Computer Network

1
 Chapter 1: Introduction to Computer Networks

What is computer network? What are the components of it?

A computer network is a collection of interconnected devices that allow communication and

resource sharing. The primary purpose of a computer network are communicating, sharing of
data and or resources, and services among multiple devices.

1) Networking Hardware: Devices like computers, servers, routers, switches, and cables.

 Computers: Desktops, laptops, and servers.

 Networking Devices: Routers, switches, hubs, modems, and access points.
 Peripherals: Printers, scanners, and other shared resources.

2) Networking Software:

Client and Server Software: Enables network services and resource sharing (e.g., web browsers,
email clients, file sharing applications).

Management Software: Tools for network monitoring, management, and security (e.g., network
management systems, antivirus software).

3) Media: Physical connections (wired or wireless) for data transmission.

Wired Media: Ethernet cables (e.g., twisted pair, coaxial cable, fiber optic cable).

Wireless Media: Radio waves, microwaves, infrared signals (e.g., Wi-Fi, Bluetooth).

4) Protocols:

 Communication Protocols: Rules and conventions for communication (e.g., TCP/IP,

HTTP, FTP).
 Network Protocols: Define data transfer methods and ensure proper data exchange.

What are the 3 basic requirement of communication?

1) Addressing
2) Protocol
3) Medium

2
What is protocol?

A protocol in computer networks is a set of rules and conventions that dictate how data is
transmitted and received over a network.

Examples of protocols:

TCP/IP: The foundation of the internet.

HTTP: Used for web browsing.

FTP: For transferring files.

SMTP: For sending emails.

Describe types of networks (LAN, MAN, WAN).

Local Area Network (LAN):

Definition: A network that covers a small geographic area, such as a building, office, or home.

Characteristics: High data transfer rates, low cost, limited geographic range, typically owned and
managed by a single organization.

Examples: Home Wi-Fi, office network, a network within a school or small business office.

Metropolitan Area Network (MAN):

Definition: A network that spans a larger geographic area than a LAN, typically covering a city
or large campus.

Characteristics: Intermediate data transfer rates, medium cost, covers multiple buildings or
locations within a city, often used to connect multiple LANs.

Examples: Cable TV network, city-wide Wi-Fi, a network connecting several branches of a city
library system.

3
Wide Area Network (WAN):

Definition: A network that covers a broad area, such as a country, continent, or even the entire
globe.

Characteristics: Lower data transfer rates compared to LANs and MANs, high cost, spans large
geographic distances, often composed of multiple interconnected LANs and MANs, can be
public or private.

Examples: The Internet, a multinational corporate network connecting offices worldwide

Describe network topologies (bus, star, ring, mesh, hybrid, and tree) in short.

Bus Topology:

Definition: All devices are connected to a single central cable (the bus) through which data is
transmitted.

Advantages:

Cost-Effective: Requires less cable than other topologies.

Easy to Install: Simple and straightforward to set up.

Easy to Extend: Adding new devices is easy and doesn’t require significant changes.

Disadvantages:

Limited Fault Tolerance: A failure in the central cable affects the entire network.

Performance Issues: Performance degrades with more devices and network traffic.

Star Topology:

Definition: All devices are connected to a central hub or switch.

Advantages:

4
Easy to Troubleshoot: Faults are isolated to individual connections.

Scalable: Easy to add new devices without disrupting the network.

High Performance: Centralized management can handle high traffic efficiently.

Disadvantages:

Central Point of Failure: Failure of the central hub affects the entire network.

Higher Cost: Requires more cables and hardware (hub/switch).

Ring Topology:

Definition: Devices are connected in a circular manner, with each device having exactly two
neighbors.

Advantages:

Predictable Performance: Data packets travel in a predictable path.

Easy to Troubleshoot: Easier to identify faults in the network.

Data Collision: Reduced chance of data collision compared to bus topology.

Disadvantages:

Single Point of Failure: Failure in any single connection can disrupt the entire network.

Performance Issues: Adding or removing devices can be challenging and disrupt the network.

Mesh Topology:

Definition: Every device is connected to every other device in the network.

Advantages:

High Reliability: Multiple connections provide redundancy and fault tolerance.

High Performance: Direct paths between devices reduce latency.

Scalable: Easily expands with more devices without significant performance loss.

5
Disadvantages:

High Cost: Requires more cabling and network hardware.

Complex Installation: Can be complex and time-consuming to set up and manage.

Tree Topology:

Definition: A combination of star and bus topologies where multiple star networks are connected
to a central bus.

Advantages:

Scalable: Easy to expand by adding new branches.

Hierarchical Structure: Simplifies network management and organization.

Fault Isolation: Faults can be isolated within branches, minimizing impact on the entire network.

Disadvantages:

Dependency on Central Bus: Failure in the central bus can affect the entire network.

Complex Configuration: More complex setup and management compared to simpler topologies.

Hybrid Topology:

Definition: Combines two or more different topologies to leverage the strengths of each.

Advantages:

Flexibility: Can be tailored to specific needs and scenarios.

Scalability: Allows for growth and expansion in various ways.

Fault Tolerance: Can offer enhanced fault tolerance by combining topologies.

Disadvantages:

Complex Design: Can be complex to design and maintain.

Higher Cost: May involve higher costs for setup and maintenance due to diverse components.

6
Why TCP/IP? To build a “network of networks”

We don’t want to throw away existing investment

Instead create a software architecture which allow us

 To keep using multiple, coexisting, different network technologies

 To provide ubiquitous connectivity through IP packet transfer
 To achieve huge economies of scale

Why TCP/IP? To provide universal communication services

To end-users

 independent of underlying network technologies

 Provide common interface to user applications

7
Why network model is necessary?

-Reduce complexity

-Standardize Interface

-Accelerated evaluation

-Simplify teaching learning

-easy to extend

-Ability to change services without affecting other components.

Describe Network protocols and standards (TCP/IP, OSI model)

Please Do not Touch Smit’s Pet Alligator

Physical layer: Deal with bits: 0101011110001, Cables, Hub

Data link layer : Deal with frame , MAC address, IP , TCP data , Trailer(FCS/Extra bit)

Network layer : deal with packet , IP, TCP data

Transport layer : deal with datagram/segment

Session layer : The session layer manages the establishment, control and termination of
communication between devices

Presentation Layer: Format, encryption, translation

Application layer : File transfers , e-mail, and remote login

8
What is peer to peer communication in TPC/IP layer?

Each layer of the network model uses its own specific protocol to communicate with the
corresponding layer in another system. These protocols exchange data units, known as Protocol
Data Units (PDUs), with their counterparts. For instance, in the TCP/IP model, the transport
layer communicates with its peer layer using segments in the case of TCP, or datagrams for
UDP.

In the TCP/IP model, peer-to-peer communication refers to the interaction between equivalent
layers on different networked devices. Each layer of the TCP/IP protocol stack (such as the
application, transport, or network layer) on one device communicates directly with the
corresponding layer on another device, using defined protocols and data units.

For example:

Application Layer: Web browsers and web servers communicate using HTTP, where the
application layers on both ends exchange HTTP requests and responses.

Transport Layer: TCP segments are exchanged between devices to ensure reliable data
transmission.

Network Layer: IP packets are routed from one device to another based on IP addresses.

9
In essence, each layer sends and receives data from its counterpart on another device, facilitating
end-to-end communication across the network.

What is Headers & Trailers?

 Each protocol uses a header that carries addresses, sequence numbers, flag bits, length
indicators, etc…
 CRC check bits may be appended for error detection

What is Connectionless & Connection-Oriented Services?

 Connection-Oriented
 Three-phases:
1. Connection setup between two peer entities to initialize state
information
2. Data transfer
3. Connection release
 TCP is a connection oriented protocol

 Connectionless
 Immediate transfer
 No connection setup
 E.g. UDP, IP

10
Some important information

 Telnet provides bi-directional byte-oriented communication facility

 Files can be transferred between different machines through FTP
 HTTP provides communications between web browsers & web servers
 PING can be used to determine if a host is reachable
 Traceroute helps to find route from local host to remote host
 ipconfig displays TCP/IP related information
 netstat shows TCP/IP network status

 Layers: related communications functions

 Application Layer: HTTP, DNS
 Transport Layer: TCP, UDP
 Network Layer: IP
 Services: a protocol provides a communications service to the layer above
 TCP provides connection-oriented reliable byte transfer service
 UDP provides best-effort datagram service
 Each layer builds on services of lower layers
 HTTP builds on top of TCP
 DNS builds on top of UDP
 TCP and UDP build on top of IP

What is Peer-to-peer (P2P) communication

What is Peer-to-peer (P2P) communication is a network where devices (peers) can both send and
receive data, without relying on a central server.

Peer-to-peer (P2P) communication refers to a network architecture where each device (or peer)
has equal privileges and can directly communicate with other devices without relying on a
central server. In this setup, peers can share resources, data, and services directly with each other.
This model is often used in file-sharing networks and decentralized systems.

Describe the steps of data encapsulation.

Step1: convert an email message into alphanumeric characters that can be used by
internetworking system. This is the data.

Step2: The message data change into the segment for transport on the internetworking system.

Step3: The data forms a packet or datagram.

Step4: Each networking device puts the packet into a frame.

Step5: The frame changes to a pattern of 1s and 0s for transmission on medium (wire)

Note: Alphanumeric->character->segment> packet->frame->0,1

11
 Chapter 2: Physical Layer

Transmission media (twisted pair, coaxial cable, fiber optics, wireless)

Twisted Pair Cable

Definition: Twisted pair cable consists of pairs of insulated copper wires twisted together. It is
widely used in telephone lines and local area networks (LANs). This twisting helps to reduce
electromagnetic interference (EMI).

Main Features:

 Copper wires twisted to reduce EMI and crosstalk

 Available in shielded (STP) and unshielded (UTP) forms
 Common types include Cat5e, Cat6, and Cat7

Advantages:

1. Cost-Effective: Relatively inexpensive and widely available.

2. Flexibility: Easy to install and flexible for various network setups.
3. Compatibility: Works with most existing network infrastructure and devices.
4. Noise Resistance: Twisting of wires reduces interference and crosstalk.

Disadvantages:

1. Limited Distance: Effective only for shorter distances compared to other cables.
2. Bandwidth Limitations: Lower bandwidth capacity than coaxial and optical fiber
cables.
3. Susceptibility to Interference: Despite the twisting, still vulnerable to EMI and RFI
(radio frequency interference).

Coaxial Cable

Definition: Coaxial cable is a type of electrical cable with an inner conductor surrounded by a
tubular insulating layer, a metallic shield, and an insulating outer layer. It is used for cable
television, internet connections, and other high-speed data communication.

