Subnetting (FLSM) · Subnetting (VLSM) ·

Why network security is crucial?​ · Define ​firewall​, ​authentication and authorization​. ·

Define cryptology, cryptography and cryptanalysis. ​· ​Types of cryptography with figure.​ ·

Functions of cryptography​. · ​Rail fence and Playfair ( Encryption and decryption)​ ·

Define HTTP​, SOCKET, Port Number · How HTTP works? · Describe HTTP request message
with an appropriate figure. · Persistent and non-persistent connections. · Status code · Why
HTTP is Called stateless protocol? ·

Define wireless communication with advantages and disadvantages · Define RF, spectrum,
bandwidth, Data rate · Define Frequency, Period, Wavelength, and Amplitude. · Cellular network
structure. · Multiple access schema · TDMA, CDMA, FDMA, SDMA with figure · ​Process of
making a call
Why network security is crucial?
All the business organizations should always monitor their computer networks to block potential
unauthorized access and other kind of attacks. It is also important to establish a secured
network and security support system due to the following reasons:

1. ​To protect Client Data and information ​: In today’s world, information and identity theft
cases have increased and keeping all your existing client’s data and information safe and
secure is the responsibility of a business organization. The best quality Network security and
support system can help minimize the risk of your business falling a prey to data and
information theft.

2.​ Keep your Shared Data safe and secure:​ For Computer systems on a shared network, a
Network Security and support system can help keep shared data and information safe. Different
levels of safety and security can also be placed for specific computers that may have greater
access to data and information than others.

3.​Protect Computer systems From Harmful Spyware:​ Network Security and support
systems can be effectual in protecting your computer systems from harmful viruses and
spyware. This means you won’t have to look out for new, expensive computer systems.

4.​To Comply with Ethical Responsibilities and Regulatory Requirements​: It is the duty of
every business organization to develop policies and procedures addressing the security and
safety requirements of every business organization. These procedures and policies work for the
safety and security of any organization and are mandatory for any organization working on
computer systems.
5.​Increase your Network Performance: ​Investing in high quality Network Security and support
system facilities will benefit your business organization massively and reduce expenses in the
long run. There will be fewer disasters and less downtimes, which will boost your business
profits.

Firewall:
A firewall is software used to maintain the security of a private network. Firewalls block
unauthorized access to or from private networks and are often employed to prevent
unauthorized Web users or illicit software from gaining access to private networks connected to
the Internet. A firewall may be implemented using hardware, software, or a combination of both.
A firewall is recognized as the first line of defense in securing sensitive information. For better
safety, the data can be encrypted.

Authentication
Authentication is about validating your credentials like User Name/User ID and password to
verify your identity. The system determines whether you are what you say you are using your
credentials. In public and private networks, the system authenticates the user identity via login
passwords. Authentication is usually done by a username and password, and sometimes in
conjunction with factors of authentication, which refers to the various ways to be authenticated.
Authentication factors determine the various elements the system use to verify one’s identity
prior to granting him access to anything from accessing a file to requesting a bank transaction.
A user’s identity can be determined by what he knows, what he has, or what he is. When it
comes to security, at least two or all the three authentication factors must be verified in order to
grant someone access to the system.
Based on the security level, authentication factor can vary from one of the following:

● Single-Factor​ ​Authentication​ – It’s the simplest authentication method which

commonly relies on a simple password to grant user access to a particular system such
as a website or a network. The person can request access to the system using only one
of the credentials to verify his identity. The most common example of a single-factor
authentication would be login credentials which only require a password against a
username.
● Two-Factor Authentication ​– As the name suggests, it’s a two-step verification process
which not only requires a username and password, but also something only the user
knows, to ensure an additional level of security, such as an ATM pin, which only the user
 knows. Using a username and password along with an additional piece of confidential
information makes it virtually impossible for fraudsters to steal valuable data.
● Multi-Factor Authentication ​– It’s the most advanced method of authentication which
uses two or more levels of security from independent categories of authentication to
grant user access to the system. All the factors should be independent of each other to
eliminate any vulnerability in the system. Financial organizations, banks, and law
enforcement agencies use multiple-factor authentication to safeguard their data and
applications from potential threats.

For example, when you enter your ATM card into the ATM machine, the machine asks you to
enter your pin. After you enter the pin correctly, the bank then confirms your identity that the
card really belongs to you and you’re the rightful owner of the card. By validating your ATM card
pin, the bank actually verifies your identity, which is called authentication. It merely identifies
who you are, nothing else.

