directories in the current directory, including hidden
ones (those starting with a dot .).

(v) pwd:

● This command stands for "print working directory."

● It outputs the full pathname of the current working directory.
(b) Explain the concept of filters and pipelines in the Linux operating system. Give
example for each

Ans:-

Filters:

● Filters are commands that take input, process it, and produce output. They can
be used to manipulate and transform data.
● Example: grep "error" logfile.txt - This command filters out all the lines
in logfile.txt that contain the word "error".

Pipelines:

● Pipelines use the pipe operator (|) to pass the output of one command as input
to another command, creating a chain of processes.
● Example: ls -l | grep "^d" - This command lists all directories in the
current directory by passing the long format list (ls -l) output to grep, which
filters lines that start with "d" (indicating directories).

(c) What is the default location of print spooler in Windows NT? Name the different
permissions that can be set for printers in Windows NT. Explain the significance of
each.

Ans :-

Default Location: The default location of the print spooler in Windows NT is

C:\WINNT\SYSTEM32\SPOOL\PRINTERS.
Permissions for Printers:

● Print: Allows users to print documents.

● Manage Printers: Allows users to modify printer settings and configurations.
● Manage Documents: Allows users to manage print jobs (pause, resume,
cancel).
(d) What do you understand about disk striping? What are the limitations of disk
striping? List the RAID levels.

Ans :-

Disk Striping: Disk striping is a method of dividing data across multiple disk drives to
improve performance. Each stripe is written to a different disk in parallel, increasing
read and write speeds.
Limitations:

● No redundancy: If one disk fails, all data is lost.

● Complexity in data recovery.

RAID Levels:

● RAID 0: Disk striping without parity, no redundancy.

● RAID 1: Disk mirroring, provides redundancy by duplicating data.
● RAID 5: Disk striping with parity, balances performance and redundancy.
● RAID 6: Similar to RAID 5 but with additional parity for extra redundancy.
● RAID 10 (1+0): Combines mirroring and striping for high performance and
redundancy.

(e) Describe the structure and characteristics of any two types of guided
transmission media.

Ans :-

Twisted Pair Cable:

● Structure: Consists of pairs of insulated copper wires twisted together.

● Characteristics: Used for telephone and Ethernet networks, susceptible to
electromagnetic interference, limited to shorter distances compared to other
media.

Coaxial Cable:

● Structure: Central conductor wire, surrounded by an insulating layer, metallic

shield, and outer insulating layer.
● Characteristics: Used for cable television and internet, better shielding against
interference, higher bandwidth and longer distances than twisted pair.
(f) Differentiate between data terminal equipment and data transmission equipment.
Give examples of each.

Ans :-

Data Terminal Equipment (DTE):

● End devices that convert user information into signals for transmission or
reconvert the received signals into user information.
● Example: Computers, terminals.

Data Transmission Equipment (DCE):

● Devices that establish, maintain, and terminate communication links between

data terminals.
● Example: Modems, routers.

(g) What is VPN? Write the purpose of VPN and name the VPN technologies
supported by Windows 2000.

Ans :-

VPN: A VPN extends a private network across a public network, allowing users to
send and receive data as if their computing devices were directly connected to the
private network.
Purpose: Ensures secure, encrypted connections over the internet, protecting data
from eavesdropping and enhancing privacy.
VPN Technologies in Windows 2000:

● PPTP (Point-to-Point Tunneling Protocol)

● L2TP (Layer 2 Tunneling Protocol)
● IPSec (Internet Protocol Security)
 (h) Explain the architecture of Simple Network Management Protocol (SNMP), with
the help of a suitable diagram.

Ans :-

● Components:
○ Managed Devices: Network nodes that contain SNMP agents.
○ Agents: Software on managed devices that collects and stores
management information.
○ Network Management System (NMS): Software that runs on a manager
device to control and monitor managed devices.
○ MIB (Management Information Base): Database of network management
information maintained by the agent.
● Diagram:

NMS (Manager)
|
| SNMP Protocol
|
Managed Device
|
Agent
|
MIB
 ● Explanation:
○ The NMS sends queries and commands to agents.
○ Agents collect data from the MIB and respond to NMS.
○ The NMS can also set parameters on managed devices through agents.

This architecture enables centralised monitoring and management of network

devices.
Q2
(a) Write Linux shell script that will convert all numeric digits present in a text file into
“*”. The path of the text file would be given by the user. Support your code with
suitable comments for better readability.

Ans:-

Here's a shell script that replaces all numeric digits in a given text file with "*":

Bash

#!/bin/bash

# Check if the user has provided a file path

if [ $# -eq 0 ]; then
echo "Usage: $0 <path_to_text_file>"
exit 1
fi

# Get the file path from the command line argument

FILE_PATH=$1

# Check if the file exists

if [ ! -f "$FILE_PATH" ]; then
echo "File not found!"
exit 1
fi

# Use sed to replace all numeric digits with '*'

# -i option is used to edit the file in place
sed -i 's/[0-9]/*/g' "$FILE_PATH"

# Notify the user of success

echo "All numeric digits in $FILE_PATH have been replaced with '*'."

