MCS-022 Operating System Concepts and
MCS-022 Operating System Concepts and
MCS-022 Operating System Concepts and
com
This assignment has twenty questions in all and carries 80 marks. The rest of the 20 marks are
for viva-voice. Answer all the questions. All questions carry equal marks (i.e. 4 marks each).
Please go through the guidelines regarding assignments given in the Programme Guide for the
format of presentation.
Disclaimer: This Assignment is prepared by our students. The Institution and publisher are not
responsible for any omission and errors.
An operating system kernel is not strictly needed to run a computer. Programs can be directly
loaded and executed on the "bare metal" machine, provided that the authors of those programs
are willing to do without any hardware abstraction or operating system support. This was the
normal operating method of many early computers, which were reset and reloaded between the
running of different programs. Eventually, small ancillary programs such as program loaders and
debuggers were typically left in-core between runs, or loaded from read-only memory. As these
were developed, they formed the basis of what became early operating system kernels. The "bare
metal" approach is still used today on many video game consoles and embedded systems, but in
general, newer systems use kernels and operating systems.
left and the process control subsystem on the right, the two major component
of the kernel.
MICROKERNAL ARCHITECTURE-----
In computer science, a microkernel (also known as -kernel) is the near-minimum amount
of Software that can provide the mechanisms needed to implement an operating system (OS).
These mechanisms include low-level address space management, thread management, and inter
process communication (IPC).
If the hardware provides multiple rings or CPU modes , the microkernel may be the only software
executing at the most privileged level, which is generally referred to as supervisor or Kernal Mode.
Traditional operating system functions, such as device drivers, protocol stacks and file system, are
typically removed from the microkernel itself and are instead run in user space.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
This structures the operating system by removing all nonessential portions of the kernel and
implementing them as system and user level programs.
DFS Characteristics
The permissions of shared folders that are part of the DFS are still the same.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Shares with important information can be replicated to several servers providing fault
tolerance.
The DFS root must be created first.
DFS Components
DFS root - A shared directory that can contain other shared directories, files, DFS
links, and other DFS roots. One root is allowed per server. Types of DFS roots:
o Stand alone DFS root - Not published in Active Directory, cannot be
replicated, and can be on any Windows 2000 Server. This provides no fault tolerance with
the DFS topology stored on one computer. A DFS can be accessed using the following
syntax:
\\Server\DFSname
o Domain DFS root - It is published in Active Directory, can be replicated, and
can be on any Windows 2000 Server. Files and directories must be manually replicated to
other servers or Windows 2000 must be configured to replicate files and directories.
Configure the domain DFS root, then the replicas when configuring automatic replication.
Links are automatically replicated. There may be up to 31 replicas. Domain DFS root
directories can be accessed using the following syntax:
\\domain\DFSname
DFS link - A pointer to another shared directory. There can be up to 1000 DFS links
for a DFS root.
DFS administration is done on the Administrative Tool, "Distributed File System". This tool
is on all Windows 2000 Server computers, and Windows 2000 Professional computers
that have the ADMINPAK installed.
Client Computers
Windows 2000 Server
Windows 2000 Professional
Windows NT 4.0 or later Server and Workstation
Windows 95 and Windows 98 with DFS client software. (No access to DFS links
on NetWare servers).
Replication
The File Replication Service (FRS) can used to replicate DFS shares automatically.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Q.2.(a) Explain the differences between the following groups of Windows 2000
operating system:
(i) Global groups
(ii) Domain Local groups
(iii) Local groups
(iv) System groups
Ans.2.(a)
A group is a collection of user and computer accounts, contacts, and other groups that you can manage
as a single unit. Users and computers that belong to a particular group are referred to as group
members.
Groups in Active Directory Domain Services (AD DS) are directory objects that reside in a domain and
in organizational unit (OU) container objects. AD DS provides a set of default groups at installation. It
also provides an option to create groups.