Main Features:

 Central copper conductor

 Insulating layer and metallic shield
 Outer plastic insulation

12
Advantages:

1. High Bandwidth: Supports higher bandwidths than twisted pair cables.

2. Long Distance: Suitable for longer distance data transmission without significant signal
loss.
3. Shielding: Better protection against EMI due to the metallic shield.
4. Durability: Robust construction makes it durable and reliable.

Disadvantages:

1. Cost: More expensive than twisted pair cables.

2. Installation Difficulty: Bulkier and harder to install, requiring more care in handling.
3. Flexibility: Less flexible than twisted pair, making it less suitable for some installations.

Optical Fiber Cable

Definition: Optical fiber cable consists of thin strands of glass or plastic fibers that transmit data
as light signals. It is used for high-speed data transmission, long-distance communication, and
telecommunications networks.

Main Features:

 Core made of glass or plastic fibers

 Cladding to reflect light back into the core
 Protective outer layer

Advantages:

1. High Bandwidth: Provides extremely high bandwidth, supporting very high data transfer
rates.
2. Long Distance: Capable of transmitting data over much longer distances without
significant loss.
3. Immunity to EMI: Not susceptible to electromagnetic interference.
4. Security: More secure against eavesdropping since it doesn't radiate signals.

Disadvantages:

1. Cost: More expensive than both twisted pair and coaxial cables.
2. Installation: Requires specialized skills and equipment for installation and maintenance.
3. Fragility: Glass fibers are more fragile and can be easily damaged if mishandled.

13
Multimode Optical Fiber

Definition: Multimode optical fibers allow multiple light paths (modes) to propagate through the
core, each at a slightly different reflection angle.

Main Features:

 Core Size: Typically has a larger core diameter, usually around 50 to 62.5 micrometers.
 Light Source: Uses LEDs or laser diodes as light sources.
 Bandwidth and Distance: Generally supports shorter distances (up to 2 km) and lower
bandwidths compared to single-mode fibers. Modal dispersion, where different modes
travel at different speeds, limits the bandwidth and distance.

Applications:

 Commonly used in short-distance data and audio/video applications, such as within a

building or on a campus.
 Ideal for LANs and connections within data centers.

Advantages:

 Less expensive than single-mode fibers.

 Easier to connect and couple light into the fiber.
 Widely used in LANs and data centers.

Disadvantages:

 Higher modal dispersion leading to limited bandwidth over long distances.

 Lower bandwidth compared to single-mode fibers.
 Not suitable for long-distance communication.
 Limited transmission distance due to modal dispersion (signal distortion).

Single-Mode Optical Fiber

Definition: Single-mode optical fibers are designed to carry light directly down the fiber with no
internal reflections bouncing around in the core, transmitting only one mode or ray of light.

Main Features:

 Core Size: Has a very small core diameter, typically around 8 to 10 micrometers.
 Light Source: Uses laser diodes due to their narrow spectral width.
 Bandwidth and Distance: Offers higher bandwidth and can transmit data over much
longer distances (up to hundreds of kilometers) compared to multimode fiber due to
minimal modal dispersion.

14
Applications:

 Ideal for long-distance communication, high-speed data transmission, and applications

requiring high bandwidth and low signal loss.

Advantages:

 Higher bandwidth and longer transmission distances.

 Lower signal attenuation.
 Less susceptible to modal dispersion.

Disadvantages:

 More expensive than multimode fiber.

 Requires more precise connectors and laser light sources.
 More difficult to install.

Describe Signal encoding techniques

Digital Encoding Techniques

Definition: Digital encoding involves converting data into a binary format, which can be easily
interpreted by digital systems. It uses discrete signal levels to represent binary digits (0s and 1s).

Main Features:

 Uses discrete signal levels.

 Suitable for digital data.
 Commonly used in modern communication systems.

Types of Digital Encoding Techniques:

1. Non-Return to Zero (NRZ):

o Represents binary 1s and 0s with high and low voltage levels.
o NRZ-L (Level): Voltage level remains constant during the bit interval.
o NRZ-I (Inverted): Voltage level changes at the beginning of a bit interval for a
binary 1.
2. Manchester Encoding:
o Combines clock and data signals.
o Binary 0 is represented by a high-to-low transition, and binary 1 by a low-to-high
transition.

15
 o Ensures synchronization between the transmitter and receiver.
3. Differential Manchester Encoding:
o Similar to Manchester encoding but transitions occur at the middle of the bit
interval.
o Binary 0 is represented by no transition at the start of the interval, and binary 1 by
a transition.
4. 4B/5B Encoding:
o Maps groups of 4 bits to 5-bit sequences.
o Ensures sufficient transitions for clock synchronization.

Advantages:

1. Noise Resistance: More robust against noise and interference.

2. Error Detection: Easier to implement error detection and correction.
3. Synchronization: Methods like Manchester encoding provide better synchronization.

Disadvantages:

1. Bandwidth Requirements: Requires more bandwidth compared to analog signals.

2. Complexity: Encoding and decoding processes can be complex.
3. Signal Distortion: Longer transmission distances can cause signal distortion.

Analog Encoding Techniques

Definition: Analog encoding involves converting data into continuous signals that vary in
amplitude, frequency, or phase. It is used for transmitting analog data or converting digital data
into an analog format.

Main Features:

 Uses continuous signal variations.

 Suitable for analog data and media like radio and TV broadcasting.
 Can be used to modulate digital data.

Types of Analog Encoding Techniques:

1. Amplitude Modulation (AM):

o Varies the amplitude of the carrier signal in proportion to the data signal.
o Commonly used in radio broadcasting.
2. Frequency Modulation (FM):
o Varies the frequency of the carrier signal according to the data signal.
o Provides better noise immunity compared to AM.
o Used in FM radio and audio transmission.
3. Phase Modulation (PM):
o Varies the phase of the carrier signal based on the data signal.
o Less common but used in some communication systems.

16
Advantages:

1. Bandwidth Efficiency: More bandwidth-efficient for certain types of data.

2. Compatibility: Works well with existing analog infrastructure.
3. Simple Receivers: Analog receivers are often simpler and less expensive.

Disadvantages:

1. Noise Susceptibility: More susceptible to noise and interference.

2. Distortion: Signal distortion can occur over long distances.
3. Limited Data Rates: Lower data rates compared to digital encoding.

Describe Multiplexing and its type (frequency division, time division)

Multiplexing

Definition: Multiplexing is a technique used to combine multiple signals or data streams into one
signal over a shared medium, allowing for efficient utilization of resources and increasing the
capacity of communication channels.

Frequency Division Multiplexing (FDM)

Definition: FDM divides the bandwidth of a communication medium into multiple non-
overlapping frequency bands, each carrying a separate signal.

17
Main Features:

 Bandwidth Allocation: Each signal is assigned a unique frequency band.

 Simultaneous Transmission: All signals are transmitted simultaneously within their
assigned frequency bands.
 Analog Technique: Commonly used for analog signals.
 Equipment: Uses modulators and demodulators.

Applications:

 Radio and TV broadcasting.

 Telephone networks.
 Cable TV.

Advantages:

 Allows simultaneous transmission of multiple signals.

 Less susceptible to timing issues.
 Simple to implement for analog signals.

Disadvantages:

 Requires large bandwidth.

 Complex and expensive filters to prevent overlapping of frequency bands.
 Inefficient use of bandwidth due to guard bands.
 Susceptible to noise and interference.

Time Division Multiplexing (TDM)

Definition: TDM divides the time available on a communication channel into time slots, with
each slot assigned to a different signal.

18
Main Features:

 Time Slot Allocation: Each signal is assigned a specific time slot in a repeating
schedule.
 Sequential Transmission: Signals are transmitted sequentially in their assigned time
slots.
 Digital Technique: Commonly used for digital signals.
 Equipment: Uses multiplexers and de-multiplexers.

Applications:

 Digital telephony.
 Data communication networks.
 Satellite communication.

Advantages:

 Efficient use of bandwidth.

 Better noise immunity.
 Easier to implement with digital signals.

Disadvantages:

 Requires precise synchronization.

 Time delay can occur if many signals are multiplexed.
 More complex implementation than FDM.

Write short notes on switching techniques (circuit switching, packet switching)

Switching Techniques

Definition: Switching techniques are methods used to route data from a source to a destination
across a network. The primary switching techniques are circuit switching and packet switching.

Circuit Switching

Definition: Circuit switching is a method where a dedicated communication path (circuit) is

established between two endpoints for the duration of the communication session.

Main Features:

 Dedicated Path: A specific path is reserved for the entire duration of the communication.
 Continuous Transmission: Data is continuously transmitted over the dedicated path
without interruption.
 Setup and Teardown: Requires a connection setup phase before data transfer and a
teardown phase after data transfer.

19
  Connection-Oriented: Establishes a dedicated circuit for data transfer with fixed
bandwidth allocation.

Applications:

 Traditional telephone networks.

 ISDN (Integrated Services Digital Network).

Advantages:

 Consistent and predictable performance.

 Low latency once the circuit is established.
 Suitable for real-time applications like voice calls.
 Guaranteed bandwidth.

Disadvantages:

 Inefficient use of resources as the dedicated path is reserved even when no data is being
transmitted.
 Long setup time due to connection establishment.
 Not scalable for bursty or intermittent data traffic.

Packet Switching

Definition: Packet switching is a method where data is divided into smaller units called packets,
which are transmitted independently through the network to the destination, where they are
reassembled.

Main Features:

 Data Packets: Data is divided into packets, each with its own header containing routing
information.
 Shared Network Resources: Packets from multiple sources share the same network
resources.
 Dynamic Routing: Packets can take different paths to reach the destination.
 Connectionless: Does not require a dedicated path; packets are routed independently
with dynamic bandwidth allocation.

Applications:

 Internet and data networks.

 Local Area Networks (LANs).
 Most modern communication networks.

20
Advantages:

 Efficient use of network resources.

 More resilient to failures as packets can be rerouted.
 Scalable for varying traffic loads and types.
 Error recovery mechanisms.

Disadvantages:

 Variable latency due to packet queuing and routing.

 Potential for packet loss, requiring retransmission mechanisms.
 Higher complexity in network management and error handling.

Write short notes on Network devices (hubs, repeaters)

Both hubs and repeaters are basic networking devices that operate at the physical layer (Layer 1)
of the OSI model. However, they serve different purposes:

Hubs

 Function: Connect multiple devices in a network, allowing them to communicate.

 Operation: Broadcasts data packets received from any device to all connected devices.
 Advantages: Simple and inexpensive to set up.
 Disadvantages:
o Inefficient: Broadcasts create network congestion, especially with many devices.
o Collisions: Multiple devices attempting to send data simultaneously can cause
collisions, further reducing performance.
o Limited Security: All data is visible to all devices on the network.

