CHAPTER 4

Short Questions

1. Define the followings: Ethics (158), Profiling (161), Liability (165), Due process (165),
Responsibility (163), Accountibility (163).

ans: Ethics refers to the principles of right and wrong that individuals, acting as free moral
agents, use to make choices to guide their behaviors.

The use of computers to combine data from multiple sources and create electronic dossiers of
detailed information on individuals is called profiling.

Responsibility is a key element of ethical action. Responsibility means that you accept the
potential costs, duties, and obligations for the decisions you make.

Accountability is a feature of systems and social institutions. It means that mechanisms are in
place to determine who took responsible action, and who is responsible.

Liability extends the concept of responsibility further to the area of laws. Liability is a feature of
political systems in which a body of laws is in place that permits individuals to recover the
damages done to them by other actors, systems, or organizations.

Due process is a related feature of law governed societies and is a process in which laws are
known and understood, and there is an ability to appeal to higher authorities to ensure that the
laws are applied correctly.

2. What are the different Ethical Principles? (166)

ans: 1. Do unto others as you would have them do unto you (the Golden Rule).

2. If an action is not right for everyone to take, it is not right for anyone (Immanuel Kant’s
Categorical Imperative).

3. If an action cannot be taken repeatedly, it is not right to take at all. This is the slippery slope
rule.
4. Take the action that achieves the higher or greater value (Utilitarian Principle).

5. Take the action that produces the least harm or the least potential cost (Risk Aversion
Principle).
6. Assume that virtually all tangible and intangible objects are owned by someone else unless
there is a specific declaration otherwise. (This is the ethical “no free lunch” rule). If something
someone else has created is useful to you, it has value, and you should assume the creator wants
compensation for this work.

3. List the five moral dimensions of the information age. (160)

ans: 1. Information rights and obligations. What information rights do individuals and
organizations possess with respect to themselves? What can they protect?

2. Property rights and obligations. How will traditional intellectual property rights be protected
in a digital society in which tracing and accounting for ownership are difficult and ignoring such
property rights is so easy?

3. Accountability and control. Who can and will be held accountable and liable for the harm
done to individual and collective information and property rights?

4. System quality. What standards of data and system quality should we demand to protect
individual rights and the safety of society?

5. Quality of life. What values should be preserved in an information and knowledge based
society? Which institutions should we protect from violation? Which cultural values and
practices are supported by the new information technology?

CHAPTER 7

Short Questions

1. What is a computer network (290)? Draw a diagram of a P2P computer network.

ans: two or more computing devices connected together for the purpose of sharing resources is
called a computer network.

2. What are the major functions of Hubs, Switches, and Routers in computer networks?

ans: Hub is a device which connects all devices together and broadcasts data to every connected
device.

Switches are devices which connect different devices together and send data only to its
destination.
Router:

3. What is Client/Server Computing? Draw a diagram of Client/Server technology. (293)

ans: Client/server computing is a distributed computing model in which some of the processing
power is located within small, inexpensive client computers, and resides literally on desktops,
laptops, or in handheld devices.
Diagram:

4. What is Packet Switching? Draw a diagram to show how it works. (p-293)

ans: Packet switching is a method of slicing digital messages into parcels called packets, sending
the packets along different communication paths as they become available, and then
reassembling the packets once they arrive at their destinations.
Diagram: check p-293 figure 7.3

5. Define the followings: Protocols (294), TCP/IP (294), Analog signal (295), Digital Signal
(295), Modem (296), LAN (296), CAN (296), MAN (296), WAN (296), Bandwidth (297), IP
Address (299), IPv6 (304), DNS (299), VoIP (306), VPN (309), URL (310), SEO (313),
Shopping Bots (315).

ans: A protocol is a set of rules and procedures governing transmission of information between
two points in a network.

a single, common, worldwide standard called Transmission Control Protocol/ Internet

Protocol (TCP/IP).
TCP/IP uses a suite of protocols, the main ones being TCP and IP. TCP establishes a
connection between the computers, sequences the transfer of packets, and acknowledges the
packets sent. IP is responsible for the delivery of packets and includes the disassembling and
reassembling of packets during transmission.

An analog signal is represented by a continuous waveform that passes through a

communications medium and has been used for voice communication.

A digital signal is a discrete, binary waveform, rather than a continuous waveform.

A modem is a device that translates digital signals into analog form (and vice versa) so that
computers can transmit data over analog networks such as telephone and cable networks.

A local area network (LAN) is designed to connect personal computers and other digital
devices within a half-mile or 500-meter radius.

Campus area network (CAN) is a network that spans up to 1,000 meters (a mile); a college
campus or corporate facility.

A metropolitan area network (MAN) is a network that spans a metropolitan area, usually a city
and its major suburbs.

