Chapter questions for Unit 4 Outcome 2 SAC
Chapter 1: An overview of the problem-solving methodology
Context questions
1. What is the difference between a goal and an objective?
Goals are statement s that describe a (potentially) furfure state or principle organisation srives to uphold or achieve. Whereas, objectives support the goals by providing some targets with measurable results. They are often quantifiable statements that expand upon the goals of an organisation in a way that allows them to be assessed.
2. What is the purpose of a mission statement?
Is a statement of the ultimate goals of the organisation. It describes the core purpose of the organisation.
3. What are the four components of an information system? Five? PPED.
1. People.
2. Procedures.
3. Equipment.
4. Data.
Chapter 2: Data and networks questions 1-10
Context Questions
1. Why is a kilobyte equal to 1024 bytes and not 1000 bytes?
A computer is based on the binary system. That means hard drives and memory are measured in power of 2. For example, 210 = 1024.
2. What does NIC stand for?
Network Interface Card.
3. What is it about the way that a switch works that reduces the number of collisions compared to the way a hub works?
A switch tries to minimise this problem by forwarding the data to the port that requires it. A switch can filter packets of data and intelligently places data packets only on the ports to which they are addressed.
4. Define the term ‘bandwidth’.
A range of frequencies with a given band, in particular that used for transmitting a signal.
5. Why is network speed measured in bits per second rather than bytes per second?
Bits Per second is a more accurate measurement for the data connection. Bytes Per Second is 8x less accurate. Network connections transmit one bit at a time, so that’s the most natural unit to use.
6. What is a protocol?
Is a convention or a standard that controls or enables the connection, communication and data transfer between computers on a network. It contains rules that govern the syntax, semantics and synchronisation of communication.
7. TCP/IP consists of two protocols. What do each of these do?
TCP (Transport Control Protocol) is used to divide data that needs to be transmitted into a number of packets, each with a sequence of number. The TCP protocol at the destination address assembles the data and notifies the sender if any packets are not received within a certain time (‘timeout’). IP (Internet Protocol) defines how the data is sent between network nodes.
8. Why is not possible to transfer a file at the maximum bandwidth measure of a Wi-Fi protocol?
The reason for this is that there is traffic on the network such a RTS/CTS packets that take up bandwidth. Interference can also play a part.
9. How is an IP address formatted?
An IP address is a 32-bit numeric address consisting of four bytes separated by a period. Each number can be zero to 255. For example. 255.255.255.255.
10. What is the main advantage of using a VPN?
Is encrypted security. In connecting to a VPN, the client and the server will exchange encryption keys to ensure that the communication is totally secure.
Chapter 11: Protecting the integrity of data
Context Questions
1. What the difference between a worm and a Trojan?
A worm is a program that rapidly replicates itself through a network without the need of user assistance.
A Trojan is a virus that is disguised as another software package that performs a different (although not always legitimate) purpose.
A worm, as opposed to a virus, does not (usually) have a purpose other than the consumption of bandwidth.
2. What is a DDOS attack and how can it be prevented?
Overload web servers and cause them to be unusable.
Ways to prevent a DDOS attack:
User names and password
Access logs and audit trails
Access restrictions
Anti-virese and anti-spyware
Set up good firewalls
Change IP addresses
Take the website off-line
Extend your bandwidth
Router drop junk packets
Protect DNS server:
Block ICMP
Transport Layer Security (TLS)
Secure Sockets Layer (SSL)
Block UDP port 53.
3. What is the process known as ‘packet sniffing’?
Essentially, data gets broken up into frames these are collectively know as packets as these packets a transmitted from one node to another, somewhere along the line someone might want to inspect that data or capture any data, password over the local network and look for any information that may be useful, this is known as ‘packet sniffing’.
4. What is encryption and what does the simplest form of this involve?
Encryption is the process of encoding information so that it is unreadable. The original information is known as ‘plaintext’ and the encoded information is known as ‘ciphertext.’
5. What is the difference between logical security and physical security?
Logical security protects computer software by discouraging user excess by implementing user identifications, passwords, authentication, biometrics and smart cars.
Physical security prevents and discourages attackers from entering a building by installing fences, alarms, cameras, security guards and dogs, electronic access control, intrusion detection and administration access controls.
The different between logical security and physical security is logical security protects access to computer systems physical security protects the site and everything located within the site.
6. What does a complex password typically consist of?
Combination of upper and lower case characters, including at least one number and one special character (such as an exclamation mark, comma, hash or dollar sign.).