Authorization
Authorization, on the other hand, occurs after your identity is successfully authenticated by the
system, which ultimately gives you full permission to access the resources such as information,
files, databases, funds, locations, almost anything. In simple terms, authorization determines
your ability to access the system and up to what extent. Once your identity is verified by the
system after successful authentication, you are then authorized to access the resources of the
system.
Authorization is the process to determine whether the authenticated user has access to the
particular resources. It verifies your rights to grant you access to resources such as information,
databases, files, etc. Authorization usually comes after authentication which confirms your
privileges to perform. In simple terms, it’s like giving someone official permission to do
something or anything.
For example, the process of verifying and confirming employees ID and passwords in an
organization is called authentication, but determining which employee has access to which floor
is called authorization. Let’s say you are traveling and you’re about to board a flight. When you
show your ticket and some identification before checking in, you receive a boarding pass which
confirms that the airport authority has authenticated your identity. But that’s not it. A flight
attendant must authorize you to board the flight you’re supposed to be flying on, allowing you
access to the inside of the plane and its resources.
Access to a system is protected by both authentication and authorization. Any attempt to access
the system might be authenticated by entering valid credentials, but it can only be accepted
after successful authorization. If the attempt is authenticated but not authorized, the system will
deny access to the system.
Authentication Authorization
 Authentication confirms your identity to grant Authorization determines whether you are
access to the system. authorized to access the resources.

It is the process of validating user credentials It is the process of verifying whether access
to gain user access. is allowed or not.

It determines whether user is what he claims It determines what user can and cannot
to be. access.

Authentication usually requires a username Authentication factors required for

and a password. authorization may vary, depending on the
security level.

Authentication is the first step of authorization Authorization is done after successful

so always comes first. authentication.

For example, students of a particular For example, authorization determines

university are required to authenticate exactly what information the students are
themselves before accessing the student link authorized to access on the university
of the university’s official website. This is website after successful authentication.
called authentication.

Cryptology is the science concerned with two branches

Cryptography: designing algorithms for data encryption

Cryptanalysis: how to break encryption

Definition of 'Cryptography'

Definition: ​Cryptography is associated with the process of

converting ordinary plain text into unintelligible text and vice-versa.
It is a method of storing and transmitting data in a particular form so
that only those for whom it is intended can read and process it.
Cryptography not only protects data from theft or alteration, but can
also be used for user authentication.

Description: ​Earlier cryptography was effectively synonymous with encryption but nowadays
cryptography is mainly based on mathematical theory and computer science practice.
Modern cryptography concerns with:

Confidentiality - Information cannot be understood by anyone

Integrity - Information cannot be altered.

Non-repudiation - Sender cannot deny his/her intentions in the transmission of the information at
a later stage

Authentication - Sender and receiver can confirm each

Cryptography is used in many applications like banking transactions cards, computer

passwords, and e- commerce transactions.

Three types of cryptographic techniques used in general.​

1. Symmetric-key cryptography

2. Hash functions.

3. Public-key cryptography

Symmetric-key Cryptography:​ Both the sender and receiver share a single key. The sender
uses this key to encrypt plaintext and send the cipher text to the receiver. On the other side the
receiver applies the same key to decrypt the message and recover the plain text.

Public-Key Cryptography:​ This is the most revolutionary concept in the last 300-400 years. In
Public-Key Cryptography two related keys (public and private key) are used. Public key may be
freely distributed, while its paired private key, remains a secret. The public key is used for
encryption and for decryption private key is used.

Hash Functions: ​No key is used in this algorithm. A fixed-length hash value is computed as per
the plain text that makes it impossible for the contents of the plain text to be recovered. Hash
functions are also used by many operating systems to encrypt passwords.

Functions of Cryptography
There are five primary functions of cryptography today:

Privacy/confidentiality:​ Ensuring that no one can read the message except the
intended receiver.
Authentication: ​The process of proving one's identity.

Integrity​: Assuring the receiver that the received message has not been altered in any
way from the original.

Non-repudiation​: A mechanism to prove that the sender really sent this message.

Key exchange:​ The method by which crypto keys are shared between sender and
receiver.

Definition - What does Hypertext Transfer Protocol (HTTP) mean?

HyperText Transfer Protocol (HTTP) is an application-layer protocol used primarily on the World
Wide Web. HTTP uses a client-server model where the web browser is the client and
communicates with the webserver that hosts the website. The browser uses HTTP, which is
carried over TCP/IP to communicate to the server and retrieve Web content for the user.
HTTP is a widely used protocol and has been rapidly adopted over the Internet because of its
simplicity. It is a stateless and connectionless protocol.
A basic HTTP request involves the following steps:
A connection to the HTTP server is opened.

1. A request is sent to the server.

2. Some processing is done by the server.
3. A response from the server is sent back.
4. The connection is closed.

Making a Call
1.Scan Control Channels: Your cell phone needs to use the "closest" base station
because that's the one with the strongest signal and the one that will give the best
connection. To find the closest base station, your phone checks all control channels and
determines which has the strongest signal.

2. Choose Strongest: Your cell phone chooses the strongest signal and decides to use
that one for placing the call.

3. Send Origination Message: Your cell phone now transmits a very short message
(about 1/4 second) that contains the MIN (Mobile Identification Number, i.e., your cell
phone number), its ESN (Electronic Serial Number), and the number you just dialed.
.

4. Get Channel Assignment: After the cellular service provider verifies that you are a
valid, paying customer (based on the MIN and ESN your phone sent), the base station
sends a Channel Assignment message to your phone (also a short 1/4-second burst).
This message tells your phone where (that is, on which channel) the conversation will
take place.

5. Begin Conversation.