DPB20043

MANAGEMENT INFORMATION
SYSTEM
CHAPTER 2
MANAGEMENT INFORMATION SYSTEMS BASIC:
HARDWARE, SOFTWARE, NETWORKING
AND SECURITY

L P T
9 0 3
 COURSE OVERVIEW:
2.1 Identify the computer hardware and software
2.2 Discuss communications networks and types of network
2.3 Discuss threats to information security
2.4 Describe information security
WHAT IS A COMPUTER?

• A computer is a machine or device that performs processes,

calculations and operations based on instructions provided by a
software or hardware program.
COMPUTER HARDWARE

• Computer hardware refers to

the physical components that make up a
computer system.
There are many different kinds of
hardware that can be installed inside, and
connected to the outside, of a computer.

1. Personal computer

2. Other digital devices

PERSONAL COMPUTER

• Basic hardware components of a

modern personal computer, including:
a. monitor
b. motherboard
c. CPU
d. RAM
e. expansion cards
f. power supply
g. optical disc drive
h. hard disk drive
i. keyboard
j. mouse.
MONITOR

• For the computer hardware, the monitor is another device that is used to
display the output, videos and other graphics as it is directly connected
to the CPU.
• The video displayed by the monitor uses the video card.
• The monitor can be compared to the television set but the difference is
the resolution and graphics displayed by the monitor are of much high
quality compare to the television set.
MONITOR

• The desktop is connected via a cable

and gets fitted in a computer video
card which is installed in the
motherboard of the computer
system.

• For laptops, tablets the monitor is

pre-built in the system and there is
no separate hardware installed in
these devices.
MONITOR
• There are two types of computer monitors which are CRT and LCD. The
CRT was used as an old model of computers.

• The LCD is used in a modern computer as they are thinner and lighter
and easy to use compared to CRT monitors.
 MOTHERBOARD

• The motherboard serves as a single

platform to connect all of the parts of
a computer together.
• It connects the CPU, memory, hard
drives, optical drives, video card, sound
card, and other ports and expansion
cards directly or via cables.
• It can be considered as the backbone
of a computer.
MOTHERBOARD
 CENTRAL PROCESSING UNIT (CPU)
• Central processing unit (CPU) is the core hardware part of the computer
system which is used to interpret and execute most of the commands
using other computer parts i.e. software and hardware.
• The CPU is a core part of any PC, laptops, tablets, and notebooks.
• The CPU is also called the brain of the computer as every operation is
executed in the CPU only.
 CENTRAL PROCESSING UNIT (CPU)
• The CPU is made of computer chip
which contains billions of small
transistors installed on it.
• All the calculations are performed inside
these transistors.
• The other hardware components which
are monitor, keyboard, mouse, printer,
sound system are connected o CPU.
RANDOM ACCESS MEMORY (RAM)
• Random Access Memory is a type of computer hardware that is used to store the
information and then process that information.
• The processing speed of RAM is much faster than a hard disk but Ram is a
volatile device which means when a computer system is shut down all the
information stored is wiped out from RAM whereas hard disk is non-volatile
which means it stores the data permanently in it.
RANDOM ACCESS MEMORY (RAM)
• The data can be easily stored in RAM and can be easily fetched
from RAM.
• The fetch process of data is very fast in Ram compare to hard
disk.
• There are two types of RAM SRAM (Static Random Access
Memory) and DRAM (Dynamic random access memory). The use
of SRAM is in a cache memory of CPU. And the DRAM is mostly
used in modern computers.
WHAT IS A CACHE?
• A cache is a reserved storage location that collects temporary data to help
websites, browsers, and apps load faster.
• Whether it's a computer, laptop or phone, web browser or app, you'll find some
variety of a cache.
• A cache makes it easy to quickly retrieve data, which in turn helps devices run
faster.
• It acts like a memory bank, making it easy to access data locally instead of
redownloading it every time you visit a website or open an app.
EXPANSION CARDS
• Alternatively called an adapter card, add-on card, expansion
board, internal card, interface adapter, or card, an expansion
card is a PCB that fits into an expansion slot on the mother
board.
• An expansion card is an internal card that gives a computer
additional capabilities, such as enhanced video performance via
a graphics card.
EXPANSION CARDS
POWER SUPPLY
• A power supply unit (PSU) converts mains
AC to low-voltage regulated DC power
for the internal components of a
computer.
• Modern personal computers universally use
switched-mode power supplies.
• Some power supplies have a manual switch
for selecting input voltage, while others
automatically adapt to the mains voltage.
2.1.1THE COMPUTER
HARDWARE
Hardware refers to the physical components of a computer that
perform the input, processing, storage, and output activities of the
computer.
2.1 Computer Hardware and Software

INPUTAND OUTPUTDEVICE
Input and output devices are part of a computer’s user interface,
which includes other hardware devices and software that allow you
to interact with a computer system.