7. When discussing physical security measures, what are barrier techniques?
Barrier technique describes the control of access to an organisation through the use of barriers.
8. What do biometric devices measure?
Biometrics devices identify individuals based on unique identifiers of a physical or behavioural nature. For example, a fingerprint.
9. When an attack occurs on an organisation, what information can be gained and how?
Data can be ascertained allowing for sensitive information to be viewed by unauthorised users. This can be done by releasing a DDOS attack.
10. What is penetration testing and who is it carried out by?
Penetrating testing is the process of testing your applications for vulnerabilities, and answering a simple question: “What could a hacker do to harm my application, or organisation, out in the real world? An effective penetration test will usually involve a skilled hacker, or team of hackers.
Chapter 8: Of input and output
Context questions
1. Why is it important to use a file naming convention?
Naming files consistently, logically and predictable way will distinguish similar record from one another at a glance, by doing so will facilitate the storage and retrieval of data. Through consistency and the application of logical standards will benefit from secure storage, and the abilities to locate and access information.
2. Why is it important for two software packages that are going to be exchanging data via text files, to use the same delimiter?
If the data is going to be passed between software packages, the choice of delimeter is obviously very important. By doing so files can be exported from one program into another.
3. List the three types of backup procedure.
Full backup, differential backup, and incremental back up.
4. Company A is using a differential backup procedure and company B is using an incremental backup procedure. Both companies have the need to restore their backups due to a catastrophic loss of data. Which company will have their backup restored quicker and why?
It depends on how large the differential backup is. If it is still relatively, then it will be faster than the incremental backup, but if it is large then an incremental backup will be much faster.
5. Why is it important to have at least one backup store off site?
To protect against data loss in the cost of a large scale acciedent on site, such as a fire, electrical disturbance or explosion.
6. How often should a backup be performed?
Backups should be regularly performed as often as possible, once a day at least and at the end of a working day, or after a major change.
7. Explain what the term ‘Garbage in, Garbage Out.’
If 'garbage' information has been inputted into a program, garbage will be outputted from the program also. It stresses the fact that you need validation in your software. It stresses the fact that you need validation in your software.
8. Describe ways in which a well designed user interface can minimise the amount of validation code that is required.
There are less chances of error if the choices a user can make are limited.
9. Explain why it is logical to perform an existence check before a type check.
There is no point checking what type is in the input if there isn’t anything at all. Programs may interpret a blank field as 0 resulting in GIGO or it could cause an error. To avoid this an existence check is necessary.
10. Suggest a suitable range check that could be used on a person’s birth date.
Day: numbers 1-31, month: 1-12, year: possibly 100 years.
Chapter 10: The law in a software development context
Context Questions
1. Do all private companies or organisations need to follow the Privacy Act?
No. The Privacy Act is mandatory for Government organisations (or those working under a Government contract), organisations with a turnover of more than 3 million dollars per year, organisations that distribute or sell personal information.
2. Under what circumstances is a private company exempt from adhering to the Privacy Act?
Businesses that have a turn over of less than 3 million dollars a year and do not store medical information or distribute or sell personal data.
3. What changes were made with the instructions to the amendments to the Privacy Act 1988?
Combined the 11 Information Privacy Principles and 10 National Privacy Principles into the 13 Australian Privacy Principles which serve as the base line for the privacy legislation.
4. If an organisation shares your personal information with a company overseas (with your permission) and the company breaches one of the APPs, is the original organisation liable? Explain.
If the overseas recipient breaches the APPs in any way, the organisation could be help accountable as if they themselves have breached the privacy laws.
5. What rights does the author of a work have?
The author of a work is immediately the copyright owner of the work. The owner has the tight to choose when and how the work will be distributed, published or otherwise communicated. Also they gave the right to incorporate any sort of technological protection devices to protect the work. This is done so in accordance with Creative Commons.
6. Under what circumstances can medical providers share your personal information without your permissions?
Personal information can be distributed with other organisations for the purpose of research and planning as long as the information is de-identified. Also, when a patient has a specific infectious disease such as STDs.
7. How much of a copyrighted work can be copied without the permission of the author?
10% or one chapter of the work (whichever is greater).
8. If a company sends a single email to a person whose email address they have found on a website, is this considered to be spam? Explain your reasoning.
Yes, it is, a single unsolicited commercial email is considered to be spam.
9. How does the Charter of Human Rights and Responsibilities Act overlap or support the Privacy Act?
They both protect a person’s privacy.
10. What is the relationship between Open Source Software and Creative Commons?
OSS is often protected by CC.
Home
Help
Search
Login