Delegate administration by assigning user rights once to a group through Group Policy. You
can then add members to the group that you want to have the same rights as the group.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Use groups with global scope to manage directory objects that require daily maintenance,
such as user and computer accounts. Because groups with global scope are not replicated
outside their own domain, you can change accounts in a group having global scope
frequently without generating replication traffic to the global catalog.
Although rights and permissions assignments are valid only within the domain in which
they are assigned, by applying groups with global scope uniformly across the appropriate
domains, you can consolidate references to accounts with similar purposes. This
simplifies and rationalizes group management across domains. For example, in a network
with two domains, Europe and UnitedStates, if there is a group with global scope called
GLAccounting in the UnitedStates domain, there should also be a group called
GLAccounting in the Europe domain (unless the accounting function does not exist in the
Europe domain).
(ii) Domain Local Group:-
Members of domain local groups can include other groups and accounts from Windows NT,
Windows 2000, Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 domains.
Members of these groups can be assigned permissions only within a domain.
Groups with domain local scope help you define and manage access to resources within a single
domain. These groups can have the following as their members:
Domain local groups, but only from the same domain as the parent domain local group
For example, to give five users access to a particular printer, you can add all five user accounts in the
printer permissions list. If, however, you later want to give the five users access to a new printer, you
again have to specify all five accounts in the permissions list for the new printer.
With a little planning, you can simplify this routine administrative task by creating a group with domain
local scope and assigning it permission to access the printer. Put the five user accounts in a group with
global scope, and add this group to the group that has domain local scope. When you want to give the
five users access to a new printer, assign the group with domain local scope permission to access the
new printer. All members of the group with global scope automatically receive access to the new printer.
Many default groups are automatically assigned a set of user rights that authorize members of the group
to perform specific actions in a domain, such as logging on to a local system or backing up files and
folders. For example, a member of the Backup Operators group has the right to perform backup
operations for all domain controllers in the domain.
When you add a user to a group, the user receives the following:
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
All the permissions that are assigned to the group on any shared resources
Local groups are located in the Builtin container and the Users container. The local groups in the Builtin
container have a group scope of Builtin Local. Their group scope and group type cannot be changed.
The Users container contains groups that are defined with global scope and groups that are defined
with domain local scope. You can move groups that are located in these containers to other groups or
OUs within the domain, but you cannot move them to other domains.
(iv) System Groups:-
System groups can contain members from any Windows 2000 domain in the forest, and can be granted
permissions in any domain in the forest or in trusted forests. Though universal groups can have
members from mixed mode domains in the same forest, members from such domains do not have the
universal group added to their access tokens because universal groups are not available in mixed mode.
Though you can add users to a universal group, it is recommended that you restrict membership to
system groups. Note that universal groups are only available in native mode domains.
You can use universal groups to build groups that perform a common function within an enterprise. An
example of this is virtual teams. The membership of such teams in a large company could be nation-
wide, or world-wide, and almost certainly forest-wide, with team resources being similarly distributed.
In these circumstances, universal groups could be used as a container to hold global groups from each
subsidiary or department, with the team resources being protected by a single ACE for the universal
group.
System groups and their members are listed in the Global Catalog (GC). Though global and domain
local groups are also listed in the GC, their members are not. This has implications for GC replication
traffic. It is recommended that you use universal groups with care. If your entire network has high-speed
connectivity, you can simply use universal groups for all your groups, and benefit from not having to
manage global groups and domain local groups. If, however, your network spans wide area networks
(WANs), you can improve performance by using global groups and domain local groups.
If you use System groups and domain local groups, you can also designate as universal groups any
widely used groups that are seldom changed.
