IGNOU BCA MCS-22 Operating System Concepts and Networking Management Solved Question Paper (June 2023)
Hey there! Welcome to KnowledgeKnot! Don't forget to share this with your friends and revisit often. Your support motivates us to create more content in the future. Thanks for being awesome!
Q1. (a) Define WINDOWS NT Registry. What does it consist of? Discuss how you can secure the Registry and audit its critical components. (10 marks)
Answer:
Definition of Windows NT Registry:
The Windows NT Registry is a centralized hierarchical database that stores low-level settings for the Windows operating system and applications. It serves as a repository for configuration information, hardware settings, user preferences, and system policies. The Registry replaced the scattered initialization (.ini) files used in earlier Windows versions, providing a unified storage system for all system and application configurations.
Components of Windows NT Registry:
Registry Hives:
→ HKEY_LOCAL_MACHINE (HKLM): Contains machine-specific settings, hardware configuration, and software installations
→ HKEY_CURRENT_USER (HKCU): Stores current user's preferences and settings
→ HKEY_USERS (HKU): Contains settings for all user profiles on the system
→ HKEY_CLASSES_ROOT (HKCR): File associations and COM object registrations
→ HKEY_CURRENT_CONFIG (HKCC): Current hardware profile information
Registry Data Types:
→ REG_SZ: String values
→ REG_DWORD: 32-bit numeric values
→ REG_BINARY: Binary data
→ REG_MULTI_SZ: Multiple string values
→ REG_EXPAND_SZ: Expandable string values
Registry Security Measures:
Access Control:
→ Set appropriate permissions on Registry keys using DACL (Discretionary Access Control Lists)
→ Limit administrative access to critical Registry sections
→ Use principle of least privilege for user accounts
→ Implement group policies to restrict Registry access
Registry Backup and Recovery:
→ Regular automated Registry backups using Windows Backup utility
→ Create system restore points before making Registry changes
→ Use Emergency Repair Disk (ERD) for system recovery
→ Implement Last Known Good Configuration option
Auditing Critical Components:
→ Enable Registry auditing through Group Policy or Security Policy
→ Monitor access to sensitive Registry keys like security settings
→ Log Registry modifications and access attempts
→ Use Event Viewer to analyze Registry audit logs
→ Implement real-time monitoring tools for Registry changes
→ Regular review of audit logs for suspicious activities
Q1. (b) Define a firewall. What are its functions? List its limitations. (6 marks)
Answer:
Definition of Firewall:
A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between trusted internal networks and untrusted external networks, such as the Internet, filtering data packets according to configured security policies.
Functions of Firewall:
→ Packet Filtering: Examines data packets and allows or blocks them based on IP addresses, ports, and protocols
→ Access Control: Restricts unauthorized access to network resources and services
→ Traffic Monitoring: Continuously monitors network traffic for suspicious activities
→ Application Gateway: Provides proxy services for specific applications like HTTP, FTP, SMTP
→ Stateful Inspection: Tracks connection states and ensures responses match legitimate requests
→ Logging and Reporting: Maintains logs of network activities for security analysis
Limitations of Firewall:
→ Internal Threats: Cannot protect against attacks originating from within the network
→ Application Layer Attacks: Limited protection against sophisticated application-level exploits
→ Encrypted Traffic: Difficulty in inspecting encrypted communications
→ Performance Impact: May slow down network traffic due to inspection overhead
→ Configuration Complexity: Requires skilled administrators for proper setup and maintenance
→ Single Point of Failure: If firewall fails, network security may be compromised
Q1. (c) In context to RAID, explain Mirroring, Duplexing and Striping with parity. (9 marks)
Answer:
RAID (Redundant Array of Independent Disks) is a technology that combines multiple physical disk drives into a single logical unit to improve performance, reliability, or both. Different RAID levels implement various techniques for data storage and protection.
