Академический Документы
Профессиональный Документы
Культура Документы
Review Questions
2. What are the three main tasks the operating system performs?
Response:
a. Translates high-level languages into the machine-level language the computer
can execute.
b. Allocates computer resources to users.
c. Manages the tasks of job scheduling and multiprogramming.
4. What are the four techniques that a virus could use to infect a system?
Response: The virus program can attach itself to
a. an .EXE or .COM file,
b. an OVL (overlay) program file,
c. the boot sector of a disk, or
d. a device driver program.
26. Networks would be inoperable without protocols. Explain their importance and
what functions they perform.
Response: Network protocols are the rules and standards governing the design of
hardware and software that permit users of networks manufactured by different vendors
to communicate and share data. Without protocols, data transmission between two
incompatible systems would be impossible. Protocols facilitate the physical connection
between the network devices. Protocols also synchronize the transfer of data between
physical devices. They provide a basis for error checking and measuring network
performance. They promote compatibility among network devices. Lastly, they promote
network designs that are flexible, expandable, and cost-effective.
31. What is a certification authority, and what are the implications for the
accounting profession?
Response: A certification authority is an independent and trusted third party
empowered with responsibility to vouch for the identity of organizations and individuals
engaging in Internet commerce. The question then becomes, who vouches for the CA?
How does one know that the CA who awarded a seal of authenticity to an individual is
itself reputable and was meticulous in establishing his or her identity? These questions
hold specific implication for the accounting profession. Since they enjoy a high degree
of public confidence, public accounting firms are natural candidates for certification
authorities.
Discussion Questions
7. Explain the three ways in which audit trails can be used to support security objectives.
Response: Audit trails can be used to support security objectives in three ways:
i. detecting unauthorized access to the system,
ii. reconstructing events, and
iii. promoting personal accountability.
12. Explain how smurf attacks and SYN flood attacks can be controlled.
Response: In the case of a smurf attack, the targeted organization can program their
firewall to ignore all communication from the attacking site, once the attackers IP address
is determined. In the case of SYN Flood, two things can be done:
i. Internet hosts can program their firewalls to block outbound message packets that
contain invalid internal IP addresses.
ii. Security software can scan for half-open connections that have not been followed
by an ACK packet. The clogged ports can then be restored to allow legitimate
connections to use them.
13. Discuss the risks from equipment failure and how they can be controlled.
Response:
Risks: Transmissions between senders and receivers can be disrupted, destroyed,
or corrupted by equipment failures in the communications system. Equipment failure can
also result in the loss of databases and programs stored on the network server. The most
common problem in data communications is data loss due to line error. The bit structure
of the message can be corrupted through noise on the communications lines. Noise is
comprised of random signals that can interfere with the message signal when they reach a
certain level.
Controls:
i. Echo Check. The echo check involves the receiver of the message returning the
message to the sender. The sender compares the returned message with a stored copy of
the original. If there is a discrepancy between the returned message and the original,
suggesting a transmission error, the message is retransmitted.
ii. Parity Check. The parity check incorporates an extra bit (the parity bit) into the
structure of a bit string when it is created or transmitted. The value of the parity bit (1 or
0) is determined by the bit value of the character being transmitted. Parity can be both
vertical and horizontal (longitudinal). When the message is received, the parity is
checked again. A discrepancy in the parity bit value that is recalculated at the receiving
end indicates that a bit value in the character was changed during transmission.
iii. Network Backup. Data backup in networks is accomplished in several
different ways depending on the network’s complexity.
14. Does every organization that has a LAN have need a firewall?
Response: Firewalls can provide protection against unauthorized access by both
internal and external intruders depending on the type of firewall. An organization with a
LAN with NO connections to ANY external networks may be safe without firewalls, but
some sort of network security is necessary for multiple users.
