of 68 /68
BT0051 – 01 Marks –30 UNIX OPERATING SYSTEMS 1. Using the following Directory tree structure, if IT is your Home directory,: Which command do use to navigate to: Bsc-IT directory? Which command is used to display your current directory? Which command is used to directly navigate to root directory from BSc-IT directory? Which command is used to create a new directory in BSc-IT called UNIX? Which is the command to remove directories? Which is the command used to move UNIX directory to Marketing directory? Root IT MBA MCA Finance Marketin g BSc-IT UNIX

BT0051 to BT0055 all in one BScIT SMU Assignment (complited)

Embed Size (px)


All in one smu BScIT 5th sam assignment

Text of BT0051 to BT0055 all in one BScIT SMU Assignment (complited)


1. Using the following Directory tree structure, if IT is your Home directory,:






Finance Marketing

UNIX Which command do use to navigate to: Bsc-IT directory? Which command is used to display your current directory? Which command is used to directly navigate to root directory from BSc-IT directory? Which command is used to create a new directory in BSc-IT called UNIX? Which is the command to remove directories? Which is the command used to move UNIX directory to Marketing directory?

Ans -> 1 cd /IT/BSc-IT 2 pwd 3 cd 4 mkdir /IT/BSc-IT/UNIX 5 rmdir 6 mv UNIX NUNIX

2. Use cat command to: Display text Welcome Home on your screen Redirect the text Welcome Home to file called file-1 Append text Friends to the contents of file-1 Ans-> $ cat >file-1 Welcome Home Crlt +d $ Cat >>file-1 Friends Crlt +d 3. Which command is used to search following patterns in file by name file-1: TENDULKAR, tendulkar, TeNdUlKar? Ans -> $ cat file-1|grep TENDULKAR $ cat file-1|grep tendulkar $ cat file-1|grep TeNdUlKar


1. Define Process. Which is the command used to find out currently executing Process in UNIX? Ans-> A process is simply an instance of a running program. A process is said to be born when the program starts execution and remains alive as long as the program is active. $ Ps -e 2. What is the output of : $ ps-e $ ps-a commands Ans-> 1 All processes including user and system processes 2 Processes of all user excluding process not associated with terminal 3. Which command is used to transfer a Foreground process to Background? Give one example. Ans-> nohup sort emp.lst & Bg $ bg find / name a.out print 4. Say you have three Process P1, P2 and P3 running in background. You want to assign priorities to them, which command is suitable give its syntax? Ans-> $ nice 5. Which command is used to: Fetch names from a file Name.txt sort them and remove any duplicate entries. Ans-> $ sort u Name.txt 6. Which commands are used to carry out following operations in vi- Editor: To save a file To start editing a file To save and Quit a file To quit without saving (Forced quit) Ans-> 1 :w filename 2 :i 3: wq 4: q!

B.Sc IT (New) V Semester Assignments for August 2008 SessionSubject Code Subject Name Credits : BT 0052 : Client Server Architecture :2 Assignment No: 01 Marks: 30

1. Explain in detail the Distributed Computing Environment. Ans The distributed computing environment (DCE) is an integrated distributed environment which incorporates technology from industry.DCE developed and maintained by the open system foundation (OSF). The DCE is a set of integrated system services that provide an interoperable and flexible distributed environment with the primary goal of solving interoperability problems in heterogeneous, networked environments. OSF provides a reference implementation on which all DCE products are based. The DCE is portable and flexible- the reference implementation is independent of both networks and operating systems and provides an architecture in which new technologies can be included, thus allowing for future enhancements. The intent of the DCE is that the reference implementation will include nature, proven technology that can be used in parts-individual services- or as a complete integrated infrastructure. The DCE infrastructure supports the construction and integration of client/server applications while attempting to hide the inherent complexity of the distributed processing from the user. The OSF DCE is intended to from a comprehensive software platform on which distributed applications can be built, executed and maintained. 2. Write a short note on Asynchronous Transfer Mode of transmission. Ans: - ATM is cell and multiplexing technology that combines the benefits of dedicated circuits (invariant transmission delay and guaranteed capacity) with those of packet switching (flexibity and efficiency for intermittent traffic). The fixed length of ATMs cells(53 bytes48 bytes for the payload and 5 bytes for headers)facilitates high speed implementation that can support isochronous (time critical) application such as video and telephony with constant flow rates, in addition to more conventional data communications between computers where fluctuation in packet arrival rates typically not problematic (7). ATM standards define a board range of bandwidths from 1.5 mbps (via t1 or DS1) to 622 mbps (OC -12) and above but most commercially available ATM products currently provide 155.52 mbps (OC3 ) or 100 mbps (TAXI). ATM is currently implemented over fiber connections to and various twisted pair wiring alternatives.

All devices in an ATM network attach directly to an ATM switch. Multiple ATM switches can be combined in a fabric sometimes called an ATM cloud and virtual circuits can be dynamically created between any two nodes on one or more ATM switches so long as the switch can handle the aggregate cell transfer rate, additional connections to the switch can be made. 3. Write short notes on Structured Cabling. Ans: - By the time collapsed backbone topologies became feasible (early 90s), most large sites had implemented twisted-pair (UTP (3)) wiring for Ethernet UTP is less expensive and more reconfigurable than thick-and thin-net. By simply moving a UTP cable from a port on one hub to another port another hub, a computer systems network drop can be quickly relocated to a new sublet. Many larger networks consolidate their hubs for all subnets in telephone closets, and patch between them as needed. A hub is essentially a network in a box, eliminating the daisychaining of a coax- based network. Some types of hubs have enhanced capabilities. An intelligent hub might have a management interface, be able to respond to remote network monitoring tools, and/or isolate ports where problems have been detected. UTP cabling is virtually always implemented with hubs. In the case of FDDI (fiber-optic or copper (4)), hubs are sometimes called concentrators (functionally, they are equivalent). 4. Write a Java Program to implement a simple web server. Ans: - uses a server socket to wait for a connection, then opens a socket to the client to return an HTML document with HTTP headers. Import java.io.*; Import java.net.*; Class websrv { Public static void main (String args []) { Serversocket srvsock = null; Socket clisock=null; Int connection = 0; Try { Srvsock = new serversocket(60337, 5); While (connects class test() { public void show() { System.out.println("Hello world"); } public static void(string arg[]) { test T=new test(); T.show(); } } 1 Open any text editor and write above code and save this file with extension .java. 2 A compiler converts the java program into an intermediate language representation called Byte code(file.class).Using javac filename on command prompt. 3 on command prompt write java file.class after calling this command all control take under JVM(java virtual Machine).with the help of jvm your program successfully run. 3. Define and explain the following concepts with appropriate examples: Superclass Subclass Inheritance A Kind-Of relationship