Mirroring (RAID 1):
Concept:
→ Creates exact duplicate copies of data on two or more drives
→ All data written to one drive is simultaneously written to mirror drive
→ Provides 100% data redundancy with fault tolerance
→ If one drive fails, system continues operating with mirror drive
Advantages:
→ Excellent fault tolerance and data protection
→ Fast read performance as data can be read from multiple drives
→ Simple implementation and management
Disadvantages:
→ 50% storage efficiency (requires double the storage space)
→ Higher cost due to drive duplication
Duplexing:
Concept:
→ Enhanced version of mirroring with separate disk controllers
→ Each mirrored drive has its own dedicated controller
→ Provides protection against both drive and controller failures
→ Eliminates controller as single point of failure
Advantages:
→ Higher fault tolerance than simple mirroring
→ Better performance due to independent controllers
→ Protection against controller malfunctions
Striping with Parity (RAID 5):
Concept:
→ Data is striped (distributed) across multiple drives
→ Parity information is calculated and stored across all drives
→ Requires minimum of three drives for implementation
→ Can recover data if any single drive fails using parity calculations
Working Mechanism:
→ Data blocks are written across multiple drives in strips
→ Parity bits are calculated using XOR operations
→ Parity information is distributed across all drives
→ Failed drive data can be reconstructed using remaining data and parity
Advantages:
→ Good balance between performance, storage efficiency, and fault tolerance
→ Better storage utilization compared to mirroring
→ Improved read and write performance through parallel access
Disadvantages:
→ Performance degradation during drive rebuilding
→ Cannot survive multiple simultaneous drive failures
→ Complex implementation and management
Q1. (d) Discuss the file system in Windows-XP and also explain how the office file features in Windows-XP are enabled? (8 marks)
Answer:
Windows XP File System:
Windows XP supports multiple file systems, with NTFS being the primary and most advanced option, along with FAT32 for backward compatibility.
NTFS in Windows XP:
Advanced Features:
→ File and Folder Permissions: Granular access control with user and group permissions
→ Encryption (EFS): Built-in file-level encryption using user certificates
→ Compression: NTFS compression to save disk space
→ Disk Quotas: Limit disk usage per user account
→ File System Journaling: Transaction logging for reliability and recovery
File System Structure:
→ Master File Table (MFT) stores metadata for all files and directories
→ Support for large files (up to 16TB) and volumes (up to 256TB)
→ Unicode filename support for international characters
→ Alternate Data Streams for additional file metadata
Office File Features in Windows XP:
Document Properties and Metadata:
→ Extended file properties for Office documents
→ Author, title, subject, and keyword information
→ Creation and modification timestamps
→ Document statistics and revision tracking
Enabling Office File Features:
Installation Requirements:
→ Install Microsoft Office suite (Office XP, 2003, or later)
→ Ensure NTFS file system for advanced features
→ Configure file associations for Office file types
Feature Configuration:
→ File Properties: Right-click Office files → Properties → Summary tab
→ Search Integration: Windows Search indexing for Office document content
→ Thumbnail Generation: Enable thumbnail views for Office files in Explorer
→ Preview Functionality: Quick preview of Office documents without opening applications
Windows Explorer Integration:
→ Detailed view showing Office document properties
→ Content-based searching within Office files
→ Thumbnail and preview generation for documents
→ Version tracking and document comparison features
Q1. (e) Discuss the absolute and relative pathnames in LINUX with the help of suitable examples for each. (7 marks)
Answer:
In Linux file systems, pathnames are used to specify the location of files and directories. There are two types of pathnames: absolute and relative, each serving different purposes in navigation and file operations.
Absolute Pathnames:
Definition:
Absolute pathnames specify the complete path from the root directory (/) to the target file or directory. They always start with a forward slash (/) and provide the full location regardless of the current working directory.
