this is my CS507 paper
Define centralized processing 2 marks:
Answer:
Centralized Processing is performed in one computer or in a cluster of coupled computers in a single location. Centralized processing was the architecture that evolved from the very first computers; however, user access was via dumb terminals that performed noneof the primary processing. Today, centralized computers are still widely used, but the terminals are mostly full-featured desktop computers.
Answer:
Centralized Processing is performed in one computer or in a cluster of coupled computers in a single location. Centralized processing was the architecture that evolved from the very first computers; however, user access was via dumb terminals that performed noneof the primary processing. Today, centralized computers are still widely used, but the terminals are mostly full-featured desktop computers.
2. List any two types of
information that can be used as input for vulnerability.(Marks:2)
Answer:
Following information is used as an input
2. Any audit comments
3. Security requirements
Answer:
Following information is used as an input
2. Any audit comments
3. Security requirements
3. Identify components of
Intrusion detection system ? ( M a r k s: 2 )
Answer:
: Components of IDS
An IDS comprises on the following:
• Sensors that are responsible for collecting data. The data can be in the form of network
packets, log files, system call traces, etc.
• Analyzers that receive input from sensors and determines intrusive activity.
• An administration: it contains intrusion definitions applied by the analyzers.
• A user interface
Answer:
: Components of IDS
An IDS comprises on the following:
• Sensors that are responsible for collecting data. The data can be in the form of network
packets, log files, system call traces, etc.
• Analyzers that receive input from sensors and determines intrusive activity.
• An administration: it contains intrusion definitions applied by the analyzers.
• A user interface
4. Entity Relationship
Diagram Double ellipses 2 marks
represents multivalued
attributes
represents multivalued
attributes
5. Define E_Learning? 3
marks
E-Learning is the online delivery of information for purposes of
education, training, knowledge management, or performance
management. It is a web - enabled system that makes knowledge
accessible to those who need it, when they need it – anytime,
6. Advantage of OOAD Reusable Software – 3 marks
The software developed using object oriented approach can be
easily reused due to independence/uniqueness of the objects i.e. an independent
accounting module built in object oriented environment can be made a part of a complete ERP solution without developing it again from scratch for ERP
7. What is the necessary information needed to begin impact analysis? ( M a r k s: 3 )
Answer:
: Before beginning the impact analysis, it is necessary to obtain the following necessary
information.
• System mission
• System and data criticality
• System and data sensitivity
E-Learning is the online delivery of information for purposes of
education, training, knowledge management, or performance
management. It is a web - enabled system that makes knowledge
accessible to those who need it, when they need it – anytime,
6. Advantage of OOAD Reusable Software – 3 marks
The software developed using object oriented approach can be
easily reused due to independence/uniqueness of the objects i.e. an independent
accounting module built in object oriented environment can be made a part of a complete ERP solution without developing it again from scratch for ERP
7. What is the necessary information needed to begin impact analysis? ( M a r k s: 3 )
Answer:
: Before beginning the impact analysis, it is necessary to obtain the following necessary
information.
• System mission
• System and data criticality
• System and data sensitivity
8. How can we make our
password secure( Marks: 3 )
Answer:
Best Password practices
• Keep the password secret – do not reveal it to anyone
• Do not write it down – if it is complex, people prefer to save it in their cell phone memory,
or write on a piece of paper, both of these are not preferred practices.
• Changing password regularly – Passwords should be associated with users not machines.
Password generation program can also be used for this purpose.
• Be discreet – it is easy for the onlookers to see which keys are being used, care should be
taken while entering the password.
• Do not use obvious password – best approach is to use a combination of letters, numbers,
upper case and lower case. Change passes word immediately if you suspect that anyone else knows it.
Answer:
Best Password practices
• Keep the password secret – do not reveal it to anyone
• Do not write it down – if it is complex, people prefer to save it in their cell phone memory,
or write on a piece of paper, both of these are not preferred practices.
• Changing password regularly – Passwords should be associated with users not machines.
Password generation program can also be used for this purpose.
• Be discreet – it is easy for the onlookers to see which keys are being used, care should be
taken while entering the password.
• Do not use obvious password – best approach is to use a combination of letters, numbers,
upper case and lower case. Change passes word immediately if you suspect that anyone else knows it.
9. how will u incorporate
SDLC in risk management n write the phases of risk managment ?5
Incorporating Risk management in SDLC
For each phase of SDLC, the process of risk management is no different. Rather it is iterative process which can be performed at each major phase. Every step of development has its own risks which need to be handled and addressed separately. Hence managing risk in SDLC means managing risk of each phase of life cycle.
36.1 Phases of Risk Management
Following are various phases of SDLC
• System Characterization
• Threat Identification
• Vulnerability Identification
• Control Analysis
• Likelihood Determination
• Impact Analysis
• Risk Identification
• Control Recommendation
• Results Documentation
• Implementation
• Monitoring
Incorporating Risk management in SDLC
For each phase of SDLC, the process of risk management is no different. Rather it is iterative process which can be performed at each major phase. Every step of development has its own risks which need to be handled and addressed separately. Hence managing risk in SDLC means managing risk of each phase of life cycle.
36.1 Phases of Risk Management
Following are various phases of SDLC
• System Characterization
• Threat Identification
• Vulnerability Identification
• Control Analysis
• Likelihood Determination
• Impact Analysis
• Risk Identification
• Control Recommendation
• Results Documentation
• Implementation
• Monitoring
10. List any five reasons that attract
organizations to ERP? ( Marks: 5 )
Answer:
1. Planning the operations
2. Integrated customer related information – order tracking with customer database, inventory
and shipment at different locations.
3. Standardized HR information – A company with multiple business units will require a
comprehensive and all-encompassing method of locating employees and communicating with
them.
4. Integrated financial information and analysis.
5. Monitoring the operations including those of sub-vendors and manufacturers
11. conceptual Q about threat 5 marks
12. BHOOL GAI..
Answer:
1. Planning the operations
2. Integrated customer related information – order tracking with customer database, inventory
and shipment at different locations.
3. Standardized HR information – A company with multiple business units will require a
comprehensive and all-encompassing method of locating employees and communicating with
them.
4. Integrated financial information and analysis.
5. Monitoring the operations including those of sub-vendors and manufacturers
11. conceptual Q about threat 5 marks
12. BHOOL GAI..
Comments
Post a Comment
Please give us your feedback & help us to improve this site.