Chapter 4 Security in the Internet
1 mark
e) What is VPN (Virtual Private Network)?
Answer: VPN (Virtual Private Network): VPN is a technology that enables a secure and encrypted connection over the internet, allowing users to access a private network from a remote location as if they were directly connected to it.
g) Write advantages of packet filter firewall.
Answer: Advantages of Packet Filter Firewall:
1) Simplicity: Packet filters are relatively simple and operate at the network layer, making them efficient for basic traffic control.
2) Low Latency: They introduce minimal latency to network communication.
3) Scalability: Well-suited for large networks as they can handle a high volume of traffic.
4) Resource Efficiency: Requires less processing power compared to more complex firewall types.
Q. What is packet filter./
Answer: Packet Filter: A packet filter is a type of firewall that examines packets of data based on predefined rules. It filters network traffic at the network layer (Layer 3) of the OSI model, making decisions to allow or block packets based on criteria such as source/destination IP addresses and port numbers.
b) What is firewall? Explain packet firewall.
Answer: Firewall: A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks, such as the internet.
c) Explain in detail packet filter firewall, also write it’s advantages and disadvantages.
Answer: A packet firewall specifically operates at the network layer and filters packets based on attributes like source/destination IP addresses and port numbers. It makes decisions to allow or block packets, providing a basic level of network security.
j) A proxy firewall is also called application gateway. Write true or false and also justify.
Answer: Answer: True.
Justification: A proxy firewall, also known as an application gateway, is designed to provide a higher level of security by acting as an intermediary between internal and external networks. It operates at the application layer of the OSI model. The term "application gateway" reflects its ability to understand and control specific applications, making the statement true.
(g) What is Role of packet filter ?
Answer: The role of a packet filter is to check packets of data as they pass through a network interface and make decisions about allowing or blocking them based on predefined rules. Packet filters analyze the header information of each packet, such as source and destination addresses, ports, and protocol types, to determine whether the packet should be permitted or denied.
2 mark
a) What is firewall? Explain with diagram.
Answer: : A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It establishes a barrier between a trusted internal network and untrusted external networks, such as the internet.
e) Write note on IPSec modes.
Answer: IPSec (Internet Protocol Security) operates in two modes:
Transport Mode: In this mode, only the payload (data) of the IP packet is encrypted and/or authenticated. The original IP header is left intact. Transport mode is often used for end-to-end communication between devices.
Tunnel Mode: In tunnel mode, the entire original IP packet is encapsulated within a new IP packet with a new IP header. This mode is commonly used for securing communication between networks. It provides a way to create virtual private networks (VPNs) by encrypting and authenticating all traffic between the participating networks.
h) What is the purpose of IPSec?
Answer: The purpose of IPSec is to provide a set of rules for securing communication over IP networks. IPSec ensures the confidentiality, integrity, and authenticity of data by using encryption, authentication, and key management. It is commonly used to establish Virtual Private Networks (VPNs) and secure communication between network devices.
(ii) List and explain the fundamental services offered by DNSec
Answer: DNSec (Domain Name System Security Extensions) provides the following fundamental services:
1) Data Origin Authentication: DNSec ensures that the data received from DNS servers is authentic and has not been tampered with during transit.
2) Data Integrity: It guarantees that the DNS data remains unchanged and has not been modified by malicious entities.
3) Authenticated Delegation: DNSec ensures that the information about which name servers are authoritative for a particular domain is authentic and has not been compromised.
i) Write name of protocols on which IKE (Internet Key Exchange) is based.
Answer: IKE (Internet Key Exchange) is based on the following protocols:
ISAKMP (Internet Security Association and Key Management Protocol): Establishes Security Associations (SAs) and negotiates the encryption and authentication methods.
Oakley: Specifies the key exchange method within ISAKMP.
b) Write note on Real-Time Transport protocol (RTP).
Answer: Answer: RTP (Real-Time Transport Protocol) is a protocol used for delivering real-time audio and video over IP networks. Key features include:
1) Payload Type Identification: RTP identifies the type of data being carried, allowing receivers to properly interpret and process the incoming streams.
2) Sequence Numbering: RTP assigns sequence numbers to packets, aiding in the reconstruction of the original data sequence at the receiving end.
3) Timestamps: RTP includes timestamps to synchronize audio and video data at the receiver.
4) Header Extensions: RTP allows for the inclusion of header extensions to convey additional information, such as codec changes or encryption parameters.
4 mark
a) Explain PGP certificates.
Answer:
Answer: PGP (Pretty Good Privacy) certificates are used in the PGP encryption system for secure communication. The key components include:
1) Public Key: Used for encryption and available to anyone. It can be distributed openly or through a keyserver.
2) Private Key: Kept secret and used for decryption. It must be securely stored and should never be shared.
3) User ID: Identifies the user associated with the key.
4) Digital Signature: Provides authentication and ensures that the public key is associated with the correct user.
b) Explain SSL services in detail.
Answer: Answer: SSL (Secure Sockets Layer) provides secure communication over the internet. Key services include:
1) Authentication: SSL ensures that the server is who it claims to be, preventing man-in-the-middle attacks.
2) Data Encryption: SSL encrypts data during transmission, making it unreadable to unauthorized parties.
3) Data Integrity: SSL ensures that the data remains unaltered during transmission.
4) Session Management: SSL manages sessions between a client and a server, allowing them to resume a previous session if desired.
5) Secure Key Exchange: SSL establishes a secure method for exchanging encryption keys between the client and server.