Explanation:

1. Shebang (#!/bin/bash): Specifies the script should be run in the bash shell.
2. Check if file path is provided: The script checks if the user has given the file path
as an argument. If not, it prints the usage and exits.
3. Get the file path: The script assigns the first argument to the FILE_PATH variable.
 4. Check if the file exists: It checks if the file exists at the specified path. If not, it prints
an error message and exits.
5. Use sed to replace digits: The script uses the sed command to find and replace all
numeric digits ([0-9]) with *. The -i option edits the file in place.
6. Notify the user: After the operation, the script prints a message to inform the user
that the digits have been replaced.

(b) Compare multiprogramming and multitasking. Give suitable examples for each.

Ans:-

Multiprogramming:

● Definition: Multiprogramming is a method where multiple programs are loaded

into memory and the CPU switches between them to maximise CPU utilisation.
● Example: In a batch processing system, multiple jobs are kept in memory and
the CPU switches between jobs when one job needs to wait for I/O operations.
● Characteristics:
○ Programs are executed sequentially.
○ Aimed at increasing CPU utilisation by overlapping CPU and I/O
operations.
○ Context switching is less frequent compared to multitasking.

Multitasking:

● Definition: Multitasking is the ability of an operating system to execute more

than one task simultaneously by rapidly switching between them, giving the
illusion that they are running at the same time.
● Example: In a modern operating system like Windows or Linux, a user can run
a web browser, a text editor, and a media player concurrently.
● Characteristics:
○ Tasks are given time slices by the CPU scheduler.
○ Provides a responsive system to the user.
○ Context switching is frequent to provide the illusion of simultaneous
execution.

Summary of Differences:

● Objective:
○ Multiprogramming: Maximise CPU utilisation.
○ Multitasking: Provide responsive interactive systems.
● Context Switching:
 ○ Multiprogramming: Less frequent, as switching occurs mainly due to I/O
wait.
○ Multitasking: Frequent, as the CPU switches between tasks rapidly to
ensure concurrent execution.
● Execution:
○ Multiprogramming: Sequential program execution.
○ Multitasking: Simultaneous task execution.
● Example Systems:
○ Multiprogramming: Mainframe batch processing systems.
○ Multitasking: Modern personal computers and smartphones.

By understanding these differences, one can better appreciate the evolution of

operating systems and the techniques used to improve system efficiency and user
experience.
Q3
(a) List and explain various network topologies. Write one advantage and
disadvantage of each.

Ans :-

1. Bus Topology:

● Description: In a bus topology, all devices are connected to a single central

cable, known as the bus or backbone.
● Advantage: Easy to implement and extend.
● Disadvantage: A failure in the main cable will cause the entire network to fail.

2. Star Topology:

● Description: In a star topology, all devices are connected to a central hub or

switch.
● Advantage: Easy to manage and troubleshoot; if one device fails, it doesn’t
affect the others.
● Disadvantage: If the central hub fails, the whole network goes down.

3. Ring Topology:

● Description: In a ring topology, each device is connected to two other devices,

forming a circular data path.
● Advantage: Data packets travel at high speeds with minimal collision.
● Disadvantage: A failure in any single cable or device can disrupt the entire
network.

4. Mesh Topology:

● Description: In a mesh topology, devices are interconnected with many

redundant interconnections.
● Advantage: Provides high redundancy and reliability; if one path fails, data can
be routed through another path.
● Disadvantage: High cost and complexity of installation and maintenance.

5. Tree Topology:

● Description: A hybrid topology that combines characteristics of star and bus

topologies. It consists of groups of star-configured networks connected to a
linear bus backbone.
● Advantage: Scalable and easy to manage.
● Disadvantage: If the backbone line breaks, the entire segment fails.
6. Hybrid Topology:

● Description: A combination of two or more different types of topologies.

● Advantage: Flexible and scalable to adapt to different needs.
● Disadvantage: Complex to design and manage

(b) With reference to security system and facilities, explain the following :
(i) System Access Control
(ii) Data backup and off-site retention

Ans :-

(i) System Access Control

● Description: System access control involves the measures and mechanisms

put in place to restrict and control who or what can view or use resources in a
computing environment.
● Components:
○ Authentication: Verifying the identity of a user, device, or other entity in
a computer system. Methods include passwords, biometrics, and
multi-factor authentication (MFA).
○ Authorization: Determining whether a user or entity is allowed to access
a resource or perform an action. This is typically managed through
permissions and access control lists (ACLs).
○ Accounting: Tracking user activities and resource usage. This can
include logging access attempts, usage statistics, and changes to data.
● Significance: Ensures that only authorised users can access sensitive
information and critical systems, thereby protecting data integrity and
preventing unauthorised access and breaches.

