;CNSL oral

UNIT 1

Shannon theorem:
It is the Channel capacity of a noisy channel:
C = B * log2(1 + SNR)

Digital modulation
QPSK
A to D:
Sampling rate decided by Nquist theorem:
The sampling frequency fs >= finput
Signal encoding methods (Digital signal to digital data)

SNR Bandwidth tradeoff

A wider bandwidth can allow for faster data transmission, but it also introduces
more noise, potentially lowering the SNR

Baud rate is a measure of how many signal changes occur in a communication

channel per second

To relate the bandwidth ( allowed frequencies on a channel) and convert it to

bitrate we use
a. Nyquist theorem in ideal case

b. Shannon theorem in real world case in noisy channel

Error detection

1. Checksum

1) Add all the n bit blocks

2) If carry add again
3) Checksum = 1’s complement of the sum of all n bit blocks
4) Sender should add all the n bit blocks and the checksum and should get all
1’s

2. CRC
a. Sender side

b. Reciever:
 c.

d.
Flow control methods

a. For Noiseless channels

 Simple stop and wait
b. For noisy channels
c.

d.
Sliding window protocols
1. GO- BACK- N ARQ ( N is the length of sliding window )

2. Selective Repeat Request

Piggybacking:

Framing:
Converting continuous bit stream into chunks called frams
 Network security

Classic encryption techniques

SUBSTITUTION CIPHERs:

1. What is Caesar Cipher?

o The Caesar Cipher is one of the earliest and simplest
encryption techniques used by Julius Caesar.
o It is a type of substitution cipher where each letter in the
plaintext is shifted by a fixed number of positions down the
alphabet.
o For example, with a shift of 3, A becomes D, B becomes E, and so
on.
o It is very easy to break using simple techniques like brute force or
frequency analysis, because there are only 25 possible shifts.

2. What are Monoalphabetic and Polyalphabetic Ciphers?

a) Monoalphabetic Cipher:
o In a monoalphabetic cipher, each letter of the plaintext is
replaced by another letter based on a fixed substitution rule.
o Key Point: The substitution is fixed throughout the entire
message.
o Example: If A → M, B → Q, C → L... the pattern remains the same for
the whole message.
 o It is more secure than Caesar Cipher because there are many
more possible keys (26! = factorial 26 possibilities), making
brute-force attacks harder.
o Weakness: Still vulnerable to frequency analysis because letter
patterns remain consistent.
b) Polyalphabetic Cipher:
o In a polyalphabetic cipher, the substitution changes
throughout the message using multiple cipher alphabets.
o Key Point: A single plaintext letter can be encrypted to different
cipher letters at different positions.
o Example: Vigenère cipher is a famous polyalphabetic cipher,
where a keyword determines the shift for each letter.
o It resists frequency analysis much better because the same
letter can be encrypted differently depending on its position.

3. How are Monoalphabetic and Polyalphabetic Ciphers better than

Caesar Cipher?
o Monoalphabetic ciphers are better because they have many
more possible substitutions, making brute-force attacks much
harder.
o Polyalphabetic ciphers are even better because they break the
pattern of a single substitution, defeating simple frequency
analysis and making attacks much more difficult.

Transposition cipher
Rail fence: Write message in zigzag and then send message in single line

Block and stream ciphers

What are Stream Ciphers and Block Ciphers?

1. Stream Cipher:
o A stream cipher encrypts one bit or one byte of data at a time.

o It works like a continuous stream of encrypted bits flowing

alongside the plaintext.
o Key Point:

 Encryption happens bit-by-bit or byte-by-byte, usually using a

keystream (a random-looking sequence).
o Example: RC4 (a famous stream cipher).

o Advantages:

 Fast and suitable for real-time communication like voice or

video calls.
 2. Block Cipher:
o A block cipher encrypts the entire block of data at once — for
example, 64 bits or 128 bits.
o It divides the plaintext into fixed-size blocks, encrypts each block
separately (sometimes with a relation to the previous block for more
security).
o Key Point:

 Processes large chunks of data instead of one bit at a time.

o Examples: DES, AES.

o Advantages:

 Provides strong security and is widely used for encrypting

files, databases, etc.

