2. What do you understand by user A/C? Explain several types of user account in computer.

A user account is an identity created for a person in a computer or computing system. User accounts can
also be created for machine entities, such as service accounts for running programs, system accounts for
storing system files and processes, and root and administrator accounts for system administration.

Types of user accounts

Regardless which operating system we use, it uses user accounts to authenticate, trace, log and monitor
its services. When we install an operating system, it automatically creates some essential user accounts
which allow us to access it just after the installation. During the installation, usually it creates four types
of user account; system account, super user account, regular user account and guest user account.

System accounts

These accounts are used by different services running in operating system to access the system
resources. Operating system uses these accounts to check whether a particular service which is
requesting for system resources is allowed to access those resources or not. Usually, services create
necessary accounts on their own when they are installed. After installation, services use these accounts
to access necessary resources. Unless you are a system or network administrator, you never need to
know about these accounts.

Super user account

This user account has the highest privilege in operating system. In Windows, this user account is known
as Administrator account. In Linux it is known as root account. Operating system allows this user
account to perform all privileged tasks such as changing system files, installing new software, removing
existing software, starting services, stopping services, creating new user accounts and deleting existing
user accounts.

Regular user account

This user account has moderate privilege. This user account is not allowed to make any change in system
files and properties. Operating system allows this user account to perform only the tasks that it is
authorized to do such as creating files and folders, running applications, customizing environmental
variables, etc.

Guest user account

This user account has the lowest privilege. It can’t make any change in any system files or properties.
Usually, this account is used to access the system for temporary tasks such as suffering internet,
watching movies, playing games etc. In Windows, this account is automatically created during the
installation. In Linux, if require, we have to create this account manually after the installation.

User account vs Group account

User account is an individual identity of a user while group account is the collective identity of all users
those belong to a specific group. Grouping helps system administrators in managing system effectively.
For example, in a company all the users of the development department may belong to a group called
developers. Once group is created, administrator can create and configure several security rules and
applications to ensure that only the users from developers group access the development department’s
resources such as SQL server, Language API, source code compiler, etc.

user account vs group account

Group accounts are only used to manage the user accounts which are alike or require access to a
particular resource. Unlike user account, group account does not have login capability. A user may
belong to an individual group or multiple groups.

Local user account vs Network User account

User name and password of local user accounts are stored in local machine. Local user accounts are
bound with physical machine. As discussed earlier, every operating system creates some user accounts
during the installation. By default, all these accounts are considered as local user accounts.

local user

User name and password of network user accounts are stored in a central machine usually known as
server. Unlike local user accounts, network user accounts are not bound with any particular system.
Based on configuration, a network user can login in a specific machine or any machine of network.

network user

Local user account and network user account both are used to access a fully featured operating system.

Remote service account

User name and password of these accounts are stored in remote machine. These accounts are used to
remotely access a specific service or an application running in remote system. FTP accounts, email
accounts, website accounts are some examples of the remote service accounts.

Anonymous user accounts

This account does not require a password to login. This account has the lowest privilege among all
available accounts. Usually, this account type is used to share data publicly through a service which
normally requires login access.

3. Define protocols. Enlist and explain important protocols you know.

A protocol is a standard set of rules that allow electronic devices to communicate with each other.
These rules include what type of data may be transmitted, what commands are used to send and receive
data, and how data transfers are confirmed.

Type of protocols

Transmission Control Protocol (TCP)

Internet Protocol (IP)

User Datagram Protocol (UDP)

Post office Protocol (POP)

Simple mail transport Protocol (SMTP)

File Transfer Protocol (FTP)

Hyper Text Transfer Protocol (HTTP)

Hyper Text Transfer Protocol Secure (HTTPS)

Telnet

Transmission Control Protocol (TCP): TCP is a popular communication protocol which is used for
communicating over a network. It divides any message into series of packets that are sent from source
to destination and there it gets reassembled at the destination.

Internet Protocol (IP): IP is designed explicitly as addressing protocol. It is mostly used with TCP. The IP
addresses in packets help in routing them through different nodes in a network until it reaches the
destination system. TCP/IP is the most popular protocol connecting the networks.

User Datagram Protocol (UDP): UDP is a substitute communication protocol to Transmission Control
Protocol implemented primarily for creating loss-tolerating and low-latency linking between different
applications.

Post office Protocol (POP): POP3 is designed for receiving incoming E-mails.

Simple mail transport Protocol (SMTP): SMTP is designed to send and distribute outgoing E-Mail.

File Transfer Protocol (FTP): FTP allows users to transfer files from one machine to another. Types of
files may include program files, multimedia files, text files, and documents, etc.

Hyper Text Transfer Protocol (HTTP): HTTP is designed for transferring a hypertext among two or more
systems. HTML tags are used for creating links. These links may be in any form like text or images. HTTP
is designed on Client-server principles which allow a client system for establishing a connection with the
server machine for making a request. The server acknowledges the request initiated by the client and
responds accordingly.

Hyper Text Transfer Protocol Secure (HTTPS): HTTPS is abbreviated as Hyper Text Transfer Protocol
Secure is a standard protocol to secure the communication among two computers one using the
browser and other fetching data from web server. HTTP is used for transferring data between the client
browser (request) and the web server (response) in the hypertext format, same in case of HTTPS except
that the transferring of data is done in an encrypted format. So it can be said that https thwart hackers
from interpretation or modification of data throughout the transfer of packets.

Telnet: Telnet is a set of rules designed for connecting one system with another. The connecting process
here is termed as remote login. The system which requests for connection is the local computer, and the
system which accepts the connection is the remote computer.
Gopher: Gopher is a collection of rules implemented for searching, retrieving as well as displaying
documents from isolated sites. Gopher also works on the client/server principle.