DNS Architecture
DNS architecture is a hierarchical distributed database and an associated set of protocols that define:
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
DNS originated in the early days of the Internet when the Internet was a small network established by
the United States Department of Defense for research purposes. The host names of the computers in
this network were managed through the use of a single HOSTS file located on a centrally administered
server. Each site that needed to resolve host names on the network downloaded this file. As the number
of hosts on the Internet grew, the traffic generated by the update process, as well as the size of the
HOSTS file, increased. The need for a new system, which would offer features such as scalability,
decentralized administration, support for various data types, became more and more obvious.
Role of Name Server:-
Name servers
The DNS system is upholder by a dispersed database system. This system employs the client
server model and the knobs of database are the name servers. Every domain has minimum
one authorized DNS server which distributed information about domain and name server of
every domain subsidiary to it.
Authoritative name server
It is a name server which is responsible to answer about the configuration that it is held by an
original source. Only Authoritative name server returned answer to inquiries related to domain
name that have been exclusively configured by the administrator. Authoritative name server
can be whichever slave master which uses an automatic method of the DNS protocol in
contact in the company of its master server which maintains alike copy of the master account.
Each zone of DNS ought to be a set of authoritative name servers. After the registration of
domain name their setting up has need of the assignment of a primary name server and
minimum one secondary server. The necessity of manifold name servers intends to make the
domain still practical yet if one name server happen to unreachable or untreatable. The title of
a primary name server is exclusively resolute by the precedence specified to the domain name
registrar. For this reason usually only the completely competent domain name of the name
server is compulsory.
Role of Resolver:-
DNS resolvers
The DNS (Domain Name System) client side is called DNS resolver which is responsible for
starting and sequencing the inquiries that eventually guide to a complete resolution of the
sources required. DNS resolvers and DNS server are performing recursively on behalf of the
resolver.
Resolving typically involve iterating through numerous name servers to locate the desirable
information. Some resolvers purpose simplistically and can converse only with a particular
name server and these all called stub resolvers which are rely on a recursive name server to
execute the work of finding information for them.
DNS related files
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
DNS (Domain Name System) consist of boot which is a BIND boot configuration file,
Cache.dns use for uploading, Root.dns which is a root zone file, and zone_name.dns which
is a used when any zone entered and configured for a server.
Q.3.(a)Explain the abstract model of Virtual Memory used in Linux operating system.
Give a suitable diagram to explain its working.
In this model, both virtual and physical memory are divided up into handy sized chunks
called pages. These pages are all the same size, they need not be but if they were not the
system would be very hard to administer. Linux on Alpha AXP uses 8 Kbyte pages. Each
of these pages is given a unique number; the Page Frame Number (PFN). For every
instruction in a program, for example to load a register with the contents of a location in
memory, the CPU performs a mapping from a virtual address to a physical one. Also, if
the instruction itself references memory then a translation is performed for that reference.
The address translation between virtual and physical memory is done by the CPU using
page tables which contain all the information that the CPU needs. Typically there is a page
table for every process in the system. Figure ---- a simple mapping between virtual
addresses and physical addresses using page tables for Process X and Process Y. This
shows that Process X's virtual PFN 0 is mapped into memory in physical PFN 1 and
that Process Y's virtual PFN 1 is mapped into physical PFN 4. Each entry in the theoretical
page table contains the following information:
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
As the processor executes a program it reads an instruction from memory and decodes
it. In decoding the instruction it may need to fetch or store the contents of a location in
memory. The processor then executes the instruction and moves onto the next instruction
in the program. In this way the processor is always accessing memory either to fetch
instructions or to fetch and store data.
In a virtual memory system all of these addresses are virtual addresses and not physical
addresses. These virtual addresses are converted into physical addresses by the
processor based on information held in a set of tables maintained by the operating system.
To make this translation easier, virtual and physical memory are divided into handy sized
chunks called pages. These pages are all the same size, they need not be but if they were
not, the system would be very hard to administer. Linux on Alpha AXP systems uses 8
Kbyte pages and on Intel x86 systems it uses 4 Kbyte pages. Each of these pages is given
a unique number; the page frame number (PFN).
