INDEX

Ch No. Chapter Name Page No.

1 Business Process Management & IT 1
2 Information Systems and IT 17
Fundamentals
3 Telecommunication and Networks 33
4 Business Information Systems 52
5 Business Process Automation through 64
Application Software
Past Examination Question Papers
 Chap 1- Business Process Management & IT

Question 1
Define Business Process Re-engineering. Explain it with suitable example.
Answer
Business Process Reengineering (BPR) is defined as the fundamental rethinking and radical redesign of
processes to achieve dramatic improvement, in critical, contemporary measures of performance such as
cost, quality, service and speed. It involves changes in structures and in processes within the business
environment. The entire technological, human, and organizational dimensions may be changed in BPR.
Information Technology plays a major role in BPR as it provides office automation; allows the business to
be conducted in different locations; and provides flexibility in manufacturing, permits quicker delivery to
customers and supports rapid and paperless transactions. In general, it allows an efficient and effective
change in the manner in which work is performed. Business Process Re-engineering is also known as
Business Process Redesign, Business Transformation, or Business Process Change Management.
An example of BPR application
If a bank customer enters into the bank determined to apply for a loan, apply for an ATM card and open
a savings account, most probably s/he must visit three different desks in order to be serviced. When BPR
is applied to an organization, the customer communicates with only one person, called "case manager",
for all three inquiries. Under BPR, while the loan application team processes the loan application, the
case manager "triggers" the account team to open a savings account and the ATM team to supply the
customer with an ATM card. The customer leaves the bank having a response for his loan application, a
new savings account and an ATM card, and all these without having to move around the desks for
signatures and documents. All the customer's requests were satisfied at the same time in parallel motion.
Question 2
Discuss the following:
(a) Six Sigma
(b) BPM Life Cycle
(c) Total Quality Management (TQM)
Or
Write short note on Total Quality Management.
Answer
a) Six Sigma – Six Sigma employs quality management and statistical analysis of process outputs by
identifying and removing the causes of defects (errors) and minimizing variability in manufacturing
and business processes. Each Six Sigma project carried out within an organization follows a defined
sequence of steps and has quantified value targets, for example: reduce process cycle time, reduce
pollution, reduce costs, increase customer satisfaction, and increase profits. It follows a life-cycle
having phases: Define, Measure, Analyze, Improve and Control (or DMAIC) which are described as
follows.
(i) Define: Customers are identified and their requirements are gathered. Measurements that are
critical to customer satisfaction [Critical to Quality, (CTQ)] are identified for further project
improvement.
(ii)Measure: Process output measures that are attributes of CTQs are determined and variables that
affect these output measures are identified. Data on current process are gathered and current
baseline performance for process output measures are established. Variances of output measures

1
 are graphed and process sigma are calculated.
(iii) Analyze: Using statistical methods and graphical displays, possible causes of process output
variations are identified. These possible causes are analyzed statistically to determine root cause
of variation.
(iv) Improve: Solution alternatives are generated to fix the root cause. The most appropriate solution
is identified using solution prioritization matrix and validated using pilot testing. Cost and benefit
analysis is performed to validate the financial benefit of the solution. Implementation plan is
drafted and executed.
(v) Control: Process is standardized and documented. Before and after analysis is performed on the
new process to validate expected results, monitoring system is implemented to ensure process is
performing as designed. Project is evaluated and lessons learned are shared with others.

Define Analysis
Control Measure Optimize Design
Six Sigma BPM
Life Cycle

Improve Analyze Implementation

Run & Monitor

b) BPM Life Cycle (BPM-L) - Business Process Management-Life cycle establishes a sustainable process
management capability that empowers organizations to embrace and manage process changes
successfully. Because it incorporates both human resources and technology—culture, roles and
responsibilities, as well as data content, applications and infrastructure—the approach enables fully
informed decision-making right across an organization.
Phases are Analysis, Design, Implementation, Run & Monitor and Optimize.
(i) Analysis phase: This involves analysis of the current environment and current processes,
identification of needs and definition of requirements.
(ii)Design phase: This involves evaluation of potential solutions to meet the identified needs, business
process designing and business process modeling.
(iii) Implementation phase: This involves project preparation, blue printing, realization, final
preparation, go live and support.
(iv) Run and Monitor phase: This involves business process execution or deployment and business
process monitoring.
(v) Optimize: Iterate for continuous improvement.
c) Total Quality Management (TQM) is a management mechanism designed to improve a product or
process by engaging every stakeholder and all members of an organization as well as the customers
and aims at improving the quality of the products produced and the process utilized. TQM ultimately
aims at complete customer satisfaction through ongoing improvements.
Question 3
Classify each of the following items as belonging in the revenue, expenditure, human resources/payroll,
production, or financing cycle.
(a) Purchase raw materials
(b) Decide how many units to make next month
(c) Pay for raw materials
(d) Disburse payroll checks to factory workers
(e) Hire a new assistant controller