Characteristics:
→ Always begin with root directory symbol (/)
→ Independent of current working directory
→ Provide complete path information
→ Remain constant regardless of user location
Examples of Absolute Pathnames:
/home/user/documents/report.txt
/etc/passwd
/var/log/system.log
/usr/bin/gcc
/tmp/temp_file.txt
Usage Example:
# Access file from any directory
cat /home/user/documents/report.txt
ls -l /etc/passwd
cp /var/log/system.log /home/user/backup/
Relative Pathnames:
Definition:
Relative pathnames specify the path relative to the current working directory. They do not start with a forward slash and depend on the user's current location in the file system hierarchy.
Special Directory References:
→ . (dot): Represents current directory
→ .. (double dot): Represents parent directory
→ ~ (tilde): Represents user's home directory
Examples of Relative Pathnames:
Assume current directory is /home/user:
documents/report.txt # File in documents subdirectory
../john/files/data.txt # File in john's directory (parent level)
./scripts/backup.sh # File in scripts subdirectory
../../etc/hosts # System file (two levels up)
~/Desktop/notes.txt # File in user's Desktop directory
Usage Examples:
# From /home/user directory
cd documents # Move to documents subdirectory
ls ../john # List contents of john's directory
cp ./file.txt ../backup/ # Copy file to backup directory
cat ../../etc/passwd # Display system password file
Advantages and Use Cases:
Absolute Pathnames:
→ Unambiguous and always work from any location
→ Ideal for system scripts and configuration files
→ Useful in automated processes and cron jobs
Relative Pathnames:
→ Shorter and more convenient for nearby files
→ More portable across different systems
→ Useful for interactive command-line operations
Q2. (a) Describe the file and directory systems of LINUX with suitable examples. (7 marks)
Answer:
Linux follows a hierarchical file system structure with a single root directory and various subdirectories organized in a tree-like format. This unified file system provides a consistent interface for accessing files, devices, and system resources.
Linux File System Hierarchy:
Root Directory (/):
→ Top-level directory containing all other directories
→ Everything in Linux starts from root directory
→ Example: /
Essential System Directories:
/bin (Binary):
→ Contains essential command-line utilities
→ Examples: ls, cp, mv, rm, cat, grep
→ Available to all users for basic operations
/etc (Et Cetera):
→ System configuration files and scripts
→ Examples: /etc/passwd, /etc/hosts, /etc/fstab
→ Administrative configuration settings
/home:
→ User home directories
→ Examples: /home/john, /home/alice
→ Personal files and user-specific configurations
/var (Variable):
→ Variable data files like logs and databases
→ Examples: /var/log/messages, /var/spool/mail
→ Files that change frequently during operation
/usr (Unix System Resources):
→ User programs and applications
→ Examples: /usr/bin/gcc, /usr/share/doc
→ Secondary hierarchy for user data
/tmp (Temporary):
→ Temporary files and directories
→ Examples: /tmp/temp_file, /tmp/session_data
→ Automatically cleaned on system reboot
File Types in Linux:
Regular Files:
→ Text files, binary files, executable programs
→ Examples: document.txt, program.exe, image.jpg
Directories:
→ Containers for files and other directories
→ Examples: /home/user/documents
Symbolic Links:
→ Pointers to other files or directories
→ Examples: ln -s /usr/bin/python3 /usr/bin/python
Device Files:
→ Represent hardware devices
→ Examples: /dev/sda1 (hard disk), /dev/tty1 (terminal)
Directory Operations Examples:
# Create directory
mkdir /home/user/projects
# List directory contents
ls -la /etc
# Change directory
cd /var/log
# Remove directory
rmdir /tmp/old_directory
# Display current directory
pwd
Q2. (b) Describe various file permission modes in LINUX and associated commands for granting/revoking file permissions. (8 marks)
Answer:
Linux file permissions control access to files and directories using a comprehensive permission system. Each file and directory has three types of permissions for three categories of users.