In this paged model, a virtual address is composed of two parts; an offset and a virtual
page frame number. If the page size is 4 Kbytes, bits 11:0 of the virtual address contain
the offset and bits 12 and above are the virtual page frame number. Each time the
processor encounters a virtual address it must extract the offset and the virtual page frame
number. The processor must translate the virtual page frame number into a physical one
and then access the location at the correct offset into that physical page. To do this the
processor uses page tables.
Q.3.(b) Write a shell script in LINUX to count the number of words in a given file?
Ans.3.(b) Shell Scripting:-
In Linux, shells like bash and korn support programming construct which are saved as scripts. These
scripts become shell commands and hence many Linux commands are script.
A system administrator should have a little knowledge about scripting to understand how their servers
and applications are started, upgraded, maintained or removed and to understand how a user
environment is built.
read file
l=`wc -l $file|cut -d " " -f 1`
echo $l
count=0
coch=0
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
done
done
echo no. of space $count
echo no. of characters $coch
Ans.4.(a)
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
facto standard for use in network management solutions and is tightly connected with
remote monitoring (RMON) and Management Information Bases (MIB). Each managed
device in the network has several variables that quantify the state of the device. You can
monitor managed devices by reading the values of these variables, and you can control
managed devices by writing values into these variables.
This section introduces SNMP and describes the differences between SNMP versions 1,
2, and 3. The role of MIBs in SNMP and RMON monitoring is described, and Cisco's
network discovery protocol, Cisco Discovery Protocol (CDP), is introduced. The section
concludes with a description of methods for gathering network statistics.
SNMP
SNMP has become the de facto standard for network management. SNMP is a simple
solution that requires little code to implement, which enables vendors to easily build SNMP
agents for their products. In addition, SNMP is often the foundation of the network
management architecture. SNMP defines how management information is exchanged
between network management applications and management agents.
Q.4.(b) Explain drive mapping facility in Windows 2000 with suitable examples.
Ans.4.(b) To demonstrate the Mapping of a Network Drvie, the instructions below
will show you how to connect to \\Galileo\ITD32. Please remember that all
instructions below are for example only. You may well wish to connect to another
drive but the instructions will act as a guide.
1. From the Start menu, choose Programs and choose Windows Explorer from the
Submenu.
2. From the Tools menu, choose Map Network Drive... The window opposite will open.
3. Click the down arrow opposite Drive: and choose Z:
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
4. Click the down arrow opposite Folder:. Scroll through this list:
(a) If the drive you wish to connect to is listed then click on it to connect to it. If it is not
listed:
5. You will be returned to the Initial window "Map Network Drive". The Folder location
will now hold the drive you have connected to.
6. Click Finish.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
7. Explorer will open showing you the contents of the drive you have connected to.
1) About tail
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Description
tail prints the last 10 lines of each FILE to standard output. With more than one FILE, it
precedes each set of output with a header giving the file name. If no FILE is specified, or if
FILE is specified as a dash ("-"), tail reads from standard input.
tail syntax
tail [OPTION]... [FILE]...
tail examples
tail myfile.txt
Outputs the last 10 lines of myfile.txt, and monitors myfile.txt for updates; tail then
continues to output any new lines that are added to myfile.txt.
2) About grep
grep, which stands for "global regular expression print," processes text line by line and
prints any lines which match a specified pattern.
grep syntax
grep [OPTIONS] PATTERN [FILE...]
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Overview
Grep is a powerful tool for matching a regular expression against text in a file, multiple files,
or a stream of input. It searches for the PATTERN of text that you specify on the command
line, and outputs the results for you.
Example Usage
Let's say want to quickly locate the phrase "our products" in HTML files on your machine.
Let's start by searching a single file. Here, our PATTERN is "our products" and
our FILE is product-listing.html.
