CS507 Current Spring 2011 Final Term VU Paper [July 2011] Virtual University of Pakistan
Monday, July 18, 2011 Posted In .Final Term Exam Spring 2011 (July) Edit This
CS507 Current Spring 2011 Final Term VU Paper [July 2011] Virtual University of Pakistan
dentify the rules that DFD as an analytical tool follows that helps in achieving the level of standardization? (marks2)
Ans: Rules for DFD’s
The DFD as an analytical tool follows certain rules. These rules help in achieving the level of
standardization.
• There should be no black holes, gray holes, miracles.
• Do not leave things unlabeled
• the DFD should not include data flows that are unassociated with the process.
Why is the production subsystem said to be the most critical part of the entire manufacturing subsystem? (Marks 2)
Ans: Production Sub System
It can be seen as the most critical part of the entire manufacturing sub system. Basically it tracks the flow of
the job through the entire production process. It also records change in form of goods or transfer of goods
from one place to the other.
Example
Consider a manufacturing entity working with three processing departments and one assembly department.
As raw materials pass through the processes, the sub system records the relevant information at specific
points or locations until the finished goods are transferred to stock room.
What do you mean by hackers? (Marks 2)
Answer: hackers are smart programmers who attempts to invade the privacy of the system
Why risk management is core line of this entire information system audit? ( marks2)
How virus and worn can be transmitted into computer? Identify any three sources? (3)
Answer: Virus or worms are transmitted easily from the internet by downloading files to computers web browsers. Other methods of infection occur from files received though online services, computer bulletin board systems, local area networks. Viruses can be placed in various programs, for instance
1. Free Software – software downloaded from the net
2. Pirated software – cheaper than original versions
3. Games software – wide appeal and high chances
4. Email attachments – quick to spread
5. Portable hard and flash drives – employees take disks home and may work on their own personal PC, which have not been cleaned or have suitable anti-viruses installed on them.
List down the component of an IDS? Marks 3
Components of IDS
An IDS comprises on the following:
• Sensors that is responsible for collecting data. The data can be in the form of network packets, log files, system call traces, etc.
• Analyzers that receive input from sensors and determines intrusive activity.• An administration console
• A user interface.
Briefly discuses risk determination? (marks 3)
Ans:
Risk Determination/Exposure Analysis this phase relates to analyzing how much the information assets are exposed to various threats identified and thus quantifying the loss caused to the asset through this threat. This phase relates to analysis of both physical and logical threats and comprises of four steps. Four steps are usually followed while analyzing the exposure.
What is reusable software? (marks3)
Explain reliability with the help of an example? (3)
Write a note on active attacks? (5)
What is the importance of computer security system in aviation industry? (5)
Classify E-Commerce into different classes. identify any five classes? (5)
The most prevalent of E-Commerce models can be classified as under:
1. Business to Consumer (B2C)
2. Business to Business (B2B),
3. Business to Employee (B2E),
4. Consumer to Consumer (C2C) and
5. E-Government
• Government to Citizens/Customers (G2C)
• Government to Business (G2B)
• Government to Government (G2G
dentify the rules that DFD as an analytical tool follows that helps in achieving the level of standardization? (marks2)
Ans: Rules for DFD’s
The DFD as an analytical tool follows certain rules. These rules help in achieving the level of
standardization.
• There should be no black holes, gray holes, miracles.
• Do not leave things unlabeled
• the DFD should not include data flows that are unassociated with the process.
Why is the production subsystem said to be the most critical part of the entire manufacturing subsystem? (Marks 2)
Ans: Production Sub System
It can be seen as the most critical part of the entire manufacturing sub system. Basically it tracks the flow of
the job through the entire production process. It also records change in form of goods or transfer of goods
from one place to the other.
Example
Consider a manufacturing entity working with three processing departments and one assembly department.
As raw materials pass through the processes, the sub system records the relevant information at specific
points or locations until the finished goods are transferred to stock room.
What do you mean by hackers? (Marks 2)
Answer: hackers are smart programmers who attempts to invade the privacy of the system
Why risk management is core line of this entire information system audit? ( marks2)
How virus and worn can be transmitted into computer? Identify any three sources? (3)
Answer: Virus or worms are transmitted easily from the internet by downloading files to computers web browsers. Other methods of infection occur from files received though online services, computer bulletin board systems, local area networks. Viruses can be placed in various programs, for instance
1. Free Software – software downloaded from the net
2. Pirated software – cheaper than original versions
3. Games software – wide appeal and high chances
4. Email attachments – quick to spread
5. Portable hard and flash drives – employees take disks home and may work on their own personal PC, which have not been cleaned or have suitable anti-viruses installed on them.
List down the component of an IDS? Marks 3
Components of IDS
An IDS comprises on the following:
• Sensors that is responsible for collecting data. The data can be in the form of network packets, log files, system call traces, etc.
• Analyzers that receive input from sensors and determines intrusive activity.• An administration console
• A user interface.
Briefly discuses risk determination? (marks 3)
Ans:
Risk Determination/Exposure Analysis this phase relates to analyzing how much the information assets are exposed to various threats identified and thus quantifying the loss caused to the asset through this threat. This phase relates to analysis of both physical and logical threats and comprises of four steps. Four steps are usually followed while analyzing the exposure.
What is reusable software? (marks3)
Explain reliability with the help of an example? (3)
Write a note on active attacks? (5)
What is the importance of computer security system in aviation industry? (5)
Classify E-Commerce into different classes. identify any five classes? (5)
The most prevalent of E-Commerce models can be classified as under:
1. Business to Consumer (B2C)
2. Business to Business (B2B),
3. Business to Employee (B2E),
4. Consumer to Consumer (C2C) and
5. E-Government
• Government to Citizens/Customers (G2C)
• Government to Business (G2B)
• Government to Government (G2G
