Q1. a) What are the two criteria for classification of the advanced operating systems? Discuss any two operating systems in both the categories.
Answer : -
Advanced Operating Systems
Architecture Driven System
Application Driven System
Network Operating System
A network operating system is a specialized operating system for a network device such as a router, switch or firewall.
Historically operating systems with networking capabilities were described as network operating system, because they allowed personal computers (PCs) to participate in computer networks and shared file and printer access within a local area network (LAN).
Network operating systems can be embedded in a router or hardware firewall that operates the functions in the network layer (layer 3).
Some important Network OS are listed below -
Cisco IOS - Cisco Internetwork Operating System (IOS) is a family of network operating systems used on many Cisco Systems routers and current Cisco network switches. Earlier, Cisco switches ran CatOS. IOS is a package of routing, switching, internetworking and telecommunications functions integrated into a multitasking operating system.
Cisco NX-OS - NX-OS is a network operating system for the Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches made by Cisco Systems.
AppleShare - AppleShare was a product from Apple Computer which implemented various network services. Its main purpose was to act as a file server, using the AFP protocol.
Distributed Operating System
A Distributed Operating System is an operating system that runs on a network of computers.
In a Distributed Operating System, each user thinks that running on a single large system with one operating system. The users don’t need to know where the files in the network.
Real-Time Operating System
Real time system means that the system is subjected to real time, i.e., response should be guaranteed within a specified timing constraint or system should meet the specified deadline. For example: missile systems, air traffic control systems, robots etc.
There are two types of Real-Time Operating System -
Hard Real-Time Systems - Hard Real-Time Systems are require for the applications where time constraints are very strict and even the shortest possible delay is not acceptable. These systems are built for saving life like automatic parachutes or air bags which are required to be readily available in case of any accident.
In hard real-time systems, secondary storage is limited or missing and the data is stored in ROM. In these systems, virtual memory is almost never found.
Soft Real-Time Systems - Soft real-time systems are less restrictive. A critical real-time task gets priority over other tasks and retains the priority until it completes. Soft real-time systems have limited utility than hard real-time systems. For example, multimedia, virtual reality, Advanced Scientific Projects like undersea exploration and planetary rovers, etc.
Q1. b) Discuss the key characteristics of modern operating systems.
Answer : -
Multi-threading - Multithreading is the ability of a program or an operating system process to manage its use by more than one user at a time and to even manage multiple requests by the same user without having to have multiple copies of the programming running in the computer. The process is divided into threads that can run simultaneously.
Symmetric Multi-processing - In Symmetric Multi-processing system a computer has more than one processor. These processors can share the same memory, data path, I/O facilities and also the same job for execution.
Advantages of Symmetric Multiprocessing -
The throughput of the system is increased in symmetric multiprocessing. As there are multiple processors, more processes are executed.
Symmetric multiprocessing systems are much more reliable than single processor systems. Even if a processor fails, the system still endures. Only its efficiency is decreased a little.
Distributed Operating System - A Distributed Operating System is an operating system that runs on a network of computers. The operating system, memory files shared by the number of users in the network from the server. In a Distributed Operating System, each user thinks that running on a single large system with one operating system. The users don’t need to know where the files in the network.
Micro-Kernel Architecture - Kernel is the core part of an operating system which manages system resources. It also acts like a bridge between application and hardware of the computer. It is one of the first programs loaded on start-up (after the Bootloader).
A Micro-Kernel is the minimum software that is required to correctly implement an operating system. This includes memory management, process scheduling mechanisms and basic inter-process communication.
Object-Oriented Design - It is used for adding modular extensions to a small kernel. It also enables programmers to customize an operating system without disrupting system integrity.
Q2. Discuss the objectives and primary functions of the following connecting devices :
Answer : -
If multiple incoming connections need to be connected with multiple outgoing connections, then a hub is required. In data communications, a hub is a place of convergence where data arrives from one or more directions and is forwarded out in one or more other directions. Hubs are multi-port repeaters, and as such they obey the same rules as repeaters. They operate at the OSI Model Physical Layer. Hubs are used to provide a physical Star Topology.
In an environment consisting of several network segments with different protocols and architecture, a bridge may not be adequate for ensuring fast communication among all of the segments. A complex network needs a device which not only knows the address of each segment, but also can determine the best path for sending data and filtering broadcast traffic to the local segment. Such a device is called a Router. Routers are both hardware and software devices. Router operates at the Network Layer of the OSI Model.