2
 Team SPC Felicitating
AIR’s of CA FINAL NOV-2018
(f) Update the allowance for uncollectible accounts
(g) Establish a 10,000 credit limit for customer XYZ Company
Answer
(a) Expenditure Cycle (b) Production Cycle
(c) Expenditure Cycle (d) Payroll Cycle
(e) Payroll Cycle (f) Financial Reporting Cycle
(g) Revenue Cycle
Question 4
Explain different types of relationships in Entity-Relationship Model with suitable examples.
Answer
Relationship: It is defined as an association between two or more entities.
Types of Relationships in E-R Model are as follows:
(i) One-to-One relationship (1:1) - A One-to-One relationship is shown on the diagram by a line
connecting the two entities.
Example: A Teacher may be in-charge of a class. Each class must be in-charge of by one teacher.

A student has one and only one Report card. Each report card is owned by one and only one student.

(ii) One-to-Many relationships (1: N) – A One-to-Many relationship is shown on the diagram by a line
connecting the two entities with a “crow's foot” symbol denoting the 'many' end of the relationship.
Example: A student may borrow some books from the library. A book in the library may be borrowed by
at most a student.

A class is formed by a group of atleast one student. Each student is allocated to one and only one class.

(iii) Many-to-One relationships (M:1) – It is the reverse of One-to-Many relationship.

Example: As in two or more parent records to a single child record. For example,

When three administrators in a small town report to one minister.

3
(iv) Many-to-Many relationships (M:N) - A Many-to-Many relationship is shown on the diagram by a
line connecting the two entities with 'crow's foot' symbols at both ends.
Example: A student enrolls in atleast one course. A course is enrolled by at least one student.

A student may apply for more than one scholarship. Each scholarship may receive some applications
from student, or none.

Question 5
A university consists of a number of departments. Each department offers several courses. A number of
modules make up each course. Students enroll in a particular course and take modules towards the
completion of that course. Each module is taught by a lecturer from the appropriate department, and
each lecturer tutors a group of students. Draw an E-R Diagram.
Answer
First we will identify entities which are - Department, Course, Module, Student, Lecturer.
Further, following are the relationships:
(a) Each department offers several courses;
(b) A number of modules make up each course;
(c) Students enroll in a particular course;
(d) Students take modules;
(e) Each module is taught by a lecturer;
(f) A lecturer from the appropriate department; and lecturer tutors a group of students.

4
Question 6
Draw a Context Level Diagram for Payroll Processing System that interacts with the following five agents:
Government Agencies; Employees; Management; Time Keeping and Human Resources.
Answer

The DFD shown in the figure displays the inputs and outputs of the payroll processing application as well
as the data sources and destinations external to the application. Thus this context diagram uses
rectangles to identify Timekeeping and Human Resources as external entities, despite the fact that these
departments are internal to the company. This is because those entities are external to the Payroll
Processing System under study.
Question 7
Differentiate between Flowchart and Data Flow Diagram.
Answer
Flowchart Data Flow Diagram (DFD)
Flow chart presents steps to Data Flow Diagram presents the flow of
complete a process. data.
Flow chart does not have any DFD describes the path of data from an
input from or output to an external source to internal source or
external source. vice versa.
The timing and sequence of the Whether processing of data is taking
process is aptly shown by a place in a particular order or several
flowchart. processes are taking place
simultaneously is described by a DFD.
Flow chart shows how to make a DFD defines the functionality of a
system function. system.
Flow chart is used in designing a DFD is used to describe the path of
process. data that will complete the process.
Types of Flow charts – System, Types of DFD – Physical data flow and
Data, Document and Program. Logical data flow.
Question 8
A bicycle shop in Delhi hires bicycles by the day at different rates as shown in table:-
Season Charges per day
Spring (March - May) 8.00
Summer (June - August) 9.50
Autumn (Sept - Nov.) 5.00
Winter (Dec. - Feb.) 6.00

5
To attract his customers, the proprietor also gives a discount on the number of days a bicycle is hired for.
If the hire period is more than 10 days, a reduction of 15% is made. For every bicycle hired, a deposit of
20 must be paid.
Develop a flowchart to print out the details for each customer such as name of customer, number of
days a bicycle is hired for, hire-charges and total charges including the deposit. It is also assumed
that there are 25 customers and complete details for each customer such as name of customer, season
and number of days the bicycle is required for is inputted through console.
Answer
The required flowchart is shown in Fig.
Start

