# CN (Computer Networks) Endterm Study Plan (Recency-Weighted)

## Exam Overview

The CN endterm is a **2-hour closed-book written exam**, worth 100% of the grade. It contains **20 questions** (5 multiple-choice + 15 open questions), worth **20 points total**. You need **58%** (11.6/20) to pass. No programming is required. All open answers must include explanations and calculations for full credit. Only a basic (non-graphical) calculator is allowed.

---

## Tier 1: 6+ recent appearances (2022-2025) — study these first

| # | Topic | Recent Appearances | Pattern | Lectures | Done |
|---|-------|-------------------|---------|----------|------|
| 1 | Cyclic Redundancy Check (CRC) computation & verification | End25 Q10, Resit25 Q18, End24 Q18, Resit24 Q19, End23 Q11, Resit23 Q19, End22 Q16 | P1 | L02, T1 | [ ] |
| 2 | Hamming Code computation (encoding and decoding) | End25 Q11, Resit25 Q20, End24 Q19, Resit24 Q13, End23 Q13, Resit23 Q13 | P2 | L02, T1 | [ ] |
| 3 | TCP Sequence Numbers | End25 Q13, Resit25 Q15, End24 Q15, Resit24 Q8, End23 Q7, Resit23 Q8 | P3 | L09, L10 | [ ] |
| 4 | Distance Vector Routing | End25 Q12, Resit25 Q9, End24 Q10, Resit24 Q15, End23 Q14, Resit23 Q15 | P4 | L07, L08 | [ ] |
| 5 | Sliding Window throughput/goodput | End25 Q16, Resit25 Q16, End24 Q12, Resit24 Q18, End23 Q15, Resit23 Q15 | P5 | L03, L04 | [ ] |
| 6 | CSMA/CA (Wi-Fi collision scenarios) | End25 Q4, End23 Q1, Resit23 Q3, End22 Q3, Resit22 Q1 | P6 | L05, L06 | [ ] |
| 7 | Ethernet / CSMA/CD (min frame size, binary exponential backoff) | End25 Q5, Resit25 Q8, End24 Q7, Resit24 Q8, End23 Q18, Resit22 Q2 | P7 | L05, L06 | [ ] |
| 8 | P-box / S-box in encryption modes (CBC, Counter) | End25 Q19, Resit25 Q20, End24 Q20, Resit24 Q16, End23 Q20, Resit22 Q20 | P8 | L13, T7 | [ ] |

## Tier 2: 4-5 recent appearances

| # | Topic | Recent Appearances | Pattern | Lectures | Done |
|---|-------|-------------------|---------|----------|------|
| 9 | IPv4 / IPv6 addressing and CIDR | End25 Q3, Resit25 Q13, End24 Q14, Resit24 Q13, End23 Q8 | P9 | L07, L08 | [ ] |
| 10 | Base64 encoding/decoding | End25 Q19, Resit25 Q17, End24 Q17, Resit24 Q17, End23 Q19 | P10 | L12, T7 | [ ] |
| 11 | TCP Congestion Control (Tahoe/Reno calculation) | End25 Q6, Resit25 Q9, End24 Q11, Resit24 Q9, End23 Q9, Resit23 Q9 | P11 | L09, L10 | [ ] |
| 12 | IP Fragmentation (MTU, fragment count) | End25 Q8, Resit25 Q10, End24 Q10, Resit24 Q10, End23 Q10 | P12 | L07 | [ ] |
| 13 | Forbidden Region (TCP sequence numbers) | End25 Q13, Resit25 Q20, End23 Q16, Resit23 Q20 | P13 | L10 | [ ] |
| 14 | Chord DHT (finger table computation) | End25 Q18, Resit25 Q14, End23 Q13, Resit23 Q14 | P14 | L12 | [ ] |
| 15 | Byte Stuffing | End25 Q6, Resit25 Q5, End23 Q12, Resit23 Q10 | P15 | L02 | [ ] |
| 16 | OSI Layers (names, ordering, data units) | End25 Q1, Resit25 Q1, End24 Q1, Resit24 Q1, End22 Q1 | P16 | L01 | [ ] |

## Tier 3: 2-3 recent appearances

| # | Topic | Recent Appearances | Pattern | Lectures | Done |
|---|-------|-------------------|---------|----------|------|
| 17 | Wireless Security (WEP key issues) | End25 Q14, Resit24 Q18, End22 Q1 | P17 | L13 | [ ] |
| 18 | DNS (recursive vs iterative queries, CDNs) | End25 Q5, Resit25 Q16, End24 Q19, Resit24 Q5 | P18 | L12 | [ ] |
| 19 | Tor (onion routing, attacker models) | End25 Q18, End23 Q2, Resit22 Q1 | P19 | L13 | [ ] |
| 20 | NAT (Network Address Translation) | End25 Q4, Resit25 Q4 | P20 | L07 | [ ] |
| 21 | Congestion Control (ECN, RED, conceptual MCQs) | End25 Q6, Resit25 Q13, End24 Q11, End23 Q3 | P11 | L07, L09 | [ ] |
| 22 | UDP header / checksum | Resit25 Q12, End23 Q5, Resit22 Q5 | P22 | L09 | [ ] |
| 23 | TCP Flags (SYN, ACK, FIN and sequence numbers) | End24 Q3, End23 Q7, Resit23 Q8 | P3 | L10 | [ ] |
| 24 | Link State Routing | Resit24 Q10, End22 Q14 | P24 | L07 | [ ] |
| 25 | Responsible Disclosure | End23 Q8, Resit23 Q11, Resit22 Q11 | P25 | L13 | [ ] |