4. Differentiate between TCP and UDP.

TCP UDP
It is a connection-oriented protocol. It is a connectionless protocol.
TCP reads data as streams of bytes, and the message is UDP messages contain packets that were sent one by
transmitted to segment boundaries. one. It also checks for integrity at the arrival time.
TCP messages make their way across the internet from It is not connection-based, so one program can send
one computer to another. lots of packets to another.
UDP protocol has no fixed order because all packets
TCP rearranges data packets in the specific order.
are independent of each other.
The speed for TCP is slower. UDP is faster as error recovery is not attempted.
Header size is 20 bytes Header size is 8 bytes.
TCP is heavy-weight. TCP needs three packets to set up UDP is lightweight. There are no tracking connections,
a socket connection before any user data can be sent. ordering of messages, etc.
UDP performs error checking, but it discards erroneous
TCP does error checking and also makes error recovery.
packets.
Acknowledgment segments No Acknowledgment segments
Using handshake protocol like SYN, SYN-ACK, ACK No handshake (so connectionless protocol)
TCP is reliable as it guarantees delivery of data to the The delivery of data to the destination can't be
destination router. guaranteed in UDP.
TCP offers extensive error checking mechanisms
UDP has just a single error checking mechanism which
because it provides flow control and acknowledgment
is used for checksums.
of data.

5) Define web server. What do you require for setting up a web server??(you are free to reference any
operating system)

A web server is server software, or a system of one or more computers dedicated to running this
software, that can satisfy client HTTP requests on the public World Wide Web or also on private LANs
and WANs

The web server hardware requirements are listed below.

 Hardware Minimum Requirement (per system) Recommended Requirement (per system) CPU 2
CPU Cores 4 CPU Cores Memory 1 GB RAM 16 GB HD 1 GB of available space 2 GB of available space

Operating System Requirements Below are the minimum requirements for the operating system.
Operating System IIS Version Hardware Additional Requirements Windows Server 2008 R2 (64-bit) IIS
7.5 64-bit .NET 4.5.2; MMC 3.0 or above; PowerShell 5 Windows Server 2012 IIS 8.0 Windows Server
2012 R2 IIS 8.5 Windows Server 2016 IIS 10.0

PowerShell Requirements You must be running PowerShell 5.0 or above on the web server. If
PowerShell is already installed on your server, you can identify which version you are running by starting
a PowerShell session (key PowerShell into your search bar and select the app), and then typing Get-Host
at the command prompt. The version number will be displayed along with the rest of the app
information.

6. Explain VOIP

Voice over Internet Protocol, also called IP telephony, is a method and group of technologies for the
delivery of voice communications and multimedia sessions over Internet Protocol networks.

In four steps, here’s how VoIP works.

1. Your phone connects to your switch or router in your Local Area Network (LAN).
2. When you dial a telephone number, your IP phone tells your VoIP service provider to
call the other party.
3. Your VoIP service establishes the call and exchanges data packets from your IP phone.
4. Your VoIP phone converts these digital signals back into the sound you can hear.

Voice over Internet Protocol bypasses the telephone company entirely. Wherever you have a broadband
internet connection, you can use VoIP. It’s a significant upgrade from an analog phone system.

Benefits of VoIP

 Lower cost – Many consumers and businesses alike have realized substantial cost
savings and lowered their phone bills by over 60%.
 High-quality sound – There’s a noticeable difference in the call quality, so the audio isn’t
muffled or fuzzy.
 Advanced features – Leverage premium features to run your company such as auto
attendants, call recording, and call queues. They’re often included with business phone
service plans.
 Remote-ready – Use your phone service wherever you work. No technical setup is
necessary if you work from home.
 Call anyone worldwide – International long distance rates are as low as $0.04 per
minute to call Mexico or $0.01 to reach the United Kingdom.
Downsides of VoIP

 Needs a high-speed internet connection – VoIP doesn’t work well on dial-up or

satellite-based internet connections. You’ll need at least 100 kbps (0.1 Mbps) per phone
line.
 Emergency services limitations – In the unlikely event you need to call 911 from your
VoIP phone, you need to tell the operator your actual location. Voice over IP systems
default to sending your company’s mailing address to public safety operators.
 Makes analog phones obsolete – Voice over IP uses new technology that doesn’t rely
on analog signals. You’ll likely want to upgrade outdated phone handsets. Read our
advice later to find out how you can get a free VoIP phone.

7. List the different ways to install an O/S on a new computer.

The different ways to install an OS on a new computer are:

1. Optical drive (CD-ROM or DVD)

2. USB Bootable
3. VMware OS mounting
4. Multiboot OS
5. Cloning
6. Network boot

8. Explain considerations in creating server room.

Server rooms are an integral asset to the business as it is a physical space that houses all the data
running through the computer network. Most of the time and resources of the IT department in any
organization is spent in troubleshooting server or network issues and performing routine maintenance.
There is a need to design server rooms that are compliant with the safety norms of the organization. To
ensure this opt for infrastructure that is safe, spacious and computer friendly for the entire IT team.

two women discussing data center design in a data center

Here are the steps one should take to set up a server room for the business:

Step 1: Determine the appropriate room size

The first step is to lay the requirements of the physical space of the server room. It should be planned in
a manner that there shall be enough space for the servers, wires, cables, and other necessary
equipment to be kept comfortable. The IT department shall ensure that the data should be kept away
from an exterior wall of the room.

Step 2: Set up hardware for storage

The next step is to plan the space and optimize for space maximization. The cabinets and shelves shall
be designed to store the physical machinery and IT related inventory like electrical switches and sockets
in the server room. Having a well-planned machinery space helps in quick and timely maintenance.

Step 3: Keep the room cool

Once the server room is set, ensure that it stays cool and dry to avoid the equipment from overheating.
One viable option is to install a raised floor to distribute cooling in the entire space. Else the people can
use in-row cooling units, which do not require a raised floor. Ensure that there are a thermometer and a
dehumidifier in the room to ensure the temperature is moderate and there is no humidity.

