For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
Course Code : MCS-022
Course Title : Operating System Concepts and Networking
Management
Assignment Number : MCA (2) / 022 / Assign/06
Maximum Marks : 100
Weightage : 25%
Last Date of Submission : 15th
October, 2006
Answer each part of the question should be confined to about 300 words.
Question 1. Describe the basic characteristics of modern operating system with appropriate
examples.
Answer. An operating system (OS) is a software program that manages the hardware and software
resources of a computer. A key component of system software, the OS performs basic tasks, such as
controlling and allocating memory, prioritizing the processing of instructions, controlling input and
output devices, facilitating networking, and managing files. Modern operating systems are able to
simulate execution of many processes at once (multi-tasking) even under a single CPU. Modern
operating systems offer many cool interface features to make our lives easier. Some examples of
modern operating systems are: Linux, Windows, Solaris, Mac, etc.
Some services and features provided by most modern operating systems are listed below:
• Process management: Every action on a computer, be it background services or applications, is
run inside a process.
• Memory management: The memory manager in an OS coordinates the memories by tracking
which one is available, which is to be allocated or deallocated and how to swap between the
main memory and secondary memories.
• Disk and file systems: Operating systems have a variety of native file systems.
• Networking: Most modern operating systems are capable of using the now-universal TCP/IP
networking protocols. This means that one system can appear on a network of the other and
share resources such as files, printers, and scanners.
• Security: Security as it pertains to the operating system is the ability to authenticate users prior
to access, categorize the level of access the user has, and limit access based on a policy placed
by administration.
• Graphical user interfaces: Today, most modern operating systems contain Graphical User
Interfaces (GUIs, pronounced gooeys). A few older operating systems tightly integrated the GUI
to the kernel—for example, the original implementations of Windows and Mac OS. More
modern operating systems are modular, separating the graphics subsystem from the kernel (as is
now done in Mac OS X and all Windows versions based on Windows NT)
• Device drivers: A device driver is a specific type of computer software developed to allow
interaction with hardware devices.
Example 1: Features of Multics operating System
• Segmented memory
• Virtual memory
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
• High-level language implementation
• Multi-language support
• Relational database
• Security
• Dynamic linking
• On-line reconfiguration
• Accounting & administration softwares
Example 2: Some Features of Windows vista operating System
• Windows Aero: Windows Aero is an environment with an additional level of visual
sophistication, one that is even more responsive and manageable, providing a further level of
clarity and confidence to Windows users.
• Live taskbar thumbnails: Resting the mouse pointer over a taskbar item displays a live
thumbnail of the window, showing the content of that window.
• Windows Search: significantly faster and more thorough search capabilities.
• Windows Sidebar: A new panel on the right-hand side of the screen where a user can place
Desktop Gadgets, which are small applets designed for a specialized purpose (such as
displaying the weather or sports scores).
• Parental controls: Allows administrators to control which websites, programs, and games each
standard user can use and install.
• Speech recognition is fully integrated into Vista, which can be "trained" to understand a user's
voice, to activate commands in any Windows application, and to enable voice dictation.
• SuperFetch is a memory management strategy that intelligently maintains optimal memory
content based on historic usage patterns on the Window-based PC.
• ReadyBoost The use of a flash device that supports Windows ReadyBoost technology extends
the disk caching capabilities of Windows Vista main memory.
• ReadyDrive uses Hybrid Hard Disk Drives (H HDD), which are standard rotating media
augmented with a large cache of nonvolatile flash memory, to speed up operations.
• User Account Control is a new security technology that allows Windows to operate effectively
as a "standard" user with fewer privileges.
• BitLocker Drive Encryption is a data protection feature that provides encryption for the entire
OS volume that will only be included in the Enterprise and Ultimate editions of Vista.
• Windows Service Hardening prevents Windows Services from doing operations on file systems,
registry or networks which they are not supposed to by automatically running each service in a
separate user account, thereby preventing entry of malware by piggybacking on system services.
• Windows Firewall with Advanced Security: Supports filtering both incoming and outgoing
traffic.
• Windows Defender: Microsoft's Anti-spyware product has been incorporated into Windows,
offering protection against spyware and other threats.
• The WIM image format is the cornerstone of Microsoft's new deployment and packaging
system.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
• The Windows Communication Foundation or WCF, formerly code-named Indigo: a service-
oriented messaging subsystem which will enable applications and systems to interoperate
locally or remotely using Web services.
