Professional Documents
Culture Documents
Hall 5e TB Ch12
Hall 5e TB Ch12
TRUE/FALSE
1. Because of network protocols, users of networks built by different manufacturers are able to
communicate and share data.
ANS: T
ANS: F
ANS: F
4. The phrase “.com” has become an Internet buzz word. It refers to a top-level domain name for
communications organizations.
ANS: F
ANS: F
6. The network paradox is that networks exist to provide user access to shared resources while one of its
most important objectives is to control access.
ANS: T
7. Business risk is the possibility of loss or injury that can reduce or eliminate an organization’s ability to
achieve its objectives.
ANS: T
ANS: T
9. The rules that make it possible for users of networks to communicate are called protocols.
ANS: T
10. A factor that contributes to computer crime is the reluctance of many organizations to prosecute
criminals for fear of negative publicity.
ANS: T
11. Cookies are files created by user computers and stored on Web servers.
ANS: F
12. Sniffing is the unauthorized transmitting of information across an Intranet.
ANS: F
APPENDIX QUESTION
13. The client-server model can only be applied to ring and star topologies.
ANS: F
14. The most popular topology for local area networks is the bus topology.
ANS: T
15. A network topology is the physical arrangement of the components of the network.
ANS: T
ANS: T
17. In a hierarchical topology, network nodes communicate with each other via a central host computer.
ANS: T
ANS: T
ANS: F
20. EDI is the inter-company exchange of computer processible business information in standard format.
ANS: T
MULTIPLE CHOICE
APPENDIX QUESTION
4. Which topology has a large central computer with direct connections to a periphery of smaller
computers? Also in this topology, the central computer manages and controls data communications
among the network nodes.
a. star topology
b. bus topology
c. ring topology
d. client/server topology
ANS: A
7. What do you call a system of computers that connects the internal users of an organization that is
distributed over a wide geographic area?
a. LAN
b. decentralized network
c. multidrop network
d. Intranet
ANS: D
8. Sniffer software is
a. software used by malicious Web sites to sniff data from cookies stored on the user’s hard
drive
b. used by network administrators to analyze network traffic
c. used by bus topology Intranets to sniff for a carrier before transmitting a message to avoid
data collisions
d. illegal programs downloaded from the Net to sniff passwords from the encrypted data of
Internet customers
ANS: B
9. In a ring topology
a. all nodes are of equal status
b. nodes manage private programs and databases locally
c. shared resources are managed by a file server which is a node on the ring
d. all of the above
ANS: D
13. Which method does not manage or control data collisions that might occur on a network?
a. multiplexing
b. polling
c. carrier sensing
d. token passing
ANS: A
15. All of the following are true about the Open System Interface (OSI) protocol except
a. within one node different layers communicate with other layers at that node
b. one protocol is developed and applied to all the OSI layers
c. specific layers are dedicated to hardware tasks and other layers are dedicated to software
tasks
d. layers at each node communicate logically with their counterpart layers across nodes
ANS: B
17. XBRL
a. is the basic protocol that permits communication between Internet sites.
b. controls Web browsers that access the Web.
c. is the document format used to produce Web pages.
d. was designed to provide the financial community with a standardized method for preparing
e. is a low-level encryption scheme used to secure transmissions in higher-level (HTTP)
format.
ANS: D
18. FTP
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level () format.
ANS: D
19. HTML
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet.
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level () format.
ANS: A
23. HTTP
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level () format.
ANS: B
25. NNTP
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level (HTTP)
format.
ANS: C
SHORT ANSWER
ANS:
Packet switching is a transmission whereby messages are divided into small packets. Individual
packets of the same message may take different routes to their destinations. Each packet contains
address and sequencing codes so they can be reassembled into the original complete message at the
receiving end.
2. What is an extranet?
ANS:
An extranet is a variant on Internet technology. This is a password-controlled network for private users
rather than the general public. Extranets are used to provide access between trading partner internal
databases.
3. What is a URL?
ANS:
A URL is the address that defines the path to a facility or file on the Web. URLs are typed into the
browser to access Web site homepages and individual Web pages, and can be embedded in Web pages
to provide hypertext links to other pages.
4. What is an IP address?
ANS:
Every computer node and host attached to the Internet must have a unique Internet protocol (IP)
address. For a message to be sent, the IP addresses of both the sending and the recipient nodes must be
provided.
5. What is spoofing?
ANS:
Spoofing is a form of masquerading to gain unauthorized access to a Web server to perpetrate an
unlawful act without revealing ones identity.
ANS:
The three types of addresses used on the Internet are: e-mail addresses of individuals, Web site (URL)
addresses of pages, and IP addresses of individual computers attached to the Internet.