Introduction to DES (Data Encryption Standard)

1. What is DES?
o DES stands for Data Encryption Standard.

o It is one of the earliest and most famous block cipher algorithms.

o Developed by IBM and adopted by the US Government in 1977 as a

standard.
2. How DES works:
o It takes 64-bit blocks of plaintext and encrypts them into 64-bit
ciphertext.
o It uses a 56-bit secret key (even though the key input is 64 bits, 8
bits are used for error detection).
o It goes through 16 rounds of complex operations (permutations,
substitutions, XORs).
3. Key Points about DES:
o Block Size: 64 bits.

o Key Size: 56 bits.

o Rounds: 16 rounds of encryption.

o Security: Strong at the time, but today it is considered weak

because modern computers can brute-force the key in a
reasonable time.
4. Replacement:
 o Because of its weakness, DES was replaced by AES (Advanced
Encryption Standard) for higher security.

Summary Table for Quick Recap:

Concept Description Example

Stream
Encrypts bit-by-bit or byte-by-byte RC4
Cipher

Encrypts fixed-size blocks (e.g., 64

Block Cipher DES, AES
bits)

64-bit block cipher with 56-bit key, 16 Used in early encryption

DES
rounds standards
But in the today’s world with the 56 bit (8 bit for error detection) key , it can be
easily cracked . thus the AES (advanced encryption standard) was developed.
HASH FUCNTIONS INTRO

🔐 1. Cipher Algorithms (Symmetric Encryption)

These are the basic encryption tools that convert plain text to ciphertext.
✅ Examples: AES, DES
 Symmetric: Same key is used for both encryption and decryption.
 Fast and used for data encryption (e.g., files, messages).
📦 Example:
plaintext
CopyEdit
Plaintext → (AES + Key) → Ciphertext
Ciphertext → (AES + Key) → Plaintext
🧠 Problem: How do I share the key securely over the internet?

🔐 2. RSA (Asymmetric Encryption)

RSA solves the key-sharing problem.
✅ Key features:
 Two keys: Public and Private
o Anyone can encrypt using your public key.

o Only you can decrypt it with your private key.

📦 Example:
plaintext
CopyEdit
Message → (RSA + Public Key) → Ciphertext
Ciphertext → (RSA + Private Key) → Message
🧠 Used in:
 Secure key exchange,
 Digital signatures.
But RSA is slow → we don’t use it to encrypt large files.

🔐 3. Diffie-Hellman Key Exchange

Another way to securely agree on a shared key over a public channel.
✅ What it does:
  Allows two people to generate the same secret key independently,
o without sending the key directly!

📦 Use-case:
 Used to establish a symmetric key between two parties.
 That key is then used for AES (fast encryption).

🚨 So far, we have:
 Ciphers to encrypt data (AES),
 RSA/DH to exchange keys securely.
But we have new problems:
 How to verify integrity?
 How to store passwords securely?
 How to detect tampering?
 How to sign documents?
That's where...

🔑 4. Cryptographic Hash Functions

✅ What is a Hash Function?
 A function that takes input (any length) and gives a fixed-length hash.
 One-way: You cannot reverse the hash to get the original input.
 Deterministic: Same input always gives same hash.
 Collision-resistant: Two different inputs won’t produce same hash.
📦 Example (SHA-256):
plaintext
CopyEdit
"Hello" → SHA-256 → 2cf24dba5fb0a...
"hello" → SHA-256 → 5d41402abc4b2...

🔒 Why do we need hash functions?

✅ a. Password Storage:
 We store hashes of passwords, not the actual passwords.
 Even if database leaks, original passwords stay hidden.
✅ b. Integrity Check:
 To detect if data was tampered with (like file downloads).
 We hash the file → send hash with it → user rehashes and compares.
✅ c. Digital Signatures:
 Instead of signing large data, we sign the hash of the message using
RSA.
 This makes signing fast and secure.
✅ d. Blockchain / Git / SSL:
 Blockchains use hash functions to link blocks and detect tampering.
 Git uses SHA-1 to identify commits.
 SSL/TLS uses hashing during key exchange and integrity checks.