Permission Types:
Read (r):
→ Files: View file contents
→ Directories: List directory contents
→ Octal value: 4
Write (w):
→ Files: Modify file contents
→ Directories: Create, delete, or rename files within directory
→ Octal value: 2
Execute (x):
→ Files: Run file as program or script
→ Directories: Access directory and its contents
→ Octal value: 1
User Categories:
→ Owner (u): User who owns the file
→ Group (g): Users belonging to file's group
→ Others (o): All other users on the system
Permission Representation:
Symbolic Notation:
-rwxrw-r--
│└┬┘└┬┘└┬┘
│ │ │ └── Others permissions (r--)
│ │ └───── Group permissions (rw-)
│ └──────── Owner permissions (rwx)
└────────── File type (-=regular file, d=directory)
Octal Notation:
→ Owner: rwx = 4+2+1 = 7
→ Group: rw- = 4+2+0 = 6
→ Others: r-- = 4+0+0 = 4
→ Result: 764
Commands for Managing Permissions:
chmod (Change Mode):
Symbolic Method:
# Grant read permission to group
chmod g+r filename
# Revoke write permission from others
chmod o-w filename
# Set exact permissions for owner
chmod u=rwx filename
# Multiple changes
chmod u+x,g-w,o+r filename
Octal Method:
# Set permissions using octal notation
chmod 755 filename # rwxr-xr-x
chmod 644 filename # rw-r--r--
chmod 600 filename # rw-------
chmod 777 filename # rwxrwxrwx
chown (Change Owner):
# Change file owner
chown newowner filename
# Change owner and group
chown newowner:newgroup filename
# Change ownership recursively
chown -R newowner:newgroup directory/
chgrp (Change Group):
# Change file group
chgrp newgroup filename
# Change group recursively
chgrp -R newgroup directory/
Special Permissions:
Setuid (4000):
→ Execute file with owner's privileges
→ Example: chmod 4755 program
Setgid (2000):
→ Execute with group's privileges or inherit group ownership
→ Example: chmod 2755 directory
Sticky Bit (1000):
→ Only owner can delete files in directory
→ Example: chmod 1755 /tmp
Viewing Permissions:
# List file permissions
ls -l filename
# List directory permissions
ls -ld directory/
# Detailed permission information
stat filename
Q2. (c) Explain the purpose of the following commands in LINUX with an example for each: (5 marks)
(i) cp
(ii) mv
Answer:
(i) cp (Copy) Command:
Purpose:
The cp command is used to copy files and directories from one location to another. It creates a duplicate of the source file or directory at the specified destination while preserving the original.
Basic Syntax:
cp [options] source destination
Examples:
# Copy a single file
cp document.txt /home/user/backup/
# Copy file with new name
cp original.txt copy.txt
# Copy multiple files to directory
cp file1.txt file2.txt file3.txt /home/user/documents/
# Copy directory recursively
cp -r /home/user/projects /home/user/backup/
# Copy with preservation of attributes
cp -p important.txt /backup/important.txt
# Interactive copy (prompt before overwrite)
cp -i source.txt destination.txt
Common Options:
→ -r or -R: Copy directories recursively
→ -p: Preserve file attributes (timestamps, permissions)
→ -i: Interactive mode (prompt before overwriting)
→ -v: Verbose mode (show files being copied)
(ii) mv (Move) Command:
Purpose:
The mv command is used to move files and directories from one location to another, or to rename files and directories. Unlike cp, mv removes the file from the source location after moving it to the destination.
Basic Syntax:
mv [options] source destination
Examples:
# Move a file to different directory
mv document.txt /home/user/documents/
# Rename a file
mv oldname.txt newname.txt
# Move multiple files to directory
mv file1.txt file2.txt file3.txt /home/user/archive/
# Move and rename simultaneously
mv /tmp/temp.txt /home/user/final_document.txt
# Move directory
mv old_project_folder /home/user/completed_projects/
# Interactive move (prompt before overwrite)
mv -i source.txt /destination/
Common Options:
→ -i: Interactive mode (prompt before overwriting)
→ -f: Force move (overwrite without prompting)
→ -v: Verbose mode (show files being moved)
→ -n: No overwrite (do not overwrite existing files)
Key Differences:
→ cp: Creates duplicate, original remains
→ mv: Transfers file, original is removed
→ mv: Can be used for renaming files
→ cp: Requires -r option for directories, mv doesn't
Q3. (a) Differentiate the role and responsibilities of "user mode" and "kernel mode" of Windows-2000 system. (8 marks)
Answer:
Windows 2000 operates with two distinct privilege levels: user mode and kernel mode. This separation provides security, stability, and efficient resource management by controlling access to system resources and critical operations.