(ii) Data Backup and Off-site Retention

● Description: Data backup and off-site retention involve creating copies of data
and storing them at a different location to protect against data loss due to
system failures, natural disasters, or other catastrophic events.
● Components:
○ Data Backup: Regularly copying data to a secondary storage medium
(such as external hard drives, tape drives, or cloud storage). Types of
backups include full, incremental, and differential backups.
 ○ Off-site Retention: Storing backup copies at a different physical location
from the primary site to ensure data availability in case of site-specific
disasters.
● Significance:
○ Data Recovery: Ensures that data can be restored in the event of
corruption, accidental deletion, or hardware failure.
○ Disaster Recovery: Provides a means to recover critical business
functions and data after a major disaster, minimising downtime and data
loss.
○ Compliance: Helps organisations meet regulatory requirements for data
protection and retention.

By implementing robust system access control and data backup strategies,

organisations can significantly enhance their security posture and ensure the
continuity of operations even in adverse situations.
Q4
Q 4.
(a) Discuss the functionality of user and kernel modes of Windows 2000 operating
system.

Ans :-

User Mode:

● Definition: User mode is a restricted processing mode designed for

applications and user-level processes.
● Functionality:
○ Limited Access: User mode has limited access to system resources and
hardware. It cannot directly interact with hardware or reference memory
addresses outside its allocated space.
○ Isolation: Each application runs in its own private virtual address space
to prevent them from interfering with each other.
○ System Calls: When an application needs to perform an operation that
requires higher privileges (like accessing hardware), it must make a
system call to transition to kernel mode.
○ Stability: Errors in user mode applications are less likely to crash the
entire system. If an application fails, it can be terminated without
affecting other applications or the operating system.

Kernel Mode:

● Definition: Kernel mode is a privileged processing mode with unrestricted

access to all system resources, including hardware and memory.
● Functionality:
○ Full Access: Kernel mode has full access to the hardware and system
resources. It can execute any CPU instruction and reference any
memory address.
○ Resource Management: The kernel manages system resources such as
memory, CPU, and I/O devices. It handles tasks like process scheduling,
memory management, and device management.
○ Drivers and Services: Device drivers and system services operate in
kernel mode, allowing them to directly interact with hardware.
○ System Calls Handling: When a user mode process makes a system
call, the kernel mode processes it, performing operations on behalf of
the user mode process.

Transition Between Modes:

 ● System Calls: User mode processes request services from the kernel through
system calls. The CPU switches to kernel mode to execute the requested
operation.
● Exceptions and Interrupts: Hardware interrupts and exceptions also cause the
CPU to switch from user mode to kernel mode to handle the event.

Diagram:

sql
Copy code
+--------------------------+
| User Mode |
| +----------------------+ |
| | Applications | |
| +----------------------+ |
| ^ |
| | |
| System Calls |
| | |
+---------v----------------+
| Kernel Mode |
| +----------------------+ |
| | Kernel | |
| +----------------------+ |
+--------------------------+

(b) Explain the process and thread management in Linux Operating System

Ans :-

Process Management:

● Process Creation:
○ fork(): Creates a new process by duplicating the calling process. The
new process, called the child, is an exact copy of the parent process
except for the returned value.
○ exec(): Replaces the current process image with a new process image.
This is used after fork() to run a different program in the child process.
○ exit(): Terminates a process and returns an exit status to the parent
process.
 ○ wait(): Makes a parent process wait until all of its child processes have
terminated.
● Process States:
○ Running: The process is either running or ready to run.
○ Waiting: The process is waiting for some event to occur (e.g., I/O
completion).
○ Stopped: The process is stopped, usually by receiving a signal.
○ Zombie: The process has terminated, but its parent has not yet called
wait(), leaving an entry in the process table.
● Scheduling:
○ Scheduler: The Linux scheduler manages process execution, using
algorithms like Completely Fair Scheduler (CFS) for fair distribution of
CPU time among processes.
○ Priorities: Processes are assigned priorities, and the scheduler selects
processes based on these priorities.

Thread Management:

● Thread Definition: A thread is the smallest unit of execution within a process.

Linux treats threads as lightweight processes.
● Thread Creation:
○ pthread_create(): Used in the POSIX thread (pthreads) library to create a
new thread within a process.
● Thread Execution:
○ Shared Resources: Threads within the same process share the same
memory space and resources, enabling faster context switching
compared to processes.
● Synchronisation:
○ Mutexes: Used to prevent multiple threads from accessing shared
resources concurrently.
○ Semaphores: Synchronisation primitives that control access to shared
resources by multiple threads.
○ Condition Variables: Used to block threads until a particular condition is
met.
● Thread Scheduling:
○ Kernel Threads: Managed by the kernel scheduler.
○ User Threads: Managed by a user-level library and the kernel is unaware
of them.