Wide area networks (WAN) span broad geographical distances entire regions, states,
continents, or the entire globe.

The bandwidth is the difference between the highest and lowest frequencies that can be
accommodated on a single channel.

Internet Protocol (IP) address, which currently is a 32-bit number represented by four strings
of numbers ranging from 0 to 255 separated by periods.

IPv6 (Internet Protocol version 6), which contains 128 bit addresses (2 to the power of 128).

The Domain Name System (DNS) converts domain names to IP addresses.

Voice over IP (VoIP) technology delivers voice information in digital form using packet
switching.

A virtual private network (VPN) is a secure, encrypted, private network that has been
configured within a public network to take advantage of the economies of scale and management
facilities of large networks, such as the Internet.

The directory path and document name are two more pieces of information within the Web
address that help the browser track down the requested page. Together, the address is called a
uniform resource locator (URL).

Search engine optimization (SEO) is the process of improving the quality and volume of Web
traffic.
Shopping bots use intelligent agent software for searching the Internet for shopping information.

6. What is the Internet (54)? Draw a diagram of the Internet.

ans: The world’s largest and most widely used network is the Internet. The Internet is a global
“network of networks” that uses universal standards to connect millions of different networks
with nearly 3 billion users in over 230 countries around the world.
Diagram:

7. Draw the diagram of TCP/IP reference model by DOD (294). Briefly describe each layer
in the model. (p-294, 295)

ans: 1. Application layer. The Application layer enables client application programs to access
the other layers and defines the protocols that applications use to exchange data. One of these
application protocols is the Hypertext Transfer Protocol (HTTP), which is used to transfer Web
page files.

2. Transport layer. The Transport layer is responsible for providing the Application layer with
communication and packet services. This layer includes TCP and other protocols.

3. Internet layer. The Internet layer is responsible for addressing, routing, and packaging data
packets called IP datagrams. The Internet Protocol is one of the protocols used in this layer.

4. Network Interface layer. The Network Interface layer is responsible for placing packets on
and receiving them from the network medium, which could be any networking technology.

8. How do RFID systems work? (p-322)

ans: Radio frequency identification (RFID) systems provide a powerful technology for
tracking the movement of goods throughout the supply chain. RFID systems use tiny tags with
embedded microchips containing data about an item and its location to transmit radio signals
over a short distance to RFID readers.

A microchip holds data including an identification number. The rest of the tag is an antenna that
transmits data to a reader. Has an antenna that constantly transmits. When it senses a tag, it
wakes it up, interrogates it, and decodes the data. Then it transmits the data to a host system over
wired or wireless connections. Processes the data from the tag that have been transmitted by the
reader.
9. (and any diagram drawn in class)

CHAPTER 8

Short Questions

1. Why systems are vulnerable? (338)

ans: Unauthorized access, Errors, Tapping, Sniffin, Message alteration, Theft and fraud,
Radiation, Hacking, Malware, Theft and fraud, Vandalism, Denial-of-service attacks, Databases,
Theft of data, Copying data, Alteration of data, Hardware failure, Software failure.

2. Why is the Internet Vulnerable? (339)

ans: Large public networks, such as the Internet, are more vulnerable than internal networks
because they are virtually open to anyone. The Internet is so huge that when abuses do occur,
they can have an enormously widespread impact. When the Internet becomes part of the
corporate network, the organization’s information systems are even more vulnerable to actions
from outsiders. Telephone service based on Internet technology (see Chapter 7) is more
vulnerable than the switched voice network if it does not run over a secure private network. Most
Voice over IP (VoIP) traffic over the public Internet is not encrypted, so anyone with a network
can listen in on conversations. Hackers can intercept conversations or shut down voice service by
flooding servers supporting VoIP with bogus traffic. Vulnerability has also increased from
widespread use of e-mail, instant messaging (IM), and peer-to-peer file-sharing programs. E-mail
may contain attachments that serve as springboards for malicious software or unauthor- ized
access to internal corporate systems. Employees may use e-mail messages to transmit valuable
trade secrets, financial data, or confidential customer information to unauthorized recipients.
Popular IM applications for consumers do not use a secure layer for text messages, so they can
be intercepted and read by outsiders during transmission over the public Internet. Instant
messaging activity over the Internet can in some cases be used as a back door to an otherwise
secure network. Sharing files over peer-to-peer (P2P) networks, such as those for illegal music
sharing, may also transmit malicious software or expose information on either individual or
corporate computers to outsiders.

3. Define the followings: Computer Virus (340), Worms (341), Trojan horse (341), SQL
Injection Attacks (342), Spyware (343), Keyloggers (343), Hacker (343), Cracker (343),
Spoofing (343), Sniffer (343), DDoS (344), Identity Theft (344), Phishing (345), Evil Twins
(345), Pharming (346), Click Fraud (348), Social Engineering (349), Antivirus software
(361).

ans: A computer virus is a rogue software program that attaches itself to other software
programs or data files in order to be executed, usually without user knowledge or permission.

worms, which are independent computer programs that copy themselves from one computer to
other computers over a network.

