MCSE

Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.

Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.

A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.

TCP ensures reliable and end to end delivery of segments of information. Segments are acknowledged to the source when received by the destination. Data is broken up into segments and sequenced properly before transmission. This arrangement of segments allows destination to trace lost data in transmission.

The UDP is a connectionless, unreliable service. UDP messages can be lost and duplicated.

TCP windowing concept is primarily used to avoid congestion in the traffic. It controls the amount of unacknowledged data a sender can send before it gets an acknowledgment back from the receiver that it has received it.

Transmission control Protocol is used to establish communication between nodes or networks and exchange data packets. It guarantees delivery of data packets in the order they were sent. Hence it is most commonly used in all applications that require guaranteed delivery of data. It can handle both timeouts (if packets were delayed) and retransmission (if packets were lost). The stream of data is transmitted in segments. The segment header is 32 bit. it is a connectionless communication protocol at the third level (network) of the OSI model.

User Data Protocol is a communication protocol. It is normally used as an alternative for TCP/IP. However there are a number of differences between them. UDP does not divide data into packets. Also, UDP does not send data packets in sequence. Hence, the application program must ensure the sequencing. UDP uses port numbers to distinguish user requests. It also has a checksum capability to verify the data.

TCP guarantees the delivery of data. UDP on the other hand, does not guarantee delivery of data. TCP delivers messages in the order they were sent. UDP has no ordering mechanisms. In TCP data is sent as a stream while UDP sends data as individual packets. UDP is faster than TCP. TCP is a connection oriented protocol while UDP is connectionless.

Trusted networks:

Such Networks allow data to be transferred transparently. The machines using a trusted network are usually administered by an Administrator to ensure that private and secured data is not leaked. Access to this network is limited. Computers using trusted networks are more secured and confidential because of strong firewalls.

Untrusted networks:

Such networks are usually administered by the owners. They can allow improper access to sensitive or personal data. These machines are usually separate. Such machines could me more prone to attacks.

Virtual Private network is a network that used the public telecommunication infrastructure. This means that it used public wires to connect the nodes. E.g. Internet. VPN supports remote access to computers and allow data to be transmitted over this public network. Even though the data is transmitted over a public network, encryption and decrypting data to ensure security.

Tunneling is a mechanism provided to transfer data securely between two networks. The data is split into smaller packets and passed through the tunnel. The data passing through the tunnel has 3 layers of encryption. The data is encapsulated. Tunneling can be approached by Point to Point tunneling protocol.

Voluntary Tunneling:

Users computer is an end point of the tunnel and acts as tunnel client. Here the client or user issues a request to configure and create a voluntary tunnel. They require a dial up or LAN connection. Example of dial up connection is internet at home where a call is made to the ISP and connection is obtained.

Compulsory tunneling:

In compulsory tunneling, instead of the user a vpn remote access server configures and creates a tunnel. Hence, the end point is the Remote sever not the user.

Tunnels that are created manually are static tunnels. Tunnels that are auto discovered are dynamic tunnels. In dynamic tunneling, tcp connections can be checked dynamically. If no connections exist that are routed through the tunnel, a check for more suitable gateway can be done. Static tunneling may at times require dedicated equipments.

Subneting is a process of breaking the network into smaller units. These units care called as subnets. Here a subnet could be several machines in a single LAN. Networks using IP can create sub networks of logical addresses. With every IP address there some of the bits in the machine can be used to identify a specific subnet. The IP address then contains three parts: the network number, the subnet number, and the machine number

Advantages of using Subneting:-

* Easier network management and trouble shooting

* Routing table’s size is reduced which means faster network transfers

* Solves network congestion problems:- Since the complete network is divided into smaller networks

* Network addresses can be decentralized e.g. the administrator of the network can monitor the subnet

Subnets that can be customized; i.e. modifying the dividing point between subnet ID and host ID to suit the needs of our network. The subnet mask that we use when creating a customized subnet is, called a custom subnet mask. This custom subnet mask is used to find the customization.