User Mode:
Definition and Purpose:
User mode is a restricted processing mode where applications and user programs execute. It provides a controlled environment that prevents direct access to hardware and critical system resources, ensuring system stability and security.
Roles and Responsibilities:
Application Execution:
→ Runs user applications and programs
→ Executes third-party software and utilities
→ Handles user interface and application logic
→ Manages application-specific data and processes
Resource Access Limitations:
→ Cannot directly access hardware devices
→ Cannot modify critical system settings
→ Cannot access memory allocated to other processes
→ Must use system calls to request kernel services
Security Boundaries:
→ Isolated execution environment for each process
→ Virtual memory protection between applications
→ Prevention of unauthorized system modifications
→ Limited access to system files and resources
Kernel Mode:
Definition and Purpose:
Kernel mode is a privileged processing mode where the operating system kernel and device drivers execute. It has unrestricted access to all system resources, hardware, and memory, enabling complete system control.
Roles and Responsibilities:
System Resource Management:
→ Direct hardware access and control
→ Memory management and allocation
→ Process and thread scheduling
→ Interrupt handling and system calls
Critical System Functions:
→ Device driver execution
→ Security policy enforcement
→ File system operations
→ Network protocol implementation
Hardware Abstraction:
→ Provides hardware abstraction layer (HAL)
→ Manages device communication
→ Handles low-level system operations
→ Controls access to privileged instructions
Key Differences:
Access Privileges:
→ User Mode: Restricted access, cannot execute privileged instructions
→ Kernel Mode: Unrestricted access, can execute all processor instructions
Memory Access:
→ User Mode: Limited to virtual memory allocated to the process
→ Kernel Mode: Can access all physical and virtual memory
Failure Impact:
→ User Mode: Application crash affects only that application
→ Kernel Mode: System crash can affect entire operating system
Performance:
→ User Mode: Mode switching overhead when accessing system services
→ Kernel Mode: Direct hardware access provides better performance
Mode Transition:
→ Applications switch from user mode to kernel mode through system calls
→ Kernel returns control to user mode after completing requested services
→ Context switching maintains security and stability boundaries
Q3. (b) What is Kerberos? Explain the complete process of client authentication through Kerberos. (7 marks)
Answer:
Definition of Kerberos:
Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications using secret-key cryptography. Developed at MIT, it enables secure authentication over insecure networks without transmitting passwords in plain text. Kerberos uses tickets to prove identity and establish secure communications.