A Is-A relationship A Part-Of-relationship A Has-A relationship Ans-> Super class:It is a parent class. It is a class that inherited by other, more specific classes, each adding those that are unique to it. In the terminology of java, a class that is inherited is called a Super class. Subclass:The class that does the inheriting is called a subclass. Therefore, a subclass is a specialized version of a super class. Java provides a mechanism for partitioning the class name space into more manageable chunks. Inheritance:Inheritance is one of the cornerstones of object-oriented programming because if allows the creation of hierarchical classifications. Using inheritance, you can create a general class that defines traits, common to a set of related items. This class can then be inherited by other, more specific classes, each adding those things that are unique to it. A Kind-Of relationship:Taking the example of a human being and a elephant, both are Kind-of mammals. As human beings and elephants are Kind-of mammals, they share the attributes and behaviors of mammals. Human being and elephants are subsets of the mammals class. The following figure show this. Human Being Mammals

Is A-Relationship Lets take an instance of the human being class- peter,who is-a human being and, Therfore, a mammal.

Peter Mammal

Human Being

Is-A Part-Of-Relationship:Heart is a part of Human being. This is a part of relationship.

Human Being Part-Of


Has-A-Relationship:A human being has a heart. This represents a has a relationship. Human Being Has-A Heart

4. Explain the concept of interfaces in Java with a suitable example for the same. Ans -> with the help of interface you can fully abstract a class from its implementation That is using interface, you can specify what a class must do but not how it does it. Interfaces are syntactically similar to classes, but they lack instance variables, and their methods are declared without any body. By providing the interface keyword, java allows you to fully utilize the one interface, multiple methods aspect of polymorphisms. 5. Write a program to explain the Exception Handling mechanisms in Java using the keywords: try, catch and finally.

Ans -> When an unexpected error occurs in a method java creates an object of the appropriate exception class. After creating the exception objects, java passes it to the program, by an action called throwing an excetion. The exception object contains information about the type of error and the state of the program when the exceptinon-handler and process the exception. Following keywords are use in exception-handling in java: a) try b) catch c) finally The try block :The statements that may throw an exception in the try block. The following skeletal code illustrates the use of the try block. Try{ //statement that may cause an exception } The try block governs the statements that are enclosed within it and defines the scope of the exception handlers associated with it. In other words if an exception occurs within try block the appropriate exception-handler that is associated with the try block handles The exception. A try block must have at least one catch block that follow it immediately. The try statement can be nested. That is a try statement can be inside the block of another try. Each time a try statement is entered, the context of that exception is pushed on the stack. If an inner try statement does not have a catch handler for a particular exception the stack is unwound and the next try statements catch handlers are inspected for a match. Example: Class Nesttry{ public static void main(String args[]) { try{ int a =args.length; int b=42/a; System.out.println(a=+a); try{ if(a==1) a=a/(a-a); if (a==2){

int c[]={1}; c[42]=99; } } catch(ArrayIndexOutOfBoundsException e ) { } } catch(ArithmeticException e) { System.out.println(Divide by 0: + e); } } } 6. Write a simple GUI based program to prepare a similar interface as shown below:

Ans -> import javax.swing.*; import java.awt.*; public class FrameMaker extends JFrame { JPanel FirstPanel,LastPanel,MainPanel; JTextField Num1,Num2,Result; JButton Badd,Bsub,Bmul,Bdiv,Bexit; JLabel Lnum,Lnum1,Rslt; Color c;

public FrameMaker(String x) { setTitle(x); Lnum=new JLabel("Enter First Number",JLabel.CENTER); Lnum1=new JLabel("Enter Second Number",JLabel.CENTER); Rslt=new JLabel("The Result",JLabel.CENTER); Num1=new JTextField(20); Num2=new JTextField(20); Result=new JTextField(20); FirstPanel=new JPanel(); LastPanel=new JPanel(); FirstPanel.setLayout(new GridLayout(5,2,40,40)); LastPanel.setLayout(new GridLayout(7,1,40,20)); MainPanel=new JPanel(new BorderLayout()); MainPanel.add(FirstPanel,BorderLayout.CENTER); MainPanel.add(LastPanel,BorderLayout.LINE_END); setContentPane(MainPanel); FirstPanel.add(new JLabel(""));FirstPanel.add(new JLabel("")); FirstPanel.add(Lnum);FirstPanel.add(Num1);FirstPanel.add(Lnum1); FirstPanel.add(Num2);FirstPanel.add(Rslt);FirstPanel.add(Result); FirstPanel.add(new JLabel(""));FirstPanel.add(new JLabel("")); Badd=new JButton("Add");Bsub=new JButton("Sub"); Bmul=new JButton("Multiply");Bdiv=new JButton("Divide"); Bexit=new JButton("Exit"); LastPanel.add(new JLabel("")); LastPanel.add(Badd);LastPanel.add(Bsub); LastPanel.add(Bmul);LastPanel.add(Bdiv);LastPanel.add(Bexit); LastPanel.add(new JLabel("")); Dimension d=Toolkit.getDefaultToolkit().getScreenSize(); setBounds((d.width-700)/2,(d.height-500)/2,700,500); setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); setVisible(true); c=new Color(120,120,240); } public static void main(String[] s) { FrameMaker ss=new FrameMaker("Calculator"); } public Insets getInsets() { setBackground(c); return new Insets(100,80,80,80); }


BSc IT (New) V Semester Assignments for August 2008 SessionSubject Code Subject Name Credits : BT0053 : Java :4 Assignment No: 02 Marks: 60

1. Define the concept of Java Byte code and its importance Ans-> A Java compiler converts the Java source code that you write into a binary program consisting of byte codes. Byte codes are machine instructions for the Java virtual machine. When you execute a Java program, a program called the Java interpreter inspects and deciphers the byte codes for it, checks it out to ensure that it has not been tampered with and is safe to execute, and then executes the actions that the byte codes specify within the Java virtual machine. A Java interpreter can run standalone, or it can be part of a web browser such as Netscape Navigator or Microsoft Internet Explorer where it can be invoked automatically to run applets in a web page. Translating a java program into byte code helps make it much easier to run a program in a wide verity of environment. The reason is straightforward only the JVM needs to be implemented for each platform. Because your Java program consists of byte codes rather than native machine instructions, it is completely insulated from the particular hardware on which it is run. Any computer that has the Java environment implemented will handle your program as well as any other, and because the Java interpreter sits between your program and the physical machine, it can prevent unauthorized actions in the program from being executed.