A Trojan horse is a software program that appears to be benign but then does something other
than expected.

SQL injection attacks take advantage of vulnerabilities in poorly coded Web application
software to introduce malicious program code into a company’s systems and networks.

Some types of spyware also act as malicious software. These small programs install themselves
surreptitiously on computers to monitor user Web surfing activity and serve up advertising.

Keyloggers record every keystroke made on a computer to steal serial numbers for software, to
launch Internet attacks, to gain access to email accounts, to obtain passwords to protected
computer systems, or to pick up personal information such as credit card and or bank account
numbers.

A hacker is an individual who intends to gain unauthorized access to a computer system.

The term cracker is typically used to denote a hacker with criminal intent.

Spoofing may also involve redirecting a Web link to an address different from the intended one,
with the site masquerading as the intended destination.

A sniffer is a type of eavesdropping program that monitors information traveling over a network.

In a denial-of-service (DoS) attack, hackers flood a network server or Web server with many
thousands of false communications or requests for services to crash the network.

Identity theft is a crime in which an imposter obtains key pieces of personal information.

Phishing involves setting up fake Web sites or sending e-mail messages that look like those of
legitimate businesses to ask users for confidential personal data.

Evil twins are wireless networks that pretend to offer trustworthy Wi-Fi connections to the
Internet.

Pharming redirects users to a bogus Web page, even when the individual types the correct Web
page.

Click fraud occurs when an individual or computer program fraudulently clicks on an online ad
without any intention of learning more about the advertiser or making a purchase.

Many employees forget their passwords to access computer systems or allow coworkers to use
them, which compromises the system. Malicious intruders seeking system access sometimes
trick employees into revealing their passwords by pretending to be legitimate members of the
company in need of information. This practice is called social engineering.

Antivirus software prevents, detects, and removes malware, including computer viruses,
computer worms, Trojan horses, spyware, and adware.

4. What is a Botnet? Briefly describe Botnet with a diagram. (344)

ans: Perpetrators of DDoS attacks often use thousands of “zombie” PCs infected with malicious
software without their owners’ knowledge and organized into a botnet.

Hackers create these botnets by infecting other people’s computers with bot malware that opens a
back door through which an attacker can give instructions. The infected computer then becomes
a slave, or zombie, serving a master computer belonging to someone else. Once hackers infect
enough computers, they can use the amassed resources of the botnet to launch DDoS attacks,
phishing campaigns, or unsolicited “spam” email.

Diagram:
5. What is Authentication (358)? Briefly describe different types of authentication methods.
(358, 359)

ans: To gain access to a system, a user must be authorized and authenticated. Authentication
refers to the ability to know that a person is who he or she claims to be.

Authentication is often established by using passwords known only to authorized users.

A token is a physical device, similar to an identification card, that is designed to prove the
identity of a single user.

Biometric authentication uses systems that read and interpret individ- ual human traits, such as
fingerprints, irises, and voices, in order to grant or deny access.

Two-factor authentication increases security by validating users with a multi-step process. To

be authenticated, a user must provide two means of identification, one of which is typically a
physical token, such as a smartcard or chip-enabled bank card, and the other of which is typically
data, such as a pass- word or PIN (personal identification number).

6. What is Encryption (362)? Briefly describe the method of encrypting with a

diagram.(363)

ans: Encryption is the process of transforming plain text or data into cipher text that cannot be
read by anyone other than the sender and the intended receiver. Data are encrypted by using a
secret numerical code, called an encryption key, that transforms plain data into cipher text. The
message must be decrypted by the receiver. Two methods for encrypting network traffic on
the Web are SSL and S-HTTP.

A public key encryption system can be viewed as a series of public and private keys that lock
data when they are transmitted and unlock the data when they are received. The sender locates
the recipient’s public key in a directory and uses it to encrypt a message. The message is sent in
encrypted form over the Internet or a private network. When the encrypted message arrives, the
recipient uses his or her private key to decrypt the data and read the message.
Diagram: check p-363 figure 8.6

7. Define Firewalls. Briefly describe different types of Firewalls. (360, 361)

ans: Firewalls prevent unauthorized users from accessing private networks. A firewall is a
combination of hardware and software that controls the flow of incoming and outgoing network
traffic.

Packet filtering examines selected fields in the headers of data packets flowing back and forth
between the trusted network and the Internet, examining individual packets in isolation. This
filtering technology can miss many types of attacks.

Stateful inspection provides additional security by determining whether packets are part of an
ongoing dialogue between a sender and a receiver. It sets up state tables to track information over
multiple packets. Packets are accepted or rejected based on whether they are part of an approved
conversation or whether they are attempting to establish a legitimate connection.