Step 4: Make space for cables

Keeping the cables safe is necessary. Ensure that the server room has ample space to run electrical
cables without having them tattered. It is better to have one electrician to install all power whips from a
central electrical panel to ensure optimum power distribution and avoid cutting down on the electrical
services being routed to each joint.

Step 5: Develop security procedures

One of the major tasks in hand is to develop a security process. The server room has all the data
essential to the company. Therefore, the server room should be restricted to only a few people. Access
control systems shall be plugged to ensure that only the people who need to go there for work have its
access. A secure server room protects all the data crucial to the company.

Step 6: Allow for monitoring

However, secure the server room may be, it is essential that a monitoring process shall be set that takes
care of the activities happening in the room or the data stored in the room. Any deviation from the
regular activity coming over the network connectivity is to be scanned for abnormalities.

9. Define NAT. what is its main purpose?

Network Address Translation (NAT) is designed for IP address conservation. It enables private IP
networks that use unregistered IP addresses to connect to the Internet. NAT operates on a router,
usually connecting two networks together, and translates the private (not globally unique) addresses in
the internal network into legal addresses, before packets are forwarded to another network.

As part of this capability, NAT can be configured to advertise only one address for the entire network to
the outside world. This provides additional security by effectively hiding the entire internal network
behind that address. NAT offers the dual functions of security and address conservation and is typically
implemented in remote-access environments.

Basically, NAT allows a single device, such as a router, to act as an agent between the Internet (or public
network) and a local network (or private network), which means that only a single unique IP address is
required to represent an entire group of computers to anything outside their network. The main use of
NAT is to limit the number of public IP addresses an organization or company must use, for both
economy and security purposes.
10. Explain the concept of Dual boot with example.

Dual-boot is a term used to describe a computer that utilizes two operating systems. For example, with a
dual-boot you could have Windows 8 and macOS X on the same machine. The concept of installing more
than two operating systems is referred to as a multi-boot. Some examples of software that assist with a
dual-boot include Acronis Disk Director for Windows, Apple boot camp for Mac, and GRUB for Linux
users. These programs allow users to pick which operating system they want to load as the computer is
starting up.

A dual boot system is a computer system in which two operating systems are installed on the same hard
drive, allowing either operating system to be loaded and given control. When you turn the computer on,
a boot manager program displays a menu, allowing you to choose the operating system you wish to use.
A boot manager works by replacing the original Master Boot Record (MBR) with its own so that the boot
manager program loads instead of an operating system. Some popular boot manager programs are LILO,
System Commander, and Partition Magic. Common combinations of operating systems used on dual
boot systems include Linux and Windows NT and Windows 98 with one install of Windows being in a
different language, such as Spanish. Since more than two operating systems can be installed on a
computer, the term multiboot system is sometimes used.

Reasons why you may want to dual-boot

Trial run for new operating systems

Dual-boot is a great way for users to try out a new operating system. With dual-boot, you can try a new
OS, and still boot into your original OS whenever you want. A dual-boot configuration can be especially
beneficial to network administrators or computer technicians who need to support or work with
multiple system types.

Testing compatibility

Aside from testing a new operating system, dual-boot is also helpful in determining the compatibility of
an application with your present computing environment. For example, a user could perform a dry run
of an application on a separate OS installation. Doing this would ensure that the software is compatible
with both systems, before deleting their previous setup.

Multi-user connectivity

Another advantage of dual-boot is that it can make one computer functional for different users. For
example, in a home setting, dual-boot allows you to keep your work or files from being infected by
questionable software downloaded by your kids. Or, for instance, you may have a Mac user and a PC
user in your home. Dual-booting makes one machine work for both parties.
11. What do you mean by quality of service?

Quality-of-Service (QoS) refers to traffic control mechanisms that seek to either differentiate
performance based on application or network-operator requirements or provide predictable or
guaranteed performance to applications, sessions or traffic aggregates. Basic phenomenon for QoS
means in terms of packet delay and losses of various kinds.

Need for QoS –

1. Video and audio conferencing require bounded delay and loss rate.
2. Video and audio streaming requires bounded packet loss rate, it may not be so sensitive to
delay.
3. Time-critical applications (real-time control) in which bounded delay is considered to be an
important factor.
4. Valuable applications should be provided better services than less valuable applications.

12. Define IP address with different class ranges.

An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a
computer network that uses the Internet Protocol for communication. An IP address serves two main
functions: host or network interface identification and location addressing. IP addresses are binary
numbers but are typically expressed in decimal form (IPv4) or hexadecimal form (IPv6) to make reading
and using them easier for humans.

There are two versions of IP in use today, IPv4 and IPv6. The original IPv4 protocol is still used today on
both the internet, and many corporate networks. However, the IPv4 protocol only allowed for 232
addresses. This, coupled with how addresses were allocated, led to a situation where there would not
be enough unique addresses for all devices connected to the internet.

IP address classes

Class A

In a Class A network, the first eight bits, or the first dotted decimal, is the network part of the address,
with the remaining part of the address being the host part of the address. There are 128 possible Class A
networks.

0.0.0.0 to 127.0.0.0

However, any address that begins with 127. is considered a loopback address.

Example for a Class A IP address: 2.134.213.2

Class B

In a Class B network, the first 16 bits are the network part of the address. All Class B networks have their
first bit set to 1 and the second bit set to 0. In dotted decimal notation, that makes 128.0.0.0 to
191.255.0.0 as Class B networks. There are 16,384 possible Class B networks.
Example for a Class B IP address: 135.58.24.17

Class C

In a Class C network, the first two bits are set to 1, and the third bit is set to 0. That makes the first 24
bits of the address the network address and the remainder as the host address. Class C network
addresses range from 192.0.0.0 to 223.255.255.0. There are over 2 million possible Class C networks.