## Tier 4: 1-2 recent appearances

| # | Topic | Recent Appearances | Pattern | Lectures | Done |
|---|-------|-------------------|---------|----------|------|
| 26 | DHCP | End25 Q7 | P26 | L08 | [ ] |
| 27 | CDN (content delivery networks) | End23 Q4 | P27 | L12 | [ ] |
| 28 | Spanning Tree Protocol | End24 Q8, End24 Q9 | P28 | L06 | [ ] |
| 29 | Blockchain (viability, types) | Resit24 Q4, End22 Q4 | P29 | L12 | [ ] |
| 30 | MAC Protocol Comparison (ALOHA, CSMA variants) | Resit25 Q6, End24 Q4, Resit23 Q2 | P30 | L05, L06 | [ ] |
| 31 | Parity Block (2D parity) | Resit23 Q7, End23 Q6, Resit22 Q7 | P31 | L02, T1 | [ ] |
| 32 | Security Concepts (CIA triad, wireless goals) | End25 Q20, End24 Q4, End22 Q3 | P32 | L13 | [ ] |
| 33 | Security Protocol Selection (PGP, TLS, OTR, IPSec) | End24 Q17, Resit24 Q17, Resit23 Q1 | P33 | L13 | [ ] |
| 34 | Delay Definitions (propagation, transmission, queuing, RTT) | End25 Q3, Resit25 Q3 | P34 | L02 | [ ] |
| 35 | RSA (textbook encryption/decryption) | End25 Q17, Resit24 Q6, End23 Q17, Resit22 Q6 | P35 | L13 | [ ] |

---

## Endterm 2025 Questions

| Q# | Topic | Pattern | Lectures | Done |
|----|-------|---------|----------|------|
| 1 | OSI layer data units: physical=bit, data link=frame, network=packet, transport=segment, session/presentation/application=N/A | P16 | L01 | [ ] |
| 2 | Channel allocation MCQ: ALOHA protocol description | P30 | L05 | [ ] |
| 3 | IPv6 address space vs IPv4: 2^128 / 2^32 = 2^96 times larger | P9 | L07 | [ ] |
| 4 | NAT: replaces internal IP+port with external port, keeps mapping table | P20 | L07 | [ ] |
| 5 | Email sending protocol: SMTP | P18 | L12 | [ ] |
| 6 | Byte stuffing decode: FLAG=011110, ESC=111000, received 011110 110011 111000 111000 111000 011110 011110 -> original: 110011 111000 011110 | P15 | L02 | [ ] |
| 7 | Ethernet switch MAC table learning with port addresses | P7 | L06 | [ ] |
| 8 | IP fragmentation: 12000 bytes, MTUs 6000/3000/1500, with and without MTU discovery | P12 | L07 | [ ] |
| 9 | Internet checksum (1's complement) for 4-bit blocks: 1001+1010+1011+1100 = 101010 -> 10+1010 = 1100 -> 0011 | P36 | L09 | [ ] |
| 10 | CRC: data 010 100 111, generator 1111 -> append 000, divide, remainder 001 -> message 010 100 111 001 | P1 | L02 | [ ] |
| 11 | (11,7) Hamming Code for 1111111 with odd parity -> 00101110111 | P2 | L02 | [ ] |
| 12 | Distance Vector routing table for node 1 from graph | P4 | L07 | [ ] |
| 13 | Forbidden region: 15 bytes/s, 10s lifetime, 2^12 ticks/s, seq=2, ~22.08s to forbidden region -> b=17 bits | P13 | L10 | [ ] |
| 14 | Checksum timing after fragmentation: IP checksum at each fragment arrival, TCP checksum after full reassembly | P12 | L07 | [ ] |
| 15 | ICMP ping analysis: one echo cannot reveal route, processing time, speed, or path asymmetry | P34 | L08 | [ ] |
| 16 | Sliding window goodput: k=4, 300-byte frames, duplex 1500 B/s, latency 0.5/0.55s, goodput=816 B/s -> x=0.15 | P5 | L03 | [ ] |
| 17 | Firewall: signature-based advantage, anomaly-based discard disadvantage (TCP retransmits) | P33 | L13 | [ ] |
| 18 | Tor encryption: encrypt with each relay's key, starting from last relay (reverse order) | P19 | L13 | [ ] |
| 19 | P-box CBC decryption: ciphertext 0110 1110, IV 1011 -> plaintext 0111 1011 | P8 | L13 | [ ] |
| 20 | CIA triad: Integrity = ensure users can verify they have correct information (D) | P32 | L13 | [ ] |