🧠 Summary Table:

Purpose Tool Used Why it’s needed

Encrypt data AES (symmetric) Fast encryption

RSA / Diffie- Avoids sending secret key over

Share key securely
Hellman network

Verify data integrity Hash functions Detect tampering

Store passwords
Hash functions One-way, irreversible
safely

Sign small hash instead of big

Sign documents RSA + Hash
message

Would you like a mind map or visual flowchart to connect all these concepts?
4o
You said:
ok understood, go smoothly from all the ways message authentication can be
done, then to keyed hash function and them mac and then digital signatures.
ChatGPT said:
Great! Let’s now walk smoothly and clearly through all the major ways to do
message authentication, and understand why each method exists, what its
limitations are, and how it evolved from simple checks to MACs and digital
signatures.
🔒 1. What is Message Authentication?
It means making sure a message was:
 Not tampered with
 Actually sent by the claimed sender
So it gives integrity and authenticity.

✅ 2. Basic Methods for Message Authentication

Let’s go in order of how techniques evolved:

🔹 A. Checksum / CRC (Cyclic Redundancy Check)

 Just calculates a value based on the content of the message.
 Detects errors, like bit flips.
✅ Good for:
 Detecting accidental corruption
❌ Bad for:
 Security. Anyone can recalculate a checksum.
➡️No protection against attackers.

🔹 B. Hash Function Only (e.g., SHA-256)

plaintext
CopyEdit
Message → SHA-256 → Digest
 The sender sends both: the message + hash(message)
✅ Detects any change in message
❌ But again: anyone can compute the hash. ➡️No authenticity (you don’t know
who sent it).

🔹 C. Keyed Hash Function – Add a secret!

To fix the above issue, we use a secret key to compute the hash.
plaintext
CopyEdit
H(secret key + message) → Digest
Now only people with the key can generate/verify this hash.
This is the basic idea behind:

3. MAC – Message Authentication Code

A MAC is a message + tag, where the tag is:
plaintext
CopyEdit
MAC = H(secret key + message)
✅ Used for:
 Verifying integrity
 Ensuring sender knows the secret key
✅ Common MAC Algorithms:
 HMAC (Hash-based MAC): uses SHA-256 or SHA-512
 CMAC: based on AES
📦 MAC in real life:
 Used in HTTPS, TLS, SSH, JWT, APIs, etc.
❌ Limitation:
 Both sender and receiver must share the same secret key
 Doesn't support non-repudiation (sender can deny sending it)

4. Digital Signatures
Fixes the MAC limitations. Especially useful when sender and receiver don’t
share a secret.
✅ Idea:
Use asymmetric cryptography (RSA, ECDSA) to sign a hash of the
message.
📦 Steps:
1. Sender computes:
plaintext
CopyEdit
Hash = SHA-256(message)
Signature = Encrypt(Hash, Sender’s Private Key)
2. Receiver verifies:
plaintext
CopyEdit
Decrypt(Signature, Sender’s Public Key) → Compare to own SHA-256(message)
✅ Benefits:
 No shared key needed
 Ensures:
o Integrity (no changes)

o Authenticity (only sender can sign)

o Non-repudiation (sender can’t deny)

Used in:
 SSL/TLS
 Software updates
 E-passports
 Blockchain transactions

🔁 Summary Flow:

Prevents Verifies Can Deny

Method Uses Key?
Tampering? Sender? Sending?

Checksum / CRC ❌ ❌ (weak) ❌ ✅

Hash Function Only ❌ ✅ ❌ ✅

Keyed Hash (HMAC,

✅ (shared) ✅ ✅ ✅
CMAC)

✅
Digital Signature ✅ ✅ ❌
(public/private)

🧠 Final Words:
 Use MAC when both sides share a secret key.
 Use digital signatures when you need strong identity verification or
non-repudiation.

📘 What is the PKIX Model?

🔹 PKIX stands for Public Key Infrastructure X.509
🔹 It’s the most widely used model for building and verifying digital certificates on
the Internet.
✳️Key Components of the PKIX Model:
1. End Entities
o Users, websites, or devices that use certificates.

o Example: A website like example.com or a user sending a secure

email.
2. Certificate Authority (CA)
o Trusted organization that issues digital certificates.

o Example: DigiCert, Let's Encrypt.

3. Registration Authority (RA)

o Verifies the identity of end users before certificate issuance.

o Acts like a middleman between user and CA.