Example for a Class C IP address: 192.168.178.1

Class D

Class D addresses are used for multicasting applications. Unlike the previous classes, the Class D is not
used for "normal" networking operations. Class D addresses have their first three bits set to “1” and
their fourth bit set to “0”. Class D addresses are 32-bit network addresses, meaning that all the values
within the range of 224.0.0.0 – 239.255.255.255 are used to uniquely identify multicast groups. There
are no host addresses within the Class D address space, since all the hosts within a group share the
group’s IP address for receiver purposes.

Example for a Class D IP address: 227.21.6.173

Class E

Class E networks are defined by having the first four network address bits as 1. That encompasses
addresses from 240.0.0.0 to 255.255.255.255. While this class is reserved, its usage was never defined.
As a result, most network implementations discard these addresses as illegal or undefined. The
exception is 255.255.255.255, which is used as a broadcast address.

Example for a Class E IP address: 243.164.89.28

13. Differentiate ARP and RARP with example.

Address Resolution Protocol (ARP), Receiver’s MAC address is fetched. Through ARP, (32-bit) IP address
mapped into (48-bit) MAC address.

Whereas, In Reverse Address Resolution Protocol (RARP), IP address is fetched through server. Through
RARP, (48-bit) MAC address of 48 bits mapped into (32-bit) IP address.

ARP RARP
ARP stands for Address Resolution Protocol. Whereas RARP stands for Reverse Address
Resolution Protocol.
Through ARP, (32-bit) IP address mapped into Whereas through RARP, (48-bit) MAC address of
(48-bit) MAC address. 48 bits mapped into (32-bit) IP address.
In ARP, broadcast MAC address is used. While in RARP, broadcast IP address is used.
In ARP, ARP table is managed or maintained by While in RARP, RARP table is managed or
local host. maintained by RARP server.
In Address Resolution Protocol, Receiver’s MAC While in RARP, IP address is fetched.
address is fetched.
In ARP, ARP table uses ARP reply for its updating. While in RARP, RARP table uses RARP reply for
configuration of IP addresses.
Hosts and routers uses ARP for knowing the MAC While RARP is used by small users having less
address of other hosts and routers in the facilities.
networks.
Example - If Host A wants to transmit data to
Host B, which is on the different network, then
Host A sends an ARP request message to receive
a MAC address for Host B. The router responds to
Host A with its own MAC address pretend itself as
a destination. When the data is transmitted to
the destination by Host A, it will send to the
gateway so that it sends to Host B. This is known
as proxy ARP.

14. List different dos commands used in stand-alone system configuration.

CHKDSK: Check Disk

SCHTASKS: Schedule Tasks

Cd: Displays the current directory and lets you switch to other directories

Chdir: Displays the current directory and lets you switch to other directories.

Cls: Clears the content of the screen.

Date: Displays the current date and allows you to change it.
Dir: Displays all folders and files within the current directory.

Echo: Displays a message and is mainly used within scripts and batch files.

Edit: Starts the MS-DOS editor, with which you can create text files.

Exit: Ends CMD.EXE or CMD.COM.

logoff: Logs the user out of Windows.

Mkdir: Creates a new directory on the specified path.

Rd: Deletes a directory. This must not contain any files, even hidden ones.

Rmdir: Deletes a directory. This must not contain any files, even hidden ones.

Shutdown: Shuts down the computer (/s), triggers a restart (/r), or logs the user out (/l).

time: Displays the current time and allows it to be changed.

Tree: Graphically displays the directory structure of a drive or path.

Type: Displays the content of a text file

diskpart: Manages, creates, and deletes partitions from the hard drive.

Fdisk: Creates, deletes, and manages partitions on the hard drive. Use diskpart in newer Windows
versions.

Powercfg: Allows the user to change the computer’s energy options and control energy conservation
plans.

15. List different dos commands used in networked environment.

Ping - It is based on the ICMP protocol and is used to determine: If there is connectivity between your
machine and another machine on the network. It’s used to measure the “speed” or latency time.

Traceroute

This network command will tell us where the package is going through (machines, switches, routers) and
check that our network is working properly

Arp (Unix/Windows)

This network command is used to change and view the ARP table, which contains the mappings
between the IP address and the MAC address.

Nslookup Sends a DNS query to a specific IP or host name on the preconfigured DNS server. You can also
specify another DNS server.

Curl and wget (Unix/ Windows)

These are essential commands to do HTTP, HTTPS or FTP requests to remote servers. It allows you to
download files or whole web pages, even recursively (it literally allows us to make a “copy” of a website,
including images)
Netstat (Unix/Windows)

Network command identifies all TCP connections and UDP open on a machine. Besides this, it allows us
to know the following information: Routing tables to meet our network interfaces and its outputs.
Ethernet statistics that show sent and received packages and possible errors. To know the id of the
process that is being used by the connection.

Whois (Unix/ Windows)

This network command is used to query data domains: to find out who owns the domain, when that
domain expires, to view the configured logs, contact details, etc. Its use is highly recommended to
contact the administrators of the domains or when incidents of migration of services such as mail and
web happen.

TCPDump

TCPDump is an advanced command used to inspect traffic from different interfaces of a machine so you
can get the exchanged packages.

NMAP (Unix/Windows)

NMAP is considered the father of the general network scanners

16. Explain the concepts of PING Attacks and ICMP flooding.

A ping flood is a denial-of-service attack in which the attacker attempts to overwhelm a targeted device
with ICMP echo-request packets, causing the target to become inaccessible to normal traffic. When the
attack traffic comes from multiple devices, the attack becomes a DDoS or distributed denial-of-service
attack.

Ping flood attack work

The Internet Control Message Protocol (ICMP), which is utilized in a Ping Flood attack, is an internet
layer protocol used by network devices to communicate. The network diagnostic tools traceroute and
ping both operate using ICMP. Commonly, ICMP echo-request and echo-reply messages are used to ping
a network device for the purpose of diagnosing the health and connectivity of the device and the
connection between the sender and the device.

