Difference Between IPv4 and IPv6:

IPv4 IPv6
IPv6 has 128-bit address length
IPv4 has 32-bit address length

In IPv6 end to end connection integrity is

In IPv4 end to end connection
Achievable
integrity is Unachievable

IPSEC is inbuilt security feature in the IPv6

Security feature is dependent on
protocol
application

Address representation of IPv4 in Address Representation of IPv6 is in hexadecimal

decimal

In IPv6 packet flow identification are Available

In IPv4 Packet flow identification is
and uses flow label field in the header
not available
In IPv6 checksum field is not available
In IPv4 checksum field is available
In IPv4 Encryption and In IPv6 Encryption and Authentication are
Authentication facility not provided provided

Q #10) What is HTTPs and what port does it use?

Ans: HTTPS is a Secure HTTP. HTTPS is used for secure communication over a computer
network. HTTPS provides authentication of websites which prevents unwanted attacks.

In a bi-directional communication, HTTPS protocol encrypts the communication so that

tampering of the data gets avoided. With the help of a SSL certificate, it verifies if the requested
server connection is a valid connection or not. HTTPS uses TCP with port 443.

#13) What is DNS?

Ans: Domain Name Server (DNS), in a non-professional language and we can call it as
Internet’s phone book. All the public IP addresses and their hostnames are stored in the DNS and
later it translates into a corresponding IP address.

For a human being, it is easy to remember and recognize the domain name, however, the
computer is a machine that does not understand the human language and they only understand
the language of IP addresses for data transfer.
There is a “Central Registry” where all the domain names are stored and it gets updated on a
periodic basis. All the internet service providers and different host companies usually interact
with this central registry to get the updated DNS details.

For Example: When you type a website www.softwaretestinghelp.com, then your internet
service provider looks for the DNS associated with this domain name and translates this website
command into a machine language – IP address – 151.144.210.59 (note that, this is imaginary IP
address and not the actual IP for the given website) so that you will get redirected to the
appropriate destination.

Q #14) What is the difference between a Domain and a Workgroup?

Ans: In a Computer Network, different computers are organized in different methods and these
methods are – Domains and Workgroups. Usually, computers which run on the home network
belong to a Workgroup.

However, computers which are running on an office network or any workplace network belong
to the Domain.

Workgroup Domain
Network admin uses one or more computer as a
All computers are peers and no computer has server and provide all accesses, security
control over another computer permission to all other computers in a network

The domain is a form of a computer network in

In a Workgroup, each computer maintains which computers, printers, and user accounts are
their own database registered in a central database.

It has centralized authentication servers which set

Each computer has their own authentication
the rule of authentication
rule for every user account

Each computer has set of user account. If If user has an account in a domain then user can
user has account on that computer then only login to any computer in a domain
user able to access the computer
In a domain, changes made in one computer
Computer settings need to change manually automatically made same changes to all other
for each computer in a Workgroup computers in a network

All computers must be on same local area In a domain, computers can be on a different local
network network
In a Workgroup, there can be only 20 In a domain, thousands of computers can be
computers connected connected
15) What is a Proxy Server and how do they protect the computer network?

Ans: For data transmission, IP addresses are required and even DNS uses IP addresses to route
to the correct website. It means without the knowledge of correct and actual IP addresses it is not
possible to identify the physical location of the network.

Proxy Servers prevent external users who are unauthorized to access such IP addresses of the
internal network. The Proxy Server makes the computer network virtually invisible to the
external users.

17) What is meant by 127.0.0.1 and local host?

Ans: IP address 127.0.0.1, is reserved for loopback or local host connections. These networks
are usually reserved for the biggest customers or some of the original members of the Internet.
To identify any connection issue, the initial step is to ping the server and check if it is
responding.

If there is no response from the server then there are various causes like the network is down or
the cable needs to be replaced or network card is not in a good condition. 127.0.0.1 is a loopback
connection on the Network Interface Card (NIC) and if you are able to ping this server
successfully, then it means that the hardware is in a good shape and condition.

127.0.0.1 and local host are the same things in most of the computer network functioning.

0) What is the difference between Internet, Intranet, and Extranet?

Ans: The terminologies Internet, Intranet, and Extranet are used to define how the applications in
the network can be accessed. They use similar TCP/IP technology but differ in terms of access
levels for each user inside the network and outside the network.

