Name: Trimardi Aditya Nandian Saputra

Class: LH01

NIM / StudentID: 2440075933

1. a).

Routing Table R1
Destination Next hop Interface
192.168.5.0/24 192.168.5.6/30 S0/0/0
192.168.2.0/24 192.168.5.6/30 S0/0/0
192.168.3.0/24 192.168.5.2/30 S0/1/0

Routing Table R2
Destination Next hop Interface
192.168.5.0/24 192.168.5.10/30 S0/0/1
192.168.1.0/24 192.168.5.5/30 S0/0/0
192.168.3.0/24 192.168.5.10/30 S0/0/1
192.168.4.0/24 192.168.5.14/30 S0/1/0

Routing Table R3
Destination Next hop Interface
192.168.4.0/24 192.168.5.17/30 S0/1/0
192.168.5.0/24 192.168.5.9/30 S0/0/1
192.168.1.0/24 192.168.5.1/30 S0/0/0
192.168.2.0/24 192.168.5.9/30 S0/0/1
192.168.4.0/24 192.168.5.17/30 S0/1/0

Routing Table R4
Destination Next hop Interface
192.168.5.0/24 192.168.5.18/30 S0/1/0
192.168.2.0/24 192.168.5.13/30 S0/1/0
192.168.3.0/24 192.168.5.18/30 S0/1/0
192.168.1.0/24 192.168.5.1/30 S0/0/0

b). PC4 - R4 - R1 – PC1

Because in the provisions of the routing table the path used is the path with the smallest hops. First, PC4
will reply to PC1 by sending a packet to router 4. Then, router 4 will continue to send the packet to the
destination address with the help of router 1. Next, router 1 will send packets according to the
destination address, namely PC1.
c). the packet will be directed to the default route. If the routing table does not contain an entry for the
destination address, the router drops the incoming packet. A default route gives a route to a router to
forward all incoming packets whose destination network addresses are not available in the routing
table.

d). Yes, PC4 can still send ICMP to PC 1 because the ICMP sending route from PC4 to PC1 is not
connected to R2 and R3 so that when the media/cable on R2-R3 is disconnected, it has no effect on
ICMP transmission. The route used for sending ICMP from PC4 to PC1 is PC4 - R4 - R1 - PC1

e). The default route is a route that a router uses to forward an incoming packet when no other route is
available for that packet in the routing table. Routers use the routing table to make the forwarding
decision. A routing table entry consists of two pieces: the remote network and the local interface that is
connected to that network. A default route contains all zero in the IP address. In IPv4, There are two
versions of IP protocol, IPv4 and IPv6. In both versions, the address of the default route is the following.

IPv4 default route: - 0.0.0.0 0.0.0.0

IPv6 default route: - : :/0

When a packet arrives on an interface of a router, the router reads the destination network address of
the incoming packet and finds that network address in the routing table. If the routing table contains an
entry for the destination network, the router forwards the incoming packet from the interface that is
written next to the destination network in the entry.

If the routing table does not contain an entry for the destination address, the router drops the incoming
packet. This is the point where the concept of default route fits. A default route gives a route to a router
to forward all incoming packets whose destination network addresses are not available in the routing
table.

2. a).

- Type

TCP is a connection-oriented protocol. Connection-orientation means that the communicating devices

should establish a connection before transmitting data and should close the connection after
transmitting the data. UDP is the Datagram-oriented protocol. This is because there is no overhead for
opening a connection, maintaining a connection, and terminating a connection. UDP is efficient for
broadcast and multicast types of network transmission.

- Speed

Since UDP doesn’t have many requirements, it offers a faster connection. TCP, on the other hand, is
slower but more reliable. If you need speed more than reliability, you should use UDP instead of TCP.

-Weight

Since TCP has more details (sequence of the packet, error detection, acknowledgement field etc.), the
header of TCP packets is larger than that of UDP packets. This makes each packet heavy. This is why TCP
connections are slower than UDP connections.

- Handshaking Techniques
TCP uses handshakes such as SYN, ACK, SYN-ACK while UDP is a connectionless protocol i.e. No
handshake

- Error Checking

TCP has error detection and correction methods. When a packet is found to be corrupted, TCP doesn’t
send an acknowledgement for it. This prompts the sender to resend the packet. This way, the complete
message is delivered without errors. In UDP, there is error detection via checksum but there is no error
correction. If a given packet is found to be erroneous, it is simply discarded.