An ICMP request requires some server resources to process each request and to send a response. The
request also requires bandwidth on both the incoming message (echo-request) and outgoing response
(echo-reply). The Ping Flood attack aims to overwhelm the targeted device’s ability to respond to the
high number of requests and/or overload the network connection with bogus traffic. By having many
devices in a botnet target the same internet property or infrastructure component with ICMP requests,
the attack traffic is increased substantially, potentially resulting in a disruption of normal network
activity. Historically, attackers would often spoof in a bogus IP address in order to mask the sending
device. With modern botnet attacks, the malicious actors rarely see the need to mask the bot’s IP, and
instead rely on a large network of un-spoofed bots to saturate a target’s capacity.

The DDoS form of a Ping (ICMP) Flood can be broken down into 2 repeating steps:
The attacker sends many ICMP echo request packets to the targeted server using multiple devices.

The targeted server then sends an ICMP echo reply packet to each requesting device’s IP address as a
response.

Ping ICMP DDoS Attack Diagram

The damaging effect of a Ping Flood is directly proportional to the number of requests made to the
targeted server. Unlike reflection-based DDoS attacks like NTP amplification and DNS amplification, Ping
Flood attack traffic is symmetrical; the amount of bandwidth the targeted device receives is simply the
sum of the total traffic sent from each bot.

17. Define Ip with its classes and ip ranges. Categories the ranges of IP address as per Private and
Public.

An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a
computer network that uses the Internet Protocol for communication. An IP address serves two main
functions: host or network interface identification and location addressing. IP addresses are binary
numbers but are typically expressed in decimal form (IPv4) or hexadecimal form (IPv6) to make reading
and using them easier for humans.

There are two versions of IP in use today, IPv4 and IPv6. The original IPv4 protocol is still used today on
both the internet, and many corporate networks. However, the IPv4 protocol only allowed for 232
addresses. This, coupled with how addresses were allocated, led to a situation where there would not
be enough unique addresses for all devices connected to the internet.

IP address classes
Class A

In a Class A network, the first eight bits, or the first dotted decimal, is the network part of the address,
with the remaining part of the address being the host part of the address. There are 128 possible Class A
networks.

0.0.0.0 to 127.0.0.0

However, any address that begins with 127. is considered a loopback address.

Example for a Class A IP address: 2.134.213.2

Class B

In a Class B network, the first 16 bits are the network part of the address. All Class B networks have their
first bit set to 1 and the second bit set to 0. In dotted decimal notation, that makes 128.0.0.0 to
191.255.0.0 as Class B networks. There are 16,384 possible Class B networks.

Example for a Class B IP address: 135.58.24.17

Class C

In a Class C network, the first two bits are set to 1, and the third bit is set to 0. That makes the first 24
bits of the address the network address and the remainder as the host address. Class C network
addresses range from 192.0.0.0 to 223.255.255.0. There are over 2 million possible Class C networks.

Example for a Class C IP address: 192.168.178.1

Class D

Class D addresses are used for multicasting applications. Unlike the previous classes, the Class D is not
used for "normal" networking operations. Class D addresses have their first three bits set to “1” and
their fourth bit set to “0”. Class D addresses are 32-bit network addresses, meaning that all the values
within the range of 224.0.0.0 – 239.255.255.255 are used to uniquely identify multicast groups. There
are no host addresses within the Class D address space, since all the hosts within a group share the
group’s IP address for receiver purposes.

Example for a Class D IP address: 227.21.6.173

Class E

Class E networks are defined by having the first four network address bits as 1. That encompasses
addresses from 240.0.0.0 to 255.255.255.255. While this class is reserved, its usage was never defined.
As a result, most network implementations discard these addresses as illegal or undefined. The
exception is 255.255.255.255, which is used as a broadcast address.

Example for a Class E IP address: 243.164.89.28

Range of ip address

Private ip address

Class A – 10.0.0.0 to 10.255.255.255

Class B – 172.168.0.0 t0 172.31.255.255

Class C – 192.168.0.0 t0 192.168.255.255

Public ip address

Class A – 1.0.0.0.0 to 9.255.255.255

11.0.0.0 to 126.255.255.255

Class B – 128.0.0.0 to 172.15.255.255

172.32.0.0 to 191.255.255.255

Class C – 192.0.0.0 to 192.167.255.255

192.169.0.0 to 223.255.255.255

18. Explain the concept of Internet, Intranet and Extranet.

Internet: Internet is a worldwide, publicly accessible computer network of interconnected computer

networks (internetwork) that transmit data using the standard Internet Protocol (IP). Largest
Internetwork in the world is Internet.

The terms World Wide Web (WWW) and Internet are not the same. The Internet is a collection of
interconnected computer networks, linked by copper wires, fiber-optic cables, wireless connections, etc.
The World Wide Web is one of the services accessible via the Internet, along with various others
including email, file sharing, remote administration, video streaming, online gaming etc. World Wide
Web (WWW) is a collection of interconnected documents and other resources, linked together by
hyperlinks and URLs.

Most of these interconnected documents in World Wide Web (WWW) are created using a markup
programming language called HTML (HyperText Markup Language). Even the webpage you are reading
now is created using HTML (HyperText Markup Language)

Intranet: An intranet is a private network that is contained within an enterprise. Typical intranet for a
business organization consists of many interlinked local area networks (LAN) and use any Wide Area
Network (WAN) technology for network connectivity. The main purpose of an intranet is to share
company information and computing resources among employees. Intranet is a private Internetwork,
which is usually created and maintained by a private organization. The content available inside Intranet
are intended only for the members of that organization (usually employees of a company).

Extranets: An extranet is a private network that uses Internet protocols, network connectivity, to
securely share part of an organization's information or operations with suppliers, vendors, partners,
customers or other businesses. An extranet can be viewed as part of a company's Intranet that is
extended to users outside the company normally over the Internet. An extranet requires security and
privacy. These can include firewalls, server management, the issuance and use of digital certificates or
similar means of user authentication, encryption of messages, and the use of virtual private networks
(VPNs) that tunnel through the public network.
Advantages

 Extranets can improve organization productivity by automating processes that were previously
done manually.
 Extranets allow organization or project information to be viewed at times convenient for
business partners, customers, employees, suppliers and other stake-holders.
 Information on an extranet can be updated, edited and changed instantly. All authorized users
therefore have immediate access to the most up-to-date information.