Internet: Applications are accessed by anyone from any location using the web.

Intranet: It allows limited access to the users in the same organization.

Extranet: External users are allowed or provided with access to use the network application of
the organization.

what are ipconfig and ifconfig?

Ans: Ipconfig stands for Internet Protocol Configuration and this command is used on Microsoft
Windows to view and configure the network interface.

The command ipconfig is useful for displaying all TCP/IP network summary information
currently available on a network. It also helps to modify the DHCP protocol and DNS setting.
Ifconfig (Interface Configuration) is a command that is used on Linux, Mac, and UNIX
operating system. It is used to configure, control the TCP/IP network interface parameters from
CLI i.e. Command Line Interface. It allows you to see the IP addresses of these network
interfaces.

3) Explain DHCP briefly?

Ans: DHCP stands for Dynamic Host Configuration Protocol and it automatically assigns IP
addresses to the network devices. It completely removes the process of manual allocation of IP
addresses and reduces the errors caused due to this.

This entire process is centralized so that TCP/IP configuration can also be completed from a
central location. DHCP has “pool of IP addresses” from which it allocates the IP address to the
network devices. DHCP cannot recognize if any device is configured manually and assigned
with the same IP address from the DHCP pool.

In this situation, it throws “IP address conflict” error.

image source: DHCP

DHCP environment requires DHCP servers to set-up the TCP/IP configuration. These servers
then assign, release and renew the IP addresses as there might be a chance that network devices
can leave the network and some of them can join back to the network.

34) What is the full form of IDEA?

Ans) IDEA stands for International Data Encryption Algorithm.

7) What is the full form of ASCII?

Ans) ASCII stands for American Standard Code for Information Interchange.

#39) Define Round Trip Time?

Ans) The time taken for a signal to reach the destination and travel back to the sender with the
acknowledgment is termed as Round Trip time (RTT). It is also called as Round Trip Delay
(RTD)

Define Static IP and Dynamic IP?

Ans) When a device or computer is assigned a specified IP address then it is named as Static IP.
It is assigned by the Internet Service Provider as a permanent address.

Dynamic IP is the temporary IP address assigned by the network to a computing device.

Dynamic IP is automatically assigned by the server to the network device.

Explain Beaconing?

Ans) If a network self-repairs its problem then it is termed as Beaconing. Mainly it is used in
token ring and FDDI (Fiber Distributed Data Interface) networks. If a device in the network is
facing any problem, then it notifies the other devices that they are not receiving any signal.
Likewise, the problem gets repaired within the network.

What is an Encoder?

Ans) Encoder is a circuit that uses an algorithm to convert any data or compress audio data or
video data for transmission purpose. An encoder converts the analog signal into the digital
signal.

Explain the difference between baseband and broadband transmission?

Ans) Baseband Transmission: A single signal consumes the whole bandwidth of the cable

Broadband Transmission: Multiple signals of multiple frequencies are sent simultaneously.

Expand SLIP?

Ans) SLIP stands for Serial Line Interface Protocol. SLIP is a protocol used for transmitting IP
datagrams over a serial line.

What is subnet mask?

A subnet mask is combined with an IP address in order to identify two parts: the extended
network address and the host address. Like an IP address, a subnet mask is made up of 32 bits.
What is anonymous FTP?

Anonymous FTP is a way of granting user access to files in public servers. Users that are
allowed access to data in these servers do not need to identify themselves, but instead log in as
an anonymous guest.

What is subnet mask?

A subnet mask is combined with an IP address in order to identify two parts: the extended
network address and the host address. Like an IP address, a subnet mask is made up of 32 bits.

Briefly describe NAT.

NAT is Network Address Translation. This is a protocol that provides a way for multiple
computers on a common network to share single connection to the Internet.

What is the importance of implementing a Fault Tolerance System? Are there limitations?

A fault tolerance system ensures continuous data availability. This is done by eliminating a
single point of failure. However, this type of system would not be able to protect data in some
cases, such as in accidental deletions.

What are MAC addresses?

MAC, or Media Access Control, uniquely identifies a device on the network. It is also known as
physical address or Ethernet address. A MAC address is made up of 6-byte parts.

What is SLIP?

SLIP, or Serial Line Interface Protocol, is actually an old protocol developed during the early
UNIX days. This is one of the protocols that are used for remote access.