• Windows CardSpace or WCS, formerly code-named InfoCard, is a software component which
securely stores digital identities of a person, and provides a unified interface for choosing the
identity for a particular transaction, such as logging into a website.
Question 2.
Examine the LAN set up at your study centre and answer the following questions:
(i) Sketch the diagram showing various components: Switch, Hub, Nods, Cables,
Router, and Bridges.
(ii) LAN topology
(iii) Bandwidth of the channel.
(iv) What Networking O/S is installed?
Answer. A computer network is a group of computers and devices like printers, scanners, modems,
etc. that are connected together. Computer networking provides the communication tools that allow
computers to share information and services. Working on a network allows you to share resources
like data, programs and peripherals. Our study centre uses a hub and switches to connect computers
in the network. They are not using any bridge. The topology used is star topology. The following
figure shows the schematic diagram of the network:
Number of machines connected in the network along with their complete configuration.
A total of 8 computers have been connected to the network. The company uses the Ethernet LAN.
Configuration :- P-III Processor, 20GB Hard disk, 12 8 MB Ram, Monitor 17” and Mouse etc.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
Server: P IV, 60 GB hard disk RAD technology, 256 MB ram, 17 inch monitor.
Number of ports of the hub with specifications.
In data communications, a hub is a place of convergence where data arrives from one or more
directions and is forwarded out in one or more other directions. Hubs are multi port repeaters, and
as such they obey the same rules as repeaters. Hubs are used to provide a Physical Star Topology.
At the center of the star is the Hub, with the network nodes located on the tips of the star. The hub
acts as a termination point for all the nodes. The Hub used is of DLink Limited. It contains 16
ports. This means a total of 16 computers can be connected to the network using the hub. The
following figure shows how a hub connects the computers in a star topology:
Applications running on the network with their brief description.
The various application running on the network. There are
a. Send mail system (Email)
b. Printer services
c. Turbo C
d. Active directory services
e. Internet using proxy server
f. FTP
g. Tel net
1) Send mail system (E—Mail) : Electronic mail; E mail is a system used over internet to
transfer messages. It consists of two subsystem. The user agents which allow people to reads
and send mail and the massage transfer agents, which move the message form source to
destination.
E-mail system supports following give basic function
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
• Composition
• Transfer
• Reporting
• Displaying
• Disposition
2) Printer services : When we do work on network we need printer services. Printing services is
very important thing when we need some paper work.
3) Turbo C: Turbo C is used for C programming. Its is a compiler
4) FTP: File transfer protocol is used to access and download files over internet. It require a
FTP server to run FTP protocol for a FTP server starts with ftp://. Faster fetching IP address
of host from DNS using host name the browser than established a TCP connection to host
over that connection. It sends the file name using ftp:// prefix.
Speed of the LAN and the protocol
Local Area Network is a collection of interconnected computers that can share data, applications,
and resources, such as printers. Computers in a LAN are separated by distances of up to a few
kilometers and are typically used in offices or across university campuses. A LAN enables the fast
and effective transfer of information within a group of users and reduces operational costs. The
speed of LAN in our study centre is 100 mbps and it is an ethernet LAN.
Specification of cable used and its length.
The LAN has been connected using fiber optical cable. The specification of cable is 100BaseF, fiber
optics. It covers a maximum segment of 2000m and supports a maximum of 1024 nodes.
Networking features of the server operating system.
Windows Server 2003 is the server operating system that helps you do more with less—both today
and in the future, as the new product roadmap reveals.
Networking and Communications
Secure network
communications
End-to-end encrypted communications across your company
network using the IPSec standard. Great for protecting sensitive
internal communications from intentional or accidental viewing.
Active Directory provides central policy control for its use to
make it deployable.
Routing and Remote Access
Service
Connects remote workers, telecommuters, and branch offices to
the corporate network through dial-up, leased line and Internet
links.
Virtual private networking
(VPN)
A full-featured gateway that encrypts communications to
securely connect remote users and satellite offices over the
Internet. Now with an updated PPTP support and advanced
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
security with Layer 2 Tunneling Protocol encrypted by IPSec.