Kerberos Components:
→ Authentication Server (AS): Verifies user identity and issues Ticket Granting Tickets
→ Ticket Granting Server (TGS): Issues service tickets for accessing specific services
→ Key Distribution Center (KDC): Combined AS and TGS functionality
→ Principal: Users, services, or applications in the Kerberos realm
Complete Kerberos Authentication Process:
Step 1: Initial Authentication Request (AS_REQ)
→ Client sends authentication request to Authentication Server
→ Request includes client ID and requested service information
→ Timestamp included to prevent replay attacks
→ No password transmitted over network
Step 2: Authentication Server Response (AS_REP)
→ AS verifies client identity in database
→ AS generates session key for client-TGS communication
→ AS creates Ticket Granting Ticket (TGT) encrypted with TGS secret key
→ Session key sent to client encrypted with client's password-derived key
→ Client decrypts session key using password
Step 3: Service Ticket Request (TGS_REQ)
→ Client sends TGT to Ticket Granting Server
→ Includes authenticator encrypted with session key from Step 2
→ Requests ticket for specific service
→ TGS verifies TGT and authenticator validity
Step 4: Ticket Granting Server Response (TGS_REP)
→ TGS decrypts TGT and validates client information
→ TGS generates new session key for client-service communication
→ Creates service ticket encrypted with target service's secret key
→ Sends service ticket and session key to client
Step 5: Service Request (AP_REQ)
→ Client sends service ticket to target server
→ Includes authenticator encrypted with service session key
→ Service decrypts ticket using its secret key
→ Verifies client identity and authenticator
Step 6: Service Authentication (AP_REP)
→ Service optionally sends confirmation to client
→ Proves service identity to client (mutual authentication)
→ Secure communication established using service session key
→ Both parties can now communicate securely
Security Features:
→ No password transmission: Passwords never sent over network
→ Mutual authentication: Both client and server verify each other
→ Time-limited tickets: Tickets expire to limit exposure
→ Replay protection: Timestamps prevent replay attacks
→ Single sign-on: One authentication grants access to multiple services
Q3. (c) What is a Virtual Private Network (VPN)? Describe the step by step procedure to configure VPN in Windows-XP. (5 marks)
Answer:
Definition of Virtual Private Network (VPN):
A Virtual Private Network (VPN) is a technology that creates a secure, encrypted connection over a public network (typically the Internet) to connect remote users or branch offices to a private network. VPNs use tunneling protocols to encapsulate and encrypt data, ensuring confidentiality and integrity of communications.
VPN Benefits:
→ Secure remote access to corporate networks
→ Encrypted communication over untrusted networks
→ Cost-effective alternative to dedicated private lines
→ Support for mobile and remote workers
Step-by-Step VPN Configuration in Windows XP:
Step 1: Access Network Connections
→ Click Start → Control Panel → Network Connections
→ Alternative: Right-click My Network Places → Properties
Step 2: Create New Connection
→ Click "Create a new connection" in Network Tasks panel
→ New Connection Wizard will open
→ Click Next to proceed
Step 3: Select Network Connection Type
→ Choose "Connect to the network at my workplace"
→ Click Next to continue
Step 4: Choose Connection Method
→ Select "Virtual Private Network connection"
→ Click Next to proceed
Step 5: Configure Connection Details
→ Enter a name for the VPN connection (e.g., "Office VPN")
→ Enter the VPN server address (IP address or domain name)
→ Configure connection availability (current user or all users)
Step 6: Complete Connection Setup
→ Click Finish to create the VPN connection
→ Connection icon appears in Network Connections folder
→ Desktop shortcut can be created for easy access
Step 7: Configure Connection Properties
→ Right-click VPN connection → Properties
→ General tab: Verify server address and phone number settings
→ Options tab: Configure connection options and redialing
→ Security tab: Select VPN type (PPTP, L2TP/IPSec) and authentication methods
→ Networking tab: Configure TCP/IP and other protocol settings
Step 8: Establish VPN Connection
→ Double-click VPN connection icon
→ Enter username and password credentials
→ Click Connect to establish VPN tunnel
→ Connection status shows when successfully connected
Q4. (a) Differentiate LAN, MAN and WAN in context of its geographical distribution, size, access mechanism, hardware devices and communication. (10 marks)
Answer:
Computer networks are classified based on their geographical coverage and scope. LAN, MAN, and WAN represent different scales of network implementation, each with distinct characteristics and requirements.