4. Certificate Repository
o Stores issued certificates and Certificate Revocation Lists (CRLs).

o Can be accessed by browsers or other apps to validate certificates.

5. PKIX Standards
o Based on X.509 certificate format.

o Uses ASN.1 structure and supports fields like:

 Subject name
 Public key
 Issuer
 Validity period
 Digital signature
Malware
Malware, short for malicious software, refers to any intrusive software developed
by cybercriminals (often called hackers) to steal data and damage or destroy
computers and computer systems. Examples of common malware include
viruses, worms, Trojan viruses, spyware, adware, and ransomware.

What are the Types of Malwares?

Type What It Does Real-World
Example

Spyware Collects user activity data without their knowledge DarkHotel

Adware Serves unwanted advertisements Fireball

Trojans Disguises itself as desirable code Emotet

Worms Spreads through a network by replicating itself Stuxnet

Vulnerability
In cybersecurity, a vulnerability is a weakness or flaw in a
system, network, or process that can be exploited by a
threat to compromise its security. These weaknesses can exist
in hardware, software, or even human behavior, making them
points where attackers can gain unauthorized access or cause
harm

Threat
In cybersecurity, a threat refers to anything that could
exploit a vulnerability and negatively impact the
confidentiality, integrity, or availability of systems, data, or
people

DoS vs DDoS
1. Definition
 DoS Attack: A cyber-attack where a single source tries
to make a machine or network resource unavailable by
overwhelming it with requests.
 DDoS Attack: A more sophisticated form of DoS, where
the attack is launched from multiple compromised
devices (often part of a botnet), simultaneously targeting
the victim.

2. Source of Attack
 DoS: Originates from one computer or internet
connection.
 DDoS: Originates from many computers or networks,
often spread across the globe.

3. Complexity
 DoS: Generally less complex and easier to detect and
mitigate.
 DDoS: More complex, harder to trace and defend
against because the traffic comes from many sources.
4. Volume of Traffic
 DoS: Limited traffic volume since it comes from a single
source.
 DDoS: High traffic volume due to simultaneous requests
from many sources.

5. Detection
 DoS: Easier to detect and block by IP or pattern.
 DDoS: Harder to detect because malicious traffic is mixed
with legitimate traffic from different IPs.

6. Attack Tools
 DoS: Tools like LOIC (Low Orbit Ion Cannon).
 DDoS: Uses botnets (e.g., Mirai), which are networks of
infected devices controlled remotely.

7. Damage Potential
 DoS: Can cause temporary disruption, but typically
easier to recover from.
 DDoS: Can lead to major outages, financial loss, and
reputational damage due to sustained and large-scale
attacks.

8. Example
 DoS: One attacker sends thousands of ping requests to a
server.
 DDoS: Thousands of infected IoT devices (botnet) flood an
e-commerce site during a sale.

9. Mitigation
 DoS: Can be blocked using rate-limiting or IP filtering.
  DDoS: Requires advanced mitigation strategies like
traffic analysis, load balancing, and DDoS protection
services (Cloudflare, AWS Shield).

CIA Triad
1. Confidentiality
Goal: Prevent unauthorized access to sensitive information.
How to implement:
 🔐 Encryption: Encrypt data at rest and in transit using
standards like AES or TLS.
 👤 Access Control: Use role-based access control (RBAC),
least privilege principles, and multi-factor authentication
(MFA).
 Data Classification: Label and protect data based on its
sensitivity (e.g., public, internal, confidential).
 📚 Training: Educate users on phishing, password hygiene,
and social engineering.

2. Integrity
Goal: Ensure data is accurate, consistent, and not tampered
with.
How to implement:
 ✅ Hashing: Use cryptographic hash functions (like SHA-
256) to verify that data has not been altered.
 🔄 Checksums & Digital Signatures: Detect tampering
in files, messages, or software.
 📝 Audit Logs: Record who made changes and when (with
time stamps).
 🔁 Version Control: For code and documents, systems like
Git help maintain history and detect unauthorized
changes.
3. Availability
Goal: Ensure that systems and data are accessible when
needed.
How to implement:
 🌐 Redundancy: Use failover systems, backup servers,
and load balancing.
 📅 Regular Backups: Keep updated, secure backups in
multiple locations.
 🔧 Patch Management: Apply security patches to avoid
exploits that could cause downtime.
 🚫 DDoS Protection: Use tools like firewalls, rate limiting,
and CDN protection (e.g., Cloudflare) to defend against
denial-of-service attacks.
SOCKET

Certainly! Here's a pointwise list of all the questions and their

answers:

1. What is a socket in the context of computer

networks?
 A socket is an endpoint for communication between two
machines over a network, typically using TCP or UDP
protocols. It operates at the transport layer.