Repeaters

 Function: Amplify and regenerate weak or degraded signals to extend the reach of a
network.
 Operation: Receives a signal, amplifies it, and transmits it to the next network segment.
 Advantages:
o Improves signal quality over long distances.
o Extends the network reach beyond the limitations of the cable type.
 Disadvantages:
o Does not improve network performance: Repeaters simply amplify existing
signals, including noise.
o Can introduce signal distortion: Repeated amplification can degrade the signal
quality.
o Complex network design: Overuse of repeaters can make troubleshooting and
managing the network difficult.

21
 Chapter 3: Data Link Layer

Write short notes on error detection and correction techniques (checksum, CRC)

Checksum

 Definition: A checksum is a simple error-detection method where data is divided into

fixed-size blocks, summed up using binary addition, and the result (checksum) is
appended to the data.
 Functionality:
o Sender Side: The sender divides the data into segments, adds the segments using
one's complement arithmetic, complements the sum, and appends the result to the
data.
o Receiver Side: The receiver recalculates the checksum of the received data
blocks and compares it with the transmitted checksum. If the checksums match,
the data is considered error-free; otherwise, errors are detected.
 Applications:
o Used in various network protocols (e.g., TCP/IP) to ensure data integrity.
o Commonly used in file transfer and storage systems to detect data corruption.
 Advantages:
o Simple to implement.
 Limitations:
o Can detect single-bit errors and simple burst errors but may not detect more
complex error patterns.
o Only detects errors and does not provide a mechanism for correcting them.

Cyclic Redundancy Check (CRC)

 Definition: CRC is a more sophisticated error-detection technique that uses polynomial

division to detect changes to raw data. It is widely used in digital networks and storage
devices.
 Functionality:
o Sender Side: The sender treats the data as a polynomial and divides it by a
predetermined generator polynomial. The remainder of this division (CRC code)
is appended to the data.
o Receiver Side: The receiver divides the received data (including the CRC code)
by the same generator polynomial. If the remainder is zero, the data is considered
error-free; otherwise, errors are detected.
 Applications:
o Used in data link layer protocols (e.g., Ethernet, Wi-Fi) for error detection.
o Employed in storage devices (e.g., hard drives, SSDs) to ensure data integrity.
 Advantages:
o More effective at detecting burst errors and complex error patterns compared to
simple checksums.

22
 o Provides strong error detection with relatively low computational overhead.
 Limitations:
o Like checksums, CRC only detects errors and does not provide a direct
mechanism for correcting them.
o The calculation of CRC is more complex than that of checksums, requiring
polynomial arithmetic.

What is Media Access Control (MAC) addressing? What are the difference between IP
address and MAC address?

Media Access Control (MAC) Addressing

Definition: A Media Access Control (MAC) address is a unique identifier assigned to a network
interface card (NIC) for communication at the data link layer (Layer 2) of the OSI model. It is a
hardware address that is burned into the NIC by the manufacturer.

Format: Typically represented as a 48-bit (6-byte) hexadecimal number, often formatted as six
pairs of hex digits separated by colons (e.g., 00:1A:2B:3C:4D:5E).

Function: Used for local network communication within a subnet to ensure data packets are
delivered to the correct physical device.

A MAC address is a permanent, hardware-level address used for local network communication,
while an IP address is a temporary, logical address used for identifying devices across networks
globally.

Differences between IP Address and MAC Address

1. Layer of Operation:
o MAC Address: Operates at the Data Link Layer (Layer 2) of the OSI model.
o IP Address: Operates at the Network Layer (Layer 3) of the OSI model.
2. Permanence:
o MAC Address: Static and assigned by the hardware manufacturer; unique to each
device.
o IP Address: Dynamic and can be assigned by a network administrator or DHCP
server; can change based on network configuration.
3. Scope of Use:
o MAC Address: Used for local network communication within a LAN.
o IP Address: Used for global network communication, routing packets across
different networks.

23
 4. Address Format:
o MAC Address: 48-bit hexadecimal format (e.g., 00:1A:2B:3C:4D:5E).
o IP Address: IPv4 uses a 32-bit format (e.g., 192.168.1.1), while IPv6 uses a 128-
bit format (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).
5. Assignment:
o MAC Address: Assigned by the NIC manufacturer and is unique to each
hardware device.
o IP Address: Assigned by the network administrator or dynamically via DHCP;
can be public or private.

What is Flow control and error control mechanisms in computer network?

Flow Control and Error Control Mechanisms in Computer Networks

Flow Control: Manages data transmission rates to prevent buffer overflow and ensure smooth
communication between sender and receiver.

Error Control: Detects and corrects errors in data transmission to maintain data integrity and
accuracy.

Flow Control

Definition: Flow control is a technique used in computer networks to manage the rate of data
transmission between sender and receiver to prevent overwhelming the receiver with too much
data at once.

Purpose: Ensures that the sender does not send data faster than the receiver can process,
avoiding buffer overflow and ensuring smooth data transfer.

Mechanisms:

1. Stop-and-Wait:
o The sender transmits a single data packet and waits for an acknowledgment
(ACK) before sending the next packet.
o Simple but can be inefficient for high-latency links due to idle time while waiting
for ACKs.
2. Sliding Window:
o The sender can send multiple packets before needing an acknowledgment, with a
sliding window determining how many packets can be in transit.
o More efficient than Stop-and-Wait as it allows multiple packets to be sent and
acknowledged in batches.

24
 3. Flow Control Protocols:
o TCP (Transmission Control Protocol): Uses a sliding window mechanism to
manage flow control and ensure data is sent at a rate that the receiver can handle.
o XON/XOFF: A software-based flow control method where the receiver sends
signals (XON/XOFF) to control data transmission.

Error Control

Definition: Error control is a technique used to detect and correct errors that occur during data
transmission to ensure the accuracy and integrity of the transmitted data.

Purpose: Ensures that data is transmitted correctly and any errors introduced during transmission
are detected and corrected.

Mechanisms:

1. Error Detection:
o Checksum: Adds a calculated value to data to detect errors. The receiver
recalculates the checksum and compares it with the received checksum.
o Cyclic Redundancy Check (CRC): Uses polynomial division to detect changes
or errors in the data, offering a higher level of error detection capability.
2. Error Correction:
o Automatic Repeat reQuest (ARQ): Requests the retransmission of data if errors
are detected. Types include:
 Stop-and-Wait ARQ: The sender waits for an acknowledgment of each
packet before sending the next.
 Go-Back-N ARQ: The sender retransmits all packets from a specific point
if an error is detected.
 Selective Repeat ARQ: The sender retransmits only the specific
erroneous packets.
o Forward Error Correction (FEC): Uses redundancy in data to detect and
correct errors without needing retransmission. Examples include Hamming codes
and Reed-Solomon codes.

Write short notes on switch and bridge.

Switches

 Definition: A switch is a network device that connects multiple devices on a network.

 Operation: Operates at the data link layer (Layer 2) of the OSI model.
 Functionality:
o Learns MAC addresses of connected devices.
o Forwards data frames only to the intended recipient based on MAC addresses.
o Creates multiple collision domains.

25
  Advantages:
o Improves network performance by reducing collisions.
o Efficiently handles network traffic.
o Supports higher bandwidth and more devices than hubs.
 Disadvantages: More complex and expensive than hubs.

Bridges

 Definition: A bridge is a network device that connects two or more LAN segments.
 Operation: Operates at the data link layer (Layer 2) of the OSI model.
 Functionality:
o Learns MAC addresses of devices on connected segments.
o Filters and forwards data frames between segments based on MAC addresses.
o Reduces broadcast traffic.
 Advantages:
o Improves network performance by reducing collisions.
o Extends network size.
 Disadvantages:
o Less efficient than switches for larger networks.
o More complex than hubs.

Write short notes on Ethernet and its variants.

Definition: Ethernet is a networking standard for connecting devices in a local area network
(LAN). It operates at both the Physical and Data Link layers of the OSI model. Ethernet provides
a reliable and efficient method for connecting devices within a LAN, allowing for high-speed
data transfer and communication.

Key Features:

 Data Transmission: Ethernet transmits data in frames, which contain source and
destination MAC addresses, payload data, and error-checking information.
 Medium Access: Employs Carrier Sense Multiple Access with Collision Detection
(CSMA/CD) to regulate access to the shared network medium.
 Physical Medium: Typically uses twisted-pair copper cables (e.g., Cat5e, Cat6) or fiber
optic cables.
 Speed and Standards: Offers various speeds and standards (e.g., 10BASE-T, 100BASE-
TX, Gigabit Ethernet, 10 Gigabit Ethernet) to accommodate different network
requirements.

26
Advantages:

Widely adopted and supported.

Relatively inexpensive.

Easy to install and configure.

Offers various speeds to meet different network needs.

Disadvantages:

Susceptible to interference and noise.

Limited distance compared to fiber optics.

Shared medium can lead to collisions (in older Ethernet versions).

Ethernet Variants:

10BASE-T: Uses twisted-pair cabling, offers 10 Mbps speed.

100BASE-TX: Uses twisted-pair cabling, offers 100 Mbps speed.

1000BASE-T: Uses twisted-pair cabling, offers 1 Gbps speed (Gigabit Ethernet).

10GBASE-T: Uses twisted-pair cabling, offers 10 Gbps speed (10 Gigabit Ethernet).

Fiber Channel Ethernet (FCoE): Encapsulates Fibre Channel frames over Ethernet
networks.

Ethernet over Copper (EoC): Transmits Ethernet data over coaxial cable.

Power over Ethernet (PoE): Provides power to network devices through Ethernet cables.

What is PDU (Protocol Data Unit)?

A Protocol Data Unit (PDU) is a term used in computer networking to describe a unit of data that
is transmitted across a network at various layers of the OSI model. Each layer of the OSI model
has its own format and definition for the PDU, reflecting the type of data and control information
specific to that layer.

In essence, PDUs are the building blocks of network communication, ensuring data is formatted
and transmitted correctly between different network devices.

27
Each layer of the OSI model has its own PDU, with specific format and content.

PDU contains both user data and protocol-specific control information.

As data moves down the layers, new header information is added to the PDU.

The names for PDUs vary by layer:

Physical Layer: Bits

Data Link Layer: Frame

Network Layer: Packet

Transport Layer: Segment or Datagram

Session Layer: Data

Presentation Layer: Data

Application Layer: Data

28
Example: A web page request starts as data at the Application layer. As it moves down the
layers, it becomes a segment at the Transport layer, a packet at the Network layer, and finally a
frame at the Data Link layer before being transmitted as bits over the physical medium.

What is ISDN?

ISDN is a digital communication standard providing high-quality, simultaneous voice, data, and
video services over a single line. While it was a significant advancement over analog systems, its
use has diminished with the advent of newer, more cost-effective technologies.

Definition: Integrated Services Digital Network (ISDN) is a set of standards for digital
transmission over telephone networks, providing simultaneous voice, data, and video services
over a single line. It was developed to improve the quality and capabilities of traditional analog
telephone networks.