In the past there has been a penalty for all this flexibility and protection in the speed of execution of your Java programs. An interpreted Java program would typically run at only one tenth of the speed of an equivalent program using native machine instructions. With present Java machine implementations, much of the performance penalty has been eliminated, and in programs that are not computation intensive which is usually the case with the sort of program you would want to include in a web page, for example you really wouldn't notice this anyway. With the JVM that is supplied with the current Java 2 System Development Kit (SDK) available from the Sun web site, there are very few circumstances where you will notice any appreciable degradation in performance compared to a program compiled to native machine code.

2. Write a program to perform the basic arithmetic operations: a) Addition b) Subtraction c) Multiplication d) Division Use 4 different methods for the above and invoke them as necessary from the main () method. Ans -> import java.io.*; import java.util.*; class Arithmetic { void add(int a,int b) { System.out.println("Sum of " + a + " And " + b + " is " + (a+b)); } void sub(int a,int b) { System.out.println("Subtraction of " + a + " And " + b + " is " + (a-b)); } void mul(int a,int b) { System.out.println("Mutiplication of " + a +" And " + b + " is " + (a*b)); } void div(int a,int b) {

System.out.println("Divison of " + a +" And " + b + " is " + (a/b)); } } class Main { public static void main(String arg[]) throws IOException { InputStreamReader byteIn= new InputStreamReader(System.in); BufferedReader kbin= new BufferedReader(byteIn); System.out.println("Enter First Number"); int n1=Integer.parseInt(kbin.readLine()); System.out.println("Enter First Number"); int n2=Integer.parseInt(kbin.readLine()); Arithmetic a=new Arithmetic(); System.out.println("1 For Add"); System.out.println("2 For Subtraction"); System.out.println("3 For Mutliplication"); System.out.println("4 For Divison"); System.out.println("Enter your choice"); int ch=Integer.parseInt(kbin.readLine()); switch(ch) { case 1: a.add(n1,n2); break; case 2: a.sub(n1,n2); break; case 3: a.mul(n1,n2); break; case 4: if(n1Public Data member and function access inside as well as out the program i.e. within a package or outside the package. Private Data member and function access only within a class. Protected Data member and faction access only through inheritance outside the package. 5. Explain the following Exception Types in Java: a. Arithmetic b. Null Pointer c. ArrayIndexOutofBounds Ans-> Arithmetic:-

This exception is thrown when an exceptional arithmetic condition has occurred. For example, a division by zero generates such an exception.

Null PointerThis exception is thrown when an application attempts to use null where an object is required. An object that has not been allocated memory holds a null value. The situations in which an exception is thrown include:*Using an object without allocating memory for it. * Calling the methods of a null object. * Accessing or modifying the attributes of a null object ArrayIndexOutOfBounds: The exception ArrayIndexOutOf Bounds exception is thrown when an attempts is made to access an array elements beyond the index of the array. For example, if you try to access the eleventh element of an array thats has only ten elements, the exception will be thrown

BSC-IT (NEW) V Semester Assignments for August 2008 SessionSubject Code Subject Name Credits : 04 Books ID: B0035 Q- 1: What is e-commerce? List the advantages of e-commerce. Ans: E-commerce means Electronic commerce in which individual customer can conduct business online through internet. Electronic commerce include transactions that supports revenue generation, such as generating selling . Advantages of e-commerce are following:* Better departmental interactions: this could be the information sharing within the companies or between the companies working together for better performance. * Improved customer relations: commercial activities on electronic constraints. network eliminate time, the place and principal and the Networking facilities customer demands, offering sales & support etc. along with the transactions including buying and : BT0054 : Basics of e- Commerce Assignment No: 01 Marks: 60

manufacturers to come closer (have one-to-one relation) wherever they area by eliminating the middle man hurdles. Q-2: What is Firewall? Explain how it works as a packet

filters. Ans: Firewall is a mechanism used to protect a trusted network from an untrusted network, usually while still allowing traffic between the two. When TCP/IP sends data packets on their merry way, the packets seldom go straight from the host system that generated them to the client that requested them. Along the way they normally pass through one or more routers. In this, TCP/IP transmissions differ from LAN communications, which broadcast over a shared wire. Basically, routers look at the address information in TCP/IP packets and direct them accordingly. Data packets transmitted over the internet from the web browser on a PC in Florida to a web server in Pennsylvania will pass through numerous routers along the way, each of which makes decision about where to direct the traffic. Q-3: What are the similarities between EDI & internet? Write the importance of EDI. Ans: Similarities between EDI and Internet are:* Like the Internet, relies on the atandereds to guarantee that information can be passed between the trading partners regardless of the computer and the software that is used by each trading organizations, and also it is a nonprofit organization. * The ANSI manages the development and publishing of EDI standards. Following are the importance of EDI:EDI is a system that encompasses more than just making payments. It offers more capabilities and options than the payments system. Much of EDI can be implemented to handle purchase orders, inventory, and shipping information, without even

touching on the matter of transferring funds. One use of EDI, called financial EDI or FEDI, specifically deals with making payment systems. Small-sized and medium-sized businesses should find it easier to utilize EDI because of the facilities. Businesses can use EDI to automate the transfer of information between corporate departments, as well as between companies Q-4: Explain the role of intermediaries in e-commerce. Ans: Main roles of intermediaries are given below:* Support buyers in identifying their needs and in finding an appropriate seller. * Provide an efficient means of exchanging information between both the parties. * Execute the business transactions. * Assist in after sale support. Q-5: Write a note on Online catalog. Ans: Online catalog allow companies to bypass the need for costly printed catalog, easier to keep up-to-date, and can also be linked directly to the purchase process. For the consumer market, sales through online catalogs are usually tied to credit cards for payment. Online catalog are easily updated, and can be integrated graphically with the purchase to process. as Online series catalog of is presented customers product

categories, offered by the company. These categories then lead to new phases continuing graphic lists of the items in that category, along with ordering information. These pages are dynamically generated from the product database to ensure upto-date data for customer. Books ID: B0045