2. Which system call is used to create a socket in C?

 The socket() system call creates a socket and returns a
socket descriptor.

3. What are the three main arguments passed to the

socket() function?
 Address family (e.g., AF_INET for IPv4)
 Socket type (e.g., SOCK_STREAM for TCP, SOCK_DGRAM
for UDP)
 Protocol (usually 0 for the default protocol associated
with the socket type)

4. What does the bind() function do in a UDP server, and

is it mandatory?
 bind() associates a socket with a specific IP address and
port.
 In UDP, binding is not mandatory if you use sendto() for
specifying the destination address, but it’s often used for
the server's listening port.
5. What is the purpose of the listen() function in socket
programming?
 listen() prepares a socket to accept incoming connections
and marks it as passive. It takes a backlog argument to
specify the maximum number of pending connections.

6. What does the accept() function do in a TCP server?

 accept() accepts the first pending connection from the
queue created by listen(), creates a new socket for
communication with that specific client, and returns its
socket descriptor.

7. What is the difference between blocking and non-

blocking sockets?
 Blocking sockets: Operations like recv() and getsend()
block until data is received or sent.
 Non-blocking sockets: Operations return immediately,
even if data isn’t available, requiring additional checks or
multiplexing (e.g., select()).

8. What is the role of setsockopt() and getsockopt()?

 setsockopt() configures socket options (e.g., buffer size,
timeout, etc.).
 getsockopt() retrieves the current settings of socket
options.

9. What is a socket descriptor?

 A socket descriptor is an integer returned by the socket()
function, used to identify and interact with a specific
socket.
10. How does the recvfrom() function differ from recv()
in terms of parameters?
 recv() is used with connected sockets (TCP) and takes only
a buffer and buffer size.
 recvfrom() is used with connectionless sockets (UDP) and
additionally takes the source address to indicate where
the data came from.

11. What is the significance of using inet_pton() and

inet_ntop() in socket programming?
 inet_pton() converts an IP address from presentation
format (human-readable) to network format (binary).
 inet_ntop() converts an IP address from network format
back to presentation format.

12. What is the purpose of close() in socket

programming?
 close() is used to close a socket, terminating the
connection and releasing the associated resources.

13. How does a UDP socket differ from a TCP socket in

terms of connection?
 UDP: Connectionless and does not guarantee delivery,
order, or error checking.
 TCP: Connection-oriented and provides reliable
communication with delivery guarantees, error checking,
and ordering.

14. What happens if you try to send data to a closed

socket?
 It will return an error like ECONNRESET (for TCP) or EPIPE
(for closed sockets), indicating the socket is no longer
open for communication.
15. What is the role of listen() in a TCP server?
 It marks a socket as passive, preparing it to accept
incoming connection requests. It also specifies the
backlog for pending connections.

16. What does the accept() function return in a TCP

server?
 It returns a new socket descriptor for the accepted
connection, which can be used for communication with the
client.

17. What does the connect() function do in a TCP client?

 It establishes a connection to a specified server IP address
and port.

18. Which system call does a TCP client use to initiate a

connection to a server?
 connect() is used by a TCP client to establish a connection
to the server.

19. What is the difference between SOCK_STREAM and

SOCK_DGRAM?
 SOCK_STREAM is used for TCP, providing reliable,
connection-oriented communication.
 SOCK_DGRAM is used for UDP, providing connectionless,
unreliable communication.

20. What happens if you try to send data to a closed

socket?
  You will receive an error like ECONNRESET (TCP) or EPIPE
(closed socket), indicating that the socket is no longer
available for communication.

21. What is the difference between IPv4 and IPv6

sockets?
 IPv4 sockets use AF_INET as the address family, while IPv6
sockets use AF_INET6. IPv6 sockets support a larger
address space and require a different address format.