15. Describe three ways in which IPS can be used to protect against DDos attacks.
Response:
i. IPS can work inline with a firewall at the perimeter of the network to act as a
filer that removes malicious packets from the flow before they can affect servers and
networks.
ii. IPS may be used behind the firewall to protect specific network segments and
servers.
iii. IPS can be employed to protect an organization from becoming part of a
botnet by inspecting outbound packets and blocking malicious traffic before it reaches the
Internet.
18. Explain the triple-DES encryption techniques known as EEE3 and EDE3.
Response: EEE3 uses three different keys to encrypt the message three times.
EDE3 uses one key to encrypt the message. A second key is used to decode it. The
resulting message is garbled because the key used for decoding is different from the one
that encrypted it. Finally, a third key is used to encrypt the garbled message. The use of
multiple keys greatly reduces the chances of breaking the cipher. Triple DES encryption
is thought to be very secure and is used by major banks to transmit transactions.
Unfortunately, it is also very slow.
32. Differentiate between a LAN and a WAN. Do you have either or both at your
university or college?
Response: The primary difference between LANs and WANs is the geographic
area coverage. LANs are typically confined to a single room, floor, or building. WANs
are used to connect various LANs and computing centers that are geographically
dispersed across distances that range from less than a mile to transcontinental.
Multiple-Choice Questions
1. B
2. A
3. A
4. C
5. A
6. A
7. C
8. C
9. B
10. D
11. B
Problems
1. Operating System and Network Control
Required: Describe a well-controlled system in terms of access controls for a
major insurance company that equips each salesperson with a laptop.
Response: The company needs to make sure that the following items are included
in its system design:
Data encryption techniques for the sending of sensitive data from one file to another over
the LAN.
Access controls for files on the home computer.
Access controls for data on hard drives of the personal computers.
Back-up policy and procedures for data on the home computer and the PC’s.
Virus Protection for the home computer and for the PC’s.
6. Preventive Controls
Required: For each scenario, discuss the possible damages that can occur.
Suggest a preventive control.
Responses:
a. The intruder can then withdraw money from the ATM cardholder accounts. (This
actually happened in California; the intruder was a systems consultant who had helped to
set up the communication system.) Digital encoding of data with the algorithm being
changed periodically, especially after the systems consultants have completed their jobs,
and the system is in use.
b. Noise on the line may be causing line errors, which can result in data loss. Echo
checks and parity checks can help to detect and correct such errors.
c. If data is being lost, echo checks and parity checks should also help; however, the
problem may be that an intruder is intercepting messages and tampering with them.
Message sequence numbering will help to determine if messages are being lost, and if
they are perhaps a request-response technique should be implemented that makes it
difficult for intruders to circumvent.
d. If messages are being delayed, an important customer order or other information
could be missed. As in item c, message sequence numbering and request-response
techniques should be used.
e. Messages altered by intruders can have a very negative impact on customer-
supplier relations if orders are being altered. In this case, data encryption is necessary to
prevent the intruder from reading and modifying the data. Also, a message sequence
numbering technique is necessary to make sure the message is not deleted.
b. The exposure in this situation is that user IDs and passwords residing in main
memory will be dumped and used to gain unauthorized access to the system. One method
would be to configure the operating system so that in the case of a failure, the contents of
main memory is to be dumped to a disk file only. Further, a password, or maybe a
combination of passwords, should be necessary to retrieve the data from the disk.
c. Employees that have been terminated should also have their passwords expired
immediately. The network should require a password to log on.
d. The potential exposure is that data and/or application programs may ultimately
be lost if the virus is not caught before it causes damage. Antivirus software should be
placed onto the network server to prevent any files from being uploaded before they are
checked for viruses. Also, an antiviral program should examine the network server to
detect any viruses.
8. Encryption
Required: Determine the key used to produce the coded message and decode it.
Response: Key = +3, Decoded message:
LETS DO JULIUS ON MONDAY MARCH 15
DRESS: TOGA CASUAL (Bring Your Own Dagger)
10. Encryption
Response: Answers will vary among the class. This is a fun assignment that
results in interesting coding schemes.