6 Q. Explain the following security attacks. a. IP Spoofing b. Denial of service Attack

Ans. IP Spoofing :- A technique where an attacker attempts to gain unauthorized access through a false source address to make it appear as though communications have originated in a part of the network with higher access privileges. For example, a packet origination on the Internet may be masquerading as a local packet with the source IP address of an internal host. Firewall-1 and VPN-1 gateways protect against IP spoofing attacks by limiting network access based on the gateway interface from which data is being received. Denial of Service Attack :- There are many types of denial of service (dos) attacks One type of DOS attack is a synchronized Data Packet (SYN) flood the new type of attack that came out late last year which disabled internet service providers. The SYN flood is not an intrusion attack, it does not attempt to access or modify data, instead its purpose is to disable servers and thus it is classified as a denial of service attack. 7 Q. Explain any two Random Key Generation algorithm. Ans. A practical and secure crypto system needs keys that cannot be guessed. There should be no way for an outsiders to predict what keys are being used, or even to guess approximately which keys might have been used. A good key generator will produce keys that cannot be guessed even if attackers know how the generator works. Many procedures called pseudorandom number generators (PRNGs), which generate hard-to-predict sequences of numbers. For true randomness you must seed these procedures with initial value. A good PRNG is not enough by itself to produce effective keys. The generation process must be seeded by a random number that is sufficiently hard to guess. We need a random technique to generate a random seed value so we can generate a series of fandom numbers. In practice there are three computer-based approaches for producing truly random data: 1. Monitor hardware that generates random data. 2. Collect random data from user interaction. 3. Collect hard-to-predict data from inside the computer. But we will discuss here about only two methods. Hardware based random number generation is the best though most costly approach. The generator is usually an electronic circuit that is sensitive to some random physical event. Like diode noise or cosmic ray bombardment, and converts the event into an unpredictable sequence of bits. However their rarity makes it expensive to add them to a system.

User interaction is a very good source of random data, though it can be inconvenient. People are notoriously bad at doing the same thing twice, and random data can be collected by tracking interactive human behavior. For example PGP e-mail package collects keystrokes from the user and measures the time between keystrokes to produce a random seed value. 8 Q. Explain with an example how an ATM fraud takes place. Ans. Many frauds are carried out with some inside knowledge or access, and ATM fraud turns out to be no exception. Banks in the English speaking world dismiss about one percent of their staff every year for disciplinary reasons, and many of these sackings are for petty thefts in which ATMs can easily be involved. In a recent case, a housewife from Hastings, England, had money stolen from her account by a bank clerk who issued an extra card for it. The banks systems not only failed to prevent this, but also had the feature that whenever a cardholder go a statement from an ATM, the items on it would not subsequently appear on the full statements sent to the account address. This enabled the clerk to see to it that she did not get any statement showing the thefts he had made from her account.

Most thefts by staff show up as phantom withdrawals at ATMs in the victims neighborhood. English banks maintain that a computer security problem would result in a random distribution of transactions round the country, and as most disputed withdrawals happen near the customers home or place of work; these must be due to cardholder negligence [BB]. Thus the pattern of complaints which arises from thefts by their own staff only tends to reinforce the banks complacence about their system. 9 Q. What are the basic management? Explain in brief. key issues in security key

Ans. Any key management scheme that can scale to the number of nodes possible in the internet must be based on an underlying authenticated public key based infrastructure. These public keys can be authenticated using a variety of mechanisms, such as public key certificates, a secure directory server, and so on . ITU standard X.509 provides an example of authentication public keys using certificates. Secure domain name security (DNS) provides an example of authentication public keys (and other resources) using a secure

directory service. Still another example of authentication public keys is the web-of-trust introducer model, best exemplified in the pretty Good Privacy (PGP) secure e-mail software package. There are two ways authenticated RSA public keys can be used to provide authenticity and privacy for a datagram protocol, such as IP. 1. Session-oriented key-management or authenticated session key 2. Stateless key-management scheme The first is to use out-of band establishment of an authenticated session key, using one of several session key establishment protocols prior to communication. This session key is the used to encrypt or authenticate IP data traffic. This secure management of the Pseudosession State is further complicated by crash recovery considerations. Session-oriented key-management, implemented at the IP layer, breaks many of the properties that have made IP successful as an internet protocol. An alternative design could utilize authenticated RSA public keys in a stateless key-management scheme. This might work through in-band signaling of the packet encryption key, where the packet encryption key is encrypted in the recipients RSA public key.

10 Q. Explain Disturb Flat Key management approach. Ans. The main concerns with centralized approaches are the danger of implosion and the existence of a single point of failure. It is thus attractive to search for a distributed solution for the key management problem. This solution was found in completely distributing the key database of the Centralized Flat approach, such that all participants are created equal and nobody has complete knowledge. As in the Centralized Flat approach above, each participant only holds keys matching its ID, and the collaboration of multiple participants is required to propagate changes to the whole group. There is no dedicated group manager; instead, every participant may perform admission control operations. Since there is no Group manager knowing about the IDs in use, the IDs need to be generated uniquely in a distributed way. Apparent solutions would be to use the participants network address directly or to apply a

collision-free hash function. This scheme is the most resilient to network or node failures because of its inherent self-healing capability, but is also more vulnerable to inside attacks than the others, it offers the same security to break in attacks as the schemes discussed above; thanks to its higher resilience to fail8ures, it can be considered stronger against active attacks.

BSC-IT (NEW) V Semester Assignments for August 2008 SessionSubject Code Subject Name Credits : 04 : BT0054 : Basics of e- Commerce Assignment No: 02 Marks: 60

Q-1: Explain two major classifications (method) of encryption process. Ans: Two methods of encryption process are: Secret key or symmetric encryption Public key or asymmetric key. Secret Key: In this scheme both the sender and recipient possess the same key, to encypt and decrypt the data. The most popular secret-key crypto-

system in use today is known as DES, the Data Encryption Standard. In secret key, some drawbacks are available, that is:Both parties must agree upon a shared secret key. If there are n correspondent one have to keep track of n-different secret keys. If the same key is used by more than one correspondent, common key holders can read each others mail. Symmetric encryption schemes are also subjected to a authenticity problems. Because, sender & recipients have same secret key identity of originator or recipient cannot be proved. Both can encrypt or decrypt the message. Public Key: This scheme operates on double key called pair of keys, one of which is used to encrypt the message and only the other one in the pair is used to decrypt. This can be viewed as two part, one part of the key pair, called private key known only by the designated owner, the other part, called the public key, is published widely but still associated with owner. Q-2: What are the roles of virtual private network (VPN). Ans: Virtual private network is a low cost and flexible alternative to closed and leased line connections between remote company sites or between vendors, suppliers, and mobile employees and the company using public network internet. As all of us know the internet is not that very stable all the time and reliable, to bet on this method for e-commerce business without proper security measures involves high degree of risk. Most of the VPN implementations vendors use a specialized form of encrypted internet transaction. This allows a secure channel to be established between two systems for the purpose of electronic data interchange using complex and proprietary encryption and authentication techniques. Although VPns can be implemented on the top of ATM(or frame relay), an increasingly popular approach is to build VPNs directly over the Internet. Q-3: Explain how internet payment process is different from traditional payment process. Ans: Internet payment is different from traditional payment. Traditional payment methods are: cash, debit cards, Travelers cheque, Credit cards, money orders, barter system, personal cheque, bank draft, tokens etc.. these modes of payments are used these days by customers, organizations, have their own instruments, including purchase orders, lines of credit etc. the requirements of financial transaction include confidently, privacy, Integrity and authentication for both form of commerce. Established traditional mode of payment schemes are designed to meet this requirement. But the task of e-commerce to provide electronic payment system to meet all the requirements and yet users must find it traditional and on the internet must look alike, even though the implementation (media) is totally different, so that the users adaptability is good. Methods for meeting all these requirements on the internet are not yet in place. Q-4: Write a note on SET and JEPI.