3) About chmod
Overview
On Linux and other Unix-like operating systems, there is a set of rules for each file which
defines who can access that file, and how they can access it. These rules are called file
permissions or file modes. The command name chmod stands for "change mode", and it is
used to define the way a file can be accessed.
Before continuing, you should read the section What Are File Permissions, And How Do They
Work? in our documentation of the umask command. It contains a comprehensive description
of how to define and express file permissions.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Overview
lines starting with a number will appear before lines starting with a letter;
lines starting with a letter that appears earlier in the alphabet will appear
before lines starting with a letter that appears later in the alphabet;
lines starting with a lowercase letter will appear before lines starting with
the same letter in uppercase.
sort syntax
sort is a simple and very useful command which will rearrange the lines in a text file so
that they are sorted, numerically and alphabetically. By default, the rules for sorting are:
The rules for sorting can be changed according to the options you provide to
the sort command; these are listed below.
Q.5.(b)Compare the individual fields of the IPV4 leader with the IPV6 header.
Ans.5.(b) If you are using Internet or almost any computer network you will likely using
IPv4 packets. IPv4 uses 32-bit source and destination address fields. We are actually
running out of addresses but have not fear, the Internet Engineering Task Force (IETF) is
here with IPv6.The IPv6 packet doesn't look much like its IPv4 cousin, except for the
leading version field. The IPv6 address fields are 128-bits. The larger address space is
one reason to migrate to IPv6 but there are many more differences that give IPv6 an
advantage. For example, the header checksum field has been eliminated because
transport reliability has gone up and its overhead was unnecessary.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
The address space is the main difference between IPv4 (32-bit) and IPv6 (64-bit). The
text representation has also been changed from a 2-digit partitioning for IPv4 to 4-digits
for IPv6. An IPv4 example address is 12:34:56:78. An IPv6 example address is
1234:5678:9abc:def0:1234:5678:9abc:def0. The IPv6 representation also allows double
colons (::) to represent a string of zero entries so 1234:0:9abc:0:0:0:0:def0 could be
1234:0:9abc::def0.
Packets for both IPv4 and IPv6 are variable and they can be up to 64 Kbytes. The
problem is that the protocols can be used over a number transports that may have other
limits. This is normally specified by the maximum transmission unit (MTU). Both
protocols have a minimum MTU requirement. This is 576 bytes for IPv4 and 1280 bytes
for IPv6.
Larger data payloads can be shipped around the network by breaking the data among
multiple packet fragments. This is typically done by the host but in IPv4 this can also be
done by routers. IPv6 hosts need to determine the MTU for a path to a destination. This
approach simplifies routers but adds complexity at the host end. This is normally not an
issue and the IPv6 minimum MTU can always be used with any path.
The other big difference between IPv4 and IPv6 is the header. There are changes in the
number and type of fields and extensions are handled in a different fashion. The IPv6
header is always 40 bytes and can be followed by any number of extension headers and
then the data. This approach is more flexible but harder to process since the number
and size of additional headers is variable.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Q.6.(a)Explain the Logical and Physical structure of active directory in Windows 2000.
Ans.6.(a) Active Directory can be considered to have both a logical and physical
structure, and there is no correlation between the two. The logical parts of Active
Directory include forests, trees, domains, OUs and global catalogs.
Each element of the logical structure of Active Directory is defined below:
Domain a domain in Windows 2000 is very similar to a domain is Windows NT. It is still
a logical group of users and computers that share the characteristics of centralized
security and administration. A domain is still a boundary for security this means that an
administrator of a domain is an administrator for only that domain, and no others, by
default. A domain is also a boundary for replication all domain controllers that are part
of the same domain must replicate with one another. Domains in the same forest
automatically have trust relationships configured.
Forest a forest is the largest unit in Active Directory and is a collection of trees that
share a common Schema, the definition of objects that can be created. In a forest all
trees are connected by transitive two-way trust relationships, thus allowing users in any
tree access to resources in another for which they have been given appropriate
permissions and rights. By default the first domain created in a forest is referred to as
the root domain. Amongst other things, this is where the Schema is stored by default.