Q3. Explain virtual to physical address mapping concepts with the help of an abstract model.
Answer : - Your computer has two types of memory, Random Access Memory (RAM) and Virtual Memory. All programs use RAM, but when there isn't enough RAM for the program you're trying to run, Windows temporarily moves information that would normally be stored in RAM to a file on your hard disk called a Paging File. The amount of information temporarily stored in a paging file is also referred to as virtual memory. Using virtual memory, in other words, moving information to and from the paging file, frees up enough RAM for programs to run correctly.
A virtual address does not represent the actual physical location of an object in memory; instead, the system maintains a page table for each process, which is an internal data structure used to translate virtual addresses into their corresponding physical addresses. Each time a thread references an address, the system translates the virtual address to a physical address.
In this model, both virtual and physical memory are divided up into handy sized chunks called pages. These pages are all the same size. Each of these pages is given a unique number; the Page Frame Number (PFN). For every instruction in a program, for example to load a register with the contents of a location in memory, the CPU performs a mapping from a virtual address to a physical one. Also, if the instruction itself references memory then a translation is performed for that reference.
The address translation between virtual and physical memory is done by the CPU using page tables which contain all the information that the CPU needs. Typically there is a page table for every process in the system. Above figure shows a simple mapping between virtual addresses and physical addresses using page tables for Process X and Process Y. This shows that Process X’s virtual PFN 0 is mapped into memory in physical PFN 3 and that Process Y’s virtual PFN 2 is mapped into physical PFN 5. Each entry in the theoretical page table contains the following information :
Q4. Describe important Linux directories and files.
Answer : -
/ – Root
/bin – User Binaries
/boot – Boot Loader Files
/dev – Device Files
/etc – Configuration Files
/home – Home Directories
/lib – System Libraries
/media – Removable Media Devices
/mnt – Mount Directory
/opt – Optional add-on Applications
/sbin – System Binaries
/srv – Service Data
/tmp – Temporary Files
/usr – User Programs
/var – Variable Files
Q5. a) What will be the output of followings?
Answer : - Consider that the "myfile.text" contains the following lines -
mohan play football
$ cat myfile.text | head -7 | tail -5
Answer : - Print the last 5 lines from the first 7 lines of the "myfile.text" file
|root@UBUNTU-PC:/MyDirectory# cat myfile.text | head -7 | tail -5
$ cat filename | more ls -l > temp
Answer : -
$ sort myfile.text | unique
Answer : - Wrong Command
Right command is - sort myfile.text | uniq
First sort the file contents alphabetically, then remove the duplicate lines.
|root@UBUNTU-PC:/MyDirectory# sort myfile.text | uniq
mohan play football
$ cat myfile.text | grep “mohan” | wc -l
Answer : - Count the number of lines present in the "myfile.text" file which contains the particular pattern "mohan".
|root@UBUNTU-PC:/MyDirectory# cat myfile.text | grep “mohan” | wc -l
$ ls -l | grep “jan”
Answer : - Display the detailed list of all the files and directories which name is contain the pattern "jan"
$ ls -l | grep | sort
Answer : -
Q5. b) What options can be used with grep command?
Answer : - Solve it Yourself
Q6. Briefly describe the features of followings and how are they configured in Linux?
Answer : -
(i) Apache Web Server
Apache is the most widely used Web Server application in UNIX-like operating systems but can be used on almost all platforms such as Windows, OS X, etc.
The reasons behind its popularity are :
Domain Name System is an Internet service that translates domain names into IP addresses. Since domain names are alphabetic, they are easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.questionsolves.com might translate to 220.127.116.11.
A domain name is divided into three part -
Top Level Domain - A top-level domain recognizes a certain element regarding the associated website, such as its objective (business, government, education), its owner, or the geographical area from which it originated.
Generic Top Level Domains
|.gov||U.S. national and state government agencies|
Country-Code Top Level Domains
Sponsored Top Level Domains
|.aero||Members of the air-transport industry|
|.jobs||Human resource managers|
|.tel||For businesses and individuals to publish contact data|
|.travel||Travel agents, airlines, tourism bureaus, etc.|
|.mobi||Providers and consumers of mobile products and services|
|.cat||Catalan linguistic and cultural community|
Infrastructure Top Level Domains - There is only one TLD in this category, which is ".arpa", used for the Internet Engineering Task Force (IETF).