7. What is XML?
ANS:
XML is a meta-language for describing markup languages. The term extensible means, that any
markup language can be created using XML. This includes the creation of markup languages capable
of storing data in relational form, where tags (formatting commands) are mapped to data values.
8. What is XBRL?
ANS:
XBRL (Extensible Business Reporting Language) is an XML-based language that was designed to
provide the financial community with a standardized method for preparing, publishing and
automatically exchanging financial information, including financial statements of publicly held
companies.
10. Explain the parts of an e-mail address and give an example (your own?).
ANS:
The two parts of an e-mail address are the user name and the domain name. For example,
hsavage@cc.ysu.edu is the address of Helen Savage at the computer center site at Youngstown State
University.
ANS:
A denial of service attack is an assault on a Web server to prevent it from serving its users. The normal
connecting on the Internet involves a three-way handshake: (1) from the originating server to the
receiving server, (2) from the receiving server to the originating, and (3) from the originating server to
the receiving. In a denial of service attack, step three is omitted by the attacking entity, and this locks
up the receiving server and prevents either completing the connection or using their ports to respond to
other inquiries. This is somewhat like a calling party on a phone being able to prevent the called party
from breaking the connection, hence making the phone unusable.
ANS:
Cookies are files containing user information that are created by the Web server of the site being
visited and are then stored on the visitor’s own computer hard drive. They can contain the addresses of
sites visited by the user. If the site is revisited, the browser sends the cookie(s) to the Web server. This
was originally intended to enhance efficiency. Many questions now exist about the use of cookies,
especially with regard to user privacy and the security of user information such as passwords.
13. List at least five top-level domain names used in the United States.
ANS:
Among the top-level domain names used in the U.S. are:
.com–a commercial entity
.net–a network provider
.org–an non-profit organization
.edu–an educational or research entity
.gov–a government entity
APPENDIX QUESTION
14. When are networks connected with a bridge and with a gateway?
ANS:
Bridges connect LANs of the same type; gateways connect LANs of different manufacturers and
different types.
ANS:
Client/server technology reduces the number of records that have to be locked and reduces the amount
of data that is transmitted over the network.
ANS:
Polling is noncontentious so data collisions are prevented.
Firms can prioritize data communications by polling important nodes more frequently than less
important nodes.
ANS:
Collisions can occur when two messages are sent simultaneously.
ANS:
Network control establishes a communication session between sender and receiver, manages the flow
of data across the network, detects and resolves data collisions, and detects errors in data caused by
line failure or signal degeneration.
ANS:
A WAN is a wide area network, a LAN is a local area network, and a VAN is a value-added network.
ANS:
The five basic network architectures are: star, hierarchical, ring, bus, and client/server.
ESSAY
APPENDIX QUESTION
1. Contrast a LAN and a WAN. Typically, who owns and maintains a WAN?
ANS:
A LAN is a local area network covering a limited geographic area (a room, a building, several
buildings within a restricted geographic distance). Information processing units connected to a LAN
are usually microcomputer-based workstations. Typically, LANs are privately owned and controlled.
2. Describe the basic differences between the star, ring, and bus topologies.
ANS:
The star topology is a configuration of IPUs with a large central computer (the host) at the hub (or
center) that has connections to a number of smaller computers. Communication between nodes is
managed from the host.
The ring topology connects many computers of equal status. There is no host. Management of
communication is distributed among the nodes.
In the bus topology, all nodes are connected to a common cable, the bus. Communication and file
transfer are controlled centrally by one or more server.
ANS:
Security questions that must be answered to safeguard Internet commerce relate to:
private or confidential financial data stored on a host or server that could be accessed by unauthorized
individuals,
interception of private information sent between sites, such as credit card numbers, and
the risk of destruction of data and programs by virus attacks and other malice.
ANS:
The World Wide Web is an Internet facility that links user sites locally and around the world. It was
originally developed to share scientific information over the Internet. Although the Web is the part of
the Internet that is most familiar to average users, it is just a part. Other Internet tools include file
transfer using FTP, remote connection to another computer using Telnet, and access to the menuing
system Gopher. Its popularity is in part due to the ease of access that is provided by Internet browser
software. The basic Web document is written in hypertext markup language that contains numerous
links to other pages, thus permitting easy movement.
ANS:
How much benefit an organization gains from the Internet depends on how much of its function is
used. Three levels of uses can be made:
a. At the simplest level, the information level, the organization uses the Internet to display
information about the company, its products, services, and business policies. In other words, it
provides information only.
b. At the transaction level, the organization uses the Internet to accept orders from customers and/or
to place them with their suppliers. In other words, transactions occur.
c. At the highest level, the distribution level, the organization uses the Internet to both sell and
deliver digital products–online news, software, music, video, etc.