Key Features:

 Digital Transmission: Provides end-to-end digital connectivity, which offers higher

quality and faster speeds compared to analog systems.
 Simultaneous Services: Capable of transmitting voice, data, and video simultaneously,
making it versatile for various applications.
 Standardized Interfaces: Defines standardized interfaces and protocols for digital
communication, ensuring compatibility across different equipment and networks.

Types of ISDN:

1. Basic Rate Interface (BRI):

o Structure: Consists of two 64 kbps B-channels (for data and voice) and one 16
kbps D-channel (for signaling and control).
o Usage: Commonly used for small businesses and residential applications,
supporting up to two simultaneous voice or data channels.
2. Primary Rate Interface (PRI):
o Structure: Typically consists of 23 (in North America) or 30 (in Europe) 64 kbps
B-channels and one 64 kbps D-channel.
o Usage: Used by larger organizations and businesses requiring multiple
simultaneous connections, such as for telephony and high-speed data transfer.

Advantages:

 High Quality: Digital transmission provides better quality and reliability compared to
analog lines.
 Multiple Services: Supports simultaneous voice, data, and video communications.
 Predictable Performance: Offers predictable performance with guaranteed bandwidth
and low latency.

29
Disadvantages:

 Cost: ISDN services can be expensive compared to modern alternatives like broadband
and VoIP.
 Limited Bandwidth: Although faster than analog, ISDN offers lower bandwidth
compared to contemporary high-speed technologies such as DSL or fiber optics.
 Decline in Usage: With the rise of more advanced technologies like VoIP and fiber-optic
networks, the use of ISDN has declined.

What is ARP?

ARP is essential for translating IP addresses into MAC addresses, ensuring that data packets are
delivered to the correct physical device on a LAN.

Address Resolution Protocol (ARP) is a network protocol used to map an IP address to a MAC
address in a local area network (LAN).

Functionality:

 Purpose: Enables devices on a LAN to discover the hardware address (MAC address)
associated with a given IP address, allowing for proper packet delivery at the Data Link
Layer.
 Process:
o Request: A device sends an ARP request packet onto the network asking, "Who
has IP address X.X.X.X? Tell me your MAC address."
o Response: The device with the specified IP address replies with an ARP response
packet, providing its MAC address.
 Cache: Devices store ARP information in an ARP cache to avoid repeated lookups,
speeding up communication.

What is X.25?

X.25 is an early packet-switching protocol standard for wide area networks (WANs) developed
by the International Telecommunication Union (ITU).

X.25 is a protocol standard for packet-switched networks that ensures reliable data transmission
through error handling and virtual circuit management. It has been largely superseded by newer
technologies like Frame Relay and Internet Protocol (IP).

Key Features:

 Packet-Switched Network: Divides data into packets for efficient and reliable
transmission over a network.

30
  Error Detection and Correction: Provides built-in mechanisms for error checking and
correction, ensuring reliable data transfer.
 Virtual Circuits: Supports the creation of virtual circuits that establish a logical
connection between devices, allowing for consistent communication paths.

What is CSMA/CD and CSMA/CA?

CSMA/CD: Manages collision detection and recovery in wired Ethernet networks.

CSMA/CA: Avoids collisions by reserving the channel in wireless networks.

CSMA/CD (Carrier Sense Multiple Access with Collision Detection) and CSMA/CA
(Carrier Sense Multiple Access with Collision Avoidance) are network protocols used to
manage access to a shared communication medium.

CSMA/CD

 Purpose: Used to control access to the network medium in Ethernet networks to avoid
and handle data collisions.
 Process:

31
 o Carrier Sense: Devices listen to the network to detect if it is free before
transmitting.
o Collision Detection: If a collision is detected during transmission, devices stop
sending data, wait for a random time, and then attempt to resend.
 Usage: Primarily used in traditional Ethernet networks (e.g., 10BASE-T, 100BASE-TX).

CSMA/CA

 Purpose: Used to avoid collisions in wireless networks (e.g., Wi-Fi) where collision
detection is difficult due to the nature of the wireless medium.
 Process:
o Carrier Sense: Devices listen to the channel to check if it is clear before
transmitting.
o Collision Avoidance: Uses techniques like the Request to Send (RTS) and Clear
to Send (CTS) signals to reserve the channel before actual data transmission,
minimizing collision chances.
 Usage: Commonly used in wireless networks (e.g., IEEE 802.11 Wi-Fi).

What is VLAN?

VLAN (Virtual Local Area Network) is a network configuration that allows multiple logically
segmented networks to coexist on a single physical network infrastructure.

VLANs provide a way to segment and manage network traffic logically, improving performance
and security within a single physical network.

Key Features:

 Segmentation: Groups devices into separate broadcast domains regardless of their

physical location, enhancing network efficiency and security.
 Flexibility: Devices can be assigned to VLANs based on logical criteria (e.g.,
department, function) rather than physical location.
 Isolation: Limits broadcast traffic to within each VLAN, reducing network congestion
and improving performance.

Usage:

 Network Management: Simplifies network management and improves security by

isolating different types of traffic and users.
 Security: Enhances security by isolating sensitive data or devices within specific
VLANs.

32
What are the difference between hub and switch?

Hub: Broadcasts data to all connected devices, leading to potential collisions and inefficient
use of bandwidth.
Switch: Directs data to specific devices, improving network efficiency and reducing
collisions by creating separate collision domains.

Write short notes on Error detection and correction.

 Error Detection: Identifies errors in data transmission or storage using methods like
parity checks, checksums, and CRC.
 Error Correction: Corrects errors using techniques like ARQ and FEC, enhancing data
reliability and reducing the need for retransmission.

Error Detection:

 Purpose: To identify errors that occur during data transmission or storage.

 Techniques:
o Parity Check: Adds an extra bit to data to make the number of 1s either even
(even parity) or odd (odd parity). Errors are detected if the parity does not match.
o Checksum: Computes a value based on data and includes it with the transmitted
data. The receiver recalculates the checksum and compares it to detect errors.
o Cyclic Redundancy Check (CRC): Uses polynomial division to compute a
checksum that can detect a wide range of errors. The receiver performs the same
calculation to verify data integrity.

Error Correction:

 Purpose: To identify and correct errors without needing retransmission.

 Techniques:
o Automatic Repeat reQuest (ARQ): Requests retransmission of data if errors are
detected. Common types include Stop-and-Wait, Go-Back-N, and Selective
Repeat.
o Forward Error Correction (FEC): Adds redundant data to the original data so
that errors can be corrected at the receiver without retransmission. Examples
include Hamming codes and Reed-Solomon codes.

33
Write short notes on Data link protocols (Ethernet, PPP)

Ethernet: A widely used protocol for local area networks, defining frame structure and
managing access using CSMA/CD.

PPP: A protocol for establishing and managing direct connections between two nodes,
supporting error detection and encapsulation of network layer protocols.

1. Ethernet

 Definition: Ethernet is a widely used networking technology that operates at the Data
Link Layer (Layer 2) of the OSI model. It specifies the format of data packets and how
they are transmitted over a physical network.
 Key Features:
o Frame Structure: Ethernet uses frames to encapsulate data, including fields for
source and destination MAC addresses, payload, and error-checking.
o Collision Detection: Utilizes Carrier Sense Multiple Access with Collision
Detection (CSMA/CD) to manage network access and handle collisions in
traditional wired networks.
o Variants: Includes various standards for different speeds and mediums, such as
10BASE-T, 100BASE-TX (Fast Ethernet), 1000BASE-T (Gigabit Ethernet), and
10GBASE-T.
o Usage: Commonly used in wired LANs for both home and enterprise networks.

2. Point-to-Point Protocol (PPP)

 Definition: PPP is a data link layer protocol used to establish a direct connection between
two network nodes. It is commonly used for establishing and managing network
connections over serial links.
 Key Features:
o Frame Structure: PPP frames include fields for addressing, control, and protocol
identification, along with data.
o Error Detection: Incorporates error detection using a Frame Check Sequence
(FCS) to ensure data integrity.
o Negotiation: Supports link establishment, authentication, and configuration
through negotiation processes, such as Link Control Protocol (LCP) and Network
Control Protocol (NCP).
o Encapsulation: Can encapsulate various network layer protocols (e.g., IP, IPv6)
for transmission over the point-to-point connection.
o Usage: Commonly used in dial-up connections, DSL, and VPNs for establishing
point-to-point network links.

34
 Chapter 4: Network Layer

What is IP address (IPv4, IPv6)

IPv4

Internet Protocol version 4

32-bit address length

Dotted decimal notation (e.g., 192.168.1.1)

Limited address space (running out)

Less secure

Widely deployed but being phased out

IPv6

Internet Protocol version 6

128-bit address length

Hexadecimal notation (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334)

Vast address space

Built-in security (IPsec)

Gradually being adopted

35
What is class A, B and C of IP address?

Class A IP Addresses

 Range: 0.0.0.0 to 127.255.255.255

 Subnet Mask: 255.0.0.0
 Number of Networks: 128
 Hosts per Network: ~16 million (2^24 - 2)
 First Octet Range: 0 to 127
 Usage: Designed for very large networks, such as those managed by large organizations
or ISPs.

Class B IP Addresses

 Range: 128.0.0.0 to 191.255.255.255

 Subnet Mask: 255.255.0.0
 Number of Networks: 16,384
 Hosts per Network: ~65,000 (2^16 - 2)
 First Octet Range: 128 to 191
 Usage: Suitable for medium-sized networks, such as those used by universities and large
businesses.

Class C IP Addresses

 Range: 192.0.0.0 to 223.255.255.255

 Subnet Mask: 255.255.255.0
 Number of Networks: 2,097,152
 Hosts per Network: 254 (2^8 - 2)
 First Octet Range: 192 to 223

36
  Usage: Ideal for small networks, such as those used by small businesses and home
networks.

In summary, Class A, B, and C IP addresses are designed to allocate different sizes of address
spaces suitable for large, medium, and small networks, respectively.

Topic# 2

IP Address Classes: A, B, and C

IPv4 addresses were originally divided into classes based on the first octet (byte) of the address.
This method, known as classful addressing, is now largely obsolete due to the introduction of
classless inter-domain routing (CIDR). However, understanding these classes can still be helpful
for networking concepts.

Class A

Address range: 1.0.0.0 to 127.255.255.255

Default subnet mask: 255.0.0.0

Number of networks: 126

Maximum hosts per network: 16,777,214

Used for: Large networks

Class B

Address range: 128.0.0.0 to 191.255.255.255

Default subnet mask: 255.255.0.0

Number of networks: 16,384

Maximum hosts per network: 65,534

Used for: Medium-sized networks

Class C

Address range: 192.0.0.0 to 223.255.255.255

37
Default subnet mask: 255.255.255.0

Number of networks: 2,097,152

Maximum hosts per network: 254

Used for: Small networks

Note:

The first octet of the IP address determines the class.