## Resit 2025 Questions

| Q# | Topic | Pattern | Lectures | Done |
|----|-------|---------|----------|------|
| 1 | OSI layering advantage: abstraction, independent layer changes | P16 | L01 | [ ] |
| 2 | TCP over IP: connection-oriented over connection-less (B) | P16 | L09 | [ ] |
| 3 | Transmission delay definition: time from first bit leaves sender to last bit leaves sender (C) | P34 | L02 | [ ] |
| 4 | Go-Back-N vs Selective Repeat: GBN better with abundant bandwidth but limited receiver buffer (A) | P5 | L03 | [ ] |
| 5 | Byte stuffing: FLAG=01111110, ESC=11100000, frame with FLAG and ESC bytes inside | P15 | L02 | [ ] |
| 6 | Slotted ALOHA efficiency vs pure ALOHA: fixed time slots reduce collision chance (D) | P30 | L05 | [ ] |
| 7 | Binary exponential backoff: after 4th collision, range is [0, 2^4-1] = [0, 15] timeslots | P7 | L06 | [ ] |
| 8 | Ethernet min frame size: ensures sender doesn't finish before detecting collision (A) | P7 | L05 | [ ] |
| 9 | Distance Vector: construct routing table from neighbor vectors | P4 | L07 | [ ] |
| 10 | Link State: identify bottleneck link (node 6) | P24 | L07 | [ ] |
| 11 | CIDR longest prefix match: /16 vs /17 for 130.140.128.255 -> /16 wins | P9 | L08 | [ ] |
| 12 | UDP optional checksum: unreliable protocol, applications can add own reliability | P22 | L09 | [ ] |
| 13 | RED: congestion management technique in Transport Layer (D) | P11 | L07 | [ ] |
| 14 | TCP sequence numbers: ISN=59, segments 500+900+4200 -> seg4 seq = 59+1+500+900 = 1460 | P3 | L10 | [ ] |
| 15 | Base64: 01001100 01101111 01110011 01110100 -> "Lost" -> TG9zdA== | P10 | L12 | [ ] |
| 16 | Security properties for contract system: authentication + confidentiality + integrity (need non-repudiation) | P32 | L13 | [ ] |
| 17 | PGP encryption: hash+sign with private key, symmetric key for encryption encrypted with recipient's public key | P33 | L13 | [ ] |
| 18 | CRC verification: message 1001 1001 1001, generator 11011, remainder != 0 -> not received correctly | P1 | L02 | [ ] |
| 19 | (11,7) Hamming Code for 1010101 with even parity -> 11110100101 | P2 | L02 | [ ] |
| 20 | P-box CBC encryption: 1001 1100 1110 0100, IV 0100 -> 1110 1101 0100 0011 | P8 | L13 | [ ] |

---

## How to Solve Each Pattern

### P1 -- Cyclic Redundancy Check (CRC) (1-2 pts)
**How to recognize:** "Alice wants to send data X. For error detection, they use CRC with generator G. Compute the message that Alice sends." or "A message has been received with CRC ... Has it been received correctly?"

**Steps:**
1. **To compute transmitted message:**
   - Count the number of bits in G minus 1. Let that be n.
   - Append n zeros to the original data message.
   - Perform binary division (XOR subtraction, not regular subtraction) of the extended message by G.
   - The remainder (n bits) is the CRC check value.
   - Transmitted message = original data + remainder.

2. **To verify a received message:**
   - Divide the received message (including CRC bits) by G.
   - If remainder is 000...0, the message is correct.
   - If remainder is non-zero, an error occurred.

**Key:** Binary division uses XOR at each step: 1 XOR 1 = 0, 0 XOR 0 = 0, 1 XOR 0 = 1, 0 XOR 1 = 1. Bring down one bit at a time.

**Exam examples:** End25 Q10, Resit25 Q18, End24 Q18, Resit24 Q19, End23 Q11, Resit23 Q19, End22 Q16

### P2 -- Hamming Code (1-2 pts)
**How to recognize:** "Compute an (n,k) Hamming Code for data D using odd/even parity." or "Given a received message with Hamming code, determine the original data."

**Steps for encoding:**
1. **Determine parity bit positions:** Positions that are powers of 2 (1, 2, 4, 8, 16, ...) are parity bits. All other positions are data bits.
2. **Place data bits** in non-parity positions from left to right.
3. **For each parity bit at position p:** Check all bit positions where the p-th bit of the position number is 1 (binary representation). Compute parity (count 1s, set parity bit so total is odd or even as specified).
   - Odd parity: parity bit = 1 if count of 1s is even, 0 if odd
   - Even parity: parity bit = 0 if count of 1s is even, 1 if odd
4. **Write the full codeword.**

**Steps for (n,k) code length:**
- r = ceil(log2(n + r + 1)) where n = data bits, r = parity bits
- Total length = n + r

**Exam examples:** End25 Q11, Resit25 Q20, End24 Q19, Resit24 Q13, End23 Q13, Resit23 Q13

### P3 -- TCP Sequence Numbers (1 pt)
**How to recognize:** "Alice starts a TCP handshake with ISN=X. After receiving SYN-ACK with ISN=Y, Alice sends segments of sizes A, B, C... Which sequence number will segment D have?"

**Steps:**
1. SYN consumes 1 sequence number.
2. FIN consumes 1 sequence number.
3. Data segments consume N sequence numbers (one per byte of payload).
4. ACK alone does NOT consume a sequence number.
5. **Formula:** seq_number = ISN + 1 (for SYN) + sum of all preceding payload sizes

**Exam examples:** End25 Q13, Resit25 Q15, End24 Q15, Resit24 Q8, End23 Q7, Resit23 Q8

### P4 -- Distance Vector Routing (1-2 pts)
**How to recognize:** "Router A receives distance vectors from neighbors B and C. Compute A's routing table."

**Steps:**
1. For each destination D and each neighbor N:
   - Cost via N = cost(A to N) + N's reported cost to D
2. Choose the neighbor with the minimum total cost.
3. **Tiebreaker:** If costs are equal, use alphabetical order of neighbor name (or lowest direct link cost per exam specification).
4. Directly connected destinations have cost = direct link cost, line = that neighbor.