Clear all working locations

A
Read NAME, SEAS, DAYS

N= N + 1

Yes
SEAS = SPRING Rate = 8.00

No

SEAS = SUMMER Yes

RATE = 9.50

No

SEAS = AUTUMN Yes

RATE = 5.00

No
Yes
SEAS = WINTER RATE = 6.00

No Yes
Print Invalid SEAS DAY > 10 NRT = RATE - RATE * 0.15

No

NRT =RATE

HCHG = DAYS * NRT

Print NAME, DAYS,
HCHG, TCHG
TCHG = HCHG + 20.00
B

N ≥ 25 A
No

Yes

Stop

6
Question 9
A company has 2,500 employees. Their salaries are stored as J(s), 1, 2, ---- 2500. The salaries are divided
in four categories as under:
(i) Less than ₹1,000 (ii) ₹ 1,000 to ₹2,000
(iii) ₹ 2,001 to ₹ 5,000 (iv) Above ₹ 5,000.
Draw a flow chart for finding the percentage of the employees in each category.
Answer
The flow chart is as follows:

Question 10
Discuss benefits and limitations of Flowchart.
Answer
The benefits of flowcharts are elucidated below:
a) Quicker grasp of relationships – Before any application can be solved, it must be understood, the
relationship between various elements of the application must be identified. The programmer can
chart a lengthy procedure more easily with the help of a flowchart than by describing it by means of
written notes.
b) Effective Analysis – The flowchart becomes a blue print of a system that can be broken down into
detailed parts for study. Problems may be identified and new approaches may be suggested by
flowcharts.
c) Communication – Flowcharts aid in communicating the facts of a business problem to those whose
skills are needed for arriving at the solution.
d) Documentation – Flowcharts serve as a good documentation which aid greatly in future program

7
 conversions. In the event of staff changes, they serve as training function by helping new employees in
understanding the existing programs.
e) Efficient coding – Flowcharts act as a guide during the system analysis and program preparation phase.
Instructions coded in a programming language may be checked against the flowchart to ensure that no
steps are omitted.
f) Orderly check out of problem – Flowcharts serve as an important tool during program debugging. They
help in detecting, locating and removing mistakes.
g) Efficient program maintenance – The maintenance of operating programs is facilitated by flowcharts.
The charts help the programmer to concentrate attention on that part of the information flow which is
to be modified.
The limitations of flowcharts are given below:
a) Complex logic – Flowchart becomes complex and clumsy where the problem logic is complex. The
essentials of what is done can easily be lost in the technical details of how it is done.
b) Modification – If modifications to a flowchart are required, it may require complete re- drawing.
c) Reproduction – Reproduction of flowcharts is often a problem because the symbols used in flowcharts
cannot be typed.
d) Link between conditions and actions – Sometimes it becomes difficult to establish the linkage between
various conditions and the actions to be taken there upon for a particular condition.
e) Standardization – Program flowcharts, although easy to follow, are not such a natural way of
expressing procedures as writing in English, nor are they easily translated into Programming language.
Question 11
What are the various key factors to be considered in implementing Business Process Management (BPM) in
an enterprise?
Answer
Various key factors to be considered in implementing Business Process Management (BPM) in an
enterprise are as follows:

Factor Key
s Considerations
Scope A single process, a department, the entire company.
Goals Process understanding, Process Improvement,
Process Automation/ Optimization and Process re-
engineering.
Methods to be used Six Sigma, BPM Life Cycle Method, TQM, Informal
methods.
Skills Required Consultants, Train Employees, Formal Certification,
Basic Education, Existing Skill sets.
Tools to be used White-Boards, Sticky Notes, Software For
Mapping, Documenting, Software for
Simulation, Comprehensive BPMS.
Investments to Make Training, Tools, Time.
Sponsorship/Buy-in Executive Level, Department Level, Process Owner
Needed Level, Employee Level.

