errors , threats

Question 1

arithmetic issues

Answer 1

rounding,truncating,overflow,fixed no. of bits

Question 2

data transmission errors

Answer 2

data doesn’t reach destination intact - data corruption by
atmospheric conditions (cable heat too much,moisture- unable to carry data)
distance limits (attenuation)
interference +causing devices (motors, fluorescent lighting, cables running by electric cables)

Question 3

programming errors

Answer 3

bugs- can lead to catastrophic failure of system

Question 4

data verification

Answer 4

systematic process for evaluating performance + compliance of data set when compared to standards in project documentation to ascertain its completeness, correctness + consistency

Question 5

RFID

Answer 5

radio frequency identification
makes use of radio signals to transfer data from tag attached to an object
tag contain identification data sensed by receiving device

uses electromagnetic fields to automatically identify and track tags attached to objects.

Question 6

sql injection + fix

Answer 6

gives access to hackers - reveals all data in table

use GUI components to restrict data, remove INSERT, UPDATE, + DELETE rights to any website
validate user input to check for possible sql injections

Question 7

fix hardware failure

Answer 7

RAID 1 (mirroring) + RAID 5 (striping) to provide one or more hard drives in case of hard drive failure
if there is complete failure, the backup could be used to recover a prev version of the data

Question 8

psu

Answer 8

power supply unit
converts alternating current to direct current

Question 9

trojan horse

Answer 9

seemingly harmless program that when activated causes harm to computer system

Question 10

spyware

Answer 10

capture info like web browsing, e-mails, usernames + passwords, credit card info
can transmit data to another persons computer over internet

Question 11

pharming

Answer 11

attack intended to redirect websites traffic to another bogus site by changing host file on victims computer or by exploitation of vulnerability in DNS server software

Question 12

ransomware

Answer 12

prevents user from accessing their computer until ransom is paid

Question 13

DoS attacks

Answer 13

denial of services attacks
attempts to make server/network resource unavailable to users

Question 14

DDosS attacks

Answer 14

distributed denial of service attack that uses more than one computer distributed worldwide to put heavy burden on service
infected w malicious program that makes server go wrong
harder to withstand than DoS attacks

Question 15

open ports

Answer 15

can be exploited through code vulnerabilities or malware

Question 16

botnets

Answer 16

aka zombie army
several internet computers set up to forward transmissions (including spam + viruses) to other computers on internet w/o knowledge of owners
computer is infected + controlled by author remotely on net - serve in botnet
zombie created by internet port that has been left open - small trojan program installed for future activation

Question 17

wifi vulnerabilities

Answer 17

to encrypt wifi- pre Shared key or certificate must be proved by client
open networks don’t use encryption – all data traffic visible to malicious actor, who wants to see any online communication of people nearby. When insecure apps/sites accessed on an unencrypted connection, data becomes a risk of data leak: unauthorised/unintentional transfer of sensitive information from mobile device to Internet service

Captive portal, pages – open guest networks will display captive Portal page, asking for personal information to access Wi-Fi connection. Look like standard web page so people hand over info placing their info at risk

Question 18

RAID

Answer 18

redundant array of inexpensive disks
protection against hard drive failure
- improves performance + provides protection of data
uses 2 or more hard disks so if 1 fails, other will contain copy

Question 19

RAID 1

Answer 19

protection of data creates
duplicate of other disk-mirroring- won’t improve performance but offers data protection
data stored on 2 hard disks simultaneously- but only accessed from 1 (second is backup)

Question 20

RAID 0

Answer 20

performance based- no data protection-if one disk crashes , data lost

Question 21

RAID 5

Answer 21

RAID 5 is an improved version of RAID 0 and offers both data protection and improved performance .It requires a minimum of 3 disks and utilises parity and striping
In RAID 5, the data is written in stripes across 3 hard drives and utilises an extra 8 bytes of data as parity that will kick in if one disk fails.

Disk striping with RAID provides data redundancy and reliability. Parity data is commonly calculated by using the binary exclusive function stored on a physical drive in the RAID set. If a storage drive in the striped RAID set fails, the data is recoverable from the remaining drives and the parity stripe.

Question 22

UPS

Answer 22

power supply for proper shut down of the sytem
emergency power supply when power source fails

Question 23

importance of strong passwords

Answer 23

Strong passwords are necessary as they reduce the risk of the user’s account being compromised. weaker passwords can be easily guessed and are vulnerable to attacks

Question 24

given the current setup of 2 servers , how would implementing RAID 1 ensure data redundancy
impact on storage capacity?

Answer 24

RAID 1 offers better data protection, but reduces the total storage capacity as everything is duplicated.

Question 25

how is RAID 5 beneficial as company expands from 2-5 servers

Answer 25

Use RAID 5 since there’s more than 3 servers. RAID 5 offers both improved data protection and improved performance. RAID 5 is unlike RAID 1 in the sense that it only uses the space of one server for redundancy which makes it more efficient.

Question 26

compare read + write performance of RAID 1 and RAID 5

Answer 26

The read performance of RAID 1 is high. As the data is mirrored, the operations can be distributed between the 2 drives. RAID 1 has twice the read rate and an equal write rate of single disks. The read performance of RAID 5 is high as the data is striped across all drives and allows for multiple read operations to occur in parallel, leading to faster speeds.i
It has a slow write time as the parity information must be written to the disks alongside the actual data.