) What is tracert?

Tracert is a Windows utility program that can used to trace the route taken by data from the
router to the destination network. It also shows the number of hops taken during the entire
transmission route.

What is Reverse Address Resolution Protocol (RARP) ?

We have already learnt about ARP protocol in our previous post. Now the Reverse Address
Resolution Protocol (RARP) finds the logical address for a machine that knows only its physical
address. ARP is used for solving the problem of finding out which Ethernet address corresponds
to a given IP address. That means ARP is used for the mapping of IP address to physical or
MAC address. But sometimes we have to deal with the reverse case i.e. we have to obtain the
IP address corresponding to the given Ethernet (MAC) address. Such a problem can occur when
booting a diskless workstation.

ARP Physical to Logical

RARP logical to Physical

What is netstat?

Netstat is a command line utility program. It provides useful information about the current
TCP/IP settings of a connection.

What is the number of network IDs in a Class C network?

For a Class C network, the number of usable Network ID bits is 21. The number of possible
network IDs is 2 raised to 21 or 2,097,152. The number of host IDs per network ID is 2 raised to
8 minus 2, or 254.

What is ICMP?

ICMP is Internet Control Message Protocol. It provides messaging and communication for
protocols within the TCP/IP stack. This is also the protocol that manages error messages that are
used by network tools such as PING.

Definition

ping

Ping is a basic Internet program that allows a user to verify that a particular IP address exists and
can accept requests.

Ping is used diagnostically to ensure that a host computer the user is trying to reach is actually
operating. Ping works by sending an Internet Control Message Protocol (ICMP) Echo Request to
a specified interface on the network and waiting for a reply. Ping can be used for troubleshooting
to test connectivity and determine response time.

As a verb, ping means "to get the attention of" or "to check for the presence of" another party
online. The computer acronym (for Packet Internet or Inter-Network Groper) was contrived to
match the submariners' term for the sound of a returned sonar pulse.

Tip: To find out the dot address (such as 205.245.172.72) for a given domain name, Windows
users can go to their command prompt screen (start/run/cmd) and enter ping xxxxx.yyy (where
xxxxx is the second-level domain name like "whatis" and yyy is the top-level domain name like
"com").
What are the maximum networks and hosts in a class A, B and C network?

For Class A, there are 126 possible networks and 16,777,214 hostsFor Class B, there are 16,384
possible networks and 65,534 hostsFor Class C, there are 2,097,152 possible networks and 254
hosts

What is ipconfig?

Ipconfig is a utility program that is commonly used to identify the addresses information of a
computer on a network. It can show the physical address as well as the IP address.

What is the difference between a straight-through and crossover cable?

A straight-through cable is used to connect computers to a switch, hub or router. A crossover

cable is used to connect two similar devices together, such as a PC to PC or Hub to hub.

When you move the NIC cards from one PC to another PC, does the MAC address gets
transferred as well?

Yes, that's because MAC addresses are hard-wired into the NIC circuitry, not the PC. This also
means that a PC can have a different MAC address when the NIC card was replace by another
one.

Describe Ethernet.

Ethernet is one of the popular networking technologies used these days. It was developed during
the early 1970s and is based on specifications as stated in the IEEE. Ethernet is used in local area
networks.

What is the difference between CSMA/CD and CSMA/CA?

CSMA/CD, or Collision Detect, retransmits data frames whenever a collision occurred.

CSMA/CA, or Collision Avoidance, will first broadcast intent to send prior to data transmission.

What is one advantage of mesh topology?

In the event that one link fails, there will always be another available. Mesh topology is actually
one of the most fault-tolerant network topology.
What is sneakernet?

Sneakernet is believed to be the earliest form of networking wherein data is physically

transported using removable media, such as disk, tapes.

What is one basic requirement for establishing VLANs?

A VLAN is required because at switch level there is only one broadcast domain, it means
whenever new user is connected to switch this information is spread throughout the network.
VLAN on switch helps to create separate broadcast domain at switch level. It is used for security
purpose.

What is RSA algorithm?

RSA is short for Rivest-Shamir-Adleman algorithm. It is the most commonly used public key
encryption algorithm in use today.

what is the maximum segment length of a 100Base-FX network?