8
 Team SPC Felicitating
AIR’s of CA INTERMEDIATE NOV-2018
Question 12
What are the major reasons for failure of Business Process Management System (BPMS)?
Answer
Major reasons for the failure of Business Process Management Systems (BPMS) include the following:
a) Inadequate investment in ongoing training for involved personnel;
b) Lack of corporate policy protecting the integrity of the data in the BPM Systems;
c) Superficial or deficient executive involvement;
d) Deficient project management;
e) Breakdown in gap analysis;
f) Limited options for customization of the BPM software are required;
g) Not flexible enough or too complicated to be customized to meet the precise workflow and business
process;
h) Failure to identify future business needs;
i) Inadequate assessment of the need for change management;
j) Persistent compatibility problems with the diverse legacy systems of the partners;
k) Resources not available when desirable;
l) Software fails to meet business needs;
m) System may be over-engineered when compared to the actual requirements; and
n) Technological obsolescence.
Question 13
A Housing Society in a newly developed Smart City has provided several advanced security systems to
each house in that city. Based on the value of these advanced security systems installed in each house,
the Society has divided all the houses in four categories and fixed the criteria for annual maintenance
charges as under:

House Maintenance charges as % of value of advanced

Category security systems installed at house
A 8%
B 6%
C 4%
D 3%
In addition to above there is a service tax @ 12.36% on the amount of maintenance charges. Considering
house number and value of advanced security system installed, as input, draw a flow chart to have
printed output as house number, maintenance charges, service tax and the total amount to be paid by
each house owner.
Answer
Let us define the variables first.
HNO : House Number HC : House Category
VAL_ASS : Value of Advanced Security Systems MC : Maintenance Charges
ST : Service Tax TA : Total Amount
The desired flowchart is given as follows:

9
 Start

Read HNO,VAL_ASS

Yes
If HC= A? MC = 0.08 * VAL_ASS

No

If HC= B? MC = 0.06 * VAL_ASS

Yes
No
Yes
If HC= C? MC = 0.04 * VAL_ASS

MC = 0.03 * VAL_ASS

ST = 0.1236 * MC
TA = MC + ST

Print HNO, MC, ST, TA

Yes
More HNO?

No

Stop

Question 14
What are the key benefits of Business Process Automation (BPA)?
Answer
The key benefits of Business Process Automation are as follows:
a) Saving on costs: Automation leads to saving in time and labor costs through higher efficiency and
better management of the people involved.
b) Staying ahead in competition: Today, in order to survive, businesses need to adopt automation.
c) Fast service to customers: Automation shortens cycle times in the execution of processes through
improved and refined business workflows and help enterprises to serve their customers faster and
better.
d) Reducing the impact of human error: BPA removes human participation in the process, which is the
source of many errors.
e) Transforming data into information: BPA can, apart from collecting and storing data also analyze data and
make it available in a form that is useful for decision -making.
f) Improving performance and process effectiveness: In many cases, tasks that must be done manually
are the bottlenecks in the process. Automating those manual tasks, speeds up the effective throughput
of the application.

10
g) Making users more efficient and effective: People can focus their energies on the tasks they do best,
allowing the computers to handle those that machines are best suited for.
h) Making the business more responsive: Enterprises can easily automate new applications and
processes as they are introduced that provide greater control over business and IT processes.
i) Improving collaboration and information sharing: Business processes designed through a collaborative
mean IT can integrate its processes with the business -side logic that drives day-to-day operations.
Question 15
ABC Limited is a software development company, which appointed 50 software engineers in August’ 2014
at a monthly salary of ₹ 30,000. All these engineers shall be entitled for an increment in their monthly
salary after six months. The increment on present monthly salary shall be based on their performance to
be evaluated on a 100 marks scale as per detains given below:
- Performance Marks < 70, then increment shall be 10% of present salary.
- 70 ≤ Performance marks < 80, then increment shall be 20% of present salary.
- Performance marks ≥ 80, then increment shall be 30% of present salary.
Draw a Flow-Chart to enable to print the details like name of the engineer, performance marks, monthly
increment amount and revised monthly salary for each of these 50 engineers.
Answer
Let us define the variables first:
PM: Performance Marks. RESAL: Revised Monthly Salary.
INCAMT: Increment Amount. NAME: Name of Engineer.
N: Pointer to track number of Engineers INCREMENT:0