As with other computer system components, an organization should

keep their business goals in mind when selecting input and output
devices.
2.1 Computer Hardware and Software

PROCESSING DEVICE
• Central Processing unit (CPU) was a
part of processing device that
ability to process (organize and
manipulate) data is a critical
aspect of a computer system, in
which processing is
accomplished by an interplay
between one or more of the
central processing units and
primary storage.
2.1 Computer Hardware and Software

PROCESSING DEVICE
Memory devices contain thousands of circuits imprinted on a silicon chip.
Each circuit is either conducting electrical current (on) or not (off). Data is
stored in memory as a combination of on or off circuit states.
Instructions or data can be temporarily stored in random access memory
(RAM). RAM is temporary and volatile—RAM chips lose their contents if the
current is turned off or disrupted (as in a power surge, brownout, or electrical
noise generated by lightning or nearby machines).
Read-only memory (ROM), another type of memory, is usually nonvolatile. In
ROM, The combination of circuit states is fixed, and therefore its contents are
not lost if the power is removed. ROM provides permanent storage for data
and instructions that do not change, such as programs and data from the
computer manufacturer, including the instructions that tell the computer
how to start up when power is turned on.
2.1 Computer Hardware and Software

SECONDARY STORAGE
A small amount of storage area for the data and instructions the
CPU requires for processing. Computer systems also need to store
larger amounts of data, instructions, and information more
permanently than main memory allows. Secondary storage, also
called permanent storage, serves thispurpose.
2.1 Computer Hardware and Software

COMMUNICATION DEVICE

The best example of a communication device is a computer modem, which is

capable of sending and receiving a signal to allow computers to talk to other
computers over the telephone. Other examples of communication devices
include a network interface card (NIC), Wi-Fi devices, and an access point.
2.1 Computer Hardware and Software

2.1.1THE COMPUTERHARDWARE

a. Personal Computers
b. Other Digital Devices
2.1 Computer Hardware and Software

A. PERSONAL COMPUTERS

Computer that is operated by a single user who can

customize the functions to match personal preferences.

A keyboard and a computer mouse are the most

common devices used for entry of data such as
characters, text, and basic commands.

Some companies are developing newer keyboards that

are more comfortable, adjustable, and faster to use.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Computer Category Description

Smartphone A cellular telephone with a keypad that runs programs, music,

photos, and email and includes many features of a PDA.
Personal digital assistant A small handheld computer that performs simple tasks such as
(PDA) taking notes, scheduling appointments, and main- taining an
address book and a calendar. The PDA screen is touch-
sensitive, allowing a user to write directly on the screen,
capturing what is written.
Handheld (ultra portable, Computer portable enough to fit in a purse or pocket and has
pocket) computer its own power source or battery.
Laptop (portable, Computer portable enough to fit on a lap or in a bag and has
notebook) computer its own power source or battery. Laptops come equipped with
all of the technology that a personal desktop computer has,
yet weigh as little as two pounds.
Tablet computer Computer with a flat screen that uses a mouse or fingertip for
input instead of a keyboard. Similar to PDAs, tablet PCs use a
writing pen or stylus to write notes on the screen and touch the
screen to perform functions such as clicking on a link while
visiting a website.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Computer Category Description

Desktop computer Computer that sits on, next to, or under a user’s desk and is too large to carry around. The computer box is where
the CPU, RAM, and storage devices are held with a monitor on top, or a vertical system box (called a tower)
usually placedonthe floorwithin awork area.

Workstation computer Similar to a desktop but has more powerful mathematical and graphics processing capabilities and can
perform more complicated tasks in less time. Typically used for software development, web development,
engineering, and ebusiness tools.

Minicomputer(server) Designed to meet the computing needs of several people simultaneously in a small to medium-size business
environment. A common type of minicomputer is a server and is used for managing internal company
applications, networks, and websites.
Mainframe computer Designed to meet the computing needs of hundreds of people in a large business environment. Mainframe
computers are a step up in size, power, capability, and cost from minicomputers.

Supercomputer The fastest, most powerful, and most expensive type of computer. Organizations such as NASA that are
heavily involved in research and number crunching employ supercomputers because of the speed with which
they can process information. Other large, customer-oriented businesses such as General Motors and AT&T
employ supercomputers just to handle customer information and transaction processing.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Smartphone A cellular telephone with a keypad that

runs
programs, music, photos, and email and includes
many features of a PDA.
Personal digital A small handheld computer that performs simple
assistant (PDA) tasks such as taking notes, scheduling
appointments, and main- taining an address book
and a calendar. The PDA screen is touch-sensitive,
allowing a user to write directly on the screen,
capturing what iswritten.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Handheld (ultra Computer portable enough to fit in a purse or

portable, pocket) pocket and has its own power source or battery.
computer

Tablet computer Computer with a flat screen that uses a mouse or

fingertip for input instead of a keyboard. Similar
to PDAs, tablet PCs use a writing pen or stylus to
write notes on the screen and touch the screen
to perform functions such as clicking on a link
while visiting a website.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Desktop Computer that sits on, next to, or under a user’s desk
computer and is too large to carry around. The computer box
is where the CPU, RAM, and storage devices are
held with a monitor on top, or a vertical system box
(called a tower) usually placed on the floor within a
work area.

