BE Computer Engineering (IOE, TU) Computer Networks and Security (IOE, CT 703 / ENCT 304) Question Paper 2078

(a) Compare and contrast the OSI reference model with the TCP/IP protocol suite, clearly mapping the layers of one model onto the other and identifying which OSI layers have no direct counterpart in TCP/IP. [7]

(b) Explain the concepts of encapsulation and de-encapsulation as a data unit travels down and up the protocol stack. Using a suitable diagram, show the Protocol Data Unit (PDU) name and the header information added at the Transport, Network and Data Link layers. [5]

An organization has been allocated the network address 192.168.10.0/24. The network must be divided to support four departments with the following host requirements: Department A = 60 hosts, Department B = 28 hosts, Department C = 12 hosts, Department D = 10 hosts.

(a) Using Variable Length Subnet Masking (VLSM), design the subnetting scheme. For each department give the subnet address, the subnet mask (in CIDR and dotted-decimal form), the usable host range and the broadcast address. [9]

(b) State how much of the address space remains unallocated after this design. [3]

(a) Distinguish between Distance Vector routing and Link State routing with respect to the information exchanged, convergence speed and scalability. [5]

(b) Consider the network graph below where edge labels are link costs:

     A --1-- B --3-- C
     |       |       |
     4       2       1
     |       |       |
     D --5-- E --1-- F

Apply Dijkstra's shortest-path algorithm to compute the shortest path tree and least-cost path from node A to every other node. Show the working at each iteration. [7]

(a) Differentiate between symmetric-key and asymmetric-key (public-key) cryptography, mentioning one practical algorithm and one key-distribution challenge for each. [5]

(b) In the RSA algorithm, two primes are chosen as p = 7 and q = 11 and the public exponent is e = 13. Compute the value of n, the totient φ(n) and the private key d. Then show how the plaintext message M = 5 would be encrypted and decrypted. [7]

With the help of a diagram, explain the TCP three-way handshake used for connection establishment. State the role of the SYN, SYN-ACK and ACK segments and the purpose of the initial sequence numbers.

Compare TCP and UDP across at least five criteria (connection orientation, reliability, ordering, header size and overhead). Give one example application for which UDP is more suitable than TCP and justify your choice.

Explain the working of the Domain Name System (DNS). Describe the difference between recursive and iterative DNS queries, and outline the steps involved in resolving the name www.example.com to an IP address.

(a) Differentiate between HTTP persistent and non-persistent connections. [3]

(b) Briefly describe the roles of SMTP, POP3 and IMAP in the electronic mail system. [3]

Define the security goals of Confidentiality, Integrity and Availability (the CIA triad). For each goal, name one type of attack that threatens it and one countermeasure used to protect it.

What is a digital signature? Explain how a digital signature is generated and verified using a hash function and public-key cryptography, and state how it provides both authentication and non-repudiation.

Explain the function of a firewall in a network. Differentiate between a packet-filtering firewall and a stateful inspection firewall, and discuss the role of a Demilitarized Zone (DMZ) in network design.

What is a Virtual Private Network (VPN)? Explain the concept of tunneling and differentiate between the transport mode and tunnel mode of IPSec.

List four key differences between IPv4 and IPv6 addressing, including address length, header complexity and support for address autoconfiguration.