Dynamic DNS The Active Directory integrated, Internet standards-based
Domain Name System (DNS) service simplifies object naming
and location through Internet protocols, and improves scalability,
performance and interoperability. Systems that receive addresses
from a Dynamic Host Configuration Protocol (DHCP) server are
automatically registered in DNS. Replication options with legacy
DNS systems and through Active Directory can simplify and
strengthen name replication infrastructure.
Microsoft Connection
Manager Administration Kit
and Connection Point
Services
These wizard-driven tools let administrators centrally configure
and deploy customized remote access dialers that can integrate
automatic-update phonebooks, custom connect actions (like
firewall authentication and client virus inspection), driver
updates and more.
Internet Connection Sharing Enables multiple users within small business or workgroups to
share a single external Internet connection, making connection to
the Internet easier.
Windows Telephony
Applications Programming
Interface (TAPI) 3.0
TAPI is a software abstraction layer that allows software
applications from one vendor to work with a wide variety of
telephone systems for great customer choice and flexibility.
TAPI 3.0 adds media streaming and better IP telephony support
with built-in H.323 and IP Multicast features, building on its
existing support for traditional, client-server telephony
applications, such as call centers, Interactive Voice Response,
and more. And with TAPI's new Component Object Model
architecture, you can telephony-enable your application using a
variety of programming languages.
Networking Windows 2000 Server works with networking devices that
support the latest networking technologies, including Plug and
Play, DSL, VPN, routing, NAT, DHCP, Quality of Services
switches and routers, Directory-Enabled Networking devices,
IPSec, SSL, and Asynchronous Transfer Mode.
Question 3.
(i) What is the difference between network and O/S security?
(ii) List and describe networking supports in Windows 2000 O/S.
Answer. i) Network security: It is protection of networks and their services from unauthorized
modification, destruction, or disclosure, and provision of assurance that the network performs its
critical functions correctly and there are no harmful side-effects. Network security includes
providing for data integrity.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
In other words, network security is the process of taking both physical and software means of
protecting data from misuse by others or from a malfunction or system crash.
The next level of computer security is operating system security (OSS). The DOD has defined
seven levels of computer OSS in the Trusted Computer Standards Evaluation Criteria, otherwise
known as the Orange Book. The levels are used to evaluate protection for hardware, software, and
stored information. The definition centers around access control, authentication, auditing, and levels
of trust. D1 is the lowest form of security available and states that the system is insecure. A D1
rating is never awarded because this is essentially no security at all. C1 is the lowest level of
security. The system has file and directory read and write controls and authentication through user
login. However, root is considered an insecure function and auditing (system logging) is not
available. C2 features an auditing function to record all security-related events and provides
stronger protection on key system files, such as the password file.
A B-rated system supports multilevel security, such as secret, top secret, and mandatory access
control, which states that a user cannot change permissions on files or directories. B2 requires that
every object and file be labeled according to its security level and that these labels change
dynamically depending on what is being used. B3 extends security levels down into the system
hardware; for example, terminals can only connect through trusted cable paths and specialized
system hardware to ensure that there is no unauthorized access. A1 is the highest level of security
validated through the Orange Book. The design must be mathematically verified; all hardware and
software must have been protected during shipment to prevent tampering. A word of caution on
secure operating systems must be mentioned: the features and capabilities require significant
amounts of central processing unit (CPU) processing power and disk space. In low-end servers,
enabling the security features may seriously affect the number of users a server can support.
Elements of Networking Security
Password Mechanisms
Passwords are a way to identify and authenticate users as they access the computer system.
Unfortunately, there are a number of ways in which a password can be compromised. For Example,
someone wanting to gain access can listen for a username password as an authorized user gains
access over a public network. In addition, a potential intruder can mount an attack on the access
gateway, entering an entire dictionary of words (or license plates or any other list) against a
password field. Users may loan their password to a co-worker or inadvertently leave out a list of
system passwords. Fortunately, there are password technologies and tools to help make your
network more secure. Useful in ad hoc remote access situations, one-time password generation
assumes that a password will be compromised. Before leaving the internal network, a list of
passwords that will work only one time against a given username is generated. When logging into
the system remotely, a password is used once and then will no longer be valid.