Local Area Network (LAN):
Geographical Distribution:
→ Limited to small geographical area
→ Covers single building, office, or campus
→ Typical range: 10 meters to 1 kilometer
→ Examples: Office network, home network, school lab
Size and Scale:
→ Small number of connected devices (2-1000 devices)
→ Limited user base within organization
→ Manageable administrative scope
Access Mechanism:
→ High-speed data transmission (10 Mbps to 10 Gbps)
→ Low latency and minimal delay
→ Shared medium access using Ethernet protocols
→ CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
Hardware Devices:
→ Switches, hubs, and bridges
→ Network interface cards (NICs)
→ Ethernet cables (twisted pair, fiber optic)
→ Wireless access points for Wi-Fi networks
Communication:
→ Direct communication between devices
→ Broadcast and multicast support
→ Private addressing schemes
→ Minimal routing complexity
Metropolitan Area Network (MAN):
Geographical Distribution:
→ Covers city or metropolitan area
→ Spans multiple buildings and locations
→ Typical range: 5-50 kilometers
→ Examples: City government network, cable TV network
Size and Scale:
→ Medium-sized network infrastructure
→ Connects multiple LANs within city
→ Serves thousands to hundreds of thousands of users
Access Mechanism:
→ Moderate to high-speed transmission (1-100 Mbps)
→ Fiber optic backbone for high bandwidth
→ Switching and routing for traffic management
→ Quality of Service (QoS) implementation
Hardware Devices:
→ Routers and Layer 3 switches
→ Fiber optic cables and repeaters
→ Microwave links and wireless bridges
→ Metropolitan area network equipment
Communication:
→ Packet switching and routing protocols
→ Public and private addressing schemes
→ Multiple communication paths
→ Service provider managed infrastructure
Wide Area Network (WAN):
Geographical Distribution:
→ Covers large geographical areas
→ Spans countries, continents, or global coverage
→ Unlimited geographical scope
→ Examples: Internet, corporate international networks
Size and Scale:
→ Largest scale network implementation
→ Connects multiple MANs and LANs
→ Serves millions to billions of users globally
Access Mechanism:
→ Variable speed depending on infrastructure (56 Kbps to 100 Gbps)
→ Higher latency due to distance
→ Packet switching across multiple networks
→ Complex routing protocols (BGP, OSPF)
Hardware Devices:
→ High-capacity routers and switches
→ Submarine cables and satellite links
→ Fiber optic backbone infrastructure
→ Microwave towers and cellular networks
Communication:
→ Complex routing and addressing schemes
→ Multiple autonomous systems
→ Internet protocols (TCP/IP)
→ Service provider interconnections
Comparison Summary:
Cost: LAN (Low) < MAN (Medium) < WAN (High)
Speed: LAN (Highest) > MAN (Medium) > WAN (Variable)
Ownership: LAN (Private) > MAN (Mixed) > WAN (Public/Shared)
Complexity: LAN (Simple) < MAN (Medium) < WAN (Complex)
Q4. (b) Discuss the following briefly w.r.t. Windows-2000: (10 marks)
(i) NTFS (New Technology File System)
(ii) EFS Services (Encrypting File System)
Answer:
(i) NTFS (New Technology File System) in Windows 2000:
Overview:
NTFS is the primary file system for Windows 2000, providing advanced features for security, reliability, and performance. It replaced FAT32 as the preferred file system for professional and server environments.
Key Features:
Security and Permissions:
→ File and folder level access control lists (ACLs)
→ Granular permissions for users and groups
→ Inheritance of permissions from parent directories
→ Audit logging for file and folder access
File System Capabilities:
→ Support for large files (up to 16TB) and volumes (up to 256TB)
→ Long filename support (up to 255 characters)
→ Unicode character support for international filenames
→ Case-sensitive filename preservation
Reliability Features:
→ Journaling file system with transaction logging
→ Automatic bad sector detection and remapping
→ Self-healing capabilities for minor corruption
→ Built-in fault tolerance mechanisms
Advanced Features:
→ File compression to save disk space
→ Disk quotas for controlling user storage
→ Alternate data streams for additional metadata
→ Hard links and symbolic links support
→ Sparse files for efficient storage of large files with empty space
Performance Optimizations:
→ Master File Table (MFT) for efficient file indexing
→ Defragmentation support for optimal performance
→ Efficient space allocation algorithms
→ Improved caching and buffering mechanisms
(ii) EFS Services (Encrypting File System) in Windows 2000:
Overview:
EFS is a feature of NTFS that provides transparent file-level encryption. It automatically encrypts and decrypts files and folders to protect sensitive data from unauthorized access, even if the physical storage is compromised.