There are two types of active directory forest :-
I) Single Forest
2) Multiple forest
Global Catalogs Global Catalogs are listings of every object that exists within an Active
Directory forest. By default, a domain controller only contains information about objects
in that domain. A Global Catalog server is a domain controller that contains information
about every object (though not every attribute for each) stored in the entire forest.
The physical structure of Active Directory helps to manage the communication
between servers with respect to the directory. The two physical elements of Active
Directory are domain controllers and sites. Each is described below.
Domain Controllers domain controllers are Windows 2000 Server-based systems that
store the Active Directory database. Every Windows 2000 domain controller has a
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
writable copy of the directory. This is different that in NT 4, where only the PDC had this
capability. Domain controllers in the same domain contain replicas of the directory that
must be synchronized periodically.
Site a site is a concept that did not exist in an NT directory service structure. In Active
Directory, sites are groups of IP subnets that are connected at high speed. Although the
definition of high speed is open, it is generally considered to be subnets that are
connected at LAN speeds (say 10 Mb) or higher. The purpose of defining sites in Active
Directory is to control network traffic relating to directory synchronization, as well as to
help ensure that users connect to local resources. For example, domain controllers
located in the same site replicate with one another on a 5-minute change notification
interval similar to in NT 4.
Q.6.(b) Describe the concept of encrypting using EFS services.
Ans.6.(b)
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
folder will be encrypted. Applications don't have to understand EFS or manage EFS-
encrypted files any differently than unencrypted files. If a user attempts to open a file
and possesses the key to do so, the file opens without additional effort on the user's
part. If the user doesn't possess the key, they receive an "Access denied" error
message.
File encryption uses a symmetric key, which is then itself encrypted with the
public key of a public key encryption pair. The related private key must be available in
order for the file to be decrypted. This key pair is bound to a user identity and made
available to the user who has possession of the user ID and password. If the private key
is damaged or missing, even the user that encrypted the file cannot decrypt it. If a
recovery agent exists, then the file may be recoverable. If key archival has been
implemented, then the key may be recovered, and the file decrypted. If not, the file may
be lost. EFS is an excellent file encryption systemthere is no "back door."
File encryption keys can be archived (e.g. exported to a floppy disk) and kept in a
safe place to ensure recovery should keys become damaged.
EFS keys are protected by the user's password. Any user who can obtain the
user ID and password can log on as that user and decrypt that user's files. Therefore, a
strong password policy as well as strong user education must be a component of each
organization's security practices to ensure the protection of EFS-encrypted files.
Q.7.(a) Assume you are server administrator of Linux lab. This lab is having two
computers which are having some confidential data. We want to display a logon
warning message, "unauthorized access to this system is punishable" if any user
tries to log in these two computers with wrong user name or wrong password. Write
the steps to create the above mentioned logon warning message.
Ans.7.(a) We can restrict the authentication of the User to save the confidential data from
the Computers using CHMOD Command.
chmod changes the permissions of each given file according to mode, where mode
describes the permissions to modify. Mode can be specified with octal numbers or with
letters.
A numeric mode is from one to four octal digits (0-7), derived by adding up the bits with
values 4, 2, and 1. Any omitted digits are assumed to be leading zeros. The first digit
selects the set user ID (4) and set group ID (2) and sticky (1) attributes. The second digit
selects permissions for the user who owns the file: read (4), write (2), and execute (1); the
third selects permissions for other users in the file's group, with the same values; and the
fourth for other users not in the file's group, with the same values.
Read by owner only
Read by group only
Read by anyone
Write by owner only
Write by group only
Write by anyone
Execute by owner only
Execute by group only
Execute by anyone
Allow read permission to owner and group and anyone.
Allow everyone to read, write, and execute file.