Encryption, Authentication, and Integrity
A firewall system is a hardware/software configuration that sits at perimeter between a company's
network and the Internet, controlling access into and out of the network. Encryption can be
understood as follows:
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
• the coding of data through an algorithm or transform table into apparently unintelligible garbage
• used on both data stored on a server or as data is communicated through a network
• a method of ensuring privacy of data and that only intended users may view the information
Encryption mechanisms rely on keys or passwords. The longer the password, the more difficult the
encryption is to break. DES relies on a 56-bit key length, and some mechanisms have keys that are
hundreds of bits long. There are two kinds of encryption mechanisms used—private key and public
key. Private-key encryption uses the same key to encode and decode the data. Public-key encryption
uses one key to encode the data and another to decode the data. The name public key comes from a
unique property of this type of encryption mechanism—namely, one of the keys can be public
without compromising the privacy of the message or the other key. In fact, usually a trusted
recipient, perhaps a remote office network gateway, keeps a private key to decode data as it comes
from the main office. VPNs employ encryption to provide secure transmissions over public
networks such as the Internet.
Authentication and Integrity
Authentication is simply making sure users are who they say they are. When using resources or
sending messages in a large private network, not to mention the Internet, authentication is of the
utmost importance. Integrity is knowing that the data sent has not been altered along the way. Of
course, a message modified in any way would be highly suspect and should be completely
discounted. Message integrity is maintained with digital signatures. A digital signature is a block of
data at the end of a message that attests to the authenticity of the file. If any change is made to the
file, the signature will not verify. Digital signatures perform both an authentication and message
integrity function. Digital signature functionality is available in PGP and when using RSA
encryption. Kerberos is an add-on system that can be used with any existing network. Kerberos
validates a user through its authentication system and uses DES when communicating sensitive
information—such as passwords—in an open network. In addition, Kerberos sessions have a
limited lifespan, requiring users to login after a predetermined length of time and disallowing
would-be intruders to replay a captured session and thus gain unauthorized entry.
Answer. ii) List and describe networking supports in Windows 2000 O/S.
The Windows 2000 network layers are listed below:
Network Driver Interface Specification (NDIS) Layer: NDIS is the layer that provides a
communication path from a network transport to a physical device, such as a network adapter.
Network Protocol Layer: The network protocols provide services for clients. These services allow
applications or clients to send data over a network. Network protocols include TCP/IP, ATM,
NWLink Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX), NetBEUI,
Infrared Data Association (IrDA), AppleTalk and Data Link Control (DLC). Systems Network
Architecture (SNA) protocols are available with the addition of Microsoft® SNA Server.
Transport Driver Interface Layer: The transport driver interface (TDI) provides a standard interface
between network protocols and clients of these protocols (such as applications, network redirectors
or networking Application Programming Interfaces (APIs)).
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
Network Application Programming Interface Layer: The network application programming
interface (API) provides standard programming interfaces for network applications and services.
They support Winsock, NetBIOS, Telephony API (TAPI), Messaging API (MAPI), WNet API and
other services.
Interprocess Communications Layer: Interprocess communications (IPC) support client/server
computing and distributed processing. Some of the services that they support are remote procedure
calls (RPC), Distributed Component Object Model (DCOM), named pipes, mailslots, and Common
Internet File System (CIFS).
Basic Network Services Layer: Basic network services support network user applications by
providing services. These include network address management, name services, file services and
advanced network services such as Internet Protocol Security (IPSec) and Quality of Service (QoS).
The following figure shows Windows 2000 network architecture.
Windows 2000 supports many different protocols. The packets of information are moved up and
down the protocol stack, and across the transmission media. Network protocols include:
1. Transmission Control Protocol/Internet Protocol (TCP/IP): Transmission Control
Protocol/Internet Protocol (TCP/IP) has been adopted by Microsoft as the strategic enterprise
transport protocol for Windows 2000. The Windows 2000 TCP/IP suite is designed to make it easy
to integrate Microsoft enterprise networks into large scale corporate, government, and public
networks, and to provide the ability to operate over those networks in a secure manner.
2. Asynchronous Transfer Mode (ATM): ATM is supported by Windows 2000 architecture with the
following components.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
• LANE (LAN Emulation)
• IP over ATM
• PPP over ATM
• Native ATM through Winsock 2.0
3. NetWare Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX): NWLink is a
Microsoft-compatible IPX/SPX protocol for Windows 2000. NWLink does not allow a computer
running Windows 2000 to access files or printers shared on a NetWare server, or to act as a file or
print server to a NetWare client. To access files or printers on a NetWare server, a redirector must
be used, such as the Client Service for NetWare on Microsoft® Windows® 2000 Professional, or
the Gateway Service for NetWare on Microsoft® Windows® 2000 Server.
