You are on page 1of 86

AUDIT OF OPERATING

SYSTEMS, NETWORKS,
EDI, & PC-BASED

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

OPERATING SYSTEMS

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

OPERATING SYSTEMS

Perform three main tasks:


translates high-level languages
into the machine-level language
Compilers & Interpreters

allocates computer resources to


user applications
manages the tasks of job
scheduling and
multiprogramming

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

OS 5 FUNDAMENTAL CONTROL
OBJECTIVES (PRO3-BE2)

The OS must protect itself from


users.
The OS must protect users from each
other.
The OS must protect users from
themselves.
The OS must be protected from itself.
The OS must be protected from its
environment.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

OPERATING SYSTEMS SECURITY (DALA)


Discretionary Access Control
allows user to grant access to another user

Access Token
contains key information about the user

Log-On Procedure
first line of defense user IDs and passwords

Access Control List


defines access privileges of users

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

OPERATING SYSTEMS CONTROLS


Access Privileges

Audit objectives: verify that access

privileges are consistent with separation of


incompatible functions and organization
policies
Audit procedures: review or verify

policies for separating incompatible functions


a sample of user privileges, especially access to
data and programs
security clearance checks of privileged employees
formal acknowledgements to maintain
confidentiality of data
users log-on times

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

THREATS TO OS INTEGRITY

Accidental threats hardware


failures; errors in users
application programs
Intentional threats attempts
to illegally access data or
violate user privacy for
financial gain
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

OPERATING SYSTEMS CONTROLS


Password Control

(Re-usable & One

Time)
Audit objectives:

ensure adequacy and


effectiveness of password policies for
controlling access to the operating system
Audit procedures: review or verify

passwords required for all users


password instructions for new users
passwords changed regularly
password file for weak passwords
encryption of password file
password standards
account lockout policies

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

OPERATING SYSTEMS CONTROLS


Malicious & Destructive Programs

Audit objectives: verify effectiveness of

procedures to protect against programs such


as viruses, worms, back doors, logic
bombs, and Trojan horses
Audit procedures: review or verify
training of operations personnel concerning
destructive programs
testing of new software prior to being implemented
currency of antiviral software and frequency of
upgrades

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

EXAMPLES OF MALICIOUS PROGRAMS


Virus - attaches itself to a legitimate program to
penetrate the OS
Worm burrows into computers memory and
replicates itself into areas of idle memory
Logic bomb event trigger
Back door/trap door unauthorized access to a
system w/out going through the normal log-on
procedures
Trojan horse captures IDs and passwords;
designed to mimic the normal log-on procedures
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

10

OPERATING SYSTEM CONTROLS


Audit Trail Controls

Audit objectives: used to (1) detect


unauthorized access, (2) facilitate event
reconstruction, and/or (3) promote
accountability
Audit procedures: review or verify
how long audit trails have been in place
archived log files for key indicators
monitoring and reporting of security violations

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

11

The operating system performs all of the


following tasks except
A. translates third-generation languages into
machine language
B. assigns memory to applications
C. authorizes user access
D. schedules job processing

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

12

All of the following are objectives of


operating system control except
A. protecting the OS from users
B. protecting users from each other
C. protecting users from themselves
D.protecting the environment from
user
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

13

Passwords are secret codes that users enter to


gain access to systems. Security can be
compromised by all of the following except
A. failure to change passwords on a regular basis
B. using obscure passwords unknown to others
C. recording passwords in obvious places
D. selecting passwords that can be easily detected
by computer criminals

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

14

Audit trails cannot be used to


A. detect unauthorized access to
systems
B. facilitate reconstruction of events
C. reduce the need for other forms of
security
D.promote personal accountability
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

15

TRUE OR FALSE
A formal log-on procedure is the operating
systems last line of defense against
unauthorized access.
Operating system controls are of interest to
system professionals but should not concern
accountants and auditors.
Operating system integrity is not of concern
to accountants because only hardware risks
are involved.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