The operator '+' causes the permissions selected to be added to the existing permissions
of each file; '-' causes them to be removed; and '=' causes them to be the only permissions
that the file has.
The letters 'rwxXstugo' select the new permissions for the affected users: read (r), write
(w), execute (or access for directories) (x), execute only if the file is a directory or already
has execute permission for some user (X), set user or group ID on execution (s), sticky
(t), the permissions granted to the user who owns the file (u), the permissions granted to
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
other users who are members of the file's group (g), and the permissions granted to users
that are in neither of the two preceding categories (o).
Deny execute permission to everyone.
Allow read permission to everyone.
Make a file readable and writable by the group and others.
Make a shell script executable by the user/owner.
Allow everyone to read, write, and execute the file and turn on the set group-ID.
And after that print the message "unauthorized access to this system is
punishable" using scripting .
Q.7.(b)Draw a diagram of SNMP architecture and show how it is used to manage
network devices.
Ans.7.(b) SNMP Architecture:-
SNMP Manager:
A manager or management system is a separate entity that is responsible to
communicate with the SNMP agent implemented network devices. This is typically a
computer that is used to run one or more network management systems.
SNMP Managers key functions
Queries agents
Gets responses from agents
Sets variables in agents
Acknowledges asynchronous events from agents
Managed Devices:
A managed device or the network element is a part of the network that requires some
form of monitoring and management e.g. routers, switches, servers, workstations,
printers, UPSs, etc...
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
SNMP Agent:
The agent is a program that is packaged within the network element. Enabling the agent
allows it to collect the management information database from the device locally and
makes it available to the SNMP manager, when it is queried for. These agents could be
standard (e.g. Net-SNMP) or specific to a vendor (e.g. HP insight agent)
SNMP agents key functions
Collects management information about its local environment
Stores and retrieves management information as defined in the MIB.
Signals an event to the manager.
Acts as a proxy for some nonSNMP manageable network node.
Q.8.(a) How does the Remote Access Mechanism in Windows 2000 work
and how can it be configured ?
Ans.8.(a) The term remote access server can refer to a server that performs a range
of remote access services, instead of just providing the ability for clients to dial into the
company LAN. Both Windows 2000 Professional and Windows 2000 Server can act as
remote access servers, albeit with different restrictions on each platform.
On the Windows 2000 Professional side, you can configure a workstation to allow
incoming connections through dial-up (one at a time), giving the remote caller the ability
to use resources stored on the local computer or on the LAN, depending on how RRAS
is configured. Under Windows 2000 Server, RRAS can support multiple concurrent
remote access clients for those same purposes, essentially limited only by the number of
available incoming connections. For example, if you have a modem pool of 48 modems,
Windows 2000 Server will support all of those connections concurrently.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
A RAS connection that connects the client to the dial-up server is called a point-to-point
remote access connection. A RAS connection that connects the client to the LAN is
called a point-to-LAN remote access connection. Regardless of the type, the remote
clients can access resources on the server or LAN as if their computers were connected
locally to the server or LAN. For example, clients can open and save files and use
printers, just as they can locally.
Remote access is not the same thing as remote control. With a remote control
application such as Symantecs pcAnywhere, the client uses the remote control
application to log onto and run applications on a remote computer. The applications run
on the remote computer rather than on the clients local computer. In effect, the remote
control application gives the client a long-distance keyboard, mouse, and display for the
remote computer.
Remote access makes the clients local computer a part of the remote network.
Applications run on the clients local computer, not on the remote computer (except
when the client executes a network-enabled application). Remote control applications
cant exist without remote accessthe client either dials into the remote computer
directly or dials into the LAN. So, if you need to use a remote control application to
manage a remote server, for example, youll need a remote access connection to the
server or to the servers LAN before the remote control application can do anything.
Depending on the remote control application, that connection might take the form of a
public Internet connection, using the remote servers and clients existing connections to
the Internet as the means of communication.