Second Level Domain - In the Domain Name System (DNS) hierarchy, a second-level domain (SLD or 2LD) is a domain that is directly below a top-level domain (TLD). For example, in www.questionsolves.com, questionsolves is the second-level domain of the .com TLD.
Sub Domain - In the Domain Name System (DNS) hierarchy, a sub domain is a domain that is directly below a second-level domain (TLD). For example, in mail.questionsolves.com, mail is the sub domain of the questionsolves.com TLD.
(iii) NFS Server
A network file system (NFS) is a type of file system mechanism that enables the storage and retrieval of data from multiple disks and directories across a shared network. It enables local users to access remote data and files in the same way they are accessed locally. NFS was initially developed by Sun Microsystems.
Q7. What are the purposes of dynamic addressing and directory services in Windows 2000? How are they configured?
Answer : - Solve it Yourself
Q8. What is the purpose of VPN and name VPN technologies supported by Windows 2000?
Answer : - A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely. VPN technology is widely used in corporate environments.
A VPN extends a corporate network through encrypted connections made over the Internet. Because the traffic is encrypted between the device and the network, traffic remains private as it travels. An employee can work outside the office and still securely connect to the corporate network. Even smartphones and tablets can connect through a VPN.
Types of VPNs
Remote access - A remote access VPN securely connects a device outside the corporate office. These devices are known as endpoints and may be laptops, tablets, or smartphones. Advances in VPN technology have allowed security checks to be conducted on endpoints to make sure they meet a certain posture before connecting. Think of remote access as computer to network.
Site-to-Site - A Site-to-Site VPN connects the corporate office to branch offices over the Internet. Site-to-Site VPNs are used when distance makes it impractical to have direct network connections between these offices. Dedicated equipment is used to establish and maintain a connection. Think of Site-to-Site access as network to network.
Virtual Private Network Protocols
PPTP - Point to Point Tunneling Protocol (PPTP) is one of the oldest protocol by Microsoft. It is the fastest of all VPN protocols. It is ideal for applications where speed is important such as streaming and gaming. But, PPTP is not as secure because of its weak encryption. PPTP uses the TCP port 1723 for communication.
L2TP/IPsec - L2TP over IPsec is more secure than PPTP and offers more features. L2TP/IPsec is a way of implementing two protocols together in order to gain the best features of each.
The data transmitted via the L2TP/IPSec protocol is usually authenticated twice. Each data packet transmitted via the tunnel includes L2TP headers. As a result, the data is de-multiplexed by the server. The double authentication of the data slows down performance, but it does provide the highest security.
Q9. What are Intrusion Detection Systems(IDS)? What IDS can do?
Answer : - An Intrusion Detection System (IDS) is a type of security software designed to automatically alert administrators when someone or something is trying to compromise information system through malicious activities or through security policy violations.
IDS is basically classified into two types :
Network Intrusion Detection System (NIDS)
Network intrusion detection systems (NIDS) are set up at a planned point within the network to examine traffic from all devices on the network. It performs an observation of passing traffic on the entire subnet and matches the traffic that is passed on the subnets to the collection of known attacks. Once an attack is identified or abnormal behavior is observed, the alert can be sent to the administrator. An example of an NIDS is installing it on the subnet where firewalls are located in order to see if someone is trying crack the firewall.
Host Intrusion Detection System (HIDS)
Host intrusion detection systems (HIDS) run on independent hosts or devices on the network. A HIDS monitors the incoming and outgoing packets from the device only and will alert the administrator if suspicious or malicious activity is detected. It takes a snapshot of existing system files and compares it with the previous snapshot. If the analytical system files were edited or deleted, an alert is sent to the administrator to investigate.
Detection Method of IDS -
Signature-based Method - Signature-based IDS detects the attacks on the basis of the specific patterns such as number of bytes or number of 1’s or number of 0’s in the network traffic. It also detects on the basis of the already known malicious instruction sequence that is used by the malware. The detected patterns in the IDS are known as signatures.
Signature-based IDS can easily detect the attacks whose pattern (signature) already exists in system but it is quite difficult to detect the new malware attacks as their pattern (signature) is not known.
Anomaly-based Method - Anomaly-based IDS was introduced to detect the unknown malware attacks as new malware are developed rapidly. In anomaly-based IDS there is use of machine learning to create a trustful activity model and anything coming is compared with that model and it is declared suspicious if it is not found in model. Machine learning based method has a better generalized property in comparison to signature-based IDS as these models can be trained according to the applications and hardware configurations.