Ans: SET:-It stands for Secured Electronic Transactions. Developed by a consortium led by master card & visa. It is a combination of protocol designed for use by other applications (such as web-browsers) and recommended procedures (standards) for handling credit card transactions over Internet. It is designed for cardholders, merchants, banks and other card processors. It uses digital certificates to ensure the identities of parties involved in purchase and also encrypts credit card and purchase information before transmission on the internet. JEPI:- It stands for Joint Electronic Payments Initiative. By World Wide Web consortium and commerce net it is an attempt to standardize the payment negotiations. It is used on client and merchant side. On client side, it serves as an interface that enables web-browser and wallets, to use a variety of protocols. On the merchant side(server side), it acts between the network and transport layers to pass off the incoming transactions to the proper transport protocol, like E-mail vs. HTTP, and proper payment protocol, like SET. Q-5: Explain internet v/s Private nets. Ans: The protocols are being developed to allow Internet users to reserve bandwidth for applications, and for prioritized traffic, for example, the Resource reservation Protocol, or RSVP, has been developed to help reserve bandwidth for multimedia transmissions such as streaming audio, Video and video conferencing , this same protocol can be used to priority e-mail for EDI messages or FTP for file transfers. Routers supporting RSVP are only now becoming available itll be some time before a great deal of the internet routinely supports RSVP. ISPs are also starting to offer their own end-to-end networks across the United States independently of the Internets main backbone, but still link to it is needed. Aimed at businesses, these networks can be used to speed along summer Internet traffic. These private commercial networks also make it easier for companies to form virtual private networks (VPNs) with added security; replacing private corporate networks can be less costly than leased-line net-works, even with the additional rates incurred. Private networks also offer another advantage that they link to the internet, allowing for communication with other partners and customer without requiring special set ups.

Books ID : B0045

6 Q. What is security Attack? What is the communication security goal? Ans: - An essential problem in security is that you can make no assumptions about data you send or receive over the Internet. Data you send could be modified by a subverted routing host before it arrives at its destination. The data could be stolen or rerouted to a different destination, never arriving at where it should. Data you receive could be completely forged or simply modified in transitive

your data is important and there is a real risk of someone interfering with it, then you need crypto protections on it. Communication Security Goals:Economy in both procurement cost and ease of use: - this is the principal trade-off for most organizations. Expensive and hard to use solutions are unrealistic for many organizations. However some organizations accept hi8gher costs for better security. Easy communication with multiple hosts: - This usual case today: Each host in the organization needs to communicate with a growing community of there hosts. This generally implies that each host is connected to at least one LAN. Generic Internet access: - Some users job duties routinely require reference information from the World Wide Web and unprotected email exchange with the members of Internet community. This is another important trade-off. Vending products to outsiders over the internet: - current and potential customers need to access your host, browse for the desired products, and sagely close a sale. Both the buyer and the seller want to identify the other participant reliably and protect the transaction from outside interference. However there is no way to know beforehand if visitors are new or potential customers, or if they are intending to attack your site. Strong secrecy: - Confidentiality is most important for most organizations, but to some it is really crucial. In such instances, leaking a single message can seriously compromise the organizations goals and cause damage from which it is very difficult to recover. Strong secrecy is very expensive to achieve. Strong Authentication of messages: - The organization needs to associate messages with particular individuals or authorized agents, and do so very really. The organization faces serious loss or damage if important messages are gorged. 7 Q. Explain how ATM encryption works? Ans: - Most ATMs operate usi8ng some variant of a system developed by IBM. This uses a secret key, called the PIN key to derive the PIN from the account nuber, by means of a published algorithm known as the data Encryption Standard, or DES. The result of this operation is called the natural PIN; an offset can be added to it in order to give the PIN which the customer must enter. The offset has no real cryptographic function; it just enables customers to choose their own PIN. Here is an example of the process: Account number : 88071458700155458715 PIN key : FEFEFEFEFEFEFEFEFE Result of DES : A2CE126C69AEC82D Result decimalized : 0224126269042823

Natural PIN Offset Customer PIN

: 0224 : 6565 : 6789

It is clear that the security f the system depends on keeping the PIN key absolutely secret. The usual strategy is to supply a terminal key to each ATM in the form of two printed components, which are carried to the branch by two separate officials, input at the ATM keyboard, and combined to from the key. The PIN key, encrypted under this terminal key, is then sent to the ATM by the banks central computer. These working keys in turn have to be protected, and the usual arrangement is that a bank will share a zone key with other banks or with a network switch, and use this to encrypt fresh working keys which are set up each morning. It may also send a fresh working key every day to each of its ATMs, by encrypting it under the ATMs terminal key. Keeping keys secret is only part of the problem. They must also; be available for use at all times by authorized processes. The PIN key is needed all the time to verify transactions, as are the current working keys; the terminal keys and Zone keys are less critical, but are still used once a day to set up new working keys. 8 Q. Explain the transaction on the World Wide Web. Ans: - The WWW is one application that has brought the Internet within everyones reach. While some point out that Internet e-mail and file transfers have for years carried the most Internet traffic. Documents retrieved from the web typically contain hypertext links, which in turn refer to other documents on the web. If you click on a hypertext link the associated document is immediately retrieved and displayed for you. Practically every important specification document regarding the Internet is available via the web, and the most computer vendors provide their latest product description through the web, too. There are four essential elements to the web: - 1.BROWSERS (the client software that people use to access the web.) 2. URL (Uniform Resource Locator, which identifies each web page) 3. SERVERS (Contains web pages containing the information for which the users can ask.) 4. PAGES (A written document by HTML). Traffic between the server and the browser follows a protocol called HTTP which uses the TCP transport protocol. Retrieving a page always starts with the browser being given the URL. Typically a URL comes from a hypertext ink on a previously retrieved web page. Each URL