16

REVIEW QUESTION?
What are the three security objectives of audit
trails? Explain.
By detecting unauthorized access to the system, the
audit trail protects the system from outsiders trying to
breach system controls. By monitoring system
performance, changes in the system may be detected.
The audit trail can also contribute to reconstructing
events such as system failures, security breaches, and
processing errors.
In addition, the ability to monitor user activity can
support increased personal accountability.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

17

REVIEW QUESTION?
What is an operating system? What does it do? What are operating system
control objectives?
An operating system is a computers control program. It controls user sharing of
applications and resources such as processors, memory, databases, and
peripherals such as printers. Common PC operating systems include Windows
2000, Windows NT, and Linux.
An operating system carries out three primary functions: translating high level
languages into machine language using modules called compilers and
interpreters; allocating computer resources to users, workgroups, and
applications; and managing job scheduling and multiprogramming.
Operating systems have five basic control objectives:
1. to protect itself from users,
2. to protect users from each other,
3. to protect users from themselves,
4. to protect it from itself, and
5. to protect itself from its environment.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

18

NETWORKS

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

19

INTERNET AND INTRANET RISKS


The communications component is a unique
aspect of computer networks:
different than processing (applications) or data
storage (databases)

Network topologies configurations of:


communications lines (twisted-pair wires, coaxial
cable, microwaves, fiber optics)
hardware components (modems, multiplexers,
servers, front-end processors)
software (protocols, network control systems)

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

20

INTRANET RISKS

Intercepting network messages


sniffing: interception of user IDs, passwords,
confidential e-mails, and financial data files

Accessing corporate databases


connections to central databases increase the risk
that data will be accessible by employees

Privileged employees
override privileges may allow unauthorized access to
mission-critical data

Reluctance to prosecute
fear of negative publicity leads to such reluctance but
encourages criminal behavior

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

21

INTERNET RISKS TO BUSINESSES


IP spoofing: masquerading to gain access to a
Web server and/or to perpetrate an unlawful
act without revealing ones identity
Denial of service (DOS) attacks: assaulting a
Web server to prevent it from servicing users
particularly devastating to business entities that
cannot receive and process business transactions
Syn-Flood Attack, Smurf Attack, Distributed DOS

Other malicious programs: viruses, worms,


logic bombs, and Trojan horses pose a threat
to both Internet and Intranet users

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

22

THREE COMMON TYPES OF DOS ATTACKS


SYN Flood when the three-way handshake needed
to establish an Internet connection occurs, the final
acknowledgement is not sent by the DOS
attacker, thereby tying-up the receiving server
while it waits.
Smurf the DOS attacker uses numerous
intermediary computer to flood the target computer
with test messages, pings.
Distributed DOS (DDOS) can take the form of Smurf
or SYN attacks, but distinguished by the vast number
of zombie computers hi-jacked to launch the
attacks.

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

23

RISKS FROM EQUIPMENT FAILURE

Include:
Disrupting, destroying, or
corrupting transmissions between
senders and receivers
Loss of databases and programs
stored on network servers

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

24

IC FOR EQUIPMENT FAILURE


Line errors are data errors from
communications noise.
Two techniques to detect and correct
such data errors are:
echo check - the receiver returns
the message to the sender
parity checks - an extra bit is added
onto each byte of data similar to
check digits
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

25

AUDITING PROCEDURES FOR EQUIPMENT


FAILURE

Using a sample of messages from


the transaction log:
examine them for garbled contents
caused by line noise
verify that all corrupted messages
were successfully retransmitted

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

26

IC FOR SUBVERSIVE THREATS

Firewalls provide security by channeling all


network connections through a control gateway.
It is a system that enforces access control
between two networks.
Network level firewalls

Low cost and low security access control


Do not explicitly authenticate outside users
Filter junk or improperly routed messages
Experienced hackers can easily penetrate the system

Application level firewalls

Customizable network security, but expensive


Sophisticated functions such as logging or user
authentication

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

27

DUAL-HOMED FIREWALL

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

28

ENCRYPTION
The conversion of data into a secret
code for storage and transmission
The sender uses an encryption algorithm
to convert the original cleartext message
into a coded ciphertext.
The receiver decodes / decrypts the
ciphertext back into cleartext.