4. NetBIOS Enhanced User Interface (NetBEUI): NetBEUI is included with Windows 2000 Server
and Windows 2000 Professional. It is primarily a legacy protocol to support existing workstations
that have not been upgraded to Windows 2000.
5. AppleTalk: Windows 2000 includes support for AppleTalk which allows Windows 2000 to be a
router and a dial-up server.
6. Data Link Control (DLC): Data Link Control (DLC) was originally developed for IBM
mainframe communications. The protocol was not designed to be a primary protocol for network
use between personal computers. The other use of DLC is to print to Hewlett-Packard printers
connected directly to networks.
7. Infrared Data Association (IrDA): Infrared Data Association (IrDA) has defined a group of short-
range, high speed, bidirectional wireless infrared protocols, generically referred to as IrDA. IrDA
allows a variety of devices to communicate with each other. Cameras, printers, portable computers,
desktop computers, and personal digital assistants (PDAs) can communicate with compatible
devices using this technology.
Question 4.
i) What is a networking management system? Explain.
ii) Briefly describe the Microsoft’s 2000 DNS management.
iii) Write the purpose of VPN and name the VPN technologies supported by Windows 2000.
Answer i) Network management, typically applied to large-scale networks such as computer
networks and telecommunications networks, refers to the maintenance and administration of such
networks at the top level. Network management is the execution of the set of functions required for
controlling, planning, allocating, deploying, coordinating, and monitoring the resources of a
network. This includes performing functions such as initial network planning, frequency allocation,
predetermined traffic routing to support load balancing, cryptographic key distribution
authorization, configuration management, fault management, security management, performance
management, bandwidth management, and accounting management.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
A large number of protocols exist to support network and network device management. Common
protocols include SNMP, CMIP, WBEM, Common Information Model, Transaction Language 1,
Java Management Extensions - JMX, and netconf.
Data for network management is collected through several mechanisms, including agents installed
on infrastructure, synthetic monitoring that simulates transactions, logs of activity, sniffers and real
user monitoring.
A Network Management System (NMS) is a combination of hardware and software used to monitor
and administer a network. A network management system (NMS) provides operational and
maintenance capabilities at various levels in a network by interfacing with the many different types
of devices in today’s network.
Service providers rely on their NMS to provide
• information that allows the following:
• Peak Optimization — Ensures the network is optimized for highly efficient performance under
all load conditions
• Service Support — Configures network equipment to support the services offered to customers
by the service provider at all times
• Usage Monitoring — Ensures that network usage is monitored for availability and that data is
collected for billing purposes
• Continuous Operation — Identifies network problems related to the operation of the network
equipment, facilities, and communications protocols that could compromise reliable service
delivery
• Proper Access — Protects the network, its equipment, and data from unauthorized access or
fraudulent use and by extension, protects customer information and privacy.
A Typical Network Management Architecture Maintains Many Relationships and is shown below:
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
Types of Management
Fault Management: To provide high availability and “five-nines” reliability, fault management
must be able to detect, log, notify users of, and automatically fix network problems when desirable
in order to keep the network running effectively whenever possible. Since faults can result in
downtime or unacceptably degraded network response, fault management is one of the most
important network management functions.
Configuration Management: Configuration management tracks the various versions of hardware
and software elements within the network and manages the affects of these variations for
functionality and performance. Among the elements tracked are operating systems, Ethernet
interfaces, TCP/IP software, and many others. Version information is normally stored in a database
that is optimized for easy access when a problem arises.
Accounting management: The goal of accounting management is to measure network utilization
parameters so that individual or group uses on the network can be regulated appropriately. Such
regulation minimizes network problems (because network resources can be apportioned based on
resource capacities) and maximizes the fairness of network access across all users.
Performance Management: Performance management monitors network performance variables to
ensure that it is maintained at an acceptable level. Network throughput, user response times, and
line utilization are good examples of variables that are monitored.
Security Management: Controlling access to network resources through security management has
become increasingly critical. Protecting a network from sabotage and guarding sensitive
information (including customer information) from unauthorized access requires constant vigilance.