11
Question 16
Write short note on the following:
(a) Radical Redesign
(b) Entity-Relationship Diagram
(c) Business functions of Value Chain
Answer
(a) Radical Redesign: Radical redesign means that Business Process Reengineering (BPR) is reinventing and
not enhancing or improving. In other words, BPR is based on the understanding that the products and
services a company offers to the market are provided through business processes, and a radical
redesign of these processes is the road to success. A radical rethinking on the way the business is run
brings the finest out of the organization.
(b) Entity-Relationship Diagram: An Entity-Relationship (ER) diagram is a data modeling technique that
creates a graphical representation of the entities, and the relationships between entities, within an
information system. ER diagrams repeatedly bring into play symbols to symbolize three dissimilar
types of information. Boxes are commonly used to represent entities. Diamonds are normally used to
represent relationships. A relationship is an association that exists between two entities.
(c) Business functions of the Value Chain are as follows:
 Research and Development;
 Design of products, services, or processes;
 Production;
 Marketing and Sales;
 Distribution; and
 Customer Service
Question 17
A bank has 500 employees. The salary paid to each employee is sum of his basic pay, Dearness Allowance
and House rent allowance. For the purpose of computing house rent allowance bank has classified his
employees into three classes A, B and C. The house rent allowance for each class is computed at the rate
of 30 percent, 20 percent and 10 percent of the basic pay respectively. The dearness allowance is
computed at a flat rate of 60 percent of the basic pay. Draw a flow chart to determine the percentage of
employee falling in the each of the following salary slabs:
(i) Above ₹ 30,000 (ii) ₹15,001 to ₹30,000
(iii) ₹8,001 to ₹ 15,000 (iv) Less than or equal to ₹8,000.
Answer
Abbreviations used are as follows:
P1: Percentage of employees falling in salary slab (salary<=8,000);
P2: Percentage of employees falling in salary slab (8,001<= salary<=15,000)
P3: Percentage of employees falling in salary slab (15,001<= salary<=30,000)
P4: Percentage of employees falling in salary slab (salary >=30,000)
I: Count of number of employees
The required flowchart is given below:

12
Question 18
Mention the challenges in implementing ‘Business Process Automation’.
Answer
Some of the challenges in implementing Business Process Automation (BPA) are as follows:
d) The number of interfaces with the customers is growing (e.g. phone, fax, email, sms, PDA, etc.);
e) The product, service and price options have increased the complexity of the business;
f) Most organizations have a whole suite of ‘build and buy’ systems and applications, often each with its
own data format; and
g) Budgets are being cut.
Question 19
An E-commerce site has the following cash back offers.
(i) If the purchase mode is via website, an initial discount of 10% is given on the bill amount.
(ii) If the purchase mode is via phone app. An initial discount of 20% is given on the bill amount.

13
(iii) If done via any other purchase mode, the customer is not eligible for any discount. Every purchase
eligible to discount is given 10 reward points.
(a) If the reward points are between 100 and 200 points, the customer is eligible for a further 30%
discount on the bill amount after initial discount.
(b) If the reward points exceed 200 points, the customer is eligible for a further 40% discount on the bill
amount after initial discount.
Taking purchase mode, bill amount and number of purchases as input draw a flowchart to calculate and
display the total reward points and total bill amount payable by the customer after all the discount
calculation.
Answer
Let us define the variables first:
PM: Purchase Mode
BA: Bill Amount
TBA: Total Bill Amount
NOP: Number of Purchases
TRP: Total Reward Points
IN_DISC: Initial Discount
ET_DISC: Extra Discount on purchases eligible to Initial Discount
N: Counter (to track the number of purchases)

14
Question 20
ABC Limited is planning to implement Business Process Management Systems (BPMS). The Management
asked you to briefly explain some benefits of BPMS to help them to take a decision on BPMS.
Answer
Some of the benefits of Business Process Management Systems (BPMS) are as follows:
(a) Automating repetitive business processes: Processes such as report creation and distribution or the
monitoring of or reporting on company’s Key Performance Indicators (KPI) reduces the manual
operational costs and helps employees to concentrate on activities that are important to the success
of business.
(b) BPMS works by 'loosely coupling' with a company's existing applications: This enables it to monitor,
extract, format and distribute information to systems and people; in line with business events or rules.
(c) Operational Savings: BPM focuses on optimization of processes. The processes that are repetitive are
optimized and lead to reduced expenses which translate to immediate cost savings. By automating a
task, ROI of BPM that requires six hours of manual intervention, one can expect to cut that time to half.
Thus, three hours multiplied by the number of times the process is completed in a cycle will yield
significant cost saving.
(d) Reduction in the administration involved in Compliance and ISO Activities: Be it a quality assurance
initiative such as the ISO standards, a financial audit law, or an IT systems best‐practice implementation,
companies worldwide are seeing the need to manage compliance as part of their everyday business
activities. The BPM is ideally suited to help support companies in their quest for process improvement
and compliance/governance certification. It gives full control over process and document change,
clarity of inherent risks, and ease with which process knowledge is communicated across the
company.
(e) Freeing‐up of employee time: While the euphuism “time is money” is often over: used, it is very
relevant to this topic, because in business, for each additional hour it takes to complete a manual
business process, there is a hard cost associated with employee time as well as soft costs associated
with losing business or lowered productivity. Another area where time comes into play is in
opportunity costs.
Question 21
A company ABC Ltd. is engaged in selling consumer goods to different categories of customers. In order to
increase its sales, different types of discounts are offered to customers. The policy of discount is as given
below:
(i) On cooking range, a discount of 12 percent is allowed to dealers and 9 percent to retailers irrespective
of the value of the order.
(ii) A discount of 12 percent is allowed on washing machine irrespective of the category of customer and
the value of the order.
(iii) On decorative products, dealers are allowed a discount of 20 percent provided that the value of the
order is ₹ 10,000 and above. Retailers are allowed a discount of 10 percent irrespective of the value of
the order.