Question 27

how can ups systems protect servers during power outage

Answer 27

A UPS protects servers during a power outage as it immediately kicks in when the original power source has failed, providing protection from data loss and hardware damage.

Question 28

what can be implemented to protect client data

Answer 28

User level security such as access control, backups and data encryption.
login timeout and lockout policies
changing UPS default credentials

Question 29

storage solution combining RAID 1 + RAID 5 that maximises data redundancy and performance

Answer 29

combines the mirroring of RAID 1 (speed + performance) with the striping of RAID 5 (inexpensive redundancy + fault tolerance) . data is first mirrored (like RAID 1) and then striped across multiple mirrored pairs (like RAID 5).

Question 30

develop comprehensive security plan that includes UPSs strong passwords and other measures to protect against unauthorised access and data loss

Answer 30

restrict the physical access to server rooms to only authorised personal through biometrics and protection of these rooms or controlled measures to ensure constant core temperature.
Establish communication between computers and UPS for your service and storage device. There should be maintenance of UPS system taken in order to ensure system remains up-to-date
Implementation of strong password policies required, implemented a strong and secure password that must be regularly changed, and all the passwords cannot be reused

Question 31

strategy for regular backups and 13 corruption to ensure data, integrity and confidentiality

Answer 31

Use httpstransmission protocol.
Data back up with automatic back up scheduled for tonight when system is not in use.
Network security: files, encryption.
use of strong passwords?

Question 32

onsite vs remote backup

Answer 32

onsite: quick access to data, low cost, easy installation (hardware) BUT vulnerable to data theft, damage

remote backup
multiples copies of data, security- data encrypted by backup program, unlimited storage capacity BUT costs, speed dependent on internet connection

Question 33

redundant power supply

Answer 33

2 power supply units
one power source fails, other immediately kicks
not used concurrently- backup 1 is redundant

Question 34

biometrics superior to passwords

Answer 34

• uses unique data
• convenient to use
• supports multi factor authentication

Question 35

authentification

Answer 35

validating usernames + passwords inputted by user then allows access to

Question 36

user level security

Answer 36

different restrictions based on specific user

Question 37

share-level security

Answer 37

protects shared network resources on computer w individually assigned passwords

Question 38

encryption

Answer 38

process that uses algorithm to transform data from database into cipher text incomprehensible w/o decrypting

different restrictions based on specific user

Question 39

digital signature

Answer 39

vouches for origin and integrity of data

Question 40

key length

Answer 40

no. of bits
longer - better security

Question 41

TKIP

Answer 41

temporal key integrity protocol.
Encryption protocol included for wireless LANs.
Instead of using one pre - shared key for packages sent on WAN, each data packet encrypted, using 48 bit serial number incremented for each packet

Question 42

TKIP

Answer 42

temporal key integrity protocol.
Encryption protocol included for wireless LANs.
Instead of using one preship queue for packages sent on W 18, using 48 bit serial number increment for each packet

Question 43

port filtering

Answer 43

firewall monitors ports of network protocol packets that pass through it
allows firewall to block packets based on their content, or block users from using certain points that may provide holes for hackers to get into network

Question 44

audit trails

Answer 44

record of who, what and timestamp of change made to computer system

Question 45

fix malware

Answer 45

firewall to prevent malware from entering network + block suspicious sites
install anti-malware to detect malware and take appropriate action
keep anti-malware up to date
educate users on network abt social engineering
educate staff abt SPAM, phishing and other sources of malware

Question 46

prevent unauthorised access

Answer 46

enforce strong authentication strategies
encrypt sensitive data on network
don’t give admin rights to any user other than network administrators

Question 47

fix open ports

Answer 47

use firewall + close any unused ports
do regular port scans to identify any unchecked vulnerabilities on a port
use latest version of software
install anti malware software

Question 48

fix denial of service (DOS) and distributed denial of service (DDOS)

Answer 48

monitor traffic to identify counterfeit packets
upgrade security patches on the os

Question 49

fix botnets

Answer 49

use latest version of software
protection measures against aDdOS attacks
educate staff about SPAM, phishing + other sources of malware

Question 50

fix wifi vulnerabilities

Answer 50

change default wifi network names + passwords
update firmware of wifi enabled devices
consider switching to ethernet
use firewall
use vpn when remotely accessing remote networks
use network monitoring to oversee connected devices + web traffic

Question 51

fix eavesdropping

Answer 51

use HTTPS + digital ssl certificates
network segmentation can help prevent eavesdropping by breaking down a larger network into various subnetworks, if any subnetworks are compromised, the others are left untouched because they exist independently of each other

Question 52

broad solutions to problems

Answer 52

back up data regularly
install + regularly update antivirus
software
store data on reliable medium
update patches
imstall ssl certificates to stay ahead of threats
upgrade firewalls with access control lists (ACL) , proxy + routers
multi factor authentication

Question 53

human errors

Answer 53

inputting incorrect, inaccurate,invalid,wrong data for required input
GIGO- Garbage in, garbage out

Question 54

solutions for errors

Answer 54

data verification- systematic process for evaluating performance + compliance of data set when compared to set of standards to ascertain its completeness, correctness and consistency

data validation- extensive number of checks applied to data