The default subnet mask is used to divide the IP address into a network portion and a host
portion.

Class D and E addresses exist but are used for specific purposes (multicasting and
experimental, respectively) and are not commonly used.

Why Classful Addressing is Obsolete:

It was inefficient in allocating IP addresses.

It limited network growth and flexibility.

CIDR provides a more flexible and efficient way to allocate IP addresses.

What is the default netmask of IP 198.0.46.210 ?

Here's a summary of the default netmask and broadcast addresses for different classes of IP
addresses:

Default Netmask of IP 198.0.46.210:

o The IP address 198.0.46.210 belongs to Class C.

o Default Netmask for Class C: 255.255.255.0

38
What is the broadcast address of class A?

Broadcast Addresses:

Class A: The default subnet mask for Class A is 255.0.0.0. The broadcast address is determined
by setting all host bits to 1.

Example for Class A network 10.0.0.0/8:

Broadcast Address: 10.255.255.255

What is the broadcast address of class B?

Class B: The default subnet mask for Class B is 255.255.0.0. The broadcast address is
determined by setting all host bits to 1.

Example for Class B network 172.16.0.0/16:

Broadcast Address: 172.16.255.255

What is the broadcast address of class C?

Class C: The default subnet mask for Class C is 255.255.255.0. The broadcast address is
determined by setting all host bits to 1.

Example for Class C network 192.168.1.0/24:

Broadcast Address: 192.168.1.255

Identify the class and parts of IP address: (also determine broadcast address, network
address, subnet mask of host)

a) 151.29.6.3

b) 201.79.5.5/7

IP Address Analysis

a) 151.29.6.3

Class: Class B (First octet is between 128 and 191)

39
Parts:

Network ID: 151.29

Host ID: 6.3

Subnet Mask (default): 255.255.0.0 (Assuming no subnetting)

Network Address: 151.29.0.0

Broadcast Address: 151.29.255.255

Note: To determine the exact subnet mask, network, and broadcast addresses, you would need
the subnet mask or CIDR notation.

b) 201.79.5.5/7

Class: Class C (Based on the first octet, but this is irrelevant in CIDR notation)

CIDR Notation: The /7 indicates that the first 7 bits of the IP address are the network portion,
and the remaining 25 bits are the host portion.

Subnet Mask: 255.128.0.0 (Calculated from the CIDR notation)

Parts:

Network ID: 201.64.0.0 (Calculated by ANDing the IP address with the subnet mask)

Host ID: 15.5.5.5 (Calculated by subtracting the network ID from the IP address)

Broadcast Address: 201.127.255.255 (Calculated by inverting the subnet mask and ORing it with
the network address)

Note: In CIDR notation, the class of the IP address is less relevant, as the subnet mask explicitly
defines the network and host portions.

40
Topic 2:

Here's the detailed analysis for each IP address:

a) IP Address: 151.29.6.3

1. Class:
o IP address 151.29.6.3 is a Class B address.
o Class B IP addresses range from 128.0.0.0 to 191.255.255.255.
2. Parts of the IP Address:
o Network Portion: The first 16 bits (e.g., 151.29).
o Host Portion: The last 16 bits (e.g., 6.3).
3. Subnet Mask:
o Default subnet mask for Class B: 255.255.0.0.
4. Network Address:
o Network Address: 151.29.0.0 (derived by setting the host portion to all 0s).
5. Broadcast Address:
o Broadcast Address: 151.29.255.255 (derived by setting the host portion to all
1s).

b) IP Address: 201.79.5.5/7

1. Class:
o IP address 201.79.5.5 is a Class C address.
o Class C IP addresses range from 192.0.0.0 to 223.255.255.255.
2. Parts of the IP Address:
o Network Portion: The first 7 bits of the IP address are the network portion (due
to /7 subnet mask).
o Host Portion: The remaining bits are for hosts.
3. Subnet Mask:
o Subnet Mask: /7 translates to 255.128.0.0.
4. Network Address:
o To find the network address, apply the subnet mask to the IP address:
 IP address in binary: 11001001.01001111.00000101.00000101
 Subnet mask in binary: 11111111.10000000.00000000.00000000
 Network address in binary: 11000000.00000000.00000000.00000000
 Network Address: 200.0.0.0 (the nearest network address that fits within
the /7 range).
5. Broadcast Address:
o To find the broadcast address, set all host bits to 1:
 Broadcast address in binary: 11000111.01111111.11111111.11111111
 Broadcast Address: 207.255.255.255

41
What is Subnetting and supernetting?

Subnetting breaks down a larger network into smaller sub-networks for better management and
efficiency, while supernetting combines smaller networks into a larger one to simplify routing
and improve performance.

Subnetting

 Definition: The process of dividing a larger network into smaller, more manageable sub-
networks, called subnets.
 Purpose: Enhances network performance and security, reduces broadcast traffic, and
simplifies management.
 Example: Dividing a Class B network (e.g., 172.16.0.0/16) into smaller subnets (e.g.,
172.16.0.0/24, 172.16.1.0/24).
 Benefit: Each subnet can operate independently, allowing for more efficient use of IP
addresses within an organization.

Supernetting

 Definition: The process of combining multiple smaller networks into a larger network,
called a supernet.
 Purpose: Reduces the size of routing tables by aggregating routes, which improves
routing efficiency.
 Example: Combining several Class C networks (e.g., 192.168.1.0/24, 192.168.2.0/24)
into a single network (e.g., 192.168.0.0/22).
 Benefit: Simplifies network management and reduces the number of entries in routing
tables, which can enhance network performance.

What are the differences between Routing Protocols and Routed Protocols?

Routed protocol defines how to follow the route (used by computer) .

Routing protocol defines the route or by router.

Routed Protocol vs. Routing Protocol

Routed Protocol:

 Definition: A protocol that carries data traffic. It defines how packets are transported
from one network to another.

42
  Example: IP (Internet Protocol), which includes IPv4 and IPv6.
 Function: Used by devices to encapsulate and send data across a network.

Routing Protocol:

 Definition: A protocol that determines the best path for data to travel across a network.
 Example: OSPF (Open Shortest Path First), BGP (Border Gateway Protocol), EIGRP
(Enhanced Interior Gateway Routing Protocol).
 Function: Used by routers to discover and maintain routes in a network.

Revised Version

 Routed Protocol: Defines how data packets are transmitted across the network.
 Routing Protocol: Determines the best path for data to travel through the network, used
by routers to establish and maintain routing tables.

What is Internet Control Message Protocol (ICMP)?

ICMP is a network layer protocol used for error reporting and diagnostic information between
network devices. It helps in troubleshooting network issues and providing feedback about the
success or failure of data transmission.

Key Functions of ICMP:

Error Reporting: Informs the sender about issues encountered during data transmission, such as
destination unreachable, time exceeded, or parameter problem.

Diagnostic Information: Provides information about network conditions, such as ping (echo
request/reply) to check network reachability.

Network Management: Supports network management tasks like router discovery and
redirection.

What is ping command?

Ping is a network tool that tests connectivity to a device by sending data packets and waiting for
a response. It helps determine if a device is reachable on the network.

Function: Sends ICMP Echo Request messages to the target host and waits for ICMP Echo
Reply messages.
Usage: Commonly used to diagnose network connectivity issues and measure round-trip time
for messages sent to a host.

Example: ping 192.168.1.1 to check if the host with IP address 192.168.1.1 is reachable.

43
What are the Routing algorithms?

Routing algorithms in computer networking are methods used to determine the best path for data
to travel from a source to a destination across a network. These algorithms play a crucial role in
ensuring efficient and reliable communication in networks, especially in large and complex ones
like the internet. Here are some common routing algorithms:

1. Distance Vector Routing:

o RIP (Routing Information Protocol): Uses the distance vector algorithm where
routers exchange information with their immediate neighbors to update routing
tables. The metric used is hop count.
2. Link State Routing:
o OSPF (Open Shortest Path First): Uses the link-state algorithm where routers
maintain a map of the network and compute the shortest path using Dijkstra's
algorithm. It is suitable for large networks.
o IS-IS (Intermediate System to Intermediate System): Similar to OSPF, it uses
link-state information to determine the best path. It's used primarily in large
service provider networks.
3. Path Vector Routing:
o BGP (Border Gateway Protocol): Uses the path vector algorithm and is
essential for inter-domain routing on the internet. It maintains the path
information that gets updated dynamically as the network topology changes.
4. Hybrid Routing:
o EIGRP (Enhanced Interior Gateway Routing Protocol): Combines features of
distance vector and link-state protocols. It uses a composite metric based on
bandwidth, delay, load, and reliability to calculate the best path.
5. Flooding:
o A simple method where every incoming packet is sent out on every outgoing line
except the one it arrived on. While not efficient, it's guaranteed to find the shortest
path if one exists.
6. Hierarchical Routing:
o In large networks, it divides the network into hierarchical regions to simplify
routing and reduce the size of routing tables.
7. Adaptive Routing:
o Adapts to changes in the network topology or traffic patterns. It continuously
adjusts the routes based on real-time network conditions.
8. Non-Adaptive Routing:
o Also known as static routing, where routes are fixed and do not change in
response to network conditions.

44
Topic 2

Routing algorithms are the brains behind how data packets travel across networks. They
determine the best path for data to reach its destination, considering factors like network
congestion, link reliability, and overall efficiency.

How do they work?

Routing algorithms essentially create a map of the network, assigning costs to different paths
based on various metrics. These metrics can include:

Hop count: The number of routers a packet must traverse.

Bandwidth: The amount of data that can be transmitted per unit of time.

Latency: The time it takes for a packet to travel from one point to another.

Reliability: The likelihood of a link or router failing.

Cost: A general term encompassing various factors.

Based on these metrics, the algorithm calculates the "best" path and updates the routing table
accordingly.

Types of Routing Algorithms

1. Static Routing

Manual configuration: Network administrator manually sets up routes.

No dynamic updates: Routes remain unchanged unless manually modified.

Simple and secure: Less complex but less adaptable to network changes.

45
2. Dynamic Routing

Automatic updates: Routers exchange routing information with each other.

Adapts to network changes: Routes are adjusted based on network conditions.

Complex but efficient: Offers better performance and fault tolerance.

Examples of Dynamic Routing Protocols:

RIP (Routing Information Protocol): A distance-vector protocol that uses hop count as a metric.

OSPF (Open Shortest Path First): A link-state protocol that calculates the shortest path using
Dijkstra's algorithm.

BGP (Border Gateway Protocol): Used for routing between autonomous systems on the
internet.

Key Considerations

Efficiency: The algorithm should find the optimal path quickly.

Scalability: It should work well in large networks.

Robustness: It should handle network failures gracefully.