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

29

IC FOR SUBVERSIVE THREATS


Digital signature electronic authentication
technique to ensure that
transmitted message originated with the
authorized sender
message was not tampered with after the
signature was applied
Digital certificate like an electronic
identification card used with a public key
encryption system
Verifies the authenticity of the message sender

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

30

IC FOR SUBVERSIVE THREATS


Message sequence numbering sequence
number used to detect missing messages
Message transaction log listing of all
incoming and outgoing messages to detect the
efforts of hackers
Request-response technique random
control messages are sent from the sender to
ensure messages are received
Call-back devices receiver calls the sender
back at a pre-authorized phone number before
transmission is completed

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

31

AUDITING PROCEDURES FOR SUBVERSIVE


THREATS
Review firewall effectiveness in terms of
flexibility, proxy services, filtering, segregation
of systems, audit tools, and probing for
weaknesses.
Review data encryption security procedures
Verify encryption by testing
Review message transaction logs
Test procedures for preventing unauthorized
calls

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

32

Which of the following is considered an


unintentional threat to the integrity of the
operating system?
A. a hacker gaining access to the system because
of a security flaw
B. a hardware flaw that causes the system to crash
C. a virus that formats the hard drive
D. the systems programmer accessing individual
user files

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

33

A software program that replicates itself in areas


of idle memory until the system fails is called
A. Trojan horse
B. Worm
C. logic bomb
D. none of the above

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

34

A software program that allows access to a


system without going through the normal logon
procedures is called a
A. Trojan horse
B. Worm
C. logic bomb
D. Backdoor

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

35

All of the following will reduce the exposure to


computer viruses except
A. install antivirus software
B. install factory-sealed application software
C. assign and control user passwords
D. install public-domain software from reputable
bulletin boards

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

36

Hackers can disguise their message packets to


look as if they came from an authorized user and
gain access to the hosts network using a
technique called
A. spoofing.
B. Spooling
C. dual-homed.
D. screening.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

37

Which is not a biometric device?


A. Password
B. retina prints
C. voice prints
D. signature characteristics

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

38

Which control will not reduce the likelihood of


data loss due to a line error?
A. echo check
B. Encryption
C. vertical parity bit
D. horizontal parity bit

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

39

Which method is most likely to detect


unauthorized access to the system?
A. message transaction log
B. data encryption standard
C. vertical parity check
D. request-response technique

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

40

TRUE OR FALSE
Disguising message packets to look as if
they came from another user and to gain
access to the hosts network is called
spooling.
Viruses rarely attach themselves to
executable files.
Firewalls are special materials used to
insulate computer facilities.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

41

ESSAY

What is a virus?
A virus is a program that
attaches itself to another
legitimate program in order to
penetrate the operating
system.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

42

ELECTRONIC DATA INTERCHANGE

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

43

ELECTRONIC DATA INTERCHANGE

Electronic data interchange (EDI) uses


computer-to-computer communications
technologies to automate B2B purchases.
Audit objectives:
1. Transactions are authorized, validated, and in
compliance with the trading partner agreement.
2. No unauthorized organizations can gain access to
database
3. Authorized trading partners have access only to
approved data.
4. Adequate controls are in place to ensure a complete
audit trail.