**Exam examples:** End25 Q12, Resit25 Q9, End24 Q10, Resit24 Q15, End23 Q14, Resit23 Q15

### P5 -- Sliding Window Throughput / Goodput (1-2 pts)
**How to recognize:** "Enna and Snuffles use sliding window with k=N, frame size F, bandwidth B B/s, latency L1/L2. What is the goodput?"

**Steps:**
1. **Transmit time for one frame:** t_frame = F / B (seconds)
2. **Time until first ACK:** t_ACK = t_frame + L1 + L2 (transmit + forward latency + return latency)
3. **Time to send k frames:** t_k = k * t_frame
4. **Compare:**
   - If t_ACK < t_k: window slides after all k frames sent. Throughput = (k * payload_per_frame) / t_ACK
   - If t_ACK >= t_k: window slides after each frame (or partially). Throughput = B (full bandwidth, limited by channel)
5. **Goodput** = Throughput * (1 - overhead_fraction) where overhead = header + trailer / total_frame_size

**Exam examples:** End25 Q16, Resit25 Q16, End24 Q12, Resit24 Q18, End23 Q15, Resit23 Q15

### P6 -- CSMA/CA (Wi-Fi Collision Scenarios) (1 pt MCQ)
**How to recognize:** Multiple-choice question describing a wireless scenario with stations, access point, RTS/CTS exchange, and asks what happens.

**Key concepts:**
- **Hidden terminal problem:** Two stations not in range of each other both send to a common receiver, causing collision at receiver.
- **Exposed terminal problem:** A station refrains from sending because it senses the medium busy, even though its transmission wouldn't interfere.
- **RTS/CTS collision:** If two RTS collide at the AP, neither station gets a CTS -> both back off.
- **CTS reception:** A station only acts on CTS addressed to it. If it doesn't receive a CTS, it back off.
- **Binary exponential backoff:** After collision, random wait from [0, 2^min(c,10)-1] slots.

**Exam examples:** End25 Q4, End23 Q1, Resit23 Q3, End22 Q3, Resit22 Q1

### P7 -- Ethernet / CSMA/CD (1-2 pts)
**How to recognize:** Questions about minimum frame size, binary exponential backoff, collision probability, switch MAC tables.

**Key concepts:**
- **Min frame size:** Ensures the sender is still transmitting when a collision signal propagates back. Frame must be large enough that transmission_time >= 2 * propagation_delay.
- **Binary exponential backoff:** After n-th collision, choose random k from [0, 2^n - 1] (capped at 10). Wait k * 512 bit-times.
- **Switch MAC table learning:** Switch records (source_MAC -> incoming_port). When destination is unknown, flood to all ports except incoming.

**Switch table example:** When same MAC appears on different port, the entry is updated to the new port.

**Exam examples:** End25 Q5, End25 Q7, Resit25 Q8, End24 Q7, Resit24 Q8, End23 Q18, Resit22 Q2

### P8 -- P-box / S-box in Encryption Modes (1-2 pts)
**How to recognize:** "Alice and Bob use S-box/P-box with CBC/Counter mode. Given ciphertext and IV, decrypt to find plaintext."

**Steps for CBC decryption:**
1. For each ciphertext block C_i:
   - Apply **inverse permutation** (inverse P-box or S-box) to C_i -> get D_i
   - XOR D_i with previous plaintext block (IV for first block) -> get plaintext P_i
2. **Critical:** Use the INVERSE mapping. If P-box maps position 0->1, 1->2, 2->3, 3->0, the inverse maps 1->0, 2->1, 3->2, 0->3.

**Steps for Counter mode decryption:**
1. Counter increments for each block: IV, IV+1, IV+2, ...
2. Encrypt the counter value with the P-box/S-box: E(counter)
3. XOR ciphertext with encrypted counter: P_i = C_i XOR E(counter_i)

**Exam examples:** End25 Q19, Resit25 Q20, End24 Q20, Resit24 Q16, End23 Q20, Resit22 Q20

### P9 -- IPv4 / IPv6 Addressing and CIDR (1-2 pts)
**How to recognize:** "Shorten this IPv6 address," "What is the subnet mask for /X," or "Which prefix matches this destination?"

**IPv6 shortening rules:**
1. Leading zeros in each 16-bit group can be omitted (00FF -> FF, 0000 -> 0).
2. One run of consecutive all-zero groups can be replaced by :: (only once per address).

**CIDR subnet mask:** For /X, first X bits are 1, rest are 0. Convert each 8-bit group to decimal. E.g., /20 = 255.255.240.0.

**Longest prefix match:** When multiple prefixes match, use the one with the longest prefix (most specific). E.g., for 130.140.128.255: /16 matches, /17 may or may not depending on the bits.

**IPv4 vs IPv6 size:** IPv6 = 128 bits, IPv4 = 32 bits. Ratio = 2^96.

**Exam examples:** End25 Q3, Resit25 Q13, End24 Q14, Resit24 Q13, End23 Q8

### P10 -- Base64 Encoding/Decoding (1-2 pts)
**How to recognize:** "Encode these bits in Base64" or "'XYZ==' is the Base64 encoding of which binary data?"

**Steps for encoding:**
1. Group bits into sets of 6.
2. If the total bit count isn't divisible by 6, pad with zeros to complete the last group.
3. Add '=' padding characters: one '=' for 2 extra bytes (16 bits -> 3 groups + 2 padding bits), two '=' for 1 extra byte (8 bits -> 1 group + 4 padding bits).
4. Look up each 6-bit value in the Base64 table (0-25: A-Z, 26-51: a-z, 52-61: 0-9, 62: +, 63: /).

