CHARACTERISTICS OF IT SYSTEMS

Question 1

Types of networks:

Answer 1

By geographical scope
By Ownership
By use of internet

Question 2

Networks by geographical scope:

Answer 2

PAN
LAN
MAN
WAN

Question 3

What is a network?

Answer 3

group of interconnected computers and terminals

Question 4

PAN

Answer 4

personal area network
centered around the individual
and the devices he uses
wired or wireless

Question 5

LAN

Answer 5

local area network
privately owned
within a single building or campus
up to few miles in size

Question 6

MAN

Answer 6

metropolitan area network
larger than LAN
group within a city

Question 7

WAN

Answer 7

wide area network

country or continent

Question 8

Network by ownership

Answer 8

private
public
cloud computing/cloud services

Question 9

Disadvantages of cloud computing

Answer 9

information security and privacy
continuity of services
migration

Question 10

HTML

Answer 10

Hypertext Markup Language

Question 11

XML

Answer 11

Extensible Markup Language

Question 12

XML

Answer 12

language used to create and format documents
link documents to web pages/trading partners
communicate between web browsers
superior ability to tag

Question 13

XBRL

Answer 13

Extensible Business Reporting Language

XML based
used in automation of business info requirements
used in filings with SEC (EDGAR)
sharing of reports, fs, audit schedules

electronic data gathering and retrieval

Question 14

Internet

Answer 14

international collection of networks
made up of independent computers
operate as a large computing network

requires use of TCP and IP

Question 15

HTTP

Answer 15

Hypertext Transfer Protocol

primary internet protocol
for data communication
in the www

Question 16

URL

Answer 16

Uniform Resource Locator

typing the address
works like the postal department

Question 17

WWW

Answer 17

world wide web

framework for accessing linked resources

Question 18

WEB BROWSER

Answer 18

client software (mozilla, explorer)
provides user with ability
to locate and display web resources

Question 19

Web servers

Answer 19

software

serves web resources to web clients

Question 20

Firewall

Answer 20

protects computers and its information
from outsiders

has security algorithms and
router communications protocols

Question 21

Router

Answer 21

communications interface device
connects 2 networks
determines the best way to move data
to its destination

Question 22

Bridge

Answer 22

a device
divides the LAN into 2 segments
works like a switch
forwards traffic across network

Question 23

Switch

Answer 23

a device
channels incoming data
from any multiple input ports 
to specific output port 
that will take data to its destination

Question 24

Gateway

Answer 24

combination of hardware and software

links to different types of networks

Question 25

Proxy server

Answer 25

saves and serves copies of web pages
increase efficiency of internet operations
help assure data security

Question 26

Cache

Answer 26

reserve of web pages already sent or loaded

Question 27

Web 2.0 and its tools

Answer 27

2nd generation of the web

blog
wiki
twitter
RSS/ATOM Feeds -really simple syndication

Question 28

RSS/ATOM Feeds

Answer 28

an XML application

subscribe to share website content

Question 29

TCP / IP

Answer 29

Transmission Control Protocol
Internet Protocol

the basic communication language/protocol in the internet

Question 30

TCP

Answer 30

Transmission Control Protocol

the higher layer of internet protocol
assembles messages/files
into smaller packets
and transmitted to the internet

Question 31

IP

Answer 31

lower layer of internet protocol
assigns IP addresses
ensures message delivery to computer

Question 32

IP address

Answer 32

unique number identifier

Question 33

ISP

Answer 33

Internet Service Provider

time warner

Question 34

Types of Virus

Answer 34

Trojan Horse

Worm

Question 35

Virus

Answer 35

a program/code that
requests the computer to
perform activities not authorized by the user

transmitted thru use of files containing macros

Question 36

Macro

Answer 36

stored set of instructions and functions
organized to perform repetitive task
activated by keystroke combination

Question 37

Worm

Answer 37

propagates over a network

Question 38

Botnet

Answer 38

network of computers
controlled by computer code
designed to perform a repetitive task
sending spam, spreading virus
creating distributed denial of service attack