Network Address Translation (NAT) can provide another layer of protection when static packet
filtering and stateful inspection are employed. NAT conceals the IP addresses of the
organization’s internal host computer(s) to prevent sniffer programs outside the firewall from
ascertaining them and using that information to penetrate internal systems.

Application proxy filtering examines the application content of packets. A proxy server stops
data packets originating outside the organization, inspects them, and passes a proxy to the other
side of the firewall.
8. (and any diagram drawn in class)

ans: protected & unprotected network diagram

BIG DATA(Ch- 4)
Case-1 (Page- 173)

Questions

1. What is Big Data’s Dark side?

ans: your behavior is being tracked, and you are being targeted on the Web as you move from
site to site in order to expose you to certain “targeted” ads. It’s Big Data’s dark side.

2. What is PLUS?

ans: Plus, Google’s social networking tool, knows about your friendships on Gmail, the places
you go on maps, and how you spend your time on the more than two million websites in
Google’s ad network. It is able to gather this information even though relatively few people use
Plus for their social network.

3. Is tracking anonymous?

ans: By tracking they can develop a very clear picture of who you are, and use that information
to show you ads that might be of interest to you. This would make the marketing process more
efficient, and more profitable for all the parties involved.

4. Why is untargeted banner display inefficient?

ans: While search engine marketing is arguably the most effective form of advertising in history,
untargeted banner display ad marketing is highly inefficient because it displays ads to everyone
regardless of their interests. As a result, these firms cannot charge much for display ads.

5. What data about users are tracked?

ans: You’re also being tracked closely when you use your mobile phone to access the Internet,
visit your Facebook page, get Twitter feeds, watch video, and listen to music.
6. Location data has extraordinary commercial value. Why?

ans: Location data gathered from cell phones has extraordinary commercial value because
advertising companies can send you highly targeted advertisements, coupons, and flash bargains,
based on where you are located. Both Apple’s iPhone and Google’s Android phones collect
personal, private location data, and both firms are building massive databases that can pinpoint
your location.

7. How are cross screen identities used?

ans: Expect those eyes to follow your movements even more in the future as behavioral targeting
becomes even more precise. New software is being developed to help advertisers track users
across devices by establishing cross-screen identities.

CONTINENTAL TIRES (Ch- 7)

CASE- 2 (page- 287)

Questions

1. What is the issue of this case?

ans: Manual tracking was time consuming and inaccurate, and the plant often lost track of tire
components altogether.

2. Name some of the technologies that are used in this case.

ans: Radio frequency identification (RFID) tags, AeroScout MobileView software, mobile
computers, and Global Data Sciences’ material inventory tracking system software.

3. How did they solve the issue?

ans: Continental found a solution in a new real-time location system based on a Wi-Fi wireless
network using radio frequency identification (RFID) tags.

4. What are the benefits the company got after solving the issue?

ans: The Sarreguemines tire factory has increased production from 33,000 to 38,000 tires per
day. Wastage of tire components has been reduced by 20 percent.
MONITORING EMPLOYEES (Ch- 7)
CASE- 3 (Page- 307)

Questions

1. Should managers monitor employee e-mail and Internet usage? Why or why not?

ans: Reason for monitoring: the loss of time, employee productivity, clogging network
connectivity, leakage of confidential information, adverse publicity and lawsuits.

Reason for not monitoring: invasion of privacy results in insecure, uncomfortable feelings, and
feelings of not being trusted.

2. Should managers inform employees that their Web behavior is being monitored? Or
should managers monitor secretly? Why or why not?

ans: insecure, uncomfortable feelings, and feelings of not being trusted.

As a result, loss of productivity and revenue.

Important Notes:
(lec 8 - lec 12)

Computers networks are the foundation of current civilization.

Hubs broadcast data packet, Switches send data packet only to destinations, and routers send data
packet between different networks.
Diagrams: P2P, Bus, Star, Ring, Mesh (based on topology)
Diagrams: LAN, WAN
Examples of PAN, HAN, CAN, MAN
Diagram: The Internet, the network of networks, the largest WAN, uses universal standards.
Example of such universal standards: TCP/IP
IPv4 and IPv6. 32 bit, binary, and 128 bit hexadecimal.
Packet Switching vs. Circuit Switching
TCP/IP Reference Model: Functions of each layer
Signals: Digital vs. Analog
Different parts of the Domain Name System
The quality of which long distant phone call is better, using standard BTCL line or using
Viber?Why?
ans: Viber
Why is data termed as data packet?
What are the different parts of a data packet?
ans; Header, payload, error check.
Chapter 8: Why is security in computer networking important?
Diagram of an Unprotected Computer Network.
Diagram of a Protected Computer Network.