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

44

ADVANTAGES OF EDI (REDUCE)


Reduction or elimination of data
entry
Reduction of errors
Reduction of paper
Reduction of paper processing and
postage
Reduction of inventories (via JIT
systems)
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

45

EDI RISKS
Authorization
automated and absence of
human intervention
Access
need to access EDI partners files
Audit trail
paperless and transparent
(automatic) transactions
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

46

EDI CONTROLS
Authorization
use of passwords and value added
networks (VAN) to ensure valid partner
Access
software to specify what can be
accessed and at what level
Audit trail
control log records the transactions
flow through each phase of the
transaction processing

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

47

AUDITING PROCEDURES FOR EDI


Tests of Authorization and Validation
Controls
Review procedures for verifying trading partner
identification codes
Review agreements with VAN
Review trading partner files

Tests of Access Controls


Verify limited access to vendor and customer files
Verify limited access of vendors to database
Test EDI controls by simulation

Tests of Audit Trail Controls


Verify existence of transaction logs
Review a sample of transactions
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

48

In an electronic data interchange environment,


customers routinely
A. access the vendor's accounts receivable file
with read/write authority
B. access the vendor's price list file with read/write
authority
C. access the vendor's inventory file with read-only
authority
D. access the vendor's open purchase order file
with read-only authority
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

49

In an electronic data interchange environment,


the audit trail
A. is a printout of all incoming and outgoing
transactions
B. is an electronic log of all transactions received,
translated, and processed by the system
C. is a computer resource authority table
D. consists of pointers and indexes within the
database

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

50

Audit objectives in the electronic data


interchange (EDI) environment include all of the
following except
A. all EDI transactions are authorized
B. unauthorized trading partners cannot gain
access to database records
C. a complete audit trail of EDI transactions is
maintained
D. backup procedures are in place and functioning
properly
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

51

In an electronic data interchange (EDI)


environment, when the auditor compares the terms
of the trading partner agreement against the
access privileges stated in the database authority
table, the auditor is testing which audit objective?
A. all EDI transactions are authorized
B. unauthorized trading partners cannot gain access
to database records
C. authorized trading partners have access only to
approved data
D. a complete audit trail is maintained
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

52

WHAT IS EDI? HOW DOES ITS USE


AFFECT THE AUDIT TRAIL?

Electronic data interchange is an arrangement which links the


computer systems of two trading partners to expedite
sales/purchases. The buying companys purchasing
system creates and transmits a purchase order
electronically in an agreed format, either directly or
through a value-added network. The selling company
receives the information, and it is converted electronically into
a sales order.
The absence of paper documents in an EDI transaction
disrupts the traditional audit trail. This can be compensated
for through the use of transaction logs which can be
reconciled.

2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

53

PC-BASED ACCOUNTING SYSTEM

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

Hall, 3e

54

PERSONAL COMPUTER SYSTEMS


PC operating systems
PC systems risks & controls
In general:
Relatively simple to operate and program
Controlled and operated by end users
Interactive data processing vs. batch
Commercial applications vs. custom
Often used to access data on mainframe or
network
Allows users to develop their own applications

Operating Systems:
Are located on the PC (decentralized)
O/S family dictates applications (e.g.,
Windows)
2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

Hall, 3e

55

PERSONAL COMPUTER SYSTEMS


Risk of physical loss
Laptops
Risk of data loss
Easy for multiple users to access data
End user can steal, destroy,
manipulate
Inadequate backup procedures
Local backups on appropriate
medium
Dual hard drives on PC
External/removable hard drive on PC
2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

Hall, 3e

56

AUDIT OBJECTIVES: PERSONAL


COMPUTER SYSTEMS
Verify controls are in place to protect data, programs, and
computers from unauthorized access, manipulation,
destruction, and theft
Verify that adequate supervision and operating procedures
exist to compensate for lack of segregation between the
duties of users, programmers, and operators
Verify that backup procedures are in place to prevent data
and program loss due to system failures, errors
Verify that systems selection and acquisition procedures
produce applications that are high quality, and protected
from unauthorized changes
Verify the system is free from viruses and adequately
protected to minimize the risk of becoming infected with a
virus
similar
object
2011 Cengage
Learning.or
All Rights
Reserved. May
not be scanned, copied or
57
duplicated, or posted to a publicly accessible website, in whole or in part.