- Acknowledgement

TCP has acknowledgment segments, but UDP does not have any acknowledgment segment. When TCP
packets are received by the recipient, it sends back an acknowledgement to the sender. If the sender
doesn’t receive the acknowledgement, it will assume that the packets were not delivered or were
delivered corrupted. It will then proceed to resend the packets.On the other hand, UDP doesn’t send an
acknowledgement so the sender will not know if the packets were received or not.

b). Domain Name System

It is a service used for mapping domain names to their corresponding IP address. It is used by the
application layer. It can also be looked at as a distributed Database that has a hierarchical name Server.
DNS uses UDP for fetching the corresponding IP address due to the following reasons:

a) UDP is much faster than TCP. After all, speed matters a lot when loading a webpage

b) DNS requests are typically small requests and can be accommodated inside UDP segments(Header).

c) Even though UDP is unreliable, it can be achieved in the application layer too

DNS primarily uses the User Datagram Protocol (UDP) on port number 53 to serve requests. DNS queries
consist of a single UDP request from the client followed by a single UDP reply from the server. When the
length of the answer exceeds 512 bytes and both client and server support EDNS, larger UDP packets are
used.

c). HyperText Transfer Protocol (HTTP)

It is used to access the data present on the World Wide Web. It uses TCP protocol for accessing the web
pages present on the internet due to the fact that TCP provides inorder data, error control and flow
control, and retransmission of data segments.

HTTP doesn't require the underlying transport protocol to be connection-based; it only requires it to be
reliable, or not lose messages (at minimum, presenting an error in such cases). Among the two most
common transport protocols on the Internet, TCP is reliable and UDP isn't. HTTP therefore relies on the
TCP standard, which is connection-based.
Before a client and server can exchange an HTTP request/response pair, they must establish a TCP
connection, a process which requires several round-trips. The default behavior of HTTP/1.0 is to open a
separate TCP connection for each HTTP request/response pair. This is less efficient than sharing a single
TCP connection when multiple requests are sent in close succession.

3. a).

Customer Responsibility determines the amount of configuration work the customer must
perform as part of their security responsibilities. For example, such as Amazon S3 and Amazon
DynamoDB. Customers are responsible for managing their data (including encryption options),
classifying their assets, and using IAM tools to apply the appropriate permissions.
Cloud Responsibility is responsible for protecting the infrastructure that runs all of the services
offered in the Cloud. This infrastructure is composed of the hardware, software, networking, and
facilities that run Cloud services. For example, Amazon S3 and Amazon DynamoDB, AWS
operates the infrastructure layer, the operating system, and platforms, and customers access the
endpoints to store and retrieve data. 

Below are examples of controls that are managed by AWS, AWS Customers and/or both.

- Inherited Controls – Controls which a customer fully inherits from AWS.

- Physical and Environmental controls
 Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but
in completely separate contexts or perspectives. In a shared control, AWS provides the
requirements for the infrastructure and the customer must provide their own control
implementation within their use of AWS services. Examples include:
- Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure,
but customers are responsible for patching their guest OS and applications.
- Configuration Management – AWS maintains the configuration of its infrastructure devices, but
a customer is responsible for configuring their own guest operating systems, databases, and
applications.
- Awareness & Training - AWS trains AWS employees, but a customer must train their own
employees.
- Customer Specific – Controls which are solely the responsibility of the customer based on the
application they are deploying within AWS services. Examples include:
Service and Communications Protection or Zone Security which may require a customer to route
or zone data within specific security environments.

b). The shared responsibility model is a method for determining which roles cloud service providers and
cloud service customers play in cloud security. In general, the shared responsibility model outlines that
providers are responsible for the security of the cloud, and customers are responsible for security in the
cloud. Cloud service providers and customers must work together to meet cloud security objectives.
Here are Responsibility for Security 'In' Cloud and 'of' Cloud if we use EC2

AWS responsibility “Security of the Cloud”

AWS responsibility “Security of the Cloud” - AWS is responsible for protecting the
infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is
composed of the hardware, software, networking, and facilities that run AWS Cloud services.
Customer responsibility “Security in the Cloud”
Customer responsibility determines the amount of configuration work the customer must
perform as part of their security responsibilities. For example, a service such as Amazon Elastic
Compute Cloud (Amazon EC2) is categorized as Infrastructure as a Service (IaaS) and, as such,
requires the customer to perform all of the necessary security configuration and management
tasks. Customers that deploy an Amazon EC2 instance are responsible for management of the
guest operating system (including updates and security patches), any application software or
utilities installed by the customer on the instances, and the configuration of the AWS-provided
firewall (called a security group) on each instance. Not only that, but also controlling network
access to your instances, for example, through configuring your VPC and security groups,
managing the credentials used to connect to your instances, managing the guest operating system
and software deployed to the guest operating system, including updates and security patches, and
configuring the IAM roles that are attached to the instance and the permissions associated with
those roles.