22. What is the purpose of select() in socket

programming?
 select() is used to monitor multiple sockets (or file
descriptors) for readiness to read, write, or handle errors,
enabling multiplexing of multiple I/O operations.

23. What is a raw socket?

 A raw socket allows direct access to lower-layer protocols
like IP. It is used for tasks like network sniffing or crafting
custom packets.

24. What security concerns exist in socket

programming?
 Security concerns include data interception, man-in-
the-middle attacks, and denial-of-service (DoS)
attacks. Using encryption (e.g., SSL/TLS) and
authentication is essential for secure communication.

25. How do you detect and handle socket errors?

 Errors can be detected by checking the return values of
system calls like recv(), send(), connect(), and bind(). If an
error occurs, the function typically returns -1 and sets
 errno. You can use perror() or strerror() to get a description
of the error.

26. What is the role of threading in socket

programming?
 Threading is used to handle multiple clients
simultaneously in a server. Each client can be handled in a
separate thread, ensuring that the server is responsive to
multiple incoming requests.

27. What are the benefits of using asynchronous

sockets?
 Asynchronous sockets allow non-blocking I/O operations.
They enable handling multiple connections or requests
without the need to block on any single one, improving the
efficiency of applications with high I/O operations.

28. How do you implement secure socket

communication?
 Secure communication is implemented using SSL/TLS
over TCP sockets. The SSL library or OpenSSL can be
used to encrypt data transmitted between the client and
server.

29. What are common debugging techniques in socket

programming?
 Common debugging techniques include:
o Using strerror() or perror() to print error messages.
o Monitoring network traffic with tools like Wireshark.
o Checking return codes and using select() to handle
non-blocking sockets.

30. What is the role of socket buffers?

  Socket buffers are used to hold data temporarily while
being transmitted over the network. They help manage
the flow of data, especially when the sending or receiving
process is slower than the network transmission.

1. What is server administration?

 Answer: Server administration is the process of managing
and maintaining a server's operation, ensuring its
availability, reliability, and proper configuration for smooth
performance.

2. What are common server administration commands?

 Answer: Some common server administration commands
include:
o cd: Change directory.
o ls: List directory contents.
o top: Show system resource usage.
o ps: Display running processes.
o systemctl: Manage system services.
o netstat: View network connections.
o df: Check disk space.

3. What is an FTP server, and how does it work?

  Answer: An FTP server is a server that stores files and
allows clients to transfer files over the File Transfer
Protocol (FTP). It works by using two ports: port 21 for
control and port 20 for data transfer.

4. What are the advantages of using FTP over HTTP for

file transfers?
 Answer: FTP is optimized for file transfers with its two-
port configuration and persistent connection, while HTTP
requires repeated requests. FTP is more efficient for
transferring large files.

5. How do you configure an FTP server?

 Answer: Configure an FTP server by installing the FTP
server software (e.g., vsftpd), configuring the settings in
the configuration file (e.g., /etc/vsftpd.conf), and ensuring
correct firewall settings.

6. What are the different FTP modes?

 Answer: There are two FTP modes:
o Active Mode: The server opens a connection back to
the client for data transfer.
o Passive Mode: The client connects to the server for
data transfer, which is useful when the client is
behind a firewall.

7. What security risks exist with FTP?

 Answer: FTP lacks encryption, making it vulnerable to
Man-in-the-Middle (MITM) attacks, packet sniffing,
and data interception. FTP can expose sensitive data
like passwords.

8. What is an SFTP server?

  Answer: An SFTP (Secure File Transfer Protocol) server
uses SSH (Secure Shell) for secure file transfer, ensuring
encryption of data and command transmission, making it
safer than FTP.

9. How do you configure a web server?

 Answer: A web server can be configured by installing web
server software (e.g., Apache, Nginx), editing
configuration files (e.g., /etc/nginx/nginx.conf or
/etc/apache2/httpd.conf), and ensuring proper directory
structure and permissions.

10. What is the difference between Apache and Nginx?

 Answer: Apache is a process-based web server, suitable
for dynamic content, while Nginx is an event-driven,
lightweight web server known for handling high traffic and
static content efficiently.