**Steps for decoding:**
1. Look up each character to get 6 bits.
2. Ignore the last group if it has padding (=), remove the appropriate number of padding bits.
3. Regroup into 8-bit bytes.

**Exam examples:** End25 Q19, Resit25 Q17, End24 Q17, Resit24 Q17, End23 Q19

### P11 -- TCP Congestion Control (1-2 pts)
**How to recognize:** "TCP Reno with multiplicative factor M and additive increase A. Threshold is T. After reaching threshold, continues for N steps then congestion signal. What are the new threshold and congestion window?"

**Steps:**
1. **Slow start (cwnd < ssthresh):** cwnd doubles each RTT (exponential growth).
2. **Congestion avoidance (cwnd >= ssthresh):** cwnd increases by A (additive) each RTT.
3. **After congestion signal (Tahoe/Reno):**
   - New ssthresh = current_cwnd / M (typically M=2)
   - New cwnd = new ssthresh (Tahoe) or new ssthresh + 3 duplicate ACKs (Reno fast recovery)
4. **Current cwnd at congestion:** ssthresh + N * A (if N steps after reaching threshold in congestion avoidance phase)

**Exam examples:** End25 Q6, Resit25 Q13, End24 Q11, Resit24 Q9, End23 Q9, Resit23 Q9

### P12 -- IP Fragmentation (1-2 pts)
**How to recognize:** "Alice sends an IPv4 packet of size X bytes. It passes through networks with MTUs M1, M2, M3. How many fragments arrive at each point, with and without MTU discovery?"

**Steps WITHOUT MTU discovery (non-transparent):**
1. Each router with smaller MTU fragments the incoming packets further.
2. Max data per fragment = MTU - 20 bytes (IP header). Must be divisible by 8.
3. Number of fragments = ceil(original_data / (MTU - 20)) at each step.
4. Each fragment is further fragmented at the next hop.

**Steps WITH MTU discovery:**
1. Sender determines minimum MTU along the path.
2. Sender fragments once into chunks of (min_MTU - 20) bytes.
3. No further fragmentation occurs; all routers forward as-is.
4. Number of fragments = ceil(original_data / (min_MTU - 20))

**Exam examples:** End25 Q8, Resit25 Q10, End24 Q10, Resit24 Q10, End23 Q10

### P13 -- Forbidden Region (TCP Sequence Numbers) (1-2 pts)
**How to recognize:** "Lena uses TCP with 32-bit clock-based sequence numbers. Clock speed is 2^K beats/sec. Sends data at R bytes/sec. Packets remain in network for L seconds. How long until forbidden region?"

**Formula:**
- Sequence number function: s(t) = ISN + R * t (assuming constant rate from connection start)
- Forbidden region boundary: f(t) = ISN + 2^K * (t + L) - 2^32
- Set s(t) = f(t) and solve for t:
  - ISN + R * t = ISN + 2^K * t + 2^K * L - 2^32
  - R * t = 2^K * t + 2^K * L - 2^32
  - t = (2^32 - 2^K * L) / (2^K - R)
- If there's a delay before sending starts, adjust: s(t) = ISN + R * (t - delay) for t > delay.

**Exam examples:** End25 Q13, Resit25 Q20, End23 Q16, Resit23 Q20

### P14 -- Chord DHT Finger Table (1 pt)
**How to recognize:** "Compute the finger table of node X in a Chord ring with 2^m locations."

**Steps:**
1. For each entry i (from 0 to m-1):
   - Start = (node + 2^i) mod 2^m
   - Successor = the first node on the ring at or after Start
2. Look at the ring diagram: find the nearest occupied node (or file) at or after each start position.

**Exam examples:** End25 Q18, Resit25 Q14, End23 Q13, Resit23 Q14

### P15 -- Byte Stuffing (1 pt)
**How to recognize:** "Byte stuffing is used with FLAG=... and ESC=... Given received/transmitted bit sequence, decode/encode."

**Encoding (transmitting):**
1. Add FLAG at the very beginning and very end.
2. Every occurrence of the FLAG byte (01111110 or 011110 for bit stuffing) inside the data is replaced by ESC + (FLAG byte XOR 000001 / modified byte).
3. Every occurrence of the ESC byte inside the data is replaced by ESC + (ESC byte XOR 000001 / modified byte).

**Decoding (receiving):**
1. Remove the FLAG bytes at the very beginning and very end.
2. Replace ESC + modified byte back to the original byte.

**Maximum transmission:** Each byte could need an escape byte, so at most 2 * original_size + 2 (for the two FLAG bytes).

**Exam examples:** End25 Q6, Resit25 Q5, End23 Q12, Resit23 Q10

### P16 -- OSI Layers (1 pt)
**How to recognize:** MCQ or short answer about OSI layer names, ordering, data units, or which layers operate end-to-end.

**Key facts:**
- **Order (low to high):** Physical (1), Data Link (2), Network (3), Transport (4), Session (5), Presentation (6), Application (7)
- **Data units:** Physical=bit, Data Link=frame, Network=packet, Transport=segment, Session/Presentation/Application=varies (no standard name)
- **End-to-end only:** Transport, Session, Presentation, Application (lower layers operate at every node along the path)
- **Advantage of layering:** Abstraction, independent changes, modularity

**Exam examples:** End25 Q1, Resit25 Q1, End24 Q1, Resit24 Q1, End22 Q1

### P17 -- Wireless Security: WEP Issues (1-2 pts)
**How to recognize:** "In 64-bit WEP, how many hex characters for the key?" or "Why is using ASCII characters for WEP keys problematic?"

