Operating Systems and Networks

Question 1

Give three operating systems used by companies worldwide

Answer 1

Windows
Mac
Linux

Question 2

Operating Systems

Answer 2

Computer’s control program

Question 3

OS Fundamental Control Objectives

Answer 3

The OS must protect

1. itself from users
2. users from other users
3. users from themselves
4. itself from itself
5. itself from the environment

Question 4

OS Security Components

Answer 4

Log-on procedures
Access token
Access control list
Discretionary access privilege

Question 5

Threats to OS Integrity

Answer 5

Privileged personnel who abuse authority
Individuals who browse the OS to identify and exploit security flaws
Individuals who insert computer viruses or other destructive programs into the OS

Question 6

What are the four OS Controls?

Answer 6

Access privileges
Password control
Virus control
Audit trail control

Question 7

Name four typical password problems

Answer 7

The password is

1. Forgotten
2. Not changed frequently
3. Simple and easy to guess
4. Displayed where others can see them (Post-It Syndrome)

Question 8

Backdoor

Answer 8

A software program that allows access into an operating system without going through normal log-on procedures

Question 9

Types of malicious and destructive programs

Answer 9

Trojan Horse
Virus
Worm
Logic bomb

Question 10

What are the two types of audit logs

Answer 10

Keystroke monitoring

Event monitoring

Question 11

What are the three ways that audit trails support audit objectives

Answer 11

Detecting unauthorized access
Reconstructing events
Encourages personal accountability

Question 12

Computer network

Answer 12

Collection of computers and devices connected via communication devices and transmission media

Question 13

Intranet

Answer 13

A local or restricted communications network

Question 14

Internet

Answer 14

A global system of interconnected computer networks

Question 15

Extranet

Answer 15

A part of the intranet available on the internet

Question 16

What are the business risks associated with e-commerce?

Answer 16

IP Spoofing
Denial of Service (DOS) Attack
Equipment Failure

Question 17

What are the three network components

Answer 17

Communication lines

Hardware components Software

Question 18

Network Paradox

Answer 18

Networks exist to provide user access to shared resources, yet the
most important objective is to control such access

Question 19

Methods to avoid data collision

Answer 19

Polling
Token passing
Carrier sensing

Question 20

Four ways to control risks from subversive threats

Answer 20

Firewalls
Deep packet inspection
Encryption
Message control techniques

Question 21

What are the two general types of firewalls

Answer 21

Application level

Network level

Question 22

What are the benefits of Electronic Data Interchange (EDI)?

Answer 22

Data Keying (or Encoding)
Error reduction
Reduction of paper
Postage
Automated procedures
Inventory reduction

Question 23

EDI Controls

Answer 23

Transaction authorization and validation
Access control
EDI audit trail