11. What is the function of a web server?

 Answer: A web server handles incoming HTTP requests,
serves HTML pages, processes web application logic, and
manages interactions between clients (browsers) and the
server-side resources.

12. How does a DNS server relate to web hosting?

 Answer: A DNS (Domain Name System) server translates
domain names (e.g., www.example.com) into IP addresses,
allowing clients to find and access web hosting servers by
name.

13. What is virtual hosting in web servers?

  Answer: Virtual hosting allows a single web server to host
multiple websites by using different domain names or IP
addresses. This enables efficient use of resources.

14. What is a reverse proxy?

 Answer: A reverse proxy is a server that sits in front of
multiple backend servers, routing incoming client requests
to the appropriate server. It also helps with load balancing,
security, and caching.

15. What are the advantages of HTTPS over HTTP?

 Answer: HTTPS uses SSL/TLS encryption to secure data
between the client and server, providing confidentiality,
data integrity, and authentication, whereas HTTP sends
unencrypted data, making it vulnerable to interception.

16. What is the role of SSL/TLS in web servers?

 Answer: SSL/TLS protocols encrypt communication
between the web server and the client, ensuring the
security, integrity, and authenticity of the data transferred
over the internet.

17. What are common server security best practices?

 Answer: Common best practices include:
o Use SSL/TLS for encrypted connections.
o Regularly update software to patch vulnerabilities.
o Implement firewalls and access control policies.
o Use multi-factor authentication.
o Regularly audit and monitor server activity.

18. What is load balancing, and why is it important?

  Answer: Load balancing is the distribution of incoming
network traffic across multiple servers to ensure no single
server is overwhelmed, improving availability, reliability,
and performance.

19. How do you monitor server performance?

 Answer: Server performance can be monitored using
tools like top, htop, netstat, sysstat, and Nagios to
track CPU usage, memory, disk I/O, and network
performance.

20. What is a firewall, and how does it protect a server?

 Answer: A firewall is a security device (software or
hardware) that filters incoming and outgoing traffic based
on predefined rules, protecting the server from
unauthorized access and attacks.

21. What is the difference between a dedicated and

shared server?
 Answer: A dedicated server is a server used exclusively
by a single client, offering full control over resources, while
a shared server hosts multiple clients, sharing server
resources and requiring isolation.

22. How do you handle server crashes?

 Answer: Handle server crashes by inspecting system
logs, checking firewall logs, ensuring the system
software is up to date, and performing hardware
checks (e.g., CPU, RAM).

23. What is logging in server administration?

 Answer: Logging is the process of recording and storing
information about events and activities occurring on the
 server. Logs are essential for troubleshooting, performance
monitoring, and security auditing.

24. What are system services in Linux?

 Answer: System services in Linux are background
processes that provide system functionality (e.g., Nginx,
MySQL). These services can be managed and configured
using tools like systemctl.

25. What is a cron job, and how is it used in servers?

 Answer: A cron job is a scheduled task in Linux that
automates repetitive tasks (e.g., backups, log cleanup) at
specified intervals using the cron daemon.

26. How do you restart a service in Linux?

 Answer: To restart a service in Linux, use the command:
bash
CopyEdit
sudo systemctl restart <service-name>
Example:
bash
CopyEdit
sudo systemctl restart nginx

27. How do you check open ports on a server?

 Answer: To check open ports on a server, use:
bash
CopyEdit
sudo netstat -tuln
Or:
bash
CopyEdit
sudo ss -tuln

28. What is the role of the .htaccess file in web servers?

 Answer: The .htaccess file is used by Apache web servers
to configure directory-level settings such as redirects, URL
rewriting, access control, and error handling.

29. How do you troubleshoot server connectivity issues?

 Answer: Troubleshoot by checking:
o System logs for errors.
o Firewall settings to ensure proper ports are open.
o Whether the server is online.
o Router and physical connections.
o Client-side internet connection.
o Server routing and network configurations.

30. What tools are used for server security auditing?

 Answer: Tools for security auditing include:
o Nessus (vulnerability scanner).
o OpenVAS (open-source vulnerability scanner).
o Lynis (system hardening and security auditing).
o Nmap (network scanner).
o Chrootkit (rootkit detector).
o Fail2ban (prevents brute-force attacks).
o Auditd (Linux auditing tool).