contains three major fields: the protocol field, the server name and the pages file name on the server. The protocol field could indicate one of the several one of the several TCP/IP application protocols, but it will way http if are retrieving a web page. When the user with the browser selects a URL (possibly via a hypertext link). The URL is passed to the web server for retrieval. The server sends the page back. Each file is retrieved via a separate connection. The browser uses the server name to open a TCP connection to that server. Once the connection is open, the browser sends an HTTP GET command that includes the URL and a list of data formats the browser will accept. If the server can fulfill the browsers request, it sends web page back to the browser via the same TCP connection. The server closes the connection as the entire page has been sent. Many pages include references to the graphical files to be displayed on the page. The browser retrieves these files by repeating the connection process for each file. 9 Q. Write a note on Centralized Flat key management scheme. Ans. Instead of organizing the bits of the id in a hierarchical, treebased fashion and distributing the keys accordingly, they can also be assigned in a flat fashion (). This has the advantage of greatly reducing database requirements, and obviates the sender from the need of keeping information about all participants. It is now possible to exclude participates without knowing whether they were in the group in the first place. The table contains 2W KEYS, two keys for exact bit, corresponding to the two values that bit can take. The key associated with bit b having value v is referred to as kb.v(Bit keys). While the keys in the table could be used to generate a tree-like keying structure, they can also be used independently of each other. The results are very similar to the tree based control from, but the key space is much smaller: for an id length of w bits, only 2W+1 key are needed, independent of the actual number of participants. The number of participants is limited to 2w, so a value of 32 is considered a good choice. To allow for the separation of participants residing; on the same machine the id space can be extended to 48 bits, thus including port number information. For ipv6 and calculated ids, a value of 128 sh8ould be chosen to avoid collisions. This still keeps the number of keys and the size of change messages small. Besides reducing the storage and communication needed, this approach has the advantage that nobody needs to keep track of who is currently a member, yet the group manager is still able to expel an unwanted participant.

10 Q. What is Digital Signature? Explain how digital signature is produce. Ans. The digital signature is the most novel mechanism provided by modern crypto technology. It is mechanism that does not involve secrets but it protects data from undetected change. Moreover, the digital signature associates the data with the owner of a specific private key. If we can verify the signature with the Sushmas public key, we can e certain that the data was signed with Sushmas private key. Experts will feel this technique will from the bedrock of electronic commerce by providing digital credentials that are hard to forge. Digital signature uses a private key to produce a crypto checksum. Crypto checksums based on conventional secret key techniques can only be verified by people, who are trusted with the secret key, and the technique cannot tell which key holder actually produced the crypto checksum. Digital signatures are tied to a particular private key, so we can safely assume that only the private key holder could have produced the corresponding digital signature. Anyone with the corresponding public key can validate the hash or checksum themselves, tying the messages contents to the holder of the corresponding private key. We produce a RSA digital signature for a data message by hashing the message contents and then encrypting the hash with the authors private key. We include the hash type in the digital signature for both cryptographic security and compatibility reasons. The recipient validates the data by check8ing the encrypted hash value. The recipient decrypts the digital signature with the authors public key, yielding the hash type and value. Then the indicated hash function is applied to the data received. This hash result is compared to the one protected by digital signature.

BT0055 Internet Technology & Web Designing 4 Credits Set-I 40 MarksBook ID: 1) BO217 2) BO022 3) BO020

1. What is MODEM?


Modems have become so common that they are standard equipment on most computers sold today. Indeed, anyone who has ever used the Internet or a fax machine has used a modem. In addition to modems, several devices are used to connect small LANs into larger wide area networks (WANs). Each of these devices has its own function along with some limitations. They can be used simply to extend the length of network media or to provide access to a worldwide network over the Internet. Devices used to expand LANs include repeaters, bridges, routers, and gateways. A modem is a device that makes it possible for computers to c ommunicate over a telephone line. Basic Modem Functions Computers cannot simply be connected to each other over a telephone line, because computers communicate by sending digital electronic pulses (electronic signals), and a telephone line can send only analog waves (sound). Figure 7.1 shows the difference between digital computer communication and analog telephone communication. 2. What is Router and Gateway? Routers In an environment that consists of several network segments with differing protocols and architectures, a bridge might be inadequate for ensuring fast communication among all segments. A network this complex needs a device that not only knows the address of each segment, but can also determine the best path for sending data and filtering broadcast traffic to the local segment. Such a device is called a "router. Routers work at the network layer of the OSI reference model. This means they can switch and route packets across multiple networks. They do this by exchanging protocol-specific information between separate networks. Routers read complex network addressing information in the packet and, because they function at a higher layer in the OSI reference model than bridges, they have access to additional information. Routers can provide the following functions of a bridge: Filtering and isolating traffic Connecting network segments Routers have access to more of the information in packets than bridges have and use this information to improve packet deliveries. Routers are used in complex networks because they provide better traffic management. Routers can share status and routing information with one another and use this information to bypass slow or malfunctioning connections. Gateways


Gateways enable communication between different architectures and environments. They repackage and convert data going from one environment to another so that each environment can understand the other environment's data. A gateway repackages information to match the requirements of the destination system. Gateways can change the format of a message so that it conforms to the application program at the receiving end of the transfer. For example, electronic-mail gateways, such as the X.400 gateway, receive messages in one format, translate it, and forward it in X.400 format used by the receiver, and vice versa. A gateway links two systems that do not use the same: Communication protocols. Data-formatting structures. Languages. Architecture. Gateways interconnect heterogeneous networks; for example, they can connect Microsoft Windows NT Server to IBM's Systems Network Architecture (SNA). Gateways change the format of the data to make it conform to the application program at the receiving end. 3. What is Event handling? Ans: An event is a state that triggers a specific action on the object. The easiest example is a button, whose definition includes the words on Click=function (). The one Click event occurs as it is clear by name that when user click on button. There are many more events that includes on Mouse Over, on Mouse Press, on Focus, on Load, on Blur etc. Event handlers are embedded in HTML tags, typically used as a part of forms but are also used as a part of anchors and links. Anything that can do by a user is covered by event handlers. It ranges from moving a mouse to leaving the page. 4. Briefly explain VB Script variables.

Ans: Variables are just boxes in memory that are used to storedata. Each variable need a unique name. Variables are classified as Explicit -In this type of declaration variables are declared explicitly by dim statement before its use. Example- Dim rolls as Integer. Implicit- In this type of declaration variables are not declared they are just used. VB automatically declare as data type Variant. It can store any type of data. But it will create ambiguity in program Variables can be declared by Dim, Public and Private. Example Dim salary as integer. Public salary as integer. Private salary as integer.