Workstation Similar to a desktop but has more

computer powerful
mathematical and graphics processing capabilities
and can perform more complicated tasks in less
time. Typically used for software development, web
development, engineering, and e-business tools.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Minicomputer Also known as mid-range server. Designed to meet

(server) the computing needs of several people
simultaneously in a small to medium-size business
environment. A common type of minicomputer is a
server and is used for managing internal company
applications, networks, and websites.

Mainframe Designed to meet the computing needs of hundreds

computer of people in a large business environment.
Mainframe computers are a step up in size, power,
capability, and cost from minicomputers.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Minicomputer Also known as mid-range server. Designed to meet

(server) the computing needs of several people
simultaneously in a small to medium-size business
environment. A common type of minicomputer is a
server and is used for managing internal company
applications, networks, and websites.

Mainframe Designed to meet the computing needs of hundreds

computer of people in a large business environment.
Mainframe computers are a step up in size, power,
capability, and cost from minicomputers.
2.1 Computer Hardware and Software

B. OTHER DIGITAL DEVICES

Superco The fastest, most powerful, and most expensive type of

mputer computer. Organizations such as NASA that are heavily
involved in research and number crunching employ
supercomputers because of the speed with which they
can process information. Other large, customer-oriented
businesses such as General Motors and AT&T employ
supercomputers just to handle customer information
and transaction processing.
2.1 Computer Hardware and Software

B. THE COMPUTER SOFTWARE

i. Cloud Computing
A software package is a prewritten commercially available set
of software programs that eliminates the need for a firm to write
its own software programs for certain functions, such as payroll
processing or order handling.
Enterprise application software vendors such as SAP and Oracle-
PeopleSoft have developed powerful software packages that
can support the primary business processes of a firm worldwide
from warehousing, customer relationship management, and
supply chain management, to finance and human resources.
2.1 Computer Hardware and Software

THE COMPUTER HARDWARE AND

SOFTWARE
ii. Open-Source Software
• Open source software is software produced by a community of
several Hundred thousand programmers around the world.

• According to the leading open source professional association,

OpenSource.org, open source software is free and can be modified
by users.

• Works derived from the original code must also be free, and the
software can be redistributed by the user without additional
licensing.
2.1 Computer Hardware and Software

A. SYSTEM SOFTWARE
System software is a type of computer program that is
designed to run a computer's hardware and application
programs

Software can be divided into several types; operating

software, Application, and Utility as per shown below.
2.1 Computer Hardware and Software

Linux An open source operating system that provides a rich

environment for high-end workstations and network servers. Open
source refers to any program whose source code is made available
for use or modification as users or other developers see fit.

UNIX A 32-bit multitasking and multiuser operating system that

originated at AT&T’s Bell Laboratories and is now used on a wide variety
of computers, from mainframes to PDAs.
2.1 Computer Hardware and Software

B. APPLICATION SOFTWARE
Browser Enables the user to navigate the World Wide Web. The two leading
browsers are Netscape Navigator and Microsoft Internet Explorer.

Communication Turns a computer into a terminal for transmitting data to and

receiving data from distant computers through the telephone system.

Data Provides the tools for data retrieval, modification, deletion, and
management insertion; for example, Access, MySQL, and Oracle.

Desktop publishing Transforms a computer into a desktop publishing workstation.

Leading packages include Adobe FrameMaker, Adobe
PageMaker, and QuarkXpress.

Email Provides email services for computer users, including receiving

mail, sending mail, and storing messages. Leading email software includes
Microsoft Outlook, Microsoft Outlook Express, and Eudora.
2.1 Computer Hardware and Software

APPLICATION SOFTWARE
Groupware Increases the cooperation and joint productivity of small groups
of co-workers.

Presentation Creates and enhances charts and graphs so that they are visually
graphics appealing and easily understood by an audience. A full-features
presentation graphics package such as Lotus Freelance Graphics or
Microsoft PowerPoint includes facilities for making a wide variety of
charts and graphs and for adding titles, legends, and explanatory text
anywhere in the chart or graph.

Programming Possesses an artificial language consisting of a fixed vocabulary

and a set of rules (called syntax) that programmers use to write
computer programs. Leading programming languages include Java, C
++, C#, and .NET.
2.1 Computer Hardware and Software

APPLICATION SOFTWARE
Spreadsheet Simulates an accountant’s worksheet on-screen and lets users
embed hidden formulas that perform calculations on the visible data.
Many spreadsheet programs also include powerful graphics and
presentation capabilities to create attractive products. The leading
spreadsheet application is MicrosoftExcel.