**Key facts:**
- 64-bit WEP = 24-bit IV + 40-bit (5-byte) key = 10 hexadecimal characters
- 128-bit WEP = 24-bit IV + 104-bit key = 26 hexadecimal characters
- **Problem with ASCII:** ASCII only uses 7 bits (commonly 26 letters + 10 digits + ~10 special chars), far less than the full 256 options per byte. This drastically reduces the key space, making brute-force attacks much faster.

**Exam examples:** End25 Q14, Resit24 Q18, End22 Q1

### P18 -- DNS (1-2 pts)
**How to recognize:** "How many queries are executed?" or "Recursive vs iterative DNS query differences" or "CDN DNS lookup returns which IP?"

**Key concepts:**
- **Recursive query:** Client contacts local name server; local server does all the work (root -> TLD -> authoritative) and returns final answer to client.
- **Iterative query:** Client contacts local name server, which returns root server address; client then contacts root, then TLD, then authoritative itself.
- **Query count (no caching):** For domain.example.tld: 1 to local + 1 to root + 1 to .tld + 1 to example.tld = 4 queries (recursive, local server does 3 of them).
- **CDN:** DNS server returns the IP of the server closest to the requester based on the requester's IP, regardless of query type (but iterative queries may return different results if the local server is in a different region).

**Exam examples:** End25 Q5, Resit25 Q16, End24 Q19, Resit24 Q5, End23 Q4

### P19 -- Tor (1 pt MCQ)
**How to recognize:** "An attacker controls the guard node in Tor. What information can they learn?" or "Explain Tor encryption process."

**Key facts:**
- **Guard node attacker:** Learns client identity + timing/volume of traffic, but NOT content (encrypted) and NOT final destination (encrypted in inner layers).
- **Onion routing encryption:** Encrypt with keys of each relay in reverse order (last relay first). Each relay peels off one layer.
- **Hidden services:** Both sender and receiver establish introduction points; these facilitate anonymous communication.

**Exam examples:** End25 Q18, End23 Q2, Resit22 Q1

### P20 -- NAT (1 pt)
**How to recognize:** "Explain what NAT is doing using the terms internal/external and address/port."

**Key facts:**
- NAT replaces the internal IP address and port number in outgoing packets with the router's external IP address and a unique external port number.
- NAT maintains a mapping table: (internal IP, internal port) <-> (external port).
- Incoming packets with matching external port are forwarded to the correct internal host using this table.

**Exam examples:** End25 Q4, Resit25 Q4

### P21 -- ECN / RED (Congestion Control MCQs) (1 pt)
**How to recognize:** Multiple-choice about how routers and transport layer coordinate congestion control.

**Key concepts:**
- **ECN:** Router marks packets (sets ECN bit) instead of dropping. Destination signals source via TCP header to reduce rate.
- **RED:** Router randomly drops packets before queue is full, signaling congestion early.
- **General coordination:** Network layer (routers) signals congestion (via drops or ECN marks), transport layer (TCP) reduces sending rate.
- RED is a network-layer technique; congestion window adjustment is transport-layer response.

**Exam examples:** End25 Q6, Resit25 Q13, End24 Q11, End23 Q3

### P22 -- UDP Header / Checksum (1 pt MCQ)
**How to recognize:** "How long is the UDP header?" or "When is a flipped bit in UDP payload detected?"

**Key facts:**
- UDP header = 8 bytes (4 fields: source port, dest port, length, checksum).
- **Optional checksum:** UDP checksum is optional in IPv4 (can be all zeros). In IPv6 it's mandatory.
- **Bit flip detection:** A flipped bit IS detected by the UDP checksum at the receiver, unless the checksum itself is also corrupted.
- Two flipped bits: might cancel out in checksum -> may not be detected.

**Exam examples:** Resit25 Q12, End23 Q5, Resit22 Q5

### P23 -- TCP Flags (1 pt MCQ)
**How to recognize:** "Which TCP control flag does not consume a sequence number?" or sequence number calculation with SYN/FIN.

**Key facts:**
- **SYN:** Consumes 1 sequence number (for connection establishment).
- **FIN:** Consumes 1 sequence number (for connection termination).
- **ACK:** Does NOT consume a sequence number (just acknowledges).
- **Data segments:** Each consumes N sequence numbers (one per byte of payload).
- **Sequence number formula:** next_seq = current_seq + payload_size (for data) or + 1 (for SYN/FIN)

**Exam examples:** End24 Q3, End23 Q7, Resit23 Q8

### P24 -- Link State Routing (1-2 pts)
**How to recognize:** "Given link state messages with costs and timestamps, compute C's routing table."

**Steps:**
1. Build the complete topology from all received link state messages.
2. Run Dijkstra's algorithm from the source node to find shortest paths to all destinations.
3. Record cost and outgoing line (first hop) for each destination.
4. **Tiebreaker per exam:** Choose the neighbor from whom the most recent message was received (or alphabetically first if specified).

**Exam examples:** Resit24 Q10, End22 Q14

### P25 -- Responsible Disclosure (1-2 pts)
**How to recognize:** "What are the steps in a responsible disclosure process?" or "Explain steps for a specific vulnerability scenario."

