www.ignousolvedassignments.

com

Connect on Facebook :
http://www.facebook.com/pages/IgnouSolvedAssignmentscom/346544145433550

Course Code
Course Title Assignment Number

:
: :

CS-75
Intranet Administration BCA (6)-75/Assignment/ 12

Maximum Marks
Last Date of Submission

:
:

25
30th April, 2012/30th October, 2012

There are five questions in this assignment. Answer all the questions. You may use illustrations and diagrams to enhance your explanations.

1 ) Assume a software company consisting of a LAN with a total of 100 computers in two adjoining buildings. If you are a Network Security professional for this company, design a security policy for your company. What points would you consider while formulating the policy and at what levels would you implement the policy? Also specify the hardware and software requirements for ensuring security. Security Design Policy: To design a secure LAN following types of treats will be kept in mind by me:

People threats that include the following:

System Administration Error: all human errors occurring in the setup, administration, and operation of LAN systems, ranging from the failure to properly enable access controls and other security features to the lack of adequate backups. PC Operator Error: all human errors occurring in the operation of PC/LAN systems, including improper use of logon/passwords, inadvertent deletion of files, and inadequate backups. Software/Programming Error: all the "bugs," incompatibility issues, and related problems that occur in developing, installing, and maintaining software on a LAN. Unauthorized Disclosure: any release of sensitive information on the LAN that is not sanctioned by proper authority, including those caused by carelessness and accidental release. Unauthorized Use: employment of government resources for purposes not authorized by the Agency and the use of non-government resources on the network Fraud/Embezzlement: the unlawful deletion of government recorded assets through the deceitful manipulation of government controls, files and data, often through the use of a LAN. Modification of Data: any unauthorized changing of data, which can be motivated by such things as personal gain, favoritism, a misguided sense of duty, or a malicious intent to sabotage.

www.ignousolvedassignments.com

Alteration of Software: any unauthorized changing of software, which can be motivated by such things as disgruntlement, personal gain, or a misguided sense of duty.

www.ignousolvedassignments.com

Theft of ADP Assets: the unauthorized/unlawful removal of data, hardware, or software from government facilities Viruses and Related Threats "Computer viruses are the most widely recognized example of a class of programs written to cause some form of intentional disruption or damage to computer systems or networks.

Physical Threats
Electrical power problems are the most frequent physical threat to LANs, but fire or water damage is the most serious. Physical threats include the following: Electrical Power Failures/Disturbances Hardware Failure Fire/Water Damage Other Physical Threats Security Methods: Assignment of LAN Security Officer. The first safeguard in any LAN security program is to assign the security responsibility to a specific, technically knowledgeable person. This person must then take the necessary steps to assure a viable LAN security program. Security Awareness and Training. Technical training is the foundation of security training. These two categories of training are so interrelated that training in security should be a component of each computer systems training class. Proper technical training is considered to be perhaps the single most important safeguard in reducing human errors the mistakes of otherwise well-meaning employees. Personnel Screening. The personnel screening process should also address LAN repair and maintenance activities, as well as janitorial and building repair crews that may have unattended access to LAN facilities. Separation of Duties. People within the organization are the largest category of risk to the LAN. Preventive Maintenance. Hardware failure is an ever present threat, since LAN physical components wear out and break down. Preventive maintenance identifies components nearing the point at which they could fail, allowing for the necessary repair or replacement before operations are affected. Written Procedures. It is human nature for people to perform tasks differently and inconsistently, even if the same person performs the same task. Procedures should be tailored to specific LANs and addressed to the actual users, to include the "do's" and "don't's" of the main elements of safe computing practices, such as: access control (e.g., password content), handling of floppies, copyrights and license restrictions, remote access restrictions, input/output controls, checks for pirated software, courier procedures, and use of lap-top computers. Virus Safeguard. Operational Safeguard.

www.ignousolvedassignments.com

LAN security is required due to following reasons: Confidentiality. The system contains information that requires protection from unauthorized disclosure. Integrity. The system contains information that must be protected from unauthorized, unanticipated, or unintentional modification, including the detection of such activities. Examples: systems critical to safety or life support and financial transaction systems. Availability. The system contains information or provides services that must be available on a timely basis to meet mission requirements or to avoid substantial losses For each of the three categories (confidentiality, integrity, and availability), it is necessary to determine if the protection requirement is: High - a critical concern of the organization. Medium - an important concern, but not necessarily paramount in the organization's priorities. Low - some minimal level of security is required, but not to the same degree as the previous two categories. Hardware and Software Requirements: Authenticated login software Protective environment for PC's and equipment Covered Wires etc. 2 ) What is a Apache Tomcat Server? Explain its features and applications Tomcat is an application server from the Apache Software Foundation that executes Java servlets and renders Web pages that include Java Server Page coding. Often referred to as simply Apache, a public-domain open source Web server developed by a loosely-knit group of programmers. The first version of Apache, based on the NCSA httpd Web server, was developed in 1995. Core development of the Apache Web server is performed by a group of about 20 volunteer programmers, called the Apache Group. However, because the source code is freely available, anyone can adapt the server for specific needs, and there is a large public library of Apache addons. In many respects, development of Apache is similar to development of the Linux operating system. The original version of Apache was written for UNIX, but there are now versions that run under OS/2, Windows and other platforms. Features and applications: Apache supports a variety of features, many implemented as compiled modules which extend the core functionality. These can range from server-side programming language support to authentication schemes. 3 ) "An Intranet can be defined as a private network which uses Internet tools." Comment on the above statement and differentiate between an Internet, Intranet and Extranet. An intranet is a private network that is contained within an enterprise. It may consist of many interlinked local area networks and also use leased lines in the wide area network. Typically, an intranet includes connections through one or more gateway computers to the outside Internet. The main purpose of an intranet is to share company information and computing resources among employees. An intranet can also be used to facilitate working in groups and for teleconferences. An intranet uses TCP/IP, HTTP, and other Internet protocols and in general looks like a private version of the Internet. With tunneling, companies can send private messages through the public network, using the public network with special encryption/decryption and other security safeguards to connect one part of their intranet to another.