While you can certainly grow the servers capabilities later on, you need to determine
your clients current needs and plan for that growth. Choosing the right communications
hardware is a big part of that process. If the bandwidth needs arent critical, modems
and Public Switched Telephone Network (PSTN) lines (standard voice lines, or Plain Old
Telephone ServicePOTS) are an easy and relatively inexpensive solution. If youre
installing multiple lines, choose one number as the primary dial-up number and have
your communications provider configure the lines in a hunt group. If one line is busy in
the hunt group, the incoming call rolls to the next available line. There are several
options for hunt groups that can address such problems as a ring-no-answer due to a
hung modem. Check with your provider for details to decide what best fits your needs.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
The Routing and Remote Access service for Windows 2000 Server continues the
evolution of multiprotocol routing and remote access services for the Microsoft Windows
platform. New features of the Routing and Remote Access service for Windows 2000
include:
Internet Group Management Protocol (IGMP) and support for multicast
boundaries.
Network address translation with addressing and name resolution components
that simplify the connection of a small office/home office (SOHO) network to the Internet.
Integrated AppleTalk routing.
Layer Two Tunneling Protocol (L2TP) over IP Security (IPSec) support for router-
to-router VPN connections.
Improved administration and management tools. The graphical user interface
program is the Routing and Remote Access administrative utility, a Microsoft
Management Console (MMC) snap-in. The command-line utility is Netsh.
All of the combined features of the Windows 2000 Routing and Remote Access service
make a Windows 2000 Serverbased computer function as the following:
Multiprotocol router
A Routing and Remote Access service computer can route IP, IPX, and AppleTalk
simultaneously. All routable protocols and routing protocols are configured from the
same administrative utility.
Demand-dial router
A Routing and Remote Access service computer can route IP and IPX over on-demand
or persistent WAN links, such as analog phone lines or ISDN, or over VPN connections
using either PPTP or L2TP over IPSec.
Remote access server
A Routing and Remote Access service computer can act as a remote access server
providing remote access connectivity to dial-up or VPN remote access clients using IP,
IPX, AppleTalk, or NetBEUI.
Q.8.(b)Explain the following with reference to WINDOWS 2000:
(i) File Replication service
(ii) FAT 16 and FAT 32
FRS is a service which allows the sharing of Group Policies and logon scripts to the
domain controllers, from where they may be accessed by the users through the client
servers. The executable file running the service is NTFRS.exe. This service can also be
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
used to replicate files and synchronize the data of its domain controllers using a DFS. It
is also able to keep data on multiple servers at once.
The synchronization process is quick and complete. As it initiates very important scripts
and processes which are required for logon, the services have to be quick, efficient and
dependable. This service fits all the requirements because it backs up all the data on
different servers while replicating them. The sync service is very fast and any changes in
the policies are instantaneously changed in the clients data.
The root folder can manage a maximum of 512 entries. The use of long file
names can significantly reduce the number of available entries.
FAT16 is limited to 65,536 clusters, but because certain clusters are reserved, it
has a practical limit of 65,524. Each cluster is fixed in size relative to the logical drive. If
both the maximum number of clusters and their maximum size (32 KB) are reached, the
largest drive is limited to 4 GB on Windows 2000. To maintain compatibility with MS-
DOS, Windows 95, and Windows 98, a FAT16 volume should not be larger than 2 GB.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com
IGNOU Solved Assignments By http://ignousolvedassignments.com
Disadvantages of FAT32
Disadvantages of FAT32 include:The largest FAT32 volume Windows 2000 can format
is limited in size to 32 GB.FAT32 volumes are not accessible from any other operating
systems other than Windows 95 OSR2 and Windows 98.The boot sector is not backed
up.There is no built-in file system security or compression with FAT32.
Course Code : MCS-022 Course Title : Operating System Concepts and Networking Management
Assignment Number : MCA(2)/022/Assignment/16-17 http://ignousolvedassignments.com