**Steps:**
1. Discover the vulnerability.
2. Contact the vendor/organization privately (not publicly).
3. Provide detailed vulnerability information and proof of concept.
4. Allow reasonable time for patching (e.g., days to weeks, depending on severity).
5. Coordinate public disclosure timing with the vendor.
6. Publish details after patch is available or deadline expires.

**Advantage:** Vulnerability is fixed before public knowledge, reducing exploitation window.
**Disadvantage:** Users remain unaware of the vulnerability during the patching period.

**Exam examples:** End23 Q8, Resit23 Q11, Resit22 Q11

### P26 -- DHCP (1 pt MCQ)
**How to recognize:** "What information can be gathered by using DHCP?" or "What information is provided to the DHCP server?"

**Key facts:**
- **DHCP provides:** IP address, default gateway, DNS server, clock server, and more.
- **DHCP collects:** MAC address of the requesting client.

**Exam examples:** End25 Q7

### P27 -- CDN (1 pt MCQ)
**How to recognize:** CDN DNS lookup scenario with user in different country.

**Key facts:**
- CDN DNS servers return the IP of the server closest to the requester based on the requester's IP address.
- Recursive queries: local name server handles the lookup and CDN server returns closest IP to the requester.
- Iterative queries: local name server returns CDN server address, client contacts CDN directly, CDN returns closest IP based on client's IP.

**Exam examples:** End23 Q4

### P28 -- Spanning Tree Protocol (1-2 pts)
**How to recognize:** "Which switch is the root?" or "Draw the spanning tree."

**Key facts:**
- **Root election:** Switch with the smallest bridge ID (priority + MAC address) becomes root.
- **Root election MCQ answer:** The switch with the smallest ID.
- **Spanning tree construction:** Remove redundant links to eliminate loops, keeping shortest paths from each node to root.
- Non-root switches select one root port (closest to root). Root ports have shortest path cost.
- On each segment, the switch with the lowest cost to root becomes the designated bridge; the corresponding port is designated.

**Exam examples:** End24 Q8, End24 Q9

### P29 -- Blockchain (1 pt MCQ)
**How to recognize:** Scenario about multiple parties writing data, trust relationships, and asks whether blockchain is viable and which type.

**Key facts:**
- **Permissionless:** Anyone can join and write (e.g., Bitcoin, Ethereum). No trusted parties.
- **Public permissioned:** Anyone can read, selected parties write.
- **Private permissioned:** Only selected parties can read and write.
- **No blockchain needed:** If all parties trust each other, a blockchain is unnecessary (centralized database suffices).

**Exam examples:** Resit24 Q4, End22 Q4

### P30 -- MAC Protocol Comparison (1 pt MCQ)
**How to recognize:** MCQ comparing ALOHA, CSMA, CSMA/CD, CSMA/CA protocols.

**Key facts:**
- **Pure ALOHA:** Transmit immediately when data ready. Collision -> wait random time. Efficiency = 1/(2e) ~ 18%.
- **Slotted ALOHA:** Transmit only at slot boundaries. Collision -> wait random time. Efficiency = 1/e ~ 37% (twice pure ALOHA).
- **CSMA:** Carrier sense before transmitting. If channel busy, wait or sense again.
- **1-Persistent CSMA:** If channel idle, transmit immediately. If busy, check again immediately.
- **p-Persistent CSMA:** If channel idle, transmit with probability p, wait for next slot with probability (1-p).
- **Non-persistent CSMA:** If channel busy, wait random time then sense again.

**Exam examples:** Resit25 Q6, End24 Q4, Resit23 Q2

### P31 -- Parity Block (1 pt)
**How to recognize:** "Compute parity bits for the following parity block using odd/even parity." or "A single bit has been flipped in the parity block. Which bit?"

**Steps for computing parity bits (encoding):**
1. Arrange data in a 2D grid.
2. Compute row parity bits: for each row, count 1s and add parity bit to make total odd/even.
3. Compute column parity bits: for each column, count 1s and add parity bit to make total odd/even.
4. Place parity bits in a rightmost column and bottom row.

**Steps for error detection (decoding):**
1. Check row parities and column parities.
2. The intersection of the row and column with wrong parity identifies the flipped bit.

**Exam examples:** Resit23 Q7, End23 Q6, Resit22 Q7

### P32 -- Security Concepts (CIA, Wireless Goals) (1 pt MCQ)
**How to recognize:** MCQ about CIA triad definitions or goals of secure wireless communication.

**Key facts:**
- **Confidentiality:** Only authorized parties can access information.
- **Integrity:** Ensure users can verify they have the correct (untampered) information.
- **Availability:** Ensure information and services are available when needed.
- **Wireless security goals:** Confidentiality, Integrity, Access Control.
- **Non-repudiation is NOT a wireless security goal** (it applies to digital signatures).

**Exam examples:** End25 Q20, End24 Q4, End22 Q3

### P33 -- Security Protocol Selection (1-2 pts)
**How to recognize:** "Which protocol provides non-repudiation?" or "Explain how PGP encryption works" or "Which protocol achieves confidentiality + authentication + repudiation?"