Naming of variablesMust begin with an alphabetic character. Can not contain an embedded period. Must not exceed 255 characters. Must be unique in the scope in which the variable is used Procedure level variable- When a variable declared within a procedure and it exists as long as the procedure execute then this is called procedure level variable. Script level variable- When we declare a variable outside the procedure that is recognized by all the procedure then it is called script level variable. Array- To assign more than one related values to a single variable array are declared. It contains a series of values. This is called an array variable. To declare a series of 11 elements. Dim a (10) We can now assign data to each element of the variable. A (0) =256 A (1) =212 A (2) =125 ------A (10) =340 We can initialize arrays at runtime also by ReDim key word. Declare array as Dim rolls () Now we want to give size to it then we declare it as ReDim rolls (24) If there are twenty five students in class. 5. Explain naming rules of XML markup language. Ans: Naming rules are follows: A name consists of at least one letter: a to z, or A to Z. If the name consists of more than one character, it may start with an underscore () or a colon (:). The initial letter (or underscore) can be followed by one or more letters, digits, hyphens, underscores, full stops, and combining characters, extender characters, and ignorable characters. Comments: In XML, comments have the form The tag must be used exactly as shown. Entity Declarations: The declaration of an internal entity has this form:

Now every time the string & name; appears in your XML code, the XML processor will automatically replace it with the replacement text. 6. How do add Java Scripts in HTML page? Ans: JavaScript can be added to HTML page by two methods in first method we simply write the codes in the head tag in the script tag and second method is to create a JavaScript file and link it to the script tag. Example Welcome to JavaScript Function Hello () { Document. Write (Hello student welcome to JavaScript); } See the JavaScript function 7. What is for each statement? Ans: A for Each Next loop is similar to a forNext loop. Instead of repeating the statements a specified number of times, a for eachNext loop repeats a group of statements for each item in a collection of objects or for each element of an array. This is especially helpful if we dont know how many elements exist in a collection. In the following HTML code, the contents of a Dictionary object are used to place text in several text boxes: For-Each-Next

BSC-IT (NEW) V Semester Assignments for August 2008 SessionSubject Code Subject Name Credits: 04 : BT0055 Assignment No: 02 Marks:60

: Internet Technology & Web Designing


Explain Ethernet and IEEE 802.x local area network?

Ans. TCP/IP can operate over a vast number of physical networks. The must common and widely used protocols are, Ethernet. Two frame formats can be used on the Ethernet coaxial cable: .The slandered issued in 1978 by Xerox Corporation, Intel Corporation and Digital Equipment Corporation, usually called Ethernet (or DIX Ethernet). . The International IEEE 802.3 standard. The difference between the two standards is in the use of one of the header fields, which contains a protocol-type number for Ethernet and the length of the data in the frame for IEEE 802.3. . The type field in Ethernet is used to distinguish between different protocols running on the coaxial cable, and allows their coexistence on the same physical Cable. . The maximum length of an Ethernet frame is 1526 bytes. This means a data field length of up to 1500 bytes. The length of the 802.3 data field is also limited to 1500 bytes for 10 Mbps networks. But is different for other transmission speeds. . In the 802.3 MAC frame, the length of the data field is indicated in the 9802.2 headers. In practice, however, both frame formats can coexist on the same physical coax. This is done by using protocol type numbers (type fields) greater than 1500 in the Ethernet frame. However, different device drivers are needed to handle each of these formats. Thus, for all practical purposes, the Ethernet physical layer and the IEEE 802.3 physical layer are compatible. However, the Ethernet data link layer and the IEEE 802.3/802.2 data link layer are incompatible. 2. Write a short note on:

Ans. - Internet Control Message Protocol:When the router or a destination host wants to inform the source host about errors in datagram processing, it uses the Internet Control Message Protocol (ICMP).ICMP can be characterized as follows:* ICMP uses IP as if ICMP were a higher level protocol .Howerver; ICMP is can integral part of IP and must be implemented by every IP module. * ICMP is used to report errors, not to makes IP reliable.Datagrams may still be undelivered without any report on their loss. Reliability must be implemented by the higher level protocols using IP services. * ICMP can not be used to report errors with ICMP message. This avoids infinites repetitions.ICMP response is sent on response to ICMP query message.

* ICMP Message:-ICMP message are sent in IP datagram. The IP header has a protocol number of 1 (ICMP) and a type of service of zero. * Code:-contain the error code for the datagram reported by this ICMP message. The interpretation is dependent upon the message type. * Checksum:-contain the checksum for the ICMP message starting with the ICMP Type field. If the checksum does not match the contains, the datagram is discarded. * Data:-Contain information for this ICMP message. Typically it will contain the portion of the original IP message for which the ICMP message was generated. * Address resolution protocol:-The ARP protocol is a network specific standard protocal.The address resolution protocol is responsible for converting the higher level protocol addresses to physical network addresses * Bootstrap protocol:-The bootstrap protocol enable a client workstation to initialize with the minimal IP stack and request is IP address, a gateway address, and the address of a name server from a BOOTP server. If BOOTP is to be used in your network, then the server and client are usually on the same physical LAN segment. BOOTP can only be used across bridged segments when source-routing bridges are being used, or across subnets, if you have a router capable of BOOTP forwarding. * SLIP: - The TCP/IP protocol family runs over a variety of network media: IEEE 802.3 and 802.5 LANs, X.25 lines, satellite links, and serial lines,. Standards for the encapsulation of IP packets have been defined for many of these networks, but there is no standard for serial lines. SLIP is currently a de facto standard, commonly used for point-topoint serial connections running TCP/IP.


What is OSPF protocol? Explain its features.

Ans. The Open Shortest Path First (OSPF) protocol is another example of an interior gateway protocol. It was developed as a nonproprietary routing alternative to address the limitations or RIP. OSPF provides a number of features not found in distance vector protocols. Support for these features has made OSPF a widely -deployed routing protocol in large networking environments. In

fact, RFC 1812-Requirements for IPv44 Routers, lists OSPF as the only required dynamic routing protocol. The following features contribute to the continued acceptance of the OSPF standard: * Equal cost load balancing: The simultaneous use of multiple paths may provide more efficient utilization of network resources. * Logical partitioning of the networl: This reduces fthe propagation of outage information during adverse conditions. It also provides the ability to aggregate routing announcements that limit the advertisement of unnecessary subnet information.j * Support for authentication: OSPF supports the authentication of any node transmitting rout advertisements. This prevents fraudulent sources from corrupting the routing tables. * Faster convergence time: OSPF provides instantaneous propagation of routing changes. This expedites the convergence time required to updated network topologies. * Support for CIDR and VLSM: This allows the network administrator to efficiently allocate IP address resources. * Backbone area and area 0: All OSPF networks contain at least one area. This area is known as area 0 o9r the backbone area. Additional areas may be created based on network topology or other design requirements. * Intra-area, area border and AS boundary routers: There are three classifications of routers in an OSPF network. Intra-Area Routers: This class of router is logically located entirely within an OSPF area. Intra-area routers maintain a topology database for their local area. Area Border Routers (ABR): This class of router is logically connected to two or more areas. One area must be the backbone area. An ABR is used to interconnect areas. They maintain a seprate topology database for each attached area. ABRs also execute separate instances of the SPF algorithm for each area. AS Boundary Routers (ASBR): This class of router is located at the periphery of an OSPF internet work. It functions as a gateway exchanging reach ability between the OSPF network and other routing environments. ASBRs are responsible for announcing AS external link advertisements through the AS. 4. What is a packet? Show the process of Packets. Ans. All IPv6 nodes are expected to dynamically determine the maximum transmission unit (MTU) supported by all links along a path MTU. IPv6 routers will therefore not have to fragment packets in the middle of multihop routes and allow much more efficient use of paths that traverse diverse physical transmission