15
16
 Chap 2 -Information Systems and IT Fundamentals
Question 1
Define the following:
(a) Multiprocessing (b) Hardware Virtualization
(c) Cloud Computing (d) Groupware
(e) Computer Bus (f) Memory Controller
(g) Direct Memory Access (DMA)
Answer
(a) Multiprocessing: Multiprocessing is the use of two or more Central Processing Units (CPUs) within a
single computer system to allocate tasks between them.
(b) Hardware Virtualization: Hardware Virtualization or Platform Virtualization refers to the creation of a
virtual machine that acts like a real computer with an operating system. Software executed on these
virtual machines is separated from the underlying hardware resources.
(c) Cloud Computing: Cloud computing is the use of various services, such as software development
platforms, servers, storage, and software, over the Internet, often referred to as the "cloud."
(d) Groupware: Groupware also known as Team-ware, Collaboration Software is software that allows
collective and collaborative working of teams from different geographical locations on an online and
real-time basis.
(e) Computer Bus: Computer Bus is a communication system that transfers data between components
inside a computer, or between computers that covers all related hardware components (wire, optical
fiber, etc.) and software, including communication protocol.
(f) Memory Controller: Memory Controller is a digital circuit which manages the flow of data going to and
from the main memory and can be a separate chip or integrated into another chip.
(g) Direct Memory Access (DMA): Direct Memory Access (DMA) is a feature of modern computers
that allows certain hardware subsystems within the computer to access system memory
independently of the Central Processing Unit (CPU).
Question 2
Write short notes on the following:
(a) Bluetooth
Or
What is Bluetooth? Name any two devices that utilize Bluetooth technology.
(b) Wi-Fi (c) Tablet
(d) Smart Phone (e) Touchpad
(f) Notebook (g) Cache Memory
(h)Virtual Memory (i) Instruction Set Architecture (ISA)
(j) Micro Architecture (k) Software as a Service (SaaS)
(l) Android (m) WhatsApp Messenger

Answer
a) Bluetooth: Bluetooth is a wireless technology standard for exchanging data over short distances up to
50 meters (164 feet) from fixed and mobile devices, creating personal Area Networks (PANs) with
high levels of security. Bluetooth is like a very low-power, short- range radio signal which is secure
from the moment they're sent, so unlike any other wireless network we don't have to worry about
turning on security. Few devices that utilize Bluetooth technology are Keyboards and mice, Printers,
mobile phones and headsets, PDAs (Personal Digital Assistants), Desktop and laptop computers,