Word processing Transforms a computer into a tool for creating, editing,

proofreading, formatting, and printing documents. Leading word
processing applications include Microsoft Word and WordPerfect.
2.1 Computer Hardware and Software

UTILITY SOFTWARE
Crash-proof Helps save information if a computer
crashes.
Disk image Relieves the burden of reinstalling
for data applications if a hard drive
recovery crashes or becomes irretrievablycorrupted.

Disk Organizes information on a hard disk in the

optimization most efficient way.
Encrypt data Protects confidential information from
unauthorized eyes.
File and data Retrieves accidental deletion of photos or
recovery documents.
2.1 Computer Hardware and Software

UTILITY SOFTWARE
Text protect In Microsoft Word, prevents users from typing over existing text
after accidentally hitting the Insert key. Launch the Insert Toggle Key
program, and the PC will beep whenever a user presses the Insert key.

Preventive security Through programs such as Window Washer, erases file histories,
browser cookies, cache contents, and other crumbs that
applications and Windows leave on a hard drive.

Spyware Removes any software that employs a user’s Internet connection

in the back- ground without the user’s knowledge or explicit
permission.

Uninstaller Can remove software that is no longer needed.

NETWORK DEVICES
1. Server
2. Switch
3. Hub
4. Router
5. Bridge
6. Firewall
7. Gateways
8. Modem
NETWORK

A network can be defined as two

or more computers connected
together in such a way that the
can share resources

The purpose of a network is to

share resources
2.2 Communications Networks and Types Of Network

The Communications Networks And Types Of Network

DEFINITION OF NETWORKS
• A network consists of two or more connected
computers. a client computer and a dedicated server
computer, network interfaces, a connection medium,
network operating system software, and either a hub
or a switch.
• Each computer on the network contains a network
interface device to link the computer to the network.
2.2 Communications Networks and Types Of Network

Simple communication network.

2.2 Communications Networks and Types Of Network

SIMPLE COMMUNICATION NETWORK.

The network operating system (NOS) routes and manages
communications on the network and coordinates network
resources. It can reside on every computer in the network,
or it can reside primarily on a dedicated server computer
for all the applications on the network.
CATEGORIES OF NETWORK COMPONENTS
COMPONENTS OF A NETWORK

• The path that a message takes from source to destination can be as simple as a
single cable connecting one computer to another or as complex as a network
that literally spans the globe.
• This network infrastructure is the platform that supports the network. It
provides the stable and reliable channel over which our communications can
occur.
• The network infrastructure contains three categories of network components:
1) End devices
2) Intermediary devices
3) Network media
COMPONENTS OF A NETWORK
• Devices and media are the physical elements, or hardware, of the network.
• Hardware comprises the components of the network platform that typically are
visible, such as a laptop, PC, switch, router, wireless access point, or the cabling
used to connect the devices.
• Occasionally, some network components may not be visible. In the case of
wireless media, for example, messages are transmitted through the air using
invisible radio frequency or infrared waves.
COMPONENTS OF A NETWORK
• Network components are used to provide services and processes. These
services and processes are the communication programs, called software, that
run on the networked devices.
• A network service provides information in response to a request.
• Services include many of the common network applications people use every
day, like email hosting services and web hosting services.
• Processes provide the functionality that directs and moves the messages
through the network.
• Processes are less obvious to us but are critical to the operation of networks.
END DEVICES
• The network devices that people are most familiar with are called end
devices, or hosts. These devices form the interface between users and
the underlying communication network.
• Some examples of end devices are
1. Computers (work stations, laptops, file servers, web servers)
2. Network printers
3. VoIP phones
4. TelePresence endpoints
5. Security cameras
6. Mobile handheld devices (such as smartphones, tablets, PDAs, and
wireless debit/credit card readers and barcode scanners)
END DEVICES
• A host device is either the source or destination of a message
transmitted over the network.
• In order to distinguish one host from another, each host on a
network is identified by an address.
• When a host initiates communication, it uses the address of the
destination host to specify where the message should be sent.
END DEVICES
• In modern networks, a host can act as a client, a server, or both.
• Software installed on the host determines which role it plays on
the network.
• Servers are hosts that have software installed that enables them
to provide information and services, like email or web pages, to
other hosts on the network.
• Clients are hosts that have software installed that enables them to
request and display the information obtained from the server.
INTERMEDIARY DEVICES
• Interconnect end devices.
• These devices provide connectivity and work behind the scenes to ensure that
data flows across the network.
• Intermediary devices connect the individual hosts to the network and can
connect multiple individual networks to form an internetwork.
• Examples of intermediary network devices are
1. Network access devices (switches and wireless access points)

2. Internetworking devices (routers)

3. Security devices (firewalls)
INTERMEDIARY DEVICES

• The management of data as it flows through the network is also a role of

the intermediary devices.
• These devices use the destination host address, in conjunction with
information about the network interconnections, to determine the path
that messages should take through the network.
INTERMEDIARY DEVICES