Question 39

Bot

Answer 39

a computer code that sends spam

spreads virus

Question 40

Intranet

Answer 40

local network within an organization

Question 41

Extranet

Answer 41

intranet

includes external customers and suppliers

Question 42

Database client server architecture

Answer 42

It is important to consider the architecture when considering a network

3 responsibilities important:

input
processing
storage

consider the Client-server relationship

Question 43

Cient

Answer 43

the computer or workstation of an individual user

Question 44

Server

Answer 44

high capacity computer
containing the network software
provides services 
by serving files to clients
and performing analyses

Question 45

Client server model

Answer 45

starts with a request message
from a client to the server
asking for service to be performed

Question 46

Overall client-server systems

Answer 46

a networked computing model (LAN)
in which a database software
on a server's platform
performs commands/requests
from client computers

Question 47

File server

Client Tier

Answer 47

subtype of client-server architecture
file server manages the file operations
shared by each of the client PCs
input,output and processing by client computer
all data manipulations done by client computer
file server stores data

Question 48

Database servers

Service Database Tier

Answer 48

similar to file server
but server performs more of the processing
server contains database management system

Question 49

Three Tier architecture

Answer 49

in addition to the file server and database servers
a 3rd tier is added for the application program

Other servers serving as 3rd layer:

print server
communications server
fax server
web server

Question 50

Communications Server

Answer 50

act as gateway to the internet or intranet

Question 51

Distributed Systems?

Answer 51

system that connects all company locations
to form a distributed network
each location has its own input/output,
processing and storage
computers pass data among themselves
pass data to server or host for further processing

Question 52

Hardware components

Answer 52

workstations - microcomputers
peripherals
transmission data
network interface cards

Question 53

peripherals

Answer 53

printer
attached storage
scanners
fax board

Question 54

Transmission media

Answer 54

physical path
that connects components of LAN
wires, cables, optical fibers

Question 55

WLAN or WIFI

Answer 55

wireless LANs

Question 56

Network interface cards

Answer 56

connect workstation and transmission media

Question 57

Control Implications

Answer 57

General controls are often weak
Controls rely on end users
Inadequate resources for troubleshooting
Good controls management, there is segregation of duties
LAN ordinarily does not have security features like larger scale environments

Question 58

Important requirements when using small computers

Answer 58

Security
Verification of processing
Personnel

Question 59

Security control process

Answer 59

Control access to software installation file
Make backup copies
Restrict access to hard drive
Segregate duties in data processing

Question 60

Verification of processing control

Answer 60

Computers should not be used for personal projects

Perform period independent verification of applications used

Question 61

Personnel control

Answer 61

Centralized authorization
to purchase hardware and software
Prohibit loading of unauthorized software and data
Sensitive data should not be downloaded on protable devices

Question 62

EUC End User Computing

Answer 62

Use of microcomputers
3wsUse of end user applications 
End user responsible for 
development and execution of the application
Risks involved

Question 63

Control implications

Answer 63

Test applications before implementing
Require adequate documentation
Physical access controls
Control access to authorized users only
Control use of incorrect versions of data files
Backup files
Application controls
Perform programmed reconciliations

Question 64

Risks in E Commerce

Answer 64

security
availability
processing integrity
online privacy
confidentiality

Question 65

How to assure data integrity?

Answer 65

WebTrust seal of assurance
Digital IDs /certificates
Encryption
Offsite mirrored web servers

Question 66

Digital certificate?

Answer 66

digital signature required
to assure recipient of data validity
message is encrypted and recipient decrypts it

Question 67

Encryption

Answer 67

original data is converted to cipher text

Question 68

Decryption

Answer 68

Convert encrypted data back to original data
Use algorithms and keys
Only users control

Question 69

Algorithm

Answer 69

detailed sequence of actions to perform a task

Question 70

Key

Answer 70

a value that must be fed into the algorith used to decode an encrypted message

Question 71

Private key system

Answer 71

encryption system

both sender and receiver have access

Question 72

Encryption is important

Answer 72

any time two or more computers are communicating

keep private info on one computer

Question 73

System overhead

Answer 73

machine instructions
necessary to encrypt and decrypt data
slows down processing

Question 74

Electronic data interchange

Answer 74

electronic exchange of business transactions
from one entity’s computer to another
through an electronic communications network

