Four companies A., B, C and D, which have similar activities but are not part of a group,have the following computer configurations,Company A: Three stand-alone...

      

Four companies A, B, C and D, which have similar activities but are not part of a group,
have the following computer configurations,
Company A: Three stand-alone micro-computers (CPU, VDU, Keyboard, hard disk and
mouse) each having its own printer.
Company B Small office with 11 micro-computers linked in a Local Area Network (LAN).
Each micro-computer has its own processing ability, but is linked via the
LAN to central printers, disk storage, file server and tape streamer devices.
The LAN is completely self-contained", This means that there are no modems or other similar external devices attached to it.
Company C Four processing locations connected by a Wide Area Network (WAN). Each
location has a LAN in the same configuration as company B, although there is also a
dedicated landline to two of the three. offices (offices are connected in a ring to two of
the other offices). Each server is updated with. data from the other three locations at 15
minutes interval.
Company D Twenty processing locations, each with its own LAN in the same configuration
as company B. All locations are connected in a star configuration to head
office. File servers at each location are updated from head office after every
five minutes, Each location has a reserved external., telephone line for
selected customers to use. Orders by customers are
transmitted direct on to the company D‘s Computer system
Required:
(a) State, with reasons, for each company, what security procedures should be applied to
ensure there is no unauthorized access to its computer system.
(b) Company B is planning to establish additional branches and wants to upgrade its
systems to duplicate those of company D.
State and explain the data communication systems you would recommend

  

Answers


gregory
Terminologies in the question:
LAN (Local Area Network)
This refers to a computer network in which computers and peripheral devices are in close
proximity. Specifically a LAN is a collection of computers within a single office or building
that connect to a common electronic connection commonly known as a network backbone.
Wide Area Network (WAN)
This refers to a computer network that is countrywide or world wide. It normally connects
networks over a large physical area such as different buildings, towns or even countries.
Ring network configuration
In this configuration, each device is connected to the other devices in the network to form a
ring.
Star network configuration
This consists of a number of small computers or peripheral devices linked to a central unit
called a main hub.
(i) Company A
Since the computers are stand-alone, there is no need for network security mechanisms.
Physical measures that could be used to ensure security include:
o Use of bolting door locks at computer room entrances. These locks require the
traditional metal key to gain entry.
o Use of combination door locks (cipher locks). These use a numeric keypad or dial to
gain entry.
o Electronic door locks. This system uses a magnetic or embedded chip-based plastic
card key or token entered into a sensor reader to gain access.
o Manual logging of visitors to the company to discourage intruders.
o Electronic logging of visitors to the company to discourage intruders.
o Identification badges (photo Ids).
o Video cameras.
o Security guards.
o Not advertising the location of computer facilities to make it hard for intruders who
have already gained entry into a company‘s premises to locate the computer facilities.
Logical security measures that could be used to prevent unauthorized access:
o Username and password identification at each terminal to control access to
microcomputer resources.
o Data stored on the stand-alone microcomputers should be encrypted so that an
intruder who has already gained access to the data to be able to read data.
o Token devices, one-time passwords. This is a two-factor authentication that generates
one-time passwords that are good for only one logon session.
o Biometric security access control- based on a physical feature of the user such as finger
print or eye retina scan.
o Data classification- by assigning classes or levels of sensitivity to computer files,
management can establish guidelines for the level of access control that should be
assigned. Confidential data should be given the highest priority when being protected
from unauthorized access.
(ii) Company B
The physical security procedures described for company A could be applied to company B to
ensure that no one has a physical chance of tapping into the corporate LAN. The logical
security procedures described for company A would still apply to company B. In addition
other logical measures would be required for the corporate LAN. These include:
o Use of terminal identification files by communication software to check the
authentication of a terminal when it tries to send or receive messages.
o Data encryption- to protect messages from disclosure during transmission.
o Network monitoring devices may be used to inspect activity from known or unknown
users.
(iii) Company C
Again, the physical security measures described for company A could be used for company C
to secure the computer facilities from physical unauthorized access. The logical security
measures for company A would still hold for company C. Additional logical security
procedures required would be similar to that of company B since company B‘s configuration
(a LAN) is similar to Cs configuration (a WAN composed of many LANs similar to Bs).
Specific emphasis should be on securing data in transit as the servers are updated. An
appropriate data encryption algorithm (scheme) would suffice.
(iv) Company D
The physical security measures should be similar to those of company A. The measures
should be enforced in each of the twenty processing locations. The logical security measures
should be similar to those of companies A, B, and C with the exception that the security
system would be centralized about the head office system to make it more full proof. This is
because in a star configuration, requests for data access must first be channeled to a central
node in the network according to the polling media access control mechanism. The intrusion
detection at the central node (head office computer server) would thus be able to monitor all
system user requests.
Security procedures that should be applied:
b) Data communication systems I would recommend:
1. Modems
These would enable digital data to be transmitted over the telephone links present in
company D‘s network configuration by converting it to an analog form and then
reconverting it at the receiving end.
2.Telecommunication links- to provide interconnectivity between the processing
locationsand the head office.
3.A much more powerful network operating software (e.g. Linux, Unix, Windows NT) to
be able to cope with the large number of users. The network operating software should also
be able to support frequent updates of file servers at each location.
4.Multiplexers
They are required to combine all links from the PCs in a processing location into a
telecommunication link. Multiplexors are thus needed to share telecommunication links
amongst the many users.
gregorymasila answered the question on November 21, 2017 at 16:20


Next: Why are expert information systems not popular in business systems?
Previous: Explain the external business environments

View More Computer Science Questions and Answers | Return to Questions Index


Exams With Marking Schemes

Related Questions