Answer. ii) Briefly describe the Microsoft’s 2000 DNS management.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
DNS in Windows 2000 provides a unique DNS Server implementation that is fully interoperable
with other standards-based implementations of DNS Server. DNS is the name service of Windows
2000. It is by design a highly reliable, hierarchical, distributed, and scalable database. Windows
2000 clients use DNS for name resolution and service location, including locating domain
controllers for logon.
Downlevel clients (Windows NT 3.5 and 3.51, Windows NT 4.0, Windows 95, and Windows 98),
however, rely on NetBIOS which can use NBNS (WINS), broadcast or flat LmHosts file. In
particular, the NetBIOS name service is used for domain controller location.
Since DNS as implemented in Windows 2000 is Windows Internet Name Services (WINS)-aware, a
combination of both DNS and WINS can be used in a mixed environment to achieve maximum
efficiency in locating various network services and resources. Additionally, WINS in a legacy or
mixed environment plays an important interoperability role while also preserving current
investment. Windows NT 4.0–based clients can register themselves in Windows 2000 WINS and
Windows 2000–based clients can register in Windows NT 4.0 WINS.
The Domain Name System is implemented as a hierarchical and distributed database containing
various types of data including host names and domain names. The names in a DNS database form
a hierarchical tree structure called the domain name space.
Domain names consist of individual labels separated by dots. For example:
mydomain.microsoft.com. A Fully Qualified Domain Name (FQDN) uniquely identifies the host's
position within the DNS hierarchical tree by specifying a list of names separated by dots on the path
from the referenced host to the root. The following figure shows an example of a DNS tree with a
host called mydomain within the microsoft.com. domain. The FQDN for the host would be
mydomain.microsoft.com.
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
The new features of Windows 2000 DNS include:
• Active Directory service Integration: The implementation of DNS in Windows 2000 has the
option of using the Active Directory services as the data storage and replication engine.
• Incremental Zone Transfer (IXFR): To reduce latency in propagation of changes to a DNS
database, an algorithm has to be employed that actively notifies name servers of the change.
This is accomplished by the NOTIFY extension of the DNS. The NOTIFY packet, which is sent
by a Master server, does not contain any zone changes information. It merely notifies the other
party that some changes have been made to a zone and that a zone transfer needs to be initiated.
• Dynamic Update and Secure Dynamic Update: The Windows 2000 DNS service supports
Dynamic DNS (DDNS) as covered in RFC 2136. The RFC introduces a new opcode or message
format called UPDATE. The update message can add and delete RRs from a specified zone as
well as test for prerequisite conditions. Update is atomic, that is, all prerequisites must be
satisfied or else no update operation will take place.
• Unicode Character Support: The Windows 2000 DNS server can be configured to allow or
disallow the use of UTF-8 characters on a per-server or per-zone basis. A non-UTF-8–aware
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
DNS server may accept a zone transfer of a zone containing UTF-8 names, but it may not be
able to write back those names to a zone file or reload those names from a zone file.
• Enhanced Domain Locator: The Windows 2000 Domain Locator, implemented in the Netlogon
service, is a service that enables a client (the machine locating a Domain Controller (DC)) to
locate a DC. It contains the IP/DNS compatible and Windows NT 4.0 compatible locators which
provide interoperability in a mixed Windows 2000- and Windows NT-based 4.0 environment.
• Enhanced Caching Resolver Service: The Windows 2000 implementation of DNS introduces a
client-side caching resolver for DNS name resolution. Caching resolver is a Windows 2000
service with the sole purpose of improving name lookup performance, and reducing network
traffic associated with name lookups by minimizing the number of name resolution round trips.
• Enhanced DNS Manager: The Windows 2000 implementation of DNS introduces a new DNS
Manager as a Microsoft Manager Console Snap-in. It provides all the functionality necessary to
administer DNS server, its zones, security, and so forth.
iii) Write the purpose of VPN and name the VPN technologies supported by Windows 2000.
Answer. A virtual private network (VPN) is a private communications network often used within a
company, or by several companies or organizations, to communicate confidentially over a publicly
accessible network. VPN message traffic can be carried over a public networking infrastructure
(e.g. the Internet) on top of standard protocols, or over a service provider's private network with a
defined Service Level Agreement (SLA) between the VPN customer and the VPN service provider.
A well-designed VPN can provide great benefits for an organization. It can:
• Extend geographic connectivity.
• Improve security where data lines have not been ciphered.
• Reduce operational costs versus traditional WAN.
• Reduce transit time and transportation costs for remote users.