**Key facts:**
- **PGP:** Hybrid encryption (symmetric key + asymmetric for key exchange) + hash-then-sign (digital signatures). Provides confidentiality, integrity, and non-repudiation.
- **TLS:** Symmetric encryption + MAC. Provides confidentiality and integrity. No repudiation (symmetric key).
- **OTR:** Diffie-Hellman key exchange per message + symmetric encryption + MAC. Provides confidentiality, integrity, and repudiation (every message uses a new key, so any message could have been authored by either party).
- **IPSec:** Encrypts/ authenticates IP packets. Provides confidentiality and integrity at network layer.
- **Non-repudiation requires asymmetric digital signatures** (PGP).
- **Repudiation capability** means anyone with the key could have written the message (OTR).

**Exam examples:** End24 Q17, Resit24 Q17, Resit23 Q1, End22 Q1

### P34 -- Delay Definitions (1 pt MCQ)
**How to recognize:** MCQ asking for definition of propagation delay, transmission delay, queuing delay, or RTT.

**Key facts:**
- **Propagation delay:** Time for a bit to travel from sender to receiver across the medium (distance / speed of propagation).
- **Transmission delay:** Time to push all bits of a packet onto the link (packet_size / bandwidth). "Time between first bit leaves sender to last bit leaves sender."
- **Queuing delay:** Time a packet waits in a router's buffer before being transmitted.
- **RTT (Round-Trip Time):** Time for a packet to go from sender to receiver and back (includes transmission + propagation + queuing + processing, both ways).
- **Processing delay:** Time for routers to examine header and decide where to direct the packet.

**Exam examples:** End25 Q3, Resit25 Q3

### P35 -- RSA (1-2 pts)
**How to recognize:** "Agent X chooses p=... and q=... for RSA. Public key e=..., private key d=.... Encrypt/decrypt message C."

**Steps:**
1. n = p * q
2. Encryption: C = M^e mod n
3. Decryption: M = C^d mod n
4. Apply to each integer in the message separately.
5. **Special case:** Plaintext 0, 1 encrypt/decrypt to themselves (0^e = 0, 1^e = 1).

**Exam examples:** End25 Q17, Resit24 Q6, End23 Q17, Resit22 Q6

### P36 -- Internet Checksum (1 pt)
**How to recognize:** "What is the Internet checksum (1's complement) of this data, given block length N?"

**Steps:**
1. Split data into N-bit blocks.
2. Add all blocks using 1's complement addition (carry-around: if sum exceeds N bits, add the overflow bit back to the least significant position).
3. Take the 1's complement of the final sum (invert all bits).
4. That's the checksum.

**Exam examples:** End25 Q9, End24 Q2

---

## Confidence Assessment

### Strong — well-understood, practice problems regularly
- [ ] CRC computation and verification
- [ ] Hamming Code encoding/decoding
- [ ] TCP Sequence Numbers (SYN + data sizes)
- [ ] Distance Vector Routing table construction
- [ ] Sliding Window goodput/throughput calculation
- [ ] IP Fragmentation (fragment count at each hop)
- [ ] Base64 encoding and decoding
- [ ] IPv4/IPv6 addressing and CIDR

### Needs review — requires more practice or conceptual clarification
- [ ] P-box/S-box CBC and Counter mode decryption
- [ ] Forbidden region calculation
- [ ] Chord DHT finger table
- [ ] TCP Congestion Control (Tahoe/Reno step-by-step)
- [ ] Byte stuffing encode/decode
- [ ] CSMA/CA collision scenario analysis
- [ ] OSI Layers and data units
- [ ] Security Protocol Selection (PGP/TLS/OTR comparison)

### Not attempted — review if time permits
- [ ] RSA encryption/decryption
- [ ] Link State Routing (Dijkstra)
- [ ] Responsible Disclosure steps
- [ ] CDN DNS lookup behavior
- [ ] Blockchain type selection
- [ ] MAC Protocol Comparison (ALOHA/CSMA variants)
- [ ] Parity Block (2D parity)
- [ ] Security Concepts (CIA triad, wireless goals)
- [ ] Delay Definitions MCQs
- [ ] DHCP information exchange
- [ ] Spanning Tree Protocol
- [ ] UDP header / optional checksum
- [ ] Tor attacker models
- [ ] NAT explanation
- [ ] ECN / RED conceptual questions
- [ ] Internet Checksum (1's complement addition)

---

## Points Distribution Summary

| Category | Approx. Points | % of Exam |
|----------|---------------|-----------|
| Error Detection/Correction (CRC, Hamming, Parity Block, Checksum) | ~4-5 | 22-25% |
| Network Layer (IPv4/IPv6, CIDR, Fragmentation, NAT, Routing-DV/LS, ICMP) | ~4-5 | 22-25% |
| Transport Layer (TCP seq nums, TCP flags, Congestion control, UDP, Sliding window, Forbidden region) | ~5-6 | 28-30% |
| MAC Sublayer (CSMA/CA, CSMA/CD, Ethernet, Spanning Tree, Channel allocation) | ~3-4 | 16-20% |
| Application Layer (DNS, CDN, P2P/Chord, Base64) | ~2-3 | 11-15% |
| Security (Encryption modes, RSA, PGP/TLS/OTR, Tor, WEP, CIA, Blockchain, Responsible Disclosure) | ~3-4 | 16-20% |
| **Total** | **~20** | **100%** |

**Priority: Transport Layer (28-30%) and Error Detection/Correction (22-25%) together cover over 50% of the exam. Network Layer (22-25%) is nearly equally weighted. Focus on TCP sequence numbers, sliding window, CRC, and Hamming Code first -- these alone account for roughly 40% of all points.**