Process vs. Thread:

● Processes: Have their own memory space; more heavyweight due to the need
for more context information during context switches.
● Threads: Share the same memory space within a process; lightweight and
faster to create and manage.
Diagram:

Copy code
+------------------------+
| Process |
| +--------------------+ |
| | Thread 1 | |
| | Shared Resources | |
| +--------------------+ |
| +--------------------+ |
| | Thread 2 | |
| | Shared Resources | |
| +--------------------+ |
+------------------------+

In summary, Linux efficiently manages processes and threads, providing mechanisms

for process creation, scheduling, and synchronisation to ensure smooth and efficient
execution of programs.
Q5
Write short notes on

a) Microkernel Architecture

Ans:-

Microkernel Architecture:

● Definition: A microkernel is a minimalistic computer operating system kernel

that provides only the most essential services.
● Core Services:
○ Inter-process communication (IPC)
○ Basic scheduling
○ Basic memory management
● Features:
○ Modularity: Non-essential components (like device drivers, file systems,
and network protocols) run in user space as separate processes.
○ Security: By running most services in user space, the microkernel
architecture reduces the risk of system crashes and enhances security,
as faults in user space services do not affect the kernel.
○ Portability: The small size of the microkernel makes it easier to port the
operating system to different hardware architectures.
● Examples: QNX, Minix, Mach.

b) Data Backup Strategies

Ans :-

Data Backup Strategies:

● Full Backup:
○ Definition: Copies all data to the backup medium.
○ Advantage: Simple restoration process since all data is contained in a
single backup set.
○ Disadvantage: Time-consuming and requires significant storage space.
● Incremental Backup:
○ Definition: Copies only the data that has changed since the last backup
(either full or incremental).
○ Advantage: Faster and requires less storage space than full backups.
○ Disadvantage: Restoration can be complex and time-consuming, as it
involves the last full backup and all subsequent incremental backups.
● Differential Backup:
○ Definition: Copies all data that has changed since the last full backup.
 ○ Advantage: Faster than full backups and simpler to restore than
incremental backups.
○ Disadvantage: Requires more storage space than incremental backups
as it duplicates changes since the last full backup.
● Mirror Backup:
○ Definition: An exact copy of the source data.
○ Advantage: Immediate access to the data as it is a direct replica.
○ Disadvantage: High storage requirement and does not retain historical
versions of the data.

c) Auditing Policies in Windows 2000

Ans :-

Auditing Policies in Windows 2000:

● Purpose: To monitor and record system activity to help detect security

breaches, policy violations, and other unauthorized activities.
● Key Policies:
○ Logon/Logoff: Tracks user logon and logoff activities.
○ Account Management: Monitors changes to user accounts and groups.
○ Object Access: Audits attempts to access specific files, folders, or other
objects.
○ Policy Change: Records changes to user rights assignment policies,
audit policies, or trust policies.
○ Privilege Use: Tracks the use of user privileges, such as system
shutdown or process termination.
○ System Events: Monitors events like system startups, shutdowns, or
changes to the system security and integrity.

d) Group Policy in Windows 2000

Group Policy in Windows 2000:

● Definition: A feature used to control the working environment of user accounts

and computer accounts.
● Functionality:
○ Centralised Management: Administrators can define policies at a central
location and enforce them across all users and computers within the
domain.
○ Configuration Settings: Includes settings for software installation,
security options, startup/shutdown scripts, and user interface
customization.
 ○ Scope: Policies can be applied to users, computers, organizational units
(OUs), sites, and domains.
○ Inheritance: Group Policies can be inherited from parent to child
objects, but they can also be blocked or overridden.

e) Active Directory in Windows 2000

Active Directory in Windows 2000:

● Definition: A directory service that provides a central database for managing

and organizing network resources, such as users, computers, and groups.
● Features:
○ Hierarchical Structure: Organizes resources in a tree-like structure with
domains, organizational units (OUs), and sites.
○ Centralized Management: Facilitates centralized administration of
network resources.
○ Authentication and Authorization: Provides mechanisms for user
authentication and access control through integrated security
protocols.
○ Scalability: Can be scaled from small networks to large enterprise
environments.
○ Replication: Ensures that data is synchronized across multiple domain
controllers, providing fault tolerance and high availability.
○ LDAP Support: Uses Lightweight Directory Access Protocol (LDAP) for
directory access and management.

By understanding these concepts, administrators and IT professionals can effectively

manage and secure computing environments, ensuring reliable operation and
adherence to organisational policies.