17
 Digital cameras, and Remotes. Through the use of a mobile phone with Bluetooth enabled; we can
send pictures, videos, exchange business cards and also transfer files to our PC. Both data and voice
transmissions can be sent and received through the use of short range networks.
b) Wi-Fi: Wi-Fi is a popular wireless networking technology that uses radio waves to provide wireless
high-speed Internet and network connections. Wi-Fi networks have limited range. A typical wireless
access point might have a range of 32 meters (120 ft.). Wi-Fi can be less secure than wired
connections because an intruder does not need a physical connection. Wi-Fi networks use radio
technologies called 802.11 to provide secure, reliable, fast wireless connectivity. A Wi-Fi network can
be used to connect electronic devices to each other, to the Internet, and to wired networks (which
use Ethernet technology). Wi-Fi networks work well for small businesses providing connectivity
between mobile salespeople, floor staff and behind-the-scenes finance and accounting
departments.
c) Tablet: A Tablet computer, or simply tablet is a one piece general-purpose computer contained in a
single panel. Its distinguishing characteristic is the use of a touch screen as the input device. Tablet
PCs have extreme portability, easy to use interfaces and the wide range of ways they can be used.
Some features of Tablets are as follows:
a. Input Method: Tablets rely solely on a touch interface on the screen for all input.
b. Size: Tablets have the size roughly of a small pad of paper and a weight that is less than one Kg.
c. Battery Life: Tablets are designed for efficiency because of the low power requirements of their
hardware components. Tablets can achieve all day usage.
d. Storage Capacity: Most tablets come with configurations that allow between 16 and 64 gigabytes
of storage.
e. Performance: Most tablet PCs are based on extremely low powered processors more suited for
tasks like email, web browsing, playing video or audio.
f. Software: The two major tablet platforms are Android and iOS amongst plenty of applications that
are available.
g. Wireless: Because tablets by design are mobile computers; most of them have Wi- Fi, blue tooth
and mobile connectivity.
d) SmartPhone: A SmartPhone is a mobile phone built on a mobile operating system with more advanced
computing capability connectivity than a feature phone. This handheld device integrates mobile phone
capabilities with the more common features of a handheld computer or PDA. Smartphone allows users
to store information, e-mail and install programs, along with using a mobile phone in one device.
Modern SmartPhones also include high-resolution touch screens and web browsers that display
standard web pages as well as mobile-optimized sites. High-speed data access is provided by Wi-Fi
and mobile broadband.
e) Touchpad: A Touchpad is a pointing device featuring a tactile sensor, a specialized surface that can
translate the motion and position of a user's fingers to a relative position on screen. Touchpad is a
common feature of laptop computers, can also be found on Personal Digital Assistants (PDAs) and
some portable media players.
f) Notebook: Notebook is an extremely lightweight personal computer that typically weighs less than 3
Kg and is small enough to fit easily in a briefcase. Notebook computers use flat-panel technologies to
produce a lightweight and non-bulky display screen. Modern notebook computers are almost
equivalent to personal computers having the same CPUs, memory capacity and disk drives.
g) Cache Memory: Cache Memory (pronounced as cash) is a smaller, faster memory which stores copies
of the data from the most frequently used main memory locations so that Processor/Registers can
access it more rapidly than main memory. It is the property of locality of reference, which allows
improving substantially the effective memory access time in a computer system.
h) Virtual Memory: Virtual Memory is an imaginary memory area supported by some operating systems

18
 (for example, Windows) in conjunction with the hardware. If a computer lacks the Random Access
Memory (RAM) needed to run a program or operation, Windows uses virtual memory to compensate.
Virtual memory combines computer’s RAM with temporary space on the hard disk. When RAM runs
low, virtual memory moves data from RAM to a space called a paging file. Moving data to and from the
paging file frees up RAM to complete its work. Thus, Virtual memory is an allocation of hard disk
space to help RAM.
i) Instruction Set Architecture (ISA): It is the abstract model of a computing system that is seen by a
machine language programmer, including the instruction set, memory address modes, processor
registers, and address and data formats. Instruction Set Architecture (ISA) is related to the
programming of a computer – that is, how the computer understands, what each element in its basic
language means, what instructions are to be carried out and in what order, etc. The ISA basically deals
with what the chip does.
j) Micro architecture: It, also known as Computer organization, is a lower level detailed description of
the system that is sufficient for completely describing the operation of all parts of the computing
system, and how they are inter-connected and inter-operate in order to implement the ISA. The
Micro architecture can be seen as how the ISA does and what it does. It is the term used to describe
the resources and methods used to achieve architecture specification. The term typically includes the
way in which these resources are organized as well as the design techniques used in the processor to
reach the target cost and performance goals. The micro architecture essentially forms a specification
for the logical implementation.
k) Software as a Service (SaaS): It includes a complete software offering on the cloud. Users can access a
software application hosted by the cloud vendor on pay-per-use basis. SaaS is a model of software
deployment where an application is hosted as a service provided to customers across the Internet by
removing the need to install and run an application on a user’s own computer. SaaS can alleviate the
burden of software maintenance and support but users relinquish control over software versions
and requirements.
l) Android: Android is a Linux-based operating system designed primarily for touch screen mobile devices
such as smart phones and tablet computers. Android is an open source and the permissive licensing
allows the software to be freely modified and distributed by device manufacturers, wireless carriers
and enthusiast developers. Android provides access to a wide range of useful libraries and tools
that can be used to build rich applications.
m)WhatsApp Messenger: It is a cross-platform mobile messaging application which allows us to
exchange messages without having to pay for SMS. It is available for iPhone, BlackBerry, Android,
Windows phone, Nokia and these phones can message each other. Because WhatsApp Messenger uses
the same internet data plan that we use for e-mail and web browsing, there is no cost to message and
stay in touch with friends.
Question 3
What are the three critical pillars of Business Process Automation (BPA)?
Answer
Business Process Automation rests on the following three critical pillars:
a) Integration: BPA allows applications and operating systems not only to read data that the systems
produce, but also to pass data between the component applications of the business process and to
modify the data as necessary.
b) Orchestration: The process of orchestration enables the ability to bring tasks that exist across multiple
computers and different business departments or branches under one umbrella that is the business
process itself.