The maximum allowable length for a network segment using 100Base-FX is 412 meters. The
maximum length for the entire network is 5 kilometers.

The 403 Forbidden error is an HTTP status code which means that accessing the page or resource you
were trying to reach is absolutely forbidden for some reason.

The HTTP 404, 404 Not Found, and 404 error message is a Hypertext Transfer Protocol (HTTP) standard
response code, in computer network communications, to indicate that the client was able to
communicate with a given server, but the server could not find what was requested.

"Malware" is short for malicious software and used as a single term to refer to virus, spy ware,
worm etc. Malware is designed to cause damage to a stand alone computer or a networked pc. So
wherever a malware term is used it means a program which is designed to damage your
computer it may be a virus, worm or Trojan.

Worms:-
Worms are malicious programs that make copies of themselves again and again on the local
drive, network shares, etc. The only purpose of the worm is to reproduce itself again and again. It
doesn’t harm any data/file on the computer. Unlike a virus, it does not need to attach itself to an
existing program. Worms spread by exploiting vulnerabilities in operating systems

Examples of worm are: - W32.SillyFDC.BBY

Packed.Generic.236
W32.Troresba
Due to its replication nature it takes a lot of space in the hard drive and consumes more cpu uses
which in turn makes the pc too slow also consumes more network bandwidth.

Virus:-
Virus is a program written to enter to your computer and damage/alter your files/data. A virus
might corrupt or delete data on your computer. Viruses can also replicate themselves. A
computer Virus is more dangerous than a computer worm as it makes changes or deletes your
files while worms only replicates itself without making changes to your files/data.

Examples of virus are: - W32.Sfc!mod

ABAP.Rivpas.A
Accept.3773

Viruses can enter to your computer as an attachment of images, greeting, or audio / video files.
Viruses also enters through downloads on the Internet. They can be hidden in a free/trial
softwares or other files that you download.

So before you download anything from internet be sure about it first. Almost all viruses are
attached to an executable file, which means the virus may exist on your computer but it actually
cannot infect your computer unless you run or open the malicious program. It is important to
note that a virus cannot be spread without a human action, such as running an infected program
to keep it going.

Virus is of different types which are as follows.

1) File viruses
2) Macro viruses
3) Master boot record viruses
4) Boot sector viruses
5) Multipartite viruses
6) Polymorphic viruses
7) Stealth viruses

File Virus:-This type of virus normally infects program files such as .exe, .com, .bat. Once this
virus stays in memory it tries to infect all programs that load on to memory.

Macro Virus: - These type of virus infects word, excel, PowerPoint, access and other data files.
Once infected repairing of these files is very much difficult.

Master boot record files: - MBR viruses are memory-resident viruses and copy itself to the first
sector of a storage device which is used for partition tables or OS loading programs .A MBR
virus will infect this particular area of Storage device instead of normal files. The easiest way to
remove a MBR virus is to clean the MBR area,
Boot sector virus: - Boot sector virus infects the boot sector of a HDD or FDD. These are also
memory resident in nature. As soon as the computer starts it gets infected from the boot sector.
Cleaning this type of virus is very difficult.

Multipartite virus: - A hybrid of Boot and Program/file viruses. They infect program files and
when the infected program is executed, these viruses infect the boot record. When you boot the
computer next time the virus from the boot record loads in memory and then start infecting other
program files on disk

Polymorphic viruses: - A virus that can encrypt its code in different ways so that it appears
differently in each infection. These viruses are more difficult to detect.

Stealth viruses: - These types of viruses use different kind of techniques to avoid detection.
They either redirect the disk head to read another sector instead of the one in which they reside
or they may alter the reading of the infected file’s size shown in the directory listing. For
example, the Whale virus adds 9216 bytes to an infected file; then the virus subtracts the same
number of bytes (9216) from the size given in the directory.

Trojans: - A Trojan horse is not a virus. It is a destructive program that looks as a genuine
application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as
destructive. Trojans also open a backdoor entry to your computer which gives malicious
users/programs access to your system, allowing confidential and personal information to be theft.