• Simplify network topology in certain scenarios.
• Provide global networking opportunities.
• Provide telecommuter support.
• Provide broadband networking compatibility.
• Provide faster ROI (return on investment) than traditional carrier leased/owned WAN lines.
• Show a good economy of scale.
• Scale well, when used with a public key infrastructure.
Types of VPN Technologies Supported by Windows 2000
Point-to-Point Tunneling Protocol (PPTP): Introduced in Windows NT 4.0, PPTP leverages Point-
to-Point Protocol (PPP) user authentication and Microsoft Point-to-Point Encryption (MPPE) to
encapsulate and encrypt IP, IPX, and NetBEUI traffic. With version 2 of the Microsoft Challenge
Handshake Authentication Protocol (MS-CHAP v2) and strong passwords, PPTP is a secure VPN
technology. For nonpassword-based authentication, Extensible Authentication Protocol-Transport
Level Security (EAP-TLS) can be used in Windows 2000 to support smart cards. PPTP is widely
supported, easily deployed, and can be used across network address translators (NATs).
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
Layer Two Tunneling Protocol (L2TP): L2TP leverages PPP user authentication and IP Security
(IPSec) encryption to encapsulate and encrypt IP, IPX, and NetBEUI traffic. This combination,
known as L2TP/IPSec, uses certificate-based computer identity authentication to create a secure and
encrypted channel (an IPSec security association), and then uses PPP-based user authentication to
create the L2TP tunnel. L2TP/IPSec provides data integrity and data authentication for each packet.
However, L2TP/IPSec requires a public key infrastructure (PKI) to allocate computer certificates
and is only supported by Windows 2000 VPN clients.
IPSec tunnel mode: IPSec tunnel mode uses Encapsulating Security Payload (ESP) in tunnel mode
to encapsulate and encrypt unicast IP traffic. Windows 2000 IPSec tunnel mode is used only for
router-to-router VPN connections because the current IPSec standards do not specify a method for
providing user authentication and address assignment for remote access connections.
Question 5. Briefly describe the installation procedure of Linux OS.
Answer. Starting the Installation
I will take an example of how I installed the LINUX on a system which already has Windows
installed, it is almost certainly on a primary partition. Now, all you have to do before installing
Linux is to create additional partitions that can hold Linux.
Step 1. First get hold of the bootable setup CDs of RHL 7.2 then start up your PC, while repeatedly
pressing the DEL key, to enter the BIOS settings. Then, change the first boot device to CDROM
drive, second boot device to FDD A(Floppy Disk Drive A) and third boot device to HDD 0 (Boot
sector of Hard Disk Drive).
You can setup Linux from CDs, DVDs, the hard drive or over a network. I would recommend CD
based install which is quite hassle free. If your first installation CD is bootable, great! Otherwise
you have to create a boot floppy. For RHL, you can do this in Windows or DOS using rawrite.exe
or rawritewin.exe in the dosutils folder on the 1st disk. If you are using a boot floppy, you need not
change the boot priority as I did.
Step 2. Next insert the first setup disk into the CDROM drive and restart the computer.
Step 3. The graphical setup program starts. Select English as the language for setup. The program
detects the keyboard and mouse. It now asks for the partitions to install Linux on. There are 3
options: One to partition automatically and the other two to partition manually with Disk Druid or
Linux FDISK. Choose to partition manually.
Step 4. Next, I choose to format the 3 GB partition as root (/) with ext3 file system. Since I am
installing Linux on a logical partition, I am warned that the partition may not meet boot
requirements and strongly recommended to create a boot diskette.
Step 5. When installing Linux, its best that LiLo (the boot loader) is installed to the root superblock
(boot sector equivalent) of the Linux partition, not the Master Boot Record (MBR). You can let the
For More Papers Visit http://www.IGNOUGuess.com
IGNOU Papers - IGNOU Forum – IGNOU Articles @ IGNOUGuess.com
setup modify the MBR, but if you reinstall Windows, Linux will be rendered inaccessible. Don’t
forget to create a boot diskette!
That’s about it! The rest of the setup should proceed without any glitches and you will have a dual
boot computer. You will be presented a convenient menu by the bootloader (GRUB or LiLo or a
commercial bootloader that you have installed) every time your computer starts. From this menu,
you can choose the OS to boot: either Linux or DOS (Windows).