Security: It should protect against routing attacks.

Write short notes on Network devices (routers)

Routers are network devices that connect multiple computer networks. They function as traffic
managers, forwarding data packets between networks based on their destination IP addresses.

Key Functions:

Packet Forwarding: Examines the destination IP address of incoming packets and determines the
best path to forward them.

Network Addressing: Manages IP addresses within connected networks.

46
Routing Table: Stores information about network connections and available routes.

Network Segmentation: Divides a network into smaller subnets for better management and
efficiency.

Connection Sharing: Allows multiple devices to share a single internet connection.

Components:

Processor: Handles routing calculations and packet processing.

Memory: Stores routing tables and configuration data.

Interfaces: Physical connections for connecting to other networks.

Software: Operating system and routing protocols.

What is Routing Protocols?

Routers use routing protocols to exchange network information and determine the best paths for
data transmission. Examples include:

RIP (Routing Information Protocol): Distance-vector protocol based on hop count.

OSPF (Open Shortest Path First): Link-state protocol using Dijkstra's algorithm.

BGP (Border Gateway Protocol): Used for routing between autonomous systems on the
internet.

What CIDR?

CIDR (Classless Inter-Domain Routing)

CIDR is a method of allocating IP addresses and routing information more efficiently than the
older classful addressing system. Closely related to subnetting, CIDR is essential for modern
network design, allowing for more flexible and efficient use of IP address space and improved
routing efficiency.

47
Key points:

Uses a slash notation (e.g., 192.168.1.0/24) to indicate the number of bits for the network
prefix.

Allows flexible subnet sizes.

Reduces routing table size.

Helps conserve IP addresses.

Essentially, CIDR provides a more efficient way to manage IP addresses on the internet.

48
Chapter 5: Transport Layer

What is 3 way hand shaking?

1) Packet sent

2) ACK

3) Window resizing

What is End-to-end communication?

End-to-end communication refers to the direct transfer of data between two devices across a
network without intermediary interference, ensuring privacy and security as only the intended
parties can access the information.

Connection-oriented and connectionless services

What is TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)

 TCP (Transmission Control Protocol): Provides reliable, connection-oriented

communication, ensuring data delivery in order and without errors.
 UDP (User Datagram Protocol): Offers connectionless, unreliable data delivery,
prioritizing speed over reliability.

These protocols handle end-to-end communication between applications on different hosts.

49
What is the TCP frame format?

A TCP segment consists of:

Header: Contains control information like source and destination ports, sequence and
acknowledgment numbers, flags, window size, checksum, options, etc.

Data: The actual data being transmitted.

Key fields in the TCP header:

Source Port: Identifies the sending application.

Destination Port: Identifies the receiving application.

Sequence Number: Indicates the starting byte number of the data.

Acknowledgment Number: Acknowledges the receipt of data up to a specific byte.

Flags: Control the connection (SYN, ACK, FIN, RST, PSH, URG).

Window Size: Specifies the amount of data the receiver can accept.

Checksum: Error detection mechanism.

Options: Optional fields for specific functionalities.

50
Write short notes on Congestion control and flow control

Congestion Control

Definition:

 Congestion control refers to techniques and mechanisms used to prevent network

congestion, ensuring efficient data transfer and network stability.

Purpose:

 To avoid network congestion where excessive data load can lead to packet loss, delays,
and reduced network performance.

Key Algorithms:

1. Slow Start:
o Begins with a small congestion window and exponentially increases it until a
threshold is reached or packet loss occurs.
2. Congestion Avoidance:
o Uses additive increase and multiplicative decrease (AIMD) to adjust the
congestion window size, increasing it linearly until congestion is detected.
3. Fast Retransmit and Fast Recovery:
o Quickly retransmits lost packets and temporarily reduces the congestion window
to avoid congestion while maintaining data flow.
4. Random Early Detection (RED):
o Proactively drops packets when the queue size exceeds a certain threshold,
signaling the sender to slow down.

Importance:

 Prevents packet loss, reduces latency, and improves overall network throughput by
managing the data flow effectively.

Flow Control

Definition:

 Flow control mechanisms ensure that the sender does not overwhelm the receiver with
too much data too quickly, maintaining a balance between the sender's transmission rate
and the receiver's processing capacity.

Purpose:

 To prevent data overflow at the receiver's end, ensuring smooth and reliable data
transmission.

51
Key Techniques:

1. Window-Based Flow Control:

o TCP Sliding Window:
 Uses a dynamic window size to control the number of packets in transit,
adjusted based on acknowledgments from the receiver.
2. Rate-Based Flow Control:
o Leaky Bucket and Token Bucket:
 Controls the rate at which data packets are sent, smoothing out bursts of
traffic to prevent congestion and ensure steady data flow.

Importance:

 Ensures efficient data transmission by preventing buffer overflow, reducing the risk of
packet loss, and maintaining the integrity and reliability of the communication.

Write short notes on Transport protocols (TCP, UDP)

TCP (Transmission Control Protocol)

Connection-oriented: Establishes a reliable connection before data transfer.

Reliable: Guarantees delivery of data, retransmits lost packets, and corrects errors.

Ordered: Delivers data in the same order it was sent.

Flow control: Prevents overwhelming the receiver.

Congestion control: Manages network traffic to avoid congestion.

Slower: Due to overhead of reliability mechanisms.

Used for: File transfer, web browsing, email, etc.

UDP (User Datagram Protocol)

Connectionless: No connection setup required.

Unreliable: Does not guarantee delivery or order of packets.

Faster: Less overhead than TCP.

Used for: Real-time applications (video streaming, online gaming), DNS, DHCP, etc.

52
In summary: TCP is suitable for applications that require reliable and ordered data transfer, while
UDP is preferred for applications that prioritize speed and can tolerate some data loss.

Write short notes on Port numbers and sockets

Port Numbers

A unique identifier assigned to a process or application on a host.

Used to differentiate between multiple applications running on the same machine.

Range from 0 to 65535.

Well-known ports (0-1023) are assigned to standard services (e.g., HTTP, FTP).

Registered ports (1024-49151) are assigned to user applications.

Dynamic/Private ports (49152-65535) are used for temporary connections.

Sockets

An endpoint for communication between two applications on different hosts.

Combines an IP address and a port number.

Represents a connection between two processes.

Used by applications to send and receive data.

Types of sockets: TCP sockets (reliable, connection-oriented) and UDP sockets (unreliable,
connectionless).

In summary: Port numbers identify applications on a host, while sockets represent the
communication endpoints between two hosts. Sockets use port numbers to establish connections
and route data to the correct application.

53
 Chapter 6: Application Layer

Write short notes on Network applications (Email, FTP, HTTP, DNS)

Email

Purpose: Electronic communication between users.

Protocols: SMTP (Simple Mail Transfer Protocol) for sending, POP3 (Post Office Protocol
version 3) or IMAP (Internet Message Access Protocol) for receiving.

Components: Sender, recipient, mail server, message body, attachments.

FTP (File Transfer Protocol)

FTP (File Transfer Protocol) is a standard network protocol used to transfer files from one host
to another over a TCP-based network, such as the Internet or an intranet. It allows users to
upload, download, and manage files on a server.

Purpose: Transferring files between computers.

Method: Establishes two connections: one for control commands and another for data transfer.

Features: Supports file uploading, downloading, and directory management.

HTTP (Hypertext Transfer Protocol)

HTTP is the foundational protocol used for transferring web pages on the internet. It operates as
a request-response protocol in the client-server model, where the client is usually a web browser
and the server is a web server hosting the web pages.

Purpose: Accessing and displaying web pages.

Method: Client-server model where clients request web resources and servers respond.

Features: Supports various media types (text, images, audio, video), handles requests and
responses, and manages sessions.

54
DNS (Domain Name System)

DNS is the internet's phonebook. It translates human-readable domain names (like [invalid URL
removed]) into machine-readable IP addresses (like 172.217.12.20) that computers use to
communicate with each other.

Purpose: Resolving domain names (e.g., [invalid URL removed]) to IP addresses (e.g.,
172.217.12.20).

Hierarchy: Hierarchical structure of domains (top-level, second-level, third-level).

Components: DNS servers (root, top-level, authoritative), DNS resolvers.

Process: Recursive and iterative query resolution.

What is Client-server architecture?

The client-server architecture is a distributed computing model where networked devices, known
as clients, interact with a central server to access resources, services, or applications

Advantages of the client-server model:

Centralized system with all data in one place.

Cost-efficient (requires less maintenance cost) and allows data recovery.

Scalability: Capacity of clients and servers can be changed separately.

Client

The client is the user's device (like a computer, smartphone, or tablet) that requests
services or data.

It provides a user interface for interacting with the system.

It sends requests to the server for processing.

Server

The server is a powerful computer that manages and stores data, resources, and
applications.

55
 It processes requests from clients and sends back the results.

It typically handles multiple clients simultaneously.

What is Socket programming?

Socket programming is a way for two programs to communicate with each other over a network.
It involves creating endpoints (sockets) on both machines and using them to send and receive
data.

Sockets can be used for various types of communication, such as TCP (Transmission Control
Protocol) for reliable, connection-oriented communication, or UDP (User Datagram Protocol) for
faster, connectionless communication. Essentially, socket programming allows applications to
communicate over a network, whether it's on the same machine or across different machines
globally.

Client-Server Model: In socket programming, we often use the client-server model:

Server: Listens on a specific port, waits for incoming connections.

Client: Initiates a connection to the server.

Think of it as establishing a phone connection between two people.

What is proxy server?

A proxy server acts as an intermediary between a client and a server. When you request a
resource (like a webpage) from a server, the request goes through the proxy server first.

A proxy server acts as an intermediary between a client and a server. It receives requests from
clients, forwards them to the appropriate server, and then sends the server's response back to the
client.

Key Functions:

Performance: Can improve loading times by caching data.

Caching: Storing frequently accessed data to reduce load times and bandwidth usage.

56
Intermediary: Handles communication between clients and servers.

Privacy: Hides your IP address from the server.

Security: Can filter content and protect against attacks.

Control: Allows network administrators to manage internet access.

Anonymity: Hiding the client's IP address and enhancing privacy.

Security: Filtering malicious content and preventing access to certain websites.

What is Telnet, SMTP and MIME?

Telnet

A basic network protocol used to establish a connection with a remote computer. Allows users to
interact with the remote system as if they were directly connected to it. Primarily used for
administrative purposes and debugging, as it offers no encryption.

SMTP (Simple Mail Transfer Protocol):

SMTP is a protocol used for sending and relaying emails across the internet. It defines the rules
for email transmission from an email client to an email server or between servers.

Use Case: SMTP is used by email servers to send outgoing mail and is the protocol that email
clients use to send messages to a mail server.

MIME (Multipurpose Internet Mail Extensions):

MIME extends SMTP to handle multimedia content (attachments, images, etc.) in emails.