Disadvantages

 Extranets can be expensive to implement and maintain within an organization.

 Security of extranets can be a big concern when dealing with valuable information.
 Extranets can reduce personal contact (face-to-face meetings) with customers and business
partners. This could cause a lack of connections made between people and a company

19. How does VPN ensure availability of secured communicating from within unsecured environment.
Enlist some features of VPN.

A VPN works by establishing encrypted connections between devices. (VPNs often use the IPsec or
SSL/TLS encryption protocols.) All devices that connect to the VPN set up encryption keys, and these
keys are used to encode and decode all information sent between them. This process may add a small
amount of latency to network connections, which will slow network traffic.

The effect of this encryption is that VPN connections remain private even if they stretch across public
Internet infrastructure. Imagine a sita is working from home, and she connects to her company's VPN so
that she can access a company database that is stored in a server 100 miles away. Suppose all of her
requests to the database, as well as the database's responses, travel through an intermediate Internet
exchange point (IXP). Now suppose that a criminal has secretly infiltrated this IXP and is monitoring all
data passing through (sort of like tapping a telephone line). Alice's data is still secure because of the
VPN. All the criminal can see is the encrypted version of the data.

Enlist some features of VPN.

1. Strong Encryption

Powerful encryption is a must-have for any VPN service. Without it, there’s a chance your ISP (or anyone
else, for that matter) could monitor what you do on the Internet – not to mention hackers might be able
to steal sensitive data from you (like credit card info and login credentials) when you use WiFi networks.

As a general rule of thumb, AES encryption is always a good sign (both AES-128 and AES-256). It’s an
advanced encryption standard that’s used even by the NSA, Microsoft, and Apple, and it has yet to be
officially broken as far as we know. If you want more assurance, consider this – according to security
experts, it’d even take a supercomputer 1 billion billion years to crack AES-128.

2. Secure VPN Protocols

Any reliable VPN provider would provide you with the ability to connect to a server using OpenVPN –
the most secure VPN protocol out there. It’s not the only protocol that’s deemed safe, though. Here are
other examples of reliable VPN protocols:

IKEv2/IPSec

SSTP

SoftEther

Of course, it doesn’t hurt if the VPN provider lets you use less-secure VPN protocols (like PPTP, for
example) too – maybe you sometimes just need to quickly unblock geo-restricted content on the go, and
online security isn’t a concern right then and there. Don’t forget – the stronger the encryption is, the
likelier it is your connections might slow down a bit (though, that isn’t always guaranteed to happen, but
it’s worth keeping in mind).

VPN encryption

Overall, VPN protocol variety and the ability to choose between protocols before you connect to a VPN
server is something all decent VPN providers offer.

3. DNS Leak Protection

If you’re not familiar with DNS leaks, it’s basically when the browser’s DNS requests are sent to your
ISP’s DNS server directly without running them through the VPN. Also, DNS stands for Domain Name
System, and it’s used to translate IP addresses into website names, and the other way around.

As a result, a DNS leak can actually let your ISP (and any other eavesdroppers) see what websites you
are accessing even if you are using a VPN.

Now, this doesn’t necessarily happen with a lot of VPN services (it’s quite common with split-tunnel
VPNs, though), but – to be safe – we recommend only choosing a VPN provider that actively offers DNS
leak protection.

4. A VPN Kill Switch

A VPN Kill Switch is a tool that essentially cuts off all Internet access on your device if your connection to
a VPN server drops. As harsh as that might sound, it’s one of the most valuable features of VPN services
since it protects you from being accidentally exposed on the web.

Let’s face it – sometimes, you might experience connectivity issues to a VPN server. That can happen
due to the distance between you and the server, or because your device’s WiFi card is outdated or is
experiencing problems.

No matter the reason, if that happens, your real IP address and online traffic will be exposed. With a Kill
Switch, however, all your traffic is instantly stopped in such a situation until you can properly reconnect
to the VPN server.

For some of you, it might sound like a hassle, but a Kill Switch is a smart way to make sure your personal
information is never in danger on the web because of things that are out of your control.
5. An Apps. Killer

An Apps. Killer is similar to a Killswitch, but instead of cutting off your Internet traffic if your connection
to the VPN server drops, it shuts down applications that use the web. Naturally, you have to choose the
apps that are going to be shut down in such a situation.

How would an Apps. Killer be useful, you ask? Well, say you play an online game with a VPN because
you’re afraid of getting DDoS’ed. If the VPN connection goes down, your online game is stopped to
prevent DDoS’ers from targeting you. Another example would be using the Apps. Killer to shut down a
torrent client if the VPN connection goes down so that your ISP doesn’t realize what you are doing.

For the best results, you should look for a VPN provider that offers both a Killswitch and an Apps. Killer.

6. Shared IP Addresses

A VPN provider that offers dedicated IP addresses is a red flag because a dedicated IP address can be
linked back to you. A shared IP address, like its name implies, is shared among VPN users, making it
almost impossible to link online activities to specific VPN users.

Dedicated and shared IP addresses

Also, here’s something else to consider – dedicated IP addresses cost VPN providers more, meaning they
will end up charging you – the user – more for their services to cover their costs. A VPN provider that
offers shared IP addresses is able to offer you much more cost-efficient services.

7. Support for Simultaneous Connections

If VPN providers link accounts to particular devices, that’s a problem. If they do, it means you’ll need
extra subscriptions if you want to use the VPN service on multiple devices at the same time – or you’d
have to sign out of your account on a device before signing into it on another one (quite annoying).

VPN providers that offer simultaneous connections on multiple devices are a better option simply due to
the increased convenience.