• Processes running on the intermediary network devices perform these

functions:
i. Regenerate and retransmit data signals
ii. Maintain information about which pathways exist through the network and
internetwork
iii. Notify other devices of errors and communication failures
iv. Direct data along alternate pathways when there is a link failure
v. Classify and direct messages according to QoS priorities
vi. Permit or deny the flow of data, based on security settings
NETWORK MEDIA

• Communication across a network is carried on

a medium.
• The medium provides the channel over which the
message travels from source to destination.
• Modern networks primarily use the following three
types of media to interconnect devices and to
provide the pathway over which data can be
transmitted:
1. Metallic wires within cables
2. Glass or plastic fibers (fiber-optic cable)
3. Wireless transmission
NETWORK MEDIA
• The signal encoding that must occur for the message to be transmitted is
different for each media type.
• On metallic wires, the data is encoded into electrical impulses that match
specific patterns.
• Fiber-optic transmissions rely on pulses of light, within either infrared or visible
light ranges.
• In wireless transmission, patterns of electromagnetic waves depict the various
bit values.
NETWORK MEDIA
• Different types of network media have different features and benefits.
• Not all network media types have the same characteristics or are appropriate for
the same purpose.
• The criteria for choosing network media are:
i. The distance the media can successfully carry a signal
ii. The environment in which the media is to be installed
iii. The amount of data and the speed at which it must be transmitted
iv. The cost of the media and installation
CATEGORIES OF NETWORK COMPONENTS

• In addition to being able to recognize these representations, you

need to understand the specialized terminology that is used
when discussing how each of these devices and media connect
to each other. Important terms to remember are

1. Network interface card (NIC): Provides the physical

connection to the network at the PC or other host device. The
media connecting the PC to the networking device plugs
directly into the NIC (also known as a LAN adapter).

2. Physical port: A connector or outlet on a networking device

where the media is connected to a host or other networking
device.

3. Interface: Specialized ports on an internetworking device that

connect to individual networks. Because routers are used to
interconnect networks, the ports on a router are referred to as
network interfaces.
SIMPLE COMMUNICATION NETWORK

• A server computer is a computer on a network that performs

important network functions for client computers, such as
serving up Web pages, storing data, and storing the
network operating system (and hence controlling the
network).
SIMPLE COMMUNICATION NETWORK
• Server is a computer equipped with specific programs and/or hardware that
enables it to offer services to other computers (clients) on its network.
• There are different types and capabilities of servers.
• Think about transportation. We can think of transportation as anything that
can move something or someone from one location to the other. A bicycle
can move one person, a car can move four people, a bus can move 50
people, and a plane can move 500 people.
• They are all modes of transport, but each has a different capacity.
• The same applies to servers.
2.2 Communications Networks and Types Of Network

SIMPLE COMMUNICATION NETWORK.

• Most networks also contain a switch or a hub acting as
a connection point between the computers.
• Hubs are very simple devices that connect network
components, sending a packet of data to all other
connected devices.
SIMPLE COMMUNICATION NETWORK
• A switch has more intelligence
than a hub and can filter and
forward data to a specified
destination on the network.
2.2 Communications Networks and Types Of Network

SIMPLE COMMUNICATION NETWORK.

What if you want to communicate with another network, such
as the Internet? You would need a router.
• A router is a communications processor used to route packets
of data through different networks, ensuring that the data
sent gets to the correct address.
• Network switches and routers have proprietary software built
into their hardware for directing the movement of data on
the network.
• This can create network bottlenecks and makes the process
of configuring a network more complicated and time-
consuming.
SIMPLE COMMUNICATION
NETWORK • Router guide and direct network data, using
packets that contain various kinds of data such
as files, communications, and simple
transmissions like web interactions.
• The data packets have several layers, or
sections, one of which carries identifying
information such as sender, data type, size, and
most importantly, the destination IP (Internet
protocol) address.
• The router reads this layer, prioritizes the data,
and chooses the best route to use for each
transmission.
2.2 Communications Networks and Types Of Network

SIMPLE COMMUNICATION NETWORK.

• Software-Defined Networking (SDN) is a network architecture approach that
enables the network to be intelligently and centrally controlled, or ‘programmed,’
using software applications.
• This helps operators manage the entire network consistently and holistically,
regardless of the underlying network technology.
• This is especially helpful in a cloud computing environment with many different
pieces of hardware because it allows a network administrator to manage traffic
loads in a flexible and more efficient manner.
TYPES OF
NETWORK
2.2 Communications Networks and Types Of Network

THE COMMUNICATIONNETWORK.