Hall, 3e

AUDIT PROCEDURES: PERSONAL


COMPUTER SYSTEMS
Verify that microcomputers and their files
are physically controlled
Verify from organizational charts, job
descriptions, and observation that the
programmers of applications performing
financially significant functions do not also
operate those systems.
Confirm that reports of processed
transactions, listings of updated accounts,
and control totals are prepared, distributed,
and reconciled by appropriate management
at regular and timely intervals.
2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

Hall, 3e

58

AUDIT PROCEDURES: PERSONAL


COMPUTER SYSTEMS
Determine that multilevel password control or
multifaceted access control is used to limit access to
data and applications, where applicable.
Verify that the drives are removed and stored in a
secure location when not in use, where applicable.
Verify that backup procedures are being followed.
Verify that application source code is physically
secured (such as in a locked safe) and that only the
compiled version is stored on the microcomputer.
Review systems selection and acquisition controls
Review virus control techniques.

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

Hall, 3e

59

ITEMS NEED TO BE FAMILIAR WITH:

Internet Technologies

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
Hall,or3e
duplicated, or posted to a publicly accessible website, in whole or in part.

60

INTERNET TECHNOLOGIES
Packet switching

messages are divided into small packets


each packet of the message takes a different routes

Virtual private network (VPN)

a private network within a public network

Extranets

a password controlled network for private users

World Wide Web

an Internet facility that links users locally and


globally

Internet addresses
e-mail address
URL address
IP address

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

61

PROTOCOL FUNCTIONS
facilitate the physical connection
between the network devices.
synchronize the transfer of data
between physical devices.
provide a basis for error checking and
measuring network performance.
promote compatibility among network
devices.
promote network designs that are
flexible, expandable, and cost-effective.
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

62

INTERNET PROTOCOLS
Transfer Control Protocol/Internet Protocol
(TCP/IP) - controls how individual packets of
data are formatted, transmitted, and received
Hypertext Transfer Protocol (HTTP) - controls
web browsers
File Transfer Protocol (FTP) - used to transfer
files across the internet
Simple Network Mail Protocol (SNMP) - email
Secure Sockets Layer (SSL) and Secure
Electronic Transmission (SET) - encryption
schemes

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

63

LOCAL AREA NETWORKS (LAN)


A federation of computers located close
together (on the same floor or in the same
building) linked together to share data and
hardware
The physical connection of workstations to the
LAN is achieved through a network interface
card (NIC) which fits into a PCs expansion slot
and contains the circuitry necessary for internode communications.
A server is used to store the network operating
system, application programs, and data to be
shared.
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

64

LAN

Files

File Server

Node
Node

LAN

Printer Server

Node

Printer
Node
2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
or
Hall, 3e
duplicated, or posted to a publicly accessible website, in whole or in part.

65

WIDE AREA NETWORK (WAN)


A WAN is a network that is dispersed over a
wider geographic area than a LAN. It typically
requires the use of:

gateways to connect different types


of LANs
bridges to connect same-type LANs
WANs may use common carrier facilities, such
as telephone lines, or they may use a Value
Added Network (VAN).

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

66

WAN
Bridge
LAN

LAN

Gateway
Gateway

LAN

WAN

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
or
Hall, 3e
duplicated, or posted to a publicly accessible website, in whole or in part.

67

STAR TOPOLOGY
A network of IPUs with a large central
computer (the host)
The host computer has direct
connections to smaller computers,
typically desktop or laptop PCs.
This topology is popular for
mainframe computing.
All communications must go through
the host computer, except for local
computing.
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

68

Star Network
St. Louis

Topeka
Local Data

Local Data

Kansas
City

Central Data

POS
POS

Tulsa

Dallas
Local Data

POS
Local Data
POS
POS
2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
or
Hall, 3e
duplicated, or posted to a publicly accessible website, in whole or in part.