Example: - JS.Debeski.Trojan

Trojan horses are broken down in classification based on how they infect the systems and the
damage caused by them. The seven main types of Trojan horses are:
• Remote Access Trojans
• Data Sending Trojans
• Destructive Trojans
• Proxy Trojans
• FTP Trojans
• security software disabler Trojans
• denial-of-service attack Trojans

Adware: - Generically adware is a software application in which advertising banners are

displayed while any program is running. Adware can automatically get downloaded to your
system while browsing any website and can be viewed through pop-up windows or through a bar
that appears on a computer screen automatically. Adwares are used by companies for marketing
purpose.

Spywares: - Spyware is a type of program that is installed with or without your permission on
your personal computers to collect information about users, their computer or browsing habits
tracks each and everything that you do without your knowledge and send it to remote user. It also
can download other malicious programs from internet and install it on the computer.Spyware
works like adware but is usually a separate program that is installed unknowingly when you
install another freeware type program or application.

Spam: - Spamming is a method of flooding the Internet with copies of the same message. Most
spams are commercial advertisements which are sent as an unwanted email to users. Spams are
also known as Electronic junk mails or junk newsgroup postings. These spam mails are very
annoying as it keeps coming every day and keeps your mailbox full.

Tracking cookies: - A cookie is a plain text file that is stored on your computer in a cookies
folder and it stores data about your browsing session. Cookies are used by many websites to
track visitor information A tracking cookie is a cookie which keeps tracks of all your browsing
information and this is used by hackers and companies to know all your personal details like
bank account details, your credit card information etc. which is dangerous .

Misleading applications: - Misleading applications misguide you about the security status of
your computer and shows you that your computer is infected by some malware and you have to
download the tool to remove the threat. As you download the tool it shows some threats in your
computer and to remove it you have to buy the product for which it asks some personal
information like credit card information etc. which is dangerous.

Definition

flooding

In a network, flooding is the forwarding by a router of a packet from any node to every other
node attached to the router except the node from which the packet arrived. Flooding is a way to
distribute routing information updates quickly to every node in a large network. It is also
sometimes used in multicast packets (from one source node to many specific nodes in a real or
virtual network).

The Internet's Open Shortest Path First (OSPF) protocol, which updates router information in a
network, uses flooding.

Computer Networks | Error Detection

Error
A condition when the receiver’s information does not matches with the sender’s information.
During transmission, digital signals suffer from noise that can introduce errors in the binary bits
travelling from sender to receiver. That means a 0 bit may change to 1 or a 1 bit may change to
0.

Error Detecting Codes (Implemented either at Data link layer or Transport Layer of OSI
Model)
Whenever a message is transmitted, it may get scrambled by noise or data may get corrupted. To
avoid this, we use error-detecting codes which are additional data added to a given digital
message to help us detect if any error has occurred during transmission of the message.

Basic approach used for error detection is the use of redundancy bits, where additional bits are
added to facilitate detection of errors.

Some popular techniques for error detection are:

1. Simple Parity check
2. Two-dimensional Parity check
3. Checksum
4. Cyclic redundancy check

1. Simple Parity check

Blocks of data from the source are subjected to a check bit or parity bit generator form, where a
parity of :

 1 is added to the block if it contains odd number of 1’s, and

 0 is added if it contains even number of 1’s

This scheme makes the total number of 1’s even, that is why it is called even parity checking.
2. Two-dimensional Parity check
Parity check bits are calculated for each row, which is equivalent to a simple parity check bit.
Parity check bits are also calculated for all columns, then both are sent along with the data. At
the receiving end these are compared with the parity bits calculated on the received data.
3. Checksum

 In checksum error detection scheme, the data is divided into k segments each of m bits.
 In the sender’s end the segments are added using 1’s complement arithmetic to get the sum.
The sum is complemented to get the checksum.
 The checksum segment is sent along with the data segments.
 At the receiver’s end, all received segments are added using 1’s complement arithmetic to get
the sum. The sum is complemented.
 If the result is zero, the received data is accepted; otherwise discarded.

4. Cyclic redundancy check (CRC)

 Unlike checksum scheme, which is based on addition, CRC is based on binary division.
 In CRC, a sequence of redundant bits, called cyclic redundancy check bits, are appended to the
end of data unit so that the resulting data unit becomes exactly divisible by a second,
predetermined binary number.
 At the destination, the incoming data unit is divided by the same number. If at this step there is
no remainder, the data unit is assumed to be correct and is therefore accepted.
 A remainder indicates that the data unit has been damaged in transit and therefore must be
rejected.
Example :