1. Analog signal
• An analog signal is represented by a continuous waveform that passes
through a communications medium and has been used for voice
communication.
• The most common analog devices are the telephone handset, the
speaker on your computer, or your iPod earphone, all of which create
analog waveforms that your ear can hear.
2.2 Communications Networks and Types Of Network

2. Digital signal

• A digital signal is a discrete, binary waveform, rather

than a continuous waveform.
• Digital signals communicate information as strings of
two discrete states: one bit and zero bits, which are
represented as on-off electrical pulses.
• Computers use digital signals and require a modem to
convert these digital signals into analog signals that can
be sent over (or received from) telephone lines, cable
lines, or wireless media that use analog signals.
2.2 Communications Networks and Types Of Network

Analog and Digital functions

ANALOG VS DIGITAL SIGNAL
DISCUSS COMMUNICATIONS
NETWORKS AND TYPES OF NETWORK

Describe types of network

a. Local area network (LAN)
b. Campus area network (CAN)
c. Metropolitan area network (MAN)
d. Wide area network (WAN)
e. Internet
f. World Wide Web
2.2 Communications Networks and Types Of Network

TYPES OF NETWORK

Local area network (LAN)

• A local area network (LAN) is designed to connect personal computers and other
digital devices within a half- mile or 500-meter radius.
• LANs typically connect a few computers in a small office, all the computers in one
building, or all the computers in several buildings in close proximity.
• One computer isa dedicated network file server,providing users with access to shared
computing resources in the network,including software programs and data files.
2.2 Communications Networks and Types Of Network

LOCAL AREA NETWORK

• The router connects the LAN to other networks, which could be the
Internet or another corporate network, so that the LAN can
exchange information with networks external to it.

• The most common LAN operating systems are Windows, Linux, and
Novell. Each of these network operating systems supports TCP/IP as
their default networking protocol.
2.2 Communications Networks and Types Of Network

LOCAL AREA NETWORK

LANs may use a peer-to-peer architecture. A peer-to-peer
network treats all processors equally and is used primarily in
small networks with 10 or fewer users.

The various computers on the network can exchange

data by direct access and can share peripheral devices
without going through a separate server.
2.2 Communications Networks and Types Of Network

2. Campus area network (CAN)

A Campus Area Network (CAN) is a computer network that
links the buildings and consists of two or more local area
networks (LANs) within the limited geographical area.

It can be the college campus, enterprise campus, office

buildings, military base, industrialcomplex.
2.2 Communications Networks and Types Of Network

3.Metropolitan area network (MAN)

A metropolitan area network (MAN) is a network that
spans a metropolitan area, usually a city and its major
suburbs. Its geographic scope falls between a WAN and a
LAN.
2.2 Communications Networks and Types Of Network

4. Wide area network (WAN)

Wide area networks (WANs) span broad geographical
distances—entire regions, states, continents, or the entire
globe.
The most universal and powerful WAN is the Internet.
Computers connect to a WAN through public networks,
such as the telephone system or private cable systems, or
through leased lines or satellites.
2.2 Communications Networks and Types Of Network

5. Internet
The Internet has become the world’s most
extensive, public communication system
that now rivals the global telephone
system in reach and range. It’s also the
world’s largest implementation of
client/server computing and
internetworking, linking millions of individual
networks all over the world.
An Internet service provider (ISP) is a
commercial organization with a
permanent connection to the Internet that
sells temporary connections to retail
subscribers.
2.2 Communications Networks and Types Of Network

6. World Wide Web

The World Wide Web (abbreviated WWW or the Web) is an
information space where documents and other web
resources are identified by Uniform Resource Locators
(URLs), interlinked by hypertext links, and can be accessed
via the Internet.
2.3 Threats To Information Security

2.3.1 MALICIOUSSOFTWARE
• Malicious software programs are referred to as malware
and include a variety of threats, such as computer
viruses, worms, and Trojan horses.
2.3 Threats To Information Security

A. VIRUSES
• A computer virus is a type of malicious code or
program written to alter the way a computer
operates and that is designed to spread from
one computer to another.
• a virus operates by inserting or attaching itself
to a legitimate program or document that
supports macros in order to execute its code.

Viruses typically spread from computer to computer when

humans take an action, such as sending an e-mail
attachment or copying an infected file.
2.3 Threats To Information Security

B. WORMS
Most recent attacks have come from worms, which are
independent computer programs that copy themselves
from one computer to other computers over a network.