8. Cross-Platform Compatible Apps

A VPN service that works on just 1-2 devices isn’t very flexible, and that can be a problem since you –
like many other people – likely own at least 3-4 devices you can access the web with (laptops, smart TVs,
PCs/Macs, iOS/Android devices, and so on).

That’s why decent VPN providers offer cross-platform compatible applications to ensure their service is
available on multiple devices and operating systems. In case they can’t offer an application for a certain
device/OS (like Linux, for example), they’ll still provide configuration files and tutorials so that users can
set everything up.

9. High-Speed Servers

This is pretty much a no-brainer. Any VPN provider should (and most do) offer high-speed servers so that
users can enjoy smooth experiences – especially since VPN encryption can sometimes cause some lag.
20. Explain the concept of memory management on the basis of a) virtual storage b) cache c) buffer

d) spooler

a. virtual storage

Virtual memory is a feature of an operating system that enables a computer to be able to compensate
shortages of physical memory by transferring pages of data from random access memory to disk
storage. This process is done temporarily and is designed to work as a combination of RAM and space on
the hard disk.

This means that when RAM runs low, virtual memory can move data from it to a space called a paging
file. This process allows for RAM to be freed up so that a computer can complete the task.

Occasionally a user might be shown a message that says the virtual memory is running low, this means
that either more RAM needs to be added, or the size of the paging file needs to be increased.

b. Cache memory

Cache Memory is a special very high-speed memory. It is used to speed up and synchronizing with high-
speed CPU. Cache memory is costlier than main memory or disk memory but economical than CPU
registers. Cache memory is an extremely fast memory type that acts as a buffer between RAM and the
CPU. It holds frequently requested data and instructions so that they are immediately available to the
CPU when needed.

Cache memory is used to reduce the average time to access data from the Main memory. The cache is a
smaller and faster memory which stores copies of the data from frequently used main memory
locations. There are various different independent caches in a CPU, which store instructions and data.

c. Buffer memory

A buffer contains data that is stored for a short amount of time, typically in the computer's memory
(RAM). The purpose of a buffer is to hold data right before it is used. Most of the buffers are used for
holding data to be forwarded to I/O devices and in the meantime, CPU keeps on processing other
requests or process. Since the process of reading and writing data to a disk are comparatively slow,
many programs track the data changes in a buffer and then this buffer data is copied to a disk.

d. Spooler

SPOOL is an acronym for simultaneous peripheral operations on-line. It is a kind of buffering mechanism
or a process in which data is temporarily held to be used and executed by a device, program or the
system. Data is sent to and stored in memory or other volatile storage until the program or computer
requests it for execution.

In a computer system peripheral equipment, such as printers and punch card readers etc. (batch
processing), are very slow relative to the performance of the rest of the system. Getting input and
output from the system was quickly seen to be a bottleneck. Here comes the need for spool.
22. Define SLA. Present some features of SLA.

A service-level agreement (SLA) is a contract between a service provider and its customers that
documents what services the provider will furnish and defines the service standards the provider is
obligated to meet.

A service-level commitment (SLC) is a broader and more generalized form of an SLA. The two differ
because an SLA is bidirectional and involves two teams. In contrast, an SLC is a single-directional
obligation that establishes what a team can guarantee its customers at any given time.

Features of SLA

1.Agreement overview: This first section sets forth the basics of the agreement, including the parties
involved, the start date and a general introduction of the services provided.

2.Description of services: The SLA needs detailed descriptions of every service offered, under all possible
circumstances, with the turnaround times included. Service definitions should include how the services
are delivered, whether maintenance service is offered, what the hours of operation are, where
dependencies exist, an outline of the processes and a list of all technology and applications used.

3.Exclusions: Specific services that are not offered should also be clearly defined to avoid confusion and
eliminate room for assumptions from other parties.

4.Service performance: Performance measurement metrics and performance levels are defined. The
client and service provider should agree on a list of all the metrics they will use to measure the service
levels of the provider.

5.Redressing: Compensation or payment should be defined if a provider cannot properly fulfill their SLA.

6.Stakeholders: Clearly defines the parties involved in the agreement and establishes their
responsibilities.

7.Security: All security measures that will be taken by the service provider are defined. Typically, this
includes the drafting and consensus on antipoaching, IT security and nondisclosure agreements.

8.Risk management and disaster recovery: Risk management processes and a disaster recovery plan are
established and clearly communicated.

9.Service tracking and reporting: This section defines the reporting structure, tracking intervals and
stakeholders involved in the agreement.

10.Periodic review and change processes: The SLA and all established key performance indicators (KPIs)
should be regularly reviewed. This process is defined as well as the appropriate process for making
changes.

11.Termination process: The SLA should define the circumstances under which the agreement can be
terminated or will expire. The notice period from either side should also be established.

12.Signatures: Finally, all stakeholders and authorized participants from both parties must sign the
document to show their approval of every detail and process.
23. Enumerate few codes of ethics for System Administrator

Ethics are one of the most essential issues for system and network administrators. Trying to determine
what is truly ethical and unethical should result in some very important discussions. People such as
computer administrators and other privileged users have knowledge and access that can result in
serious problems if used in clearly unethical ways. Privileged users have access to things such as

 confidential information
 databases
 usernames/passwords
 e-mail

This Code of Ethics has as its purposes the following:

1. to provide a set of codified guidelines for ethical directions that system administrators must
pursue;
2. to act as a reference for construction of local site acceptable use policies;
3. to enhance the professionalism and image of the Guild and of its individual members by
promoting ethical behavior;
4. to act as an ‘industry standard’ reference of behavior in difficult situations, as well as in common
ones;
5. to establish a baseline for addressing more complex issues.

24. Define RAID. Explain the general RAID techniques (0,1,5,10) followed in modern technology.

RAID is a technology that is used to increase the performance and/or reliability of data storage. The
abbreviation stands for either Redundant Array of Independent Drives or Redundant Array of
Inexpensive Disks, which is older and less used. A RAID system consists of two or more drives working in
parallel. These can be hard discs, but there is a trend to also use the technology for SSD (Solid State
Drives). There are different RAID levels, each optimized for a specific situation.