Q10. Elaborate the primary aspects of firewall? What are the limitations of firewall?
Answer : - A firewall is a network security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented as both hardware and software, or a combination of both. Network firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
Firewalls can be either hardware or software but the ideal configuration will consist of both. In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.
Firewall Filtering Techniques
Firewalls are used to protect both home and corporate networks. A typical firewall program or hardware device filters all information coming through the Internet to your network or computer system. There are several types of firewall techniques that will prevent potentially harmful information from getting through :
Packet Filter - Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
Application Gateway - Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level Gateway - Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Proxy Server - Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
In practice, many firewalls use two or more of these techniques in concert. A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.
Limitations of Firewall
Firewalls cannot protect against what has been authorized.
It cannot stop attacks if the traffic does not pass through them.
They are only as effective as the rules they are configured to enforce.
The firewall cannot protect against the transfer of virus-infected programs or files. Because of the variety of operating systems and applications supported inside the perimeter, it would be impractical and perhaps impossible for the firewall to scan all incoming files, e-mail, and messages for viruses.
The firewall does not protect against internal threats, such as a disgruntled employee or an employee who unwittingly cooperates with an external attacker.
Q11. How does RAID support fault tolerance systems? How is it implemented in Windows 2000?
Answer : - Fault-tolerance is the ability to survive of one or several disk failures.
RAID is a technology that is used to increase the performance and/or reliability of data storage. RAID stands for Redundant Array of Independent Disks. A RAID system consists of two or more drives working in parallel. There are different RAID levels, each optimized for a specific situation.
RAID 0 – striping
In a RAID 0 system data are split up into blocks that get written across all the drives in the array. By using multiple disks (at least 2) at the same time, this offers superior I/O performance. This performance can be enhanced further by using multiple controllers, ideally one controller per disk.
RAID 1 – mirroring
Data are stored twice by writing them to both the data drive (or set of data drives) and a mirror drive (or set of mirror drives). If a drive fails, the controller uses either the data drive or the mirror drive for data recovery and continues operation. You need at least 2 drives for a RAID 1 array.
RAID 5 – striping with parity
RAID 5 is the most common secure RAID level. It requires at least 3 drives but can work with up to 16 drives. Data blocks are striped across the drives and on one drive a parity checksum of all the block data is written. The parity data are not written to a fixed drive, they are spread across all drives. Using the parity data, the computer can recalculate the data of one of the other data blocks, should those data no longer be available. That means a RAID 5 array can withstand a single drive failure without losing data or access to data.
RAID 6 – striping with double parity
RAID 6 is like RAID 5, but the parity data are written to two drives. That means it requires at least 4 drives and can withstand 2 drives dying simultaneously. The chances that two drives break down at exactly the same moment are of course very small. However, if a drive in a RAID 5 systems dies and is replaced by a new drive, it takes hours or even more than a day to rebuild the swapped drive. If another drive dies during that time, you still lose all of your data. With RAID 6, the RAID array will even survive that second failure.
RAID 10 – combining mirroring and striping
It is possible to combine the advantages (and disadvantages) of RAID 0 and RAID 1 in one single system. This is a nested or hybrid RAID configuration. It provides security by mirroring all data on secondary drives while using striping across each set of drives to speed up data transfers.
Q12. List the different types of malicious code and compare the virus protection tools.
Answer : - Malicious software is any software that the user did not authorize to be loaded or software that collects data about a user without their permission.
Different Types of Malicious Software
Spyware - Spyware is any technology that aids in gathering information about a person or organization without their knowledge. They can monitor and log the activity performed on a target system, like log key strokes, or gather credit card and other information.
Virus - A computer virus is a piece of software that can 'infect' a computer, install itself and copy itself to other computers, without the users knowledge or permission. It usually attaches itself to other computer programs, data files, or the boot sector of a Hard drive.
Worm - Unlike a virus, a worm, is a standalone piece of malicious software that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security flaws on the target system to allow access.
Trojan (Trojan Horse) - A type of malware that uses malicious code to install software that seems ok, but is hidden to create back doors into a system typically causing loss or theft of data from an external source.
Adware - Adware is software which can automatically causes pop-up and banner adverts to be displayed in order to generate revenue for its author or publisher. A lot of freeware will use Adware but not always in a malicious way, if it was malicious, it would then be classed as spyware or malware.