69

HIERARCHICAL TOPOLOGY
A host computer is connected to several
levels of subordinate smaller computers
in a master-slave relationship.
Corporate
Level
Regional
Level

Production
Planning System

Production
Scheduling
System

Warehouse Warehouse
System
System

Regional
Sales System

Production
System

Production
System

Local
Level

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

Sales
Processing
System

Sales
Processing
System

Sales
Processing
System

70

RING TOPOLOGY
This configuration eliminates the
central site. All nodes in this
configuration are of equal status
(peers).
Responsibility for managing
communications is distributed among
the nodes.
Common resources that are shared by
all nodes can be centralized and
managed by a file server that is also a
node.
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

71

Ring Topology

Figure 12-10

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
or
Hall, 3e
duplicated, or posted to a publicly accessible website, in whole or in part.

72

BUS TOPOLOGY
The nodes are all connected to a
common cable - the bus.
Communications and file transfers
between workstations are
controlled by a server.
It is generally less costly to install
than a ring topology.

2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,


copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

73

Bus Topology

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
or
Hall, 3e
duplicated, or posted to a publicly accessible website, in whole or in part.

74

CLIENT-SERVER TOPOLOGY
This configuration distributes the
processing between the users (clients)
computer and the central file server.
Both types of computers are part of the
network, but each is assigned functions
that it best performs.
This approach reduces data
communications traffic, thus reducing
queues and increasing response time.
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

75

Client-Server Topology

2011 Cengage Learning. All Rights Reserved. May not be scanned, copied
or
Hall, 3e
duplicated, or posted to a publicly accessible website, in whole or in part.

76

NETWORK CONTROL OBJECTIVES


establish a communications session
between the sender and the receiver
manage the flow of data across the
network
detect errors in data caused by line
failure or signal degeneration
detect and resolve data collisions
between competing nodes
2011 Cengage Learning. All Rights Reserved. May not be scanned,Hall,
copied3e
or
duplicated, or posted to a publicly accessible website, in whole or in part.

77

An IP Address:
A. is the unique address that every computer node
and host attached to the Internet must have.
B. defines the path to a facility or file on the web.
C. is represented by a 64-bit data packet.
D. is the address of the protocol rules and
standards that governing the design of internet
hardware and software.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

78

Which of the following statements is correct?


TCP/IP
A. is the basic protocol that permits
communication between Internet sites.
B. controls Web browsers that access the WWW.
C. is the file format used to produce Web pages.
D. is a low-level encryption scheme used to secure
transmissions in HTTP format.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

79

FTP
A. is used to transfer text files, programs,
spreadsheets, and databases across the
Internet.
B. is the document format used to produce Web
pages.
C. controls Web browsers that access the Web.
D. is used to connect to Usenet groups on the
Internet

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

80

Which topology has a large central computer with


direct connections to a periphery of smaller
computers? Also in this topology, the central
computer manages and controls data
communications among the network nodes.
A. star topology
B. bus topology
C. ring topology
D. client/server topology

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

81

In a star topology, when the central site fails


A. individual workstations can function locally but
cannot communicate with other workstations
B. individual workstations can communicate with
each other
C. individual workstations cannot function locally
and cannot communicate with other
workstations
D. the functions of the central site are taken over
by a designated workstation
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

82

Which of the following statements is correct? The


client-server model
A. distributes both data and processing tasks to
the servers node.
B. is best suited to the token-ring topology
because the random-access method used by
this model detects data collisions.
C. is most effective used with a bus topology.
D. is more efficient than the bus or ring topologies.

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

83

A star topology is appropriate


A. for a wide area network with a mainframe for a
central computer
B. for centralized databases only
C. for environments where network nodes routinely
communicate with each other
D. when the central database does not have to be
concurrent with the nodes

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

84

In a ring topology
A. all nodes are of equal status; responsibility for
managing communications is distributed among
the nodes
B. the network consists of a central computer
which manages all communications between
nodes
C. has a host computer connected to several levels
of subordinate computers
D. information processing units rarely communicate
with each other
2011 Cengage Learning. All Rights Reserved. Hall,
May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

85

QUESTIONS???

2011 Cengage Learning. All Rights Reserved. Hall,


May not
3ebe scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part.

86