It allows emails to include HTML, images, audio, and other non-text data.

MIME headers indicate the content type and encoding.

Without MIME, emails would be limited to plain text only

57
 Chapter 7: Network Security

Write short notes on Basic concepts of network security

Network security encompasses the measures and protocols implemented to protect the integrity,
confidentiality, and availability of data and resources in a network. It involves hardware,
software, and policies to safeguard data and systems. Here are the fundamental concepts:

1. CIA Triad: This fundamental model outlines the core objectives of security:
o Confidentiality: Ensures that sensitive information is accessible only to
authorized users. Techniques like encryption are used to protect data from
unauthorized access.
o Integrity: Guarantees that the data remains accurate and unaltered during
transmission. Mechanisms like checksums, hashes, and digital signatures are
employed to detect and prevent unauthorized data modifications.
o Availability: Ensures that network services and resources are available to users
when needed. Measures like redundancy, failover systems, and regular
maintenance help in mitigating issues like Denial-of-Service (DoS) attacks.
2. Threats and Vulnerabilities:
o Threats: Potential dangers to network security, such as hackers, malware, and
natural disasters.
o Vulnerabilities: Weaknesses in a system that can be exploited by threats.
3. Access Control: Limiting network access to authorized users and devices.
o Authentication: Verifies the identity of users and devices before granting access
to network resources. This is commonly achieved through passwords, biometrics,
and two-factor authentication.
o Authorization: Determines the permissions and access levels of authenticated
users. Access control lists (ACLs) and role-based access control (RBAC) are
commonly used methods.
o Accounting: Tracking user activities for auditing and security purposes.
4. Non-repudiation: Ensures that a party in a communication cannot deny the authenticity
of their signature on a document or the sending of a message. Digital signatures and
logging mechanisms are used to achieve non-repudiation.
5. Risk Management: Involves identifying, assessing, and mitigating risks to the network.
This includes regular security assessments, vulnerability scanning, and the
implementation of security policies.
6. Firewalls: Act as a barrier between trusted and untrusted networks, controlling incoming
and outgoing network traffic based on predetermined security rules.
7. Intrusion Detection and Prevention Systems (IDS/IPS): Tools that monitor network
traffic for suspicious activity and take action to prevent or mitigate threats.
8. Cryptographic Techniques: Use encryption to protect data in transit and at rest,
ensuring confidentiality and integrity.
9. Virtual Private Networks (VPNs): Create secure connections over public networks.

58
 10. Network Segmentation: Dividing a network into smaller subnetworks to isolate
sensitive data.
11. Security Policies and Procedures: Formalize rules and procedures for managing and
protecting network resources. Policies cover aspects such as password management, user
access control, and incident response.
12. Security Awareness Training: Educates users about potential security threats and best
practices for mitigating them, fostering a culture of security within the organization.
13. Additional Concepts:
o Social Engineering: Manipulating people to divulge sensitive information.
o Phishing: Attempting to acquire sensitive information through fraudulent emails
or websites.
o Malware: Malicious software designed to harm computer systems.
o Denial of Service (DoS) Attacks: Overwhelming a network to prevent legitimate
users from accessing it.
o Risk Assessment: Identifying potential threats and vulnerabilities to prioritize
security measures.

Write short notes on Network vulnerabilities

Network vulnerabilities are weaknesses or flaws in a network's design, implementation, or

operation that can be exploited by attackers to gain unauthorized access, disrupt services, or steal
data.

Common Types of Network Vulnerabilities

Software Vulnerabilities: Outdated software, unpatched systems, and software bugs can create
entry points for attackers.
Hardware Vulnerabilities: Weaknesses in physical network devices like routers, switches, and
servers can be exploited.
Configuration Errors: Incorrectly configured firewalls, access controls, and other security
settings can leave networks exposed.
Human Error: Mistakes by users, such as clicking on malicious links or sharing sensitive
information, can lead to breaches.
Weak Passwords: Easily guessable or reused passwords are a common target for attackers.
Unsecured Wireless Networks: Open Wi-Fi networks without proper encryption are vulnerable
to eavesdropping and hacking.
Social Engineering: Manipulating users to reveal sensitive information or perform actions that
compromise security.
Outdated Protocols: Using outdated or deprecated network protocols can expose the network to
known security flaws.
Insufficient Encryption: Lack of encryption or weak encryption methods can lead to data being
intercepted and read by attackers.
Phishing Attacks: Social engineering attacks that trick users into revealing sensitive information
or downloading malicious software.

59
Denial-of-Service (DoS) Attacks: Attacks that overwhelm network resources, rendering services
unavailable to legitimate users.
Man-in-the-Middle (MitM) Attacks: Intercepting and altering communications between two
parties without their knowledge.
Impact of Network Vulnerabilities
Data Breaches: Unauthorized access to sensitive data can result in significant financial and
reputational damage.
Service Disruptions: Attacks can lead to downtime, affecting business operations and service
availability.
Financial Loss: Direct theft of funds or costs associated with remediation and recovery efforts.
Loss of Customer Trust: Breaches and attacks can erode customer confidence and lead to loss of
business.

Mitigation Strategies
Regular Software Updates: Keep operating systems, applications, and firmware up-to-date with
the latest patches.
Strong Password Policies: Enforce complex and unique passwords for all users.
Network Segmentation: Divide the network into smaller segments to limit the impact of a
potential breach.
Intrusion Detection and Prevention Systems (IDPS): Monitor network traffic for suspicious
activity and block attacks.
Firewalls: Implement strong firewalls to filter incoming and outgoing network traffic.
User Education and Awareness: Train employees about security best practices and common
threats.
Regular Backups: Create and maintain regular backups of important data to recover from attacks.
Strong Authentication Practices: Implement multi-factor authentication and enforce strong
password policies.
Robust Firewall and IDS/IPS Configurations: Properly configure firewalls and use intrusion
detection/prevention systems to monitor and block malicious activity.
Encryption: Use strong encryption methods for data in transit and at rest to protect sensitive
information.
Regular Security Audits: Conduct regular assessments and penetration testing to identify and
address vulnerabilities.
Conclusion
Understanding and addressing network vulnerabilities is critical for maintaining the security and
integrity of network systems. By implementing robust security measures and staying vigilant,
organizations can protect their networks from potential threats.

60
Write short notes on Cryptographic techniques (symmetric and asymmetric encryption)

Cryptographic Techniques
Cryptographic techniques are methods used to secure data by transforming it into a form that is
unreadable to unauthorized users.
Two primary types of cryptographic techniques are symmetric encryption and asymmetric
encryption.

Symmetric Encryption
Symmetric encryption, also known as secret-key or single-key encryption, involves the use of a
single key for both encryption and decryption of data.

Key Characteristics:

Single Key: The same key is used for both encrypting and decrypting data.
Speed: Generally faster than asymmetric encryption because of simpler algorithms.
Security: Key must be kept secret; if the key is compromised, the security is broken.

Common Algorithms:
AES (Advanced Encryption Standard): Widely used and considered secure.
DES (Data Encryption Standard): Now considered insecure due to its short key length.
3DES (Triple DES): An improvement over DES by applying the encryption process three times.

Asymmetric Encryption
Asymmetric encryption, also known as public-key encryption, uses a pair of keys a public key
for encryption and a private key for decryption.

Key Characteristics:
Key Pair: Two keys are used; a public key (shared with others) and a private key (kept secret).
Security: More secure than symmetric encryption for key exchange and digital signatures.
Performance: Slower than symmetric encryption due to more complex algorithms.

Common Algorithms:
RSA (Rivest-Shamir-Adleman): One of the most widely used asymmetric algorithms.
ECC (Elliptic Curve Cryptography): Offers similar security to RSA but with shorter keys,
improving performance.
DSA (Digital Signature Algorithm): Used primarily for digital signatures.

Conclusion
Both symmetric and asymmetric encryption have their strengths and weaknesses. Symmetric
encryption is ideal for fast and efficient data encryption, while asymmetric encryption provides
enhanced security for key exchange and authentication. Combining both techniques, known as
hybrid encryption, can leverage the advantages of each to provide robust security for various
applications.

61
Write short notes on Cryptography.

Cryptography is the practice and study of techniques for securing communication and data in the
presence of adversaries. Here are some key concepts and components:

1. Basic Concepts

 Encryption: The process of converting plaintext into ciphertext to prevent unauthorized

access.
 Decryption: The process of converting ciphertext back into plaintext using a key.
 Cipher: An algorithm for performing encryption or decryption.
 Key: A piece of information used by a cipher to transform plaintext into ciphertext and
vice versa.

2) Types of Cryptography:
Symmetric Key Cryptography and Asymmetric Key Cryptography

3. Cryptographic Hash Functions

A function that takes an input (or message) and returns a fixed-size string of bytes. The output is
typically a digest that uniquely represents the input data.

4. Digital Signatures

 Purpose: Provide authenticity and integrity for messages.

 How It Works: The sender generates a hash of the message and encrypts it with their
private key. The recipient can then decrypt the hash with the sender’s public key and
compare it to the hash of the received message.
 Uses: Ensuring that the message has not been altered and verifying the identity of the
sender.

5. Public Key Infrastructure (PKI)

 Definition: A framework for managing digital keys and certificates.

 Components:
o Certification Authority (CA): Issues digital certificates to verify the identity of
entities.
o Registration Authority (RA): Acts as a mediator between users and the CA,
helping with the verification process.
o Certificates: Digital documents that bind a public key with an identity.
o Certificate Revocation List (CRL): A list of certificates that have been revoked
before their expiration date.

62
6. Applications of Cryptography

 Secure Communication: SSL/TLS for secure web browsing, email encryption.

 Data Protection: Encrypting files and databases to protect sensitive information.
 Authentication: Password protection, biometric data, and multi-factor authentication.
 Blockchain and Cryptocurrency: Ensuring the integrity and security of transactions

Write short notes on Firewalls.

A firewall is a network security device or software that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. It acts as a barrier between a
trusted internal network and untrusted external networks, such as the internet.

Types:
Packet filter: Basic, fast
Stateful: Tracks connections
Proxy: Deep inspection, slow
NGFW: All-in-one

How it works:
Traffic filtering
NAT
Logging/monitoring
VPN support

Where it's used:

Network-based: Protects entire network
Host-based: Protects individual devices

Rules:
Default-deny: Block all, allow specific
Default-allow: Allow all, block specific

Benefits:
Security
Access control
Traffic management
Auditing

Challenges:
Complex setup
Performance impact
Can be bypassed
Weak against insiders

63
Write short notes on Intrusion detection systems (IDS/IPS)

IDS and IPS are critical components of a robust security strategy, providing essential capabilities
for detecting and preventing threats. While IDS focuses on monitoring and alerting, IPS takes
proactive measures to block malicious activities. Both systems enhance the security posture of
networks and systems, contributing to overall cybersecurity resilience.