Encryption Process:
Automatic Encryption:
→ Transparent to user applications and processes
→ Files encrypted when written to disk
→ Automatic decryption when accessed by authorized users
→ Uses symmetric encryption for file data and asymmetric encryption for key protection
Key Management:
→ User-specific encryption keys based on user certificates
→ File Encryption Key (FEK) for actual file encryption
→ Data Decryption Field (DDF) stores encrypted FEK
→ Data Recovery Field (DRF) for data recovery agents
Security Features:
Access Control:
→ Only the encrypting user can access encrypted files
→ Integration with Windows 2000 user authentication
→ Protection against offline attacks on stolen drives
→ Automatic key generation and management
Data Recovery:
→ Designated Data Recovery Agents (DRA) for enterprise environments
→ Recovery certificates for accessing encrypted data
→ Administrative recovery mechanisms
→ Policy-based recovery configurations
Usage and Implementation:
Enabling EFS:
→ Right-click file/folder → Properties → Advanced → Encrypt contents
→ Command-line tool: cipher.exe for bulk operations
→ Group Policy settings for enterprise deployment
→ Certificate-based user authentication required
Limitations:
→ Only works on NTFS file systems
→ Cannot encrypt system files or compressed files
→ Performance overhead for encryption/decryption operations
→ Key management complexity in enterprise environments
Q5. Write short notes on the following: (4×5=20 marks)
(a) Gateways Network device
(b) Backup and restoration in LINUX
(c) Distributed operating system
(d) Managing user profiles in Windows-2000
Answer:
(a) Gateways Network Device:
A gateway is a network device that acts as an interface between two different networks using different protocols or architectures. It operates at multiple layers of the OSI model and provides protocol translation, data format conversion, and routing services. Gateways are essential for connecting dissimilar networks and enabling communication between different network types. Examples include email gateways connecting different mail systems, protocol gateways for converting between TCP/IP and other protocols, and application gateways for specific services. Modern routers often include gateway functionality for connecting LANs to WANs or the Internet.
(b) Backup and Restoration in Linux:
Linux provides various tools and methods for data backup and restoration. Common backup utilities include tar for creating archive files, rsync for incremental backups and synchronization, and dd for disk-level copying. System administrators can use cron jobs to schedule automated backups. Full system backups can be created using tools like dump and restore, while file-level backups use cp, tar, or specialized tools like Amanda or Bacula. Cloud-based backup solutions and network-attached storage (NAS) provide additional backup destinations. Restoration involves extracting data from backup archives and verifying data integrity using checksums and verification tools.
(c) Distributed Operating System:
A distributed operating system manages a collection of interconnected computers and presents them as a single coherent system to users and applications. It provides transparent access to distributed resources, handles inter-node communication, and manages distributed processes and data. Key features include distributed file systems, load balancing, fault tolerance, and resource sharing across multiple machines. Examples include Amoeba, Plan 9, and modern cloud computing platforms. Distributed operating systems differ from network operating systems by providing greater transparency and integration, making the distributed nature invisible to users while enabling scalable and reliable computing across multiple nodes.
(d) Managing User Profiles in Windows 2000:
Windows 2000 user profiles store individual user settings, preferences, and customizations. Local profiles are stored on the local machine, while roaming profiles are stored on network servers and follow users across different computers. Mandatory profiles prevent users from making permanent changes to their desktop environment. Profile management involves configuring profile paths, setting up roaming profiles through Active Directory, managing profile size and synchronization, and implementing folder redirection for documents and settings. Administrators can use Group Policy to control profile behavior, set quotas, and manage profile cleanup. Profile troubleshooting involves checking permissions, network connectivity, and profile corruption issues.
