Web Security: Computer Networks Class Notes

Updated: Aug 18

Mobiprep has created last-minute notes for all topics of Computer networks to help you with the revision of concepts for your university examinations. So let’s get started with the lecture notes on Computer networks.

  1. Computer Networks - Basics

  2. Network Devices

  3. Network Models

  4. Physical Layer

  5. Network Layer

  6. Transport Layer and Congestion control

  7. Application Layer

  8. Web Security

  9. Email and IP Security

Our team has curated a list of the most important questions asked in universities such as DU, DTU, VIT, SRM, IP, Pune University, Manipal University, and many more. The questions are created from the previous year's question papers of colleges and universities.

  1. explain various aspects of network safety?

  2. what is the difference between symmetric and asymmetric encryption?

  3. explain the mechanism of public and private key in terms of symmetric and asymmetric cyptography?

  4. how does a digital signature works?

  5. elaborate different security features provided by different layers of network architecture?

  6. what role does firewall plays in web security? explain in details.


Web Security


Question 1) Explain various aspects of network safety?

Answer) The following are the various aspects of network security:

a. Access control

Access control involves the prevention of unauthorized users from accessing the network. It allows only the authorized users to use the network resources.

b. Authentication

Authentication is used to verify the identity of a person. Authentication of the network users is usually done using Login usernames and passwords.


c. Data integrity

Data integrity refers to the correctness or accuracy of data. In also involves protection of network resources from unauthorized access of data. It ensures the safety of data.


d. Data confidentiality

Data confidentiality enables only the permitted users to access the network data. The data is not accessible by unauthorized users.


 

Question 2) What is the difference between symmetric and asymmetric encryption?

Answer)

Symmetric encryption

Asymmetric encryption

In symmetric encryption, only one key is used

In asymmetric encryption, two keys are used (public key and private key)

Both encryption and decryption is done using the same key.

Encryption is done using the public key and decryption is done using private key or vice versa.

The key is known only to the sender and receiver.

The public key is known to all. The private is key is known only to the sender and receiver.

It is less complex

It is more complex.

Execution speed is fast.

Execution speed is slow.

Example:

DES, AES, RC4 etc.


Example:

RSA, Diffie-Hellman algorithm etc.



 

Question 3) Explain the mechanism of public and private key in terms of symmetric and asymmetric cryptography?

Answer) Public Key

The public key is the key that is disseminated to the public. It is used in asymmetric cryptography to encrypt the messages (at the sender). In asymmetric cryptography, only one private key is used. Here, Public key is not used.

Public key is slower than the private key. Public key is asymmetric as it cannot be used to encrypt and decrypt the messages. If public key is used for encryption, a private key should be used for decryption.


Private Key

The private key is kept as a secret. Only the sender and the receiver know the private key. It is much faster than the public key. It is used in symmetric cryptography for both encryption and decryption. It is used in asymmetric cryptography along with the public key. The private key is used for decryption at the receiver in asymmetric cryptography.



 

Question 4) How does a digital signature works?

Answer) The digital signature technique is used to ensure authenticity and integrity of the document or data. The working of digital signature technique is depicted using a flow diagram:


working of digital signature in computer networks class notes
Working of Digital Signature

The digital signature technique uses a mathematical algorithm which generates two keys (a private key and a public key). When a user signs a document digitally, a cryptographic hash is generated for the document. The cryptographic hash is encrypted using the private key. The encrypted cryptographic hash and the public key are sent along with the document to the receiver.

The receiver decrypts the encrypted hash with the public key certificate and generates a cryptographic hash again. Both the sender’s and receiver’s hashes are compared. If there is a match between the hashes, the receiver will be able to access the document. Else, the user is not allowed to access or view the document.


 

Question 5) Elaborate different security features provided by different layers of network architecture?

Answer) APPLICATION LAYER

The application layer is responsible for authentication. It provides authentication by using Usernames and login passwords.


PRESENTATION LAYER

The presentation layer is responsible for data encryption. This layer scrambles the data, so that an unauthorized user cannot interpret the data easily.


SESSION LAYER

TRANSPORT LAYER

The transport layer is responsible for providing firewall security. It permits only the relevant data to enter the network. It blocks the malicious data packets.


NETWORK LAYER

The network layer is responsible for router security.


DATA LINK LAYER

The data link layer provides switch security. The data link layer protect the network from MAC flooding, ARP spoofing and spanning tree attack.


PHYSICAL LAYER

The physical layer provides access control. It allows only authorized users to access the network.


security features provided by different layers in computer network class notes
Security features provided by different layers

 

Question 6) What role does firewall plays in web security? explain in details.

Answer) A firewall is a network security device. It is used to monitor the outgoing and incoming network traffic. It acts as a line of defense in the network. A firewall can be in the form of software, hardware or both.

A firewall inspects all the incoming and outgoing data packets, and determines which data packets must be allowed to enter the network. It blocks the malicious and other harmful data traffic from entering the network. In other words, the firewall filters the network traffic.


Firewall in Web Security in computer networks class notes
Firewall in Web Security





5 views0 comments