Rootkit - Rootkit Virus assists a hacker in remotely accessing or controlling a computing device or network without being exposed. They are hard to detect due to the reason that they become active even before the system’s OS is booted up.
Q13. What is Kerberos? Describe Kerberos management in Windows operating system.
Answer : - Kerberos is a ticketing-based authentication system, based on the use of symmetric keys. Kerberos uses tickets to provide authentication to resources instead of passwords. This eliminates the threat of password stealing via network sniffing. One of the biggest benefits of Kerberos is its ability to provide single sign-on (SSO). Once you log into your Kerberos environment, you will be automatically logged into other applications in the environment.
To help provide a secure environment, Kerberos makes use of Mutual Authentication. In Mutual Authentication, both the server and the client must be authenticated. The client knows that the server can be trusted, and the server knows that the client can be trusted. This authentication helps prevent man-in-the-middle attacks and spoofing. Kerberos is also time sensitive. The tickets in a Kerberos environment must be renewed periodically or they will expire.
When a user needs to access a service protected by Kerberos, the Kerberos protocol process can be divided into two phases - User Identity Authentication and Service Access.
User Identity Authentication - User authentication is a process of checking validity of identity information provided by users in the Kerberos authentication service. Identity information can be user names and passwords or information that can provide real identities in other forms. If user information passes the validity check, the Kerberos authentication service returns a valid Ticket-Granting Ticket (TGT) token, proving that the user has passed identity authentication. The user uses the TGT in the subsequent Service Access process.
Service Access - When the user needs to access a service, the user requests the Ticket-Granting Service (TGS) from the Kerberos server based on the TGT obtained in the first phase, providing the name of the service to be accessed. TGS checks the TGT and information about the service to be accessed. After the information passes the check, TGS returns a Service-Granting Ticket (SGT) token to the user. The user requests the component service based on the SGT and related user authentication information. The component service decrypts the SGT information in a symmetrical way and finishes user authentication. If the user passes the authentication process, the user can successfully access related resources of the service.
Kerberos in Windows Systems
Kerberos is very prevalent in the Windows environment. In fact, Windows 2000 and later use Kerberos as the default method of authentication. When you install your Active Directory domain, the domain controller is also the Key Distribution Center. In order to use Kerberos in a Windows environment, your client system must be a part of the Windows domain. Kerberos is used when accessing file servers, Web servers, and other network resources. When you attempt to access a Web server, Windows will try to sign you in using Kerberos. If Kerberos authentication does not work, then the system will fall back to NTLM authentication.
Q14. Define IPSec? What are its features? Discuss its implementation in Windows 2000.
Answer : - Exchanging sensitive information across a network, especially a public network, requires a security method that will protect the data in transit. That’s where Internet Protocol Security (IPSec) comes in. IPSec is a set of protocols that allows you to sign and encrypt data to be sent across an IP network, and authenticate and decrypt the protected packets on the receiving end. Windows 2000 Professional and Server include IPSec.
What is IPSec ?
IPSec is a set of protocols and cryptography-based services that work together to protect data from unauthorized access or tampering when it is sent across an IP network. IPSec provides three basic services :
Implementation of IPSec in Windows 2000
Windows 2000’s implementation of IPSec provides a high level of security, using a combination of algorithms and keys to encrypt the data so that it will be unreadable if intercepted along its route. IPSec uses two protocols to accomplish these tasks :
Authentication Header (AH) - This protocol provides authentication services for IPsec. It allows the recipient of a message to verify the identity of the sender. It also allows the recipient to verify that intermediate devices haven’t changed any of the data in the datagram. It also provides protection against so-called replay attacks, whereby a message is captured by an unauthorized user and resent.
Encapsulating Security Payload (ESP) - AH provides integrity authentication services to IPsec-capable devices so that they can verify that messages are received intact from other devices. For many applications, however, this is only one piece of the puzzle. We want to not only protect against intermediate devices changing the datagrams, but also to protect against them examining their contents as well. For this level of private communication, AH is not enough; we need to use the ESP protocol.
The main job of ESP is to provide the privacy we seek for IP datagrams by encrypting them. An encryption algorithm combines the data in the datagram with a key to transform it into an encrypted form. This is then repackaged using a special format, and then transmitted to the destination, which decrypts it using the same algorithm.
IGNOU Assignment Solution
IGNOU Question Paper Solution
Solutions of Different Questions
WHAT WE DO
Provide BCA, MCA Projects
Provide Assignment & Question Paper Solution