Question 75

Risks on EDI

Answer 75

audit trails for internal and external auditors
activity logs
sender/recipient acknowledgment of receipt of transactions
auditors should test controls on timely basis while records are available

Question 76

Methods of communication between trading partners

Answer 76

Point to point
VAN - value added network
Public networks
Proprietary networks

Question 77

Point to point

Answer 77

a direct computer to computer private network link

Question 78

VAN

Answer 78

value added network

privately owned network
that routes EDI transactions
between trading partners
and provides storage, translation, processing

Question 79

Advantages of VAN

Answer 79

reduces communication and data protocol problems bec VANs can deal with differing protocols

partners don’t have to establish point to point connections
reduces scheduling problems-receiver requests delivery of transactions anytime
VAN translates application to standard format
the partner doesn’t have to reformat
provides increased security

Question 80

Disadvantages of VAN

Answer 80

costly
dependence upon VANs systems and controls
possible loss of data confidentiality

Question 81

Public Networks advantages

Answer 81

Advantages

avoids cost of proprietary lines
avoids cost of VAN
directly communicates transactions to trading partners
software allows communication
between differing systems

Question 82

Public network disadvantages

Answer 82

possible loss of data confidentiality
computer transmission disruption
prone to hacker an viruses
possible electronic frauds

Question 83

EFT electronic fund transfer

Answer 83

making cash payments between two organizations electronically

Question 84

Disadvantage of EFT

Answer 84

risk of unauthorized access

risk of fraudulent fund transfers

Question 85

EFT Controls

Answer 85

Control physical access
to network facilities

Require electronic identification
for all network terminals
authorized to use EFT

Control access thru passwords

Encrypt stored and transmitted data

Question 86

Advantages of Point to Point method

Answer 86

no reliance on 3rd parties for computer processing

organization controls access to network

organization enforces propriety to software

improved timeliness in delivery

Question 87

Disadvantages of Point to Point Method

Answer 87

need to establish connection
with trading partner

high initial cost

computer scheduling issues

common protocols between partners needed

need hardware and software
compatibilty of both points

Question 88

Proprietary Networks

Answer 88

private network of organizations

extremely reliable

needs proprietary lines
costly to develop and operate

Question 89

Encryption and authentication controls are important in EDI because

Answer 89

absence of paper transactions

direct interrelationship with another organization’s computer

Question 90

Authentication controls

Answer 90

controls from origin of transaction
submission and delivery of EDI communications

receiver must have proof of the origin of the message, proper submission and delivery

Question 91

Packets

Answer 91

a block of data
transmitted from one computer to another
contains data and authentication info

Question 92

Benefits of EDI

Answer 92

quick response and access to info
cost efficient
reduced paperwork
reduced errors and correction costs
better communications and cust service
necessary to remain competitive

Question 93

Principles of a reliable system - IT risks and internal control

Answer 93

SAPOC

security
availability
processing integrity
online privacy
confidentiality

Question 94

Exposures of EDI

Answer 94

total dependence upon computer system
sensitive information exposure -lose confidentiality
audit trail - lost due to limited retention policies
unauthorized transactions and fraud
reliance on trading partners VAN who control EDI
errors -data processing, application and communication
legal liability due to errors

Question 95

Telecommunications Systems

Answer 95

electronic transmission of information
voice, data, video, fax etc
using hardware and software

hardware:

computers -communications control and switching
radio, wire, fiber, optic, coaxial cable
microwave, laser, electromagnetic systems
modems - compatibility issues

software

controls and monitors the hardware
formats information
adds control information
performs switching operations
provides security
supports the management of communications

Question 96

Role of software in telecommunications system

Answer 96

controls and monitors the hardware
formats information
adds control information
performs switching operations
provides security
supports the management of communications

Question 97

Uses of telecommunications system

Answer 97

EDI
DFT
POS
commercial databases
airline reservations etc

Question 98

Controls needed in telecommunications system

Answer 98

Controls on:

data entry
central computer equipment security
system integrity at remote sites
dial in security
transmission accuracy and completeness
physical security of facilities
regular test of controls

Question 99

Computer service organizations`

Answer 99

record and process data for organizations

payroll checks

VAN - same as CSO but with broader role
provides network, storing, forwarding mailbox, services of companies using EDI