IDS (Intrusion Detection System): Monitors network traffic or system activities for signs of
malicious behavior or policy violations. Alerts administrators about potential threats but does not
take action to prevent them.

IPS (Intrusion Prevention System): Similar to IDS but also takes proactive steps to block or
prevent detected threats in real-time.

Types of IDS/IPS

 Network-Based IDS/IPS (NIDS/NIPS): Monitors network traffic for malicious activity.

Positioned at key points within the network to analyze incoming and outgoing traffic.
 Host-Based IDS/IPS (HIDS/HIPS): Installed on individual devices (e.g., servers,
workstations) to monitor system logs, file integrity, and application activity.

Detection Methods

 Signature-Based Detection: Compares network traffic or system activity against a

database of known attack signatures. Effective for known threats but cannot detect new or
unknown attacks.
 Anomaly-Based Detection: Establishes a baseline of normal behavior and flags
deviations from this baseline as potential threats. Can detect unknown attacks but may
produce false positives.
 Hybrid Detection: Combines signature-based and anomaly-based methods to improve
detection accuracy and reduce false positives.

Components of IDS/IPS

 Sensors: Capture network traffic or system activities for analysis.

 Analyzers: Inspect captured data to identify potential threats based on detection methods.
 Alerting System: Notifies administrators of detected threats (in IDS) or takes preventive
actions (in IPS).
 Management Console: Provides a user interface for configuring, monitoring, and
managing the IDS/IPS.

64
Advantages of IDS/IPS

 Early Threat Detection: Identifies malicious activities before they can cause significant
harm.
 Compliance: Helps meet regulatory requirements by monitoring and reporting on
security events.
 Detailed Forensics: Provides logs and reports for analyzing security incidents and
improving defenses.
 Enhanced Security Posture: Complements other security measures like firewalls and
antivirus software.

Challenges and Limitations

 False Positives and Negatives: Incorrectly flagging benign activities as threats (false
positives) or missing actual threats (false negatives).
 Performance Impact: High traffic volumes or intensive analysis can impact network
performance and system resources.
 Complex Configuration: Requires skilled personnel to configure, tune, and maintain
effectively.
 Evasion Techniques: Advanced attackers may use methods to bypass detection, such as
encryption or obfuscation.

Write short notes on Security measures (encryption, authentication)

Encryption

Encryption is the process of converting plaintext data into a coded form (ciphertext) to prevent
unauthorized access. It ensures data confidentiality and integrity by making the data unreadable
to anyone who does not have the decryption key.

1. Types of Encryption:
o Symmetric Encryption: Uses the same key for both encryption and decryption. It is fast
and suitable for encrypting large amounts of data. Examples include AES (Advanced
Encryption Standard) and DES (Data Encryption Standard).
o Asymmetric Encryption: Uses a pair of keys – a public key for encryption and a private
key for decryption. It is more secure but slower. Examples include RSA (Rivest-Shamir-
Adleman) and ECC (Elliptic Curve Cryptography).
2. Encryption in Practice:
o Data at Rest: Protecting stored data using encryption techniques.
o Data in Transit: Securing data during transmission over networks, often using protocols
like SSL/TLS (Secure Sockets Layer/Transport Layer Security).
3. Benefits:
o Protects sensitive information from unauthorized access.
o Ensures data integrity and confidentiality.
o Provides compliance with data protection regulations.

65
Authentication

Authentication is the process of verifying the identity of a user, device, or entity before granting
access to resources. It ensures that only authorized individuals can access specific data or
systems.

1. Types of Authentication:
o Single-Factor Authentication (SFA): Uses one factor, typically a password or PIN, to
verify identity.
o Two-Factor Authentication (2FA): Requires two forms of identification, such as a
password and a one-time code sent to a mobile device.
o Multi-Factor Authentication (MFA): Involves two or more verification methods,
including something you know (password), something you have (security token), and
something you are (biometric verification).
2. Authentication Methods:
o Password-Based: The most common form, requiring users to enter a secret password.
o Token-Based: Uses a physical or software token that generates a time-sensitive code.
o Biometric: Relies on unique biological characteristics like fingerprints, facial
recognition, or retina scans.
o Certificate-Based: Uses digital certificates issued by a trusted authority to verify
identity.
3. Authentication Protocols:
o Kerberos: A network authentication protocol that uses tickets issued by a trusted
authority.
o OAuth: A protocol for token-based authorization, commonly used for granting third-
party services access to user information without sharing passwords.
o SAML (Security Assertion Markup Language): Used for exchanging authentication
and authorization data between parties, often in Single Sign-On (SSO) systems.
4. Benefits:
o Enhances security by verifying identities before granting access.
o Reduces the risk of unauthorized access and data breaches.
o Provides accountability through audit trails and logs.

66
 Chapter 8: Network Management

Write short notes on Software-Defined Networking (SDN)

Software-Defined Networking (SDN)

SDN is a network architecture approach that enables the network to be intelligently and centrally
controlled, or 'programmed,' using software applications.

Key Characteristics:

Separation of control and data planes:SDN decouples the control logic (where traffic is sent)
from the data plane (which actually forwards packets).

Centralized control: A software-based controller manages the network, providing a unified view
and control point.

Programmability: SDN uses open APIs to allow network behavior to be defined and modified
through software applications.

Abstraction: SDN hides the complexity of underlying network hardware, making it easier to
manage and automate.

Benefits:

Increased agility: Faster network configuration and provisioning.

Improved scalability: Efficient management of large and complex networks.

Enhanced security: Centralized control allows for better security policies and monitoring.

Cost reduction: Automation and efficient resource utilization can lower operational costs.

Challenges:

Complexity: Implementing and managing an SDN environment can be complex.

Security risks: A centralized controller can be a single point of failure.

Interoperability: Ensuring compatibility between different SDN products can be challenging.

67
What is Internet of Things (IoT) networks?

The Internet of Things (IoT) refers to a network of physical objects or "things" embedded with
sensors, software, and other technologies to connect and exchange data with other devices and
systems over the internet. IoT networks facilitate the collection, transmission, and analysis of
data from various sources, leading to smarter and more efficient processes and applications.

Key Components:

Sensors: Collect data from the physical world.

Actuators: Control physical devices based on data.

Connectivity: Enables communication between devices and the internet.

Data processing: Analyzes collected data for insights.

Applications: Utilize processed data for various purposes.

Challenges:

Security: Protecting sensitive data from cyberattacks.

Privacy: Ensuring data is handled responsibly.

Scalability: Managing a vast number of devices.

Interoperability: Ensuring compatibility between different devices and systems.

Power consumption: Optimizing battery life for devices.

Applications:

Smart homes: Automated lighting, temperature control, security systems.

Smart cities: Traffic management, waste management, public safety.

Healthcare: Remote patient monitoring, wearable devices.

Industry: Predictive maintenance, supply chain management, automation.

Agriculture: Precision farming, livestock monitoring.

68
Write short notes on Cloud networking.

Cloud networking is the infrastructure that connects different devices required for cloud
computing. It involves designing, deploying, and optimizing networks to facilitate
communication and data transfer between various cloud services.

Key Characteristics:

Virtualization: Cloud networking heavily relies on virtualization to create virtual networks,

allowing for flexible resource allocation and isolation.

Scalability: Cloud networks can easily adapt to changing demands, scaling up or down as
needed.

Agility: Rapid provisioning of network resources is possible, enabling faster deployment of

applications.

Security: Cloud providers implement robust security measures to protect data and network
infrastructure.

Cost-efficiency: Pay-as-you-go models and shared resources can lead to significant cost
savings.

Core Components:

Virtual Private Clouds (VPCs): Isolated network environments within a public cloud.

Load balancers: Distribute traffic across multiple servers for optimal performance and
availability.

Firewalls: Protect network resources from unauthorized access.

Content Delivery Networks (CDNs): Improve website performance by delivering content from
multiple locations.

Benefits:

Improved performance: Low latency and high bandwidth for applications.

Increased flexibility: Ability to quickly adapt to changing business needs.

Reduced costs: Pay only for the resources used.

Enhanced security: Benefit from cloud provider's security expertise.

69
Global reach: Access to a global network infrastructure.

What is Quality of Service (QoS)?

QoS is a set of technologies and techniques used to manage and optimize the performance of a
computer network. It ensures that critical applications receive the necessary resources
(bandwidth, latency, jitter, packet loss) to function effectively, even under heavy network load.

Key Concepts:
Bandwidth: The amount of data that can be transmitted over a network in a given period.
Latency: The time it takes for a packet to travel from source to destination.
Jitter: Variation in packet arrival times.
Packet loss: The percentage of packets that are lost during transmission.

QoS Mechanisms:
Traffic classification: Identifying different types of traffic (voice, video, data) based on various
parameters.
Traffic prioritization: Assigning different levels of priority to different traffic types.
Resource allocation: Ensuring that critical traffic receives the necessary bandwidth and other
resources.
Congestion control: Preventing network congestion and managing traffic flow.

Benefits:
Improved performance for critical applications.
Enhanced user experience.
Efficient resource utilization.
Increased network reliability.

Challenges:
Complex configuration and management.
Potential for performance degradation if not configured correctly.
Increased network overhead.

What is Network management protocols (SNMP)?

SNMP is a widely used protocol for managing and monitoring network-connected devices. It
allows network administrators to collect and organize information about devices on an IP
network, as well as modify device behavior.

Simple Network Management Protocol (SNMP) is a widely used protocol for managing and
monitoring network devices. It provides a standardized framework for network administrators to
oversee device performance, configuration, and health. With its various versions and features,
SNMP enables centralized management, real-time monitoring, and efficient network operations.

70
However, addressing security, complexity, and performance considerations is crucial for
effective SNMP implementation and management.

How it Works:

Manager: A software application that collects and analyzes data from managed devices.

Agent: Software running on the managed device (router, switch, server, etc.) that collects data
and responds to requests from the manager.

Management Information Base (MIB): A database containing information about the managed
device, accessible by the manager.

Key Functions:

Monitoring: Collects data about device performance, status, and configuration.

Configuration: Modifies device settings and parameters.

Fault management: Detects and responds to network problems.

Performance management: Monitors network performance and identifies bottlenecks.

71
_________________________________________

Network monitoring and troubleshooting

Network performance evaluation

What are the scientific method for network trouble shooting?

Describe trouble shooting layer by layer.

Network monitoring tools

SNMP and network management protocols

Performance tuning

Chapter 9: Wireless and Mobile Networks

Wireless LANs and WANs

Mobile IP and wireless TCP

Network mobility and handoff

Chapter 10: Advanced Topics

Threats to network security (viruses, worms, hackers)

Wireless network security (WEP, WPA, WPA2)
Wireless and mobile networks
Network performance evaluation

72