media. IPv6 requires that every link supports an MTU of 1280 bytes or greater. There are processes of packets:1. Extension headers 2. Hop-by-hop header 3. Routing header 4. Fragment header 5. Authentication header 6. Encapsulating Security payload 7. Destination options header 5. What is Style Sheets? Explain its purpose.

Ans. Here is an example. Consider the following: Here is a simple test To write this short sentence in HTML, you have to use many commands, such as CENTER, FONT COLOR, FONT SIZE etc. Suppose you need to write this sentence 10 times, won't it be easier to specify what you want only one time and simply write one command instead of six. This is possible with Style Sheets. A style sheet is a definition of how content should be rendered on the page. The purpose of a style sheet is to create a presentation for a particular element or set of elements. Binding an element to a style specification is very simple; it consists of an element followed by its associated style information within curly braces: Element {style specification} Suppose that you want to bind a style to the element so that a 12-point courier font with bold style is always used. The following rule would result in the desired display: It's not as hard as tit might seem at first. Here is the explanation: H1 - It means that this style sheet will affect every text that is in HEADING1 format, so, now you don't have to write the same commands obvert and over again. !--:- These tags ensure that the styles won't cause errors in older browsers. Older browsers that do not support style sheets will simply ignore it.

Font size - This is one of the attributes of the style sheet. I think that you know what it means. Font-style & font-family - two other attributes of this style sheet. Altogether they will make the text size 12, font courier, and style bold To make it easier to remember you can use this pattern: TAG {attributes; attribute; attribute} In general, a style sheet specification or style sheet is simple a collection of rules. These rules include an HTML element, class or id, more generally called a selector, which is bound to a style property such as font-family, followed by a colon and the value(s) for that style property. Multiple style rules may be included in a style specification by separating them with semicolons. Currently there are more than 50 properties specified under CSS1 that effect the presentation of an HTML document. Unfortunately, not all of them are supported consistently across the major browsers. Style sheets alone do nothing; first you must bind the rule to a tag(s) or class of HTML objects. 6. Briefly explain user datagram protocol (UDP).

Ans. UDP is basically an application interface to IP. It adds no reliability, flow control, or error recovery to IP. It simply serves as a multiplexer/demultiplexer for sending and receiving datagrams, using ports to direct the datagrams. UDP datagram format: - Each UDP datagram is sent within a single IP datagram. Although, the IP datagram may be fragmented during transmission, the receiving IP implementation will reassemble it before presenting it to the UDP layer. The UDP datagram has a 16-byte header that is described:* Source Port: Indicates the port of the sending process. It is the port to which replies should be addressed. * Destination Port: The length (in bytes) of this user datagram, including the header. * Checksum: An optional 16-bit one's complement of the one's complement sum of a pseudo-IP header, the UDP header, and the UDP data. The pseudo-IP header contains the source and destination IP addresses, the protocol, and the UDP length: The pseudo-IP header effectively extends the checksum to include the original (unfragmented) IP datagram. UDP application programming interface: It provides for: * The creation of new receive ports. * The receive operation that returns the data bytes and an indication of source port and source IP address. * The send operation that has, as parameters, the data, source, and destination ports and addresses.

The way this interface should be implemented is left to the discretion of each vendor. Standard applications using UDP include: * Trivial File Transfer Protocol (TFTP) * Domain Name System (DNS) name server *Remote Procedure CAll (RPC), used by the Network File System (NFS) *Simple Network Management Protocol (SNMP) *Lightweight Directory Access Protocol (LDAP).


What is the use of Network Address Translation?

Ans. Network Address Translation (NAT) is also known as IP masquerading. It provides a mapping between internal IP addresses and officially assigned external addresses. Originally, NAT was suggested as a short-term solution to the problem of IP address depletion. Also, many organizations have, in the past, used locally assigned IP addresses, not expecting to require internet connectivity. The idea of NAT is based on the fact6 that only a small number of the hosts in a private network are communicating outside of that network. If each host is assigned an IP address from the official IP address pool only when they need to communicate, then only a small number of official addresses are required. NAT might be a solution for networks that have private address ranges or unofficial addresses and want to communicate with hosts on the Internet. In fact, month of the time, this can also be achieved by implementing a firewall. Hence, clients that communicate with the Internet by using a proxy or SOCKS server do not expose their addresses to the Internet, so their addresses do not have to be translated anyway. However, for any reason, when proxy and SOCKS are not available, or do not meet specific requirements, NAT might be used to manage the traffic between the internal and external network without advertisings the internal host addresses. 8. How to Turn Off Friendly HTTP Error Messages in Internet Explorer Ans. HTTP messages consist of the following fields: . Message types: A HTTP message can be either a client request or a server response. The following string indicates the HTTP message type: HTTP-message = Request| Response

*Message headers: HTTP message header field can be one of the following: * General Header * Request Header *Response Header * Entity Header * Message body: Message body can be referred to as entity body if there is no transfer coding has been applied. Message body simply carries the entity body of the relevant request or response. *Message length: Message length indicates the length of the message body if it is included. The message length is determined according to the criteria that are described in RFC 2616. * General header fields: General header fields can apply both request and response messages. Currently defined general header field options are as follows: * Connection * Date * Pragma *Transfer-Encoding * Upgrade * Via Request: - A request message from a client to a server includes the method to be applied to the resource, the identifier of the source, and the protocol version in use. A request message field is as follows: Request = Request-Line *(general-header | request-header | entity-header) CRLF [Message-body] Response: - An HTTP server returns a response after evaluating the client request. A response message field is as follows: Request = Request-Line *(general-header | request-header | entity header) CRLF [Message-body] Entity: - Either the client or server might send Entity in the request message of the response message, unless otherwise indicated. Entity consists of the following: * Entity header fields * Entity body.