RAID level 0 – Striping

In a RAID 0 system data are split up into blocks that get written across all the drives in the array. By using
multiple disks (at least 2) at the same time, this offers superior I/O performance. This performance can
be enhanced further by using multiple controllers, ideally one controller per disk.
 RAID 0 – Striping

Advantages of RAID 0

 RAID 0 offers great performance, both in read and write operations. There is no overhead
caused by parity controls.
 All storage capacity is used, there is no overhead.
 The technology is easy to implement.

Disadvantages of RAID 0

 RAID 0 is not fault-tolerant. If one drive fails, all data in the RAID 0 array are lost. It should not be
used for mission-critical systems.

RAID level 1 – Mirroring

Data are stored twice by writing them to both the data drive (or set of data drives) and a mirror drive (or
set of drives). If a drive fails, the controller uses either the data drive or the mirror drives for data
recovery and continuous operation. You need at least 2 drives for a RAID 1 array.
 RAID 1 – Mirroring

Advantages of RAID 1

 RAID 1 offers excellent read speed and a write-speed that is comparable to that of a single drive.
 In case a drive fails, data do not have to be rebuild, they just have to be copied to the
replacement drive.
 RAID 1 is a very simple technology.

Disadvantages of RAID 1

 The main disadvantage is that the effective storage capacity is only half of the total drive
capacity because all data get written twice.
 Software RAID 1 solutions do not always allow a hot swap of a failed drive. That means the failed
drive can only be replaced after powering down the computer it is attached to. For servers that
are used simultaneously by many people, this may not be acceptable. Such systems typically use
hardware controllers that do support hot swapping.

RAID level 5 – Striping with parity

RAID 5 is the most common secure RAID level. It requires at least 3 drives but can work with up to 16.
Data blocks are striped across the drives and on one drive a parity checksum of all the block data is
written. The parity data are not written to a fixed drive, they are spread across all drives, as the drawing
below shows. Using the parity data, the computer can recalculate the data of one of the other data
blocks, should those data no longer be available. That means a RAID 5 array can withstand a single drive
failure without losing data or access to data. Although RAID 5 can be achieved in software, a hardware
controller is recommended. Often extra cache memory is used on these controllers to improve the write
performance.
RAID 5 – Striping with parity

Advantages of RAID 5

 Read data transactions are very fast while write data transactions are somewhat slower (due to
the parity that has to be calculated).
 If a drive fails, you still have access to all data, even while the failed drive is being replaced and
the storage controller rebuilds the data on the new drive.

Disadvantages of RAID 5

 Drive failures have an effect on throughput, although this is still acceptable.

 This is complex technology. If one of the disks in an array using 4TB disks fails and is replaced,
restoring the data (the rebuild time) may take a day or longer, depending on the load on the
array and the speed of the controller. If another disk goes bad during that time, data are lost
forever.

RAID level 10 – combining RAID 1 & RAID 0

It is possible to combine the advantages (and disadvantages) of RAID 0 and RAID 1 in one single system.
This is a nested or hybrid RAID configuration. It provides security by mirroring all data on secondary
drives while using striping across each set of drives to speed up data transfers.
RAID 10 – Striping and mirroring

Advantages of RAID 10

 If something goes wrong with one of the disks in a RAID 10 configuration, the rebuild time is
very fast since all that is needed is copying all the data from the surviving mirror to a new drive.
This can take as little as 30 minutes for drives of 1 TB.

Disadvantages of RAID 10

 Half of the storage capacity goes to mirroring, so compared to large RAID 5 or RAID 6 arrays, this
is an expensive way to have redundancy.

26.Define RAID. Distribute the given string as per different RAID volume consideration. (100010010)

RAID is a technology that is used to increase the performance and/or reliability of data storage. The
abbreviation stands for either Redundant Array of Independent Drives or Redundant Array of
Inexpensive Disks, which is older and less used. A RAID system consists of two or more drives working in
parallel. These can be hard discs, but there is a trend to also use the technology for SSD (Solid State
Drives).

RAID 0: striping

1 0
0 0
1 0
0 1
0
Drive 1 Drive 2
RAID level 1 – Mirroring

1 1
0 0
0 0
0 0
1 1
0 0
0 0
1 1
0 0
Drive 1 Drive 2

RAID level 5 – Striping with parity

1 0 0 p
0 1 p 0
0 p 1 0
Drive 1 Drive 2 Drive 3 Drive 4

RAID level 10 – combining RAID 1 & RAID 0

1 1 0 0
0 0 0 0
1 1 0 0
0 0 1 1
0 0
Drive 1 Drive 2 Drive 3 Drive 4
27. Differentiate Routing and Routed protocols.

Routing protocol Routed protocol

A routing protocols is different and is only used A routed protocol is a protocol by which data can
between routers. It makes possible for routers to be routed.
build and maintain routing tables.
Routed protocols are IP, AppleTalk, and IPX There are three classes of routing protocols:
Distance Vector, Link state & Hybrid
Routing protocols are network protocols used to Routed protocols use an addressing system.
dynamically advertise and learn the routes
(network paths) which available.
Routing protocols are not available in a normal A Routed protocol is an integral part of network
computer or a printer. protocol suit and it is available in every device
which is participating in network communication.
Routing protocols normally run only in routers, Example: routers, switches, computers, server
layer 3 switches, end devices(firewalls) or etc.
network servers with network operating systems.
Routing protocols just concern about the router. Routed protocols just concern about the mode of
data transfer and also include the source &
destination address.
It’s about the path. It’s about the data
Example: Example:
IP RIP, IGRP, OSPF, EIGRP
IPX RIP, NLSP, EIGRP
AppleTalk RMTP, AURP, EIGRP