Unlike viruses, worms can operate on their own without

attaching to other computer program files and rely less on
human behavior in order to spread from computer to
computer.
2.3 Threats To Information Security

C. TROJAN HORSES
A Trojan horse is a software program that appears to be
kindly (not harmful) but then does something other than
expected. The Trojan horse is not itself a virus because it
does not replicate, but it is often a way for viruses or
other malicious code to be introduced into a computer
system.
It may sit quietly in computer, collecting information or setting
up holes in your security or they may just take over your
computer and lock out.
2.3 Threats To Information Security

D. SPYWARE
• A program that is placed on a computer without a user’s
knowledge and secretly collects information about the user.
• The collected information is communicated by the
spyware to some outside source while the user is online.
• Spyware can enter a computer as a virus or as a result of
a user installing a new program.
D. SPYWARE
• Thousands of forms of spyware have been
documented. Many users find such spyware annoying,
and some critics worry about its infringement on
computer users’ privacy.
• Key loggers record every keystroke made on a
computer to steal serial numbers for software, to
launch Internet attacks, to gain access to e-mail
accounts.
COMPUTER CRIME
• Computer crime is an act performed by a knowledgeable
computer user, sometimes referred to as a hackers that illegally
browses or steals a company's or individual's private
information.
2.3 Threats To Information Security

2.3.2 COMPUTER CRIME

a. Hackers
• A hacker isan individual who intends to gain unauthorized access to a computer system.
• He or she is a person who enjoys the challenge of breaking into computers without the
knowledge of the user.
• The main aim might be to know the detail of programmable system and how it works.
• Within the hacking community, the term cracker is typically used to denote a hacker with
criminal intent, although in the public press, the terms hacker and cracker are used
interchangeably.
• Hackers and crackers gain unauthorized access by finding weaknesses in the security
protections employed by Web sites and computer systems, often taking advantage of various
features of theInternet
 B. SPOOFING AND SNIFFING
Spoofing
• Is a fraudulent or malicious practice in which communication is sent from an
unknown source disguised as a source known to the receiver.
• Spoofing is most prevalent in communication mechanisms that lack a high level
of security
B. SPOOFING AND SNIFFING
Sniffing
• Is a data interception technology.
• Sniffer is program that monitor or reading all network traffic passing in
and out over a network.
• telnet, Relogin, FTP, NNTP, SMTP, HTTP, IMAP that all protocol are
vulnerable for sniffing because it send data and password in clear text.
• Sniffing can be use both the ways legally or illegally like for monitor
network traffic, network security and for stealing information like
password, files from the network.
2.3 Threats To Information Security

b. Spoofing and sniffing

Spoofing also may involve redirecting a Web link to an
address different from the intended one, with the site
masquerading as the intended destination.

For example, if hackers redirect customers to a fake Web

site that looks almost exactly like the true site, they can
then collect and process orders, effectively stealing
business.
2.3 Threats To Information Security

A sniffer is a type of eavesdropping program that monitors

information traveling over a network. When used
legitimately, sniffers help identify potential network trouble
spots or criminal activity on networks, but when used for
criminal purposes, they can be damaging and very
difficult to detect.

Sniffers enable hackers to steal proprietary information

from anywhere on a network, including e-mail
messages, company files, and confidential reports.
2.3 Threats To Information Security

c. Denial of Service Attack

A hackers flood a network server or Web server with many
thousands of false communications or requests for services
to crash the network.
The network receives so many queries that it cannot keep
up with them and is thus unavailable to service legitimate
requests.
A distributed denial-of-service (DDoS) attack uses
numerous computers to inundate and overwhelm the
network from numerous launch points.
2.3 Threats To Information Security

For example, hours after the U.S. Department of Justice shut down file-
sharing site Mega upload on January 19 2012, the Anonymous hacker
collective launched extensive retaliatory DDoS attacks against federal
and entertainment industry Web sites. Web sites belonging to the FBI,
U.S. Department of Justice,
U.S. Copyright Office, Universal Music, the Recording Industry
Association of America, and the Motion Picture Association of
America, were knocked offline for a large part of the day.
Although DoS attacks do not destroy information or access restricted
areas of a company’s information systems, they often cause a Web
site to shut down, making it impossible for legitimate users to access
the site.
2.3 Threats To Information Security

D. IDENTITYTHEFT
• Identity theft has become especially troubling. Identity theft is a
crime in which an imposter obtains key pieces of personal
information, such as social security identification numbers, driver’s
license numbers, or credit card numbers, to impersonate someone
else.
• The information may be used to obtain credit, merchandise, or
services in the name of the victim or to provide the thief with false
credentials.
2.3 Threats To Information Security

E. CLICK FRAUD
The advertiser typically pays a fee for each click, which is
supposed to direct potential buyers to its products. Click fraud
occurs when an individual or computer program fraudulently
clicks on an online ad without any intention of learning more
about the advertiser or making a purchase.

Click fraud has become a serious problem at Google and other

Web sites that feature pay-per-click online advertising. Some
companies hire third parties (typically from low-wage countries)
to fraudulently click on a competitor’s ads to weaken them by
driving up their marketing costs.
CLICK FRAUD
• Is a type of fraud that occurs on the internet pay per click online advertising.
• It can manipulating data such as changing banking records to transfer money to
an account.
• The phrase click fraud is similar to invalid clicks, however in addition to clicks
that is intentionally fraudulent, invalid clicks also includes accidental clicks and
other mechanically generated traffic that are not the result of genuine user
clicks.
2.3 Threats To Information Security

F. Cyber Terrorism and Cyber Warfare

• The global nature of the Internet makes it possible for
cybercriminals to operate—and to do harm—anywhere in
the world.
• Internet vulnerabilities have also turned individuals and even
entire nation states into easy targets for politically-motivated
hacking to conduct sabotage and espionage.
• Cyberwarfare is a state-sponsored activity designed to
cripple and defeat another state or nation by penetrating its
computers or networks for the purposes of causing damage
and disruption.
2.3 Threats To Information Security

• Cyberwarfare poses a serious threat to the infrastructure of modern

societies, since their major financial, health, government, and industrial
institutions rely on the Internet for daily operations.