www.ignousolvedassignments.com

This is a network that is not available to the world outside of the Intranet. If the Intranet
network is connected to the Internet, the Intranet will reside behind a firewall and, if it allows access from the Internet, will be an Extranet. The firewall helps to control access between the Intranet and Internet to permit access to the Intranet only to people who are members of the same company or organisation. An Extranet is actually an Intranet that is partially accessible to authorised outsiders. The actual server (the computer that serves up the web pages) will reside behind a firewall. The firewall helps to control access between the Intranet and Internet permitting access to the Intranet only to people who are suitably authorised The Internet is a global system of interconnected computer networks. It is not controlled by a central entity and therefore relies on network devices and accepted conventions and protocols to relay the data traffic until it gets to its destinations.. 4) What are the different protocols available in Wireless Application Protocol (WAP) Stack? Explain the purpose of each protocol. Architecture of the WAP Protocol Stack The following diagram illustrates the general architecture of the WAP protocol stack: Application Layer (WAE) Session Layer (WSP) Transaction Layer (WTP) Security Layer (WTLS) Transport Layer (WDP) Bearers (GSM, CDMA) The WAP stack consists of the following layers: WAE :WIRELESS APPLICATION ENVIRONMENT The Wireless Application Environment (WAE) defines the following functions: Wireless Markup Language (WML). WML is an XML-based markup language for the visual display of WAP-based contents. Once HTML and WML will converge into XML, many compatibility problems, during conversion from HTML to WML, will cease to exist. WML Script. A script language, very similar to JavaScript. Wireless Telephony Application (WTA, WTAI). Telephony services and Programming interfaces.These are specifications for data formats, including images, telephone directories, calendar information, and so on. WSP WIRELESS SESSION PROTOCOL: The Wireless Session Protocol (WSP) implements an interface for connection-oriented and connectionless session services. The connectionoriented session service operates using the protocol of the transaction layer. However, the connectionless session service uses a secure or non-secure datagram service.

www.ignousolvedassignments.com

WSP offers the following basic functions: - Functions and semantics of HTTP/1.1, using a compact coding scheme - Pausing and resuming sessions - A general facility for reliable and unreliable data push - Negotiation of protocol functions WTP WIRELESS TRANSACTION PROTOCOL: The Wireless Transaction Protocol (WTP) is a transaction-oriented protocol, executed using a datagram service. WTP offers the following functions:Three classes of transaction services (a) Unreliable one-way requests (b) Reliable one-way requests (c) Reliable two-way request/response transactions

5) Suggest an Intranet architecture design for a University with 21 Academic Departments and 7 Administrative Departments, running various programmes. There are around 540 faculty members and 1200 administrative staff. Each individual faculty member has a computer system in his room. Some academic departments have computer labs also with 20 computers each. Also list the applications those can be thought of and also mention the security features to ensure its security. As the University campus is spread over a range more than a kilometer some time. So, I will choose WAN network for above requirements. A wide area network (WAN) is a large telecommunications network that consists of a collection of LANs and other networks. WANs generally span a wide geographical area, and can be used to connect cities, states, or even countries. Although they appear like an up-scaled version of a LAN, WANs are actually structured and operated quite differently. Application in WAN: Remote connection Internal mail and file transfer Application sharing Communication Security Methods: Assignment of LAN Security Officer. The first safeguard in any LAN security program is to assign the security responsibility to a specific, technically knowledgeable person. This person must then take the necessary steps to assure a viable LAN security program. Security Awareness and Training. Technical training is the foundation of security training. These two categories of training are so interrelated that training in security should be a component of each computer systems training class. Proper technical training is considered to be perhaps the single most important safeguard in reducing human errors the mistakes of

www.ignousolvedassignments.com

otherwise well-meaning employees. Personnel Screening. The personnel screening process should also address LAN repair and maintenance activities, as well as janitorial and building repair crews that may have unattended access to LAN facilities. Separation of Duties. People within the organization are the largest category of risk to the LAN. Preventive Maintenance. Hardware failure is an ever present threat, since LAN physical components wear out and break down. Preventive maintenance identifies components nearing the point at which they could fail, allowing for the necessary repair or replacement before operations are affected.

For More Ignou Solved Assignments Please Visit www.ignousolvedassignments.com Connect on Facebook http://www.facebook.com/pages/IgnouSolvedAssignmentscom/346544145433550 Subscribe and Get Solved Assignments Direct to your Inbox http://feedburner.google.com/fb/a/mailverify?uri=ignousolvedassignments_com