ANS:
The typical definition of business risk is the possibility of loss or injury that can reduce or eliminate an
organization’s ability to achieve its objectives. In the area of e-commerce, risk relates to the loss, theft,
or destruction of data and/or the use or generation of data or computer programs that financially or
physically harm an organization.
7. Discuss the four areas of concern as they are related to e-commerce: data security, business policy,
privacy, and business process integrity.
ANS:
Data security relates to the level of protection over stored and transmitted data–the security of internal
databases and protection from unauthorized access by individuals inside and outside the organizations.
Business policies relate to the need of consumers and trading partners to know a company’s policies
regarding billing, payment, merchandise returns, shipping, products, and sales tax collection.
Privacy refers to the level of confidentiality used by an organization in managing customer and trading
partner data.
Business process integrity relates to the accuracy, completeness, and consistency with which an
organization processes its business transactions.
ANS:
A digital certificate is like an electronic identification card that is used in conjunction with a public
key encryption system to verify the authenticity of the message sender. These are issued by
certification authorities.
A digital signature is an electronic authentication technique that ensures that the transmitted message
originated with the authorized sender and that it was not tampered with after the signature was applied.
ANS:
The two parts of the TCP/IP protocol are the transfer control protocol (TCP) and the Internet protocol
(IP). This controls how the individual packets of data are formatted, transmitted, and received. The
TCP supports the transport function of the OSI (Open System Interface) model that has been adopted
by the International Standards Organization for the communication community. This ensures that the
full message is received. The IP component provides the routing mechanism. It contains a network
address and is used to route messages to their destinations.
ANS:
Network protocols are the rules and standards governing the design of hardware and software that
permit users of networks manufactured by different vendors to communicate and share data. Protocols
perform a number of different functions.
a. They facilitate the physical connection between network devices.
b. They synchronize the transfer of data between physical devices.
c. They provide a basis for error checking and measuring network performance.
d. They promote compatibility among network devices.
e. They promote network designs that are flexible, expandable, and cost-effective.
11. List and briefly define the privacy conditions inherent to the Safe Harbor agreement
ANS:
Notice: Organizations must provide individuals with clear notice of, “the purposes for which it
collects and uses information about them, the types of third parties to which it discloses the
information, and how to contact the company with inquiries or complaints.”
Choice: Before any data is collected, an organization must give its customers the opportunity to
choose whether to share their sensitive information (e.g., data related to factors such as health, race, or
religion).
Onward Transfer: Unless they have the individual’s permission to do otherwise, organizations may
share information only with those third parties that belong to the Safe Harbor Agreement or follow its
principles.
Security and Data Integrity: Organizations need to ensure that the data they maintain is accurate,
complete, and current, and thus reliable, for use. They must also ensure the security of the information
by protecting it against loss, misuse, unauthorized access, disclosure, alteration, and destruction.
Access: Unless they would be unduly burdened or violate the rights of others, organizations must give
individuals “access to personal data about themselves and provide an opportunity to correct, amend, or
delete such data.”
Enforcement: Organizations must “enforce compliance, provide recourse for individuals who believe
their privacy rights have been violated, and impose sanctions on their employees and agents for non-
compliance.”
ANS:
Audit implications include:
Taxonomy Creation. Taxonomy may be generated incorrectly, resulting in an incorrect mapping
between data and taxonomy elements that could result in material misrepresentation of financial data.
Controls must be designed and in place to ensure the correct generation of XBRL taxonomies.
Validation of Instance Documents. As noted, once the mapping is complete and tags have been stored
in the internal database, XBRL instance documents (reports) can be generated. Independent
verification procedures need to be established to validate the instance documents to ensure that
appropriate taxonomy and tags have been applied before posting to web server.
Audit Scope and Timeframe. Currently, auditors are responsible for printed financial statements and
other materials associated with the statements. What will be the impact on the scope of auditor
responsibility as a consequence of real time distribution of financial statements across the Internet?
Should auditors also be responsible for the accuracy of other related data that accompany XBRL
financial statements, such as textual reports?
13. What is a Certification Authority and what are the implications for the accounting profession?
ANS:
A certification authority is independent and trusted third party empowered with responsibility to vouch
for the identity of organizations and individuals engaging in Internet commerce. The question then
becomes who vouches for the CA? How does one know that the CA who awarded a seal of
authenticity to an individual is itself reputable and was meticulous in establishing his or her identity?
These questions hold specific implication for the accounting profession. Since they enjoy a high
degree of public confidence, public accounting firms are natural candidates for certification
authorities.