• Cyberwarfare also involves defending against these types of attacks. The

Interactive Session on Organizations describes some recent cyberwarfare
attacks and their growing sophistication and severity.
2.4 Information Security

2.4.1 INFORMATION SYSTEMS CONTROLS

Information systems controls are both manual and automated and consist
of general and application controls.
1. General controls
General controls govern the design, security, and use of computer programs
and the security of data files in general throughout the organization’s
information technology infrastructure.
On the whole, general controls apply to all computerized applications and
consist of a combination of hardware, software, and manual procedures that
create an overall control environment.
General controls include software controls, physical hardware controls,
computer operations controls, data security controls, controls over
implementation of system processes, and administrative controls.
2.4 Information Security

THE INFORMATION SECURITY

2.4 Information Security

2. Application controls
Application controls are specific controls unique to each
computerized application, such as payroll or order processing. They
include both automated and manual procedures that ensure that only
authorized data are completely and accurately processed by that
application.
Application controls can be classified as (1) input controls,
(2)processing controls, and (3)outputcontrols.
2.4 Information Security

2.4.2 Information Resources Controls.

a. Authentication
Refers to the ability to know that a person is who he or she claims to
be. Authentication is often established by using passwords known
only to authorized users.

An end user uses a password to log on to a computer system and

may also use passwords for accessing specific systems and files.
2.4 Information Security

AUTHENTICATION
New authentication technologies, such as tokens, smart cards, and
biometric authentication, overcome some of these problems.

A token is a physical device, similar to an identification card that is

designed to prove the identity of a single user. Tokens are small
gadgets that typically fit on key rings and display passcodes that
change frequently.

A smart card is a device about the size of a credit card that contains a
chip formatted with access permission and other data. (Smart cards
are also used in electronic payment systems.) A reader device
interprets the data on the smart card and allows or denies access.
2.4 Information Security

Biometric authentication uses systems that read and interpret

individual human traits, such as fingerprints, irises, and voices, in order
to grant or deny access. Biometric authentication is based on the
measurement of a physical or behavioral trait that makes each
individual unique.
2.4 Information Security

b. Firewalls
Firewalls prevent unauthorized users from accessing private
networks. A firewall is a combination of hardware and
software that controls the flow of incoming and outgoing network
traffic.

Firewalls can also be used to protect one part of a company’s

network from the rest of the network. The firewall acts like a
gatekeeper who examines each user’s credentials before access is
granted to a network.
2.4 Information Security

FIREWALLS
The firewall identifies names, IP addresses, applications, and other
characteristics of incoming traffic.

It checks this information against the access rules that have been
programmed into the system by the networkadministrator.

The firewall prevents unauthorized communication into and out of the

network. In large organizations, the firewall often resides on a specially
designated computer separate from the rest of the network, so no
incoming request directly accesses private network resources.
2.4 Information Security

c. Intrusion DetectionSystem
In addition to firewalls, commercial security vendors now
provide intrusion detection tools and services to protect
against suspicious network traffic and attempts to access
files and databases.

Intrusion detection systems feature full-time monitoring

tools placed at the most vulnerable points or “hot spots”
of corporate networks to detect and deter intruders
continually.
2.4 Information Security

INTRUSION DETECTIONSYSTEM

Scanning software looks for patterns indicative of known

methods of computer attacks, such as bad passwords,
checks to see if important files have been removed or
modified, and sends warnings of vandalism or system
administration errors.

Monitoring software examines events as they are

happening to discover security attacks in progress.
2.4 Information Security

D. ANTIVIRUS AND ANTISPYWARE SOFTWARE

Defensive technology plans for both individuals and businesses must

include anti-malware protection for every computer.

Antivirus software prevents, detects, and removes malware, including

computer viruses, computer worms, Trojan horses, spyware, and
adware.

However, most antivirus software is effective only against malware

already known when the software was written. To remain effective,
the antivirus software must be continually updated.
2.4 Information Security

E. UNIFIED THREAT MANAGEMENT SYSTEM

To help businesses reduce costs and improve manageability, security vendors

have combined into a single appliance various security tools, including
firewalls, virtual private networks, intrusion detection systems, and Web
content filtering and antispam software.

These comprehensive security management products are called unified

threat management (UTM) systems.
i.e: networking vendors such as Cisco
End of chapter 2