19
c) Automation: Orchestration and integration unite with automation to deliver the capability to provide a
rule-based process of automatic execution that can span multiple systems and enable a more effective,
nimble and efficient business process.
Question 4
Discuss some of the benefits of using Business Process Automation.
Answer
Some benefits of using Business Process Automation include:
a) Reducing the Impact of Human Error: BPA removes human participation in the process, which is the
source of many errors.
b) Transforming Data into Information: BPA can, apart from collecting and storing data also analyze data
and make it available in a form that is useful for decision-making.
c) Improving performance and process effectiveness: In many cases, tasks that must be done manually
are the bottleneck in the process. Automating those manual tasks speeds up the effective throughput
of the application.
d) Making users more efficient and effective: People can focus their energies on the tasks they do best,
allowing the computers to handle those that machines are best suited for.
e) Making the business more responsive: Business can easily automate new applications and processes as
they are introduced.
f) Improving Collaboration and Information Sharing: Business processes designed through a
collaborative interface mean Information Technology can integrate its processes with the business-side
logic that drives day-to-day operations.

Question 5
Discuss different types of servers based on the services they provide.
Answer
There are different types of servers based on the nature of service they provide. Some of them are given
as follows:
a) File server: This is a computer and storage device dedicated to storing files. Any user on the network
can store files on the server.
b) Print server: This is a computer that manages one or more printers.
c) Network server: This is a computer that manages network traffic.
d) Database server: This is a computer system that processes database queries.
e) Application Server: This is a program that handles all application operations between users
and an enterprise's backend business applications or databases.
f) Web Server: Web server is a computer that delivers (serves up) web pages. Every web server has an IP
address and possibly a domain name. For example, if we enter the URL http://www.icai.org in our
browser, this sends a request to the Web server whose domain name is icai.org. The server then
fetches the named home page and sends it to our browser. Any computer can be turned into a Web
server by installing server software and connecting the machine to the Internet.
g) Mail Server: Mail server moves and stores mail over corporate networks.
Question 6
What is cloud computing? Describe any three types of clouds in cloud computing environment. Or
What are the different types of clouds in a Cloud computing environment?
Answer
Cloud Computing: Cloud computing is the use of various services, such as software development
platforms, servers, storage, and software, over the Internet, often referred to as the "Cloud."
The Cloud Computing environment can consist of multiple types of clouds based on their deployment and
usage. They are Public Cloud, Private/Internal Cloud, Community Cloud and Hybrid Cloud.

20
a) Public Clouds: The public cloud is made available to the general public or a large industry group. They
are administrated by third parties or vendors over the Internet, and services are offered on pay-per-
use basis. It is widely used in the development, deployment and management of enterprise
applications, at affordable costs; and allows organizations to deliver highly scalable and reliable
applications rapidly and at more affordable costs.
b) Private/Internal Clouds: This cloud computing environment resides within the boundaries of an
organization and is used exclusively for the organization’s benefits. They are built primarily by IT
departments within enterprises who seek to optimize utilization of infrastructure resources within the
enterprise by provisioning the infrastructure with applications using the concepts of grid and
virtualization. The Private Cloud enables an enterprise to manage the infrastructure and have more
control.
c) Community Clouds: This is the sharing of computing infrastructure in between organizations of the
same community. For example, all Government organizations within India may share computing
infrastructure on the cloud to manage data. The risk is that data may be stored with the data of
competitors.
d) Hybrid Clouds: It is a composition of two or more clouds (Private, Community or Public) and is
maintained by both internal and external providers. Though they maintain their unique identity,
they are bound together by standardized data and application portability. With a hybrid cloud,
organizations might run non-core applications in a public cloud, while maintaining core applications and
sensitive data in-house in a private cloud.

Question 7
Discuss Cloud Computing architecture.
Answer
Cloud Computing architecture refers to the components and subcomponents that typically consist of a
front end platform (fat client, thin client, mobile device), back end platform (servers, storage), a cloud
based delivery, and a network (Internet, Intranet, Intercloud). Cloud architecture typically involves
multiple cloud components communicating with each other over a tight or loose coupling of cloud
resources, services, middleware, and software components.
A cloud computing architecture consists of two parts - Front End and a Back End that connect to each
other through a network, usually the Internet. The front end is the side the computer user or client, sees.
The back end is the “cloud” section of the system.
a) Front End: The front end of the cloud computing system comprises of the client’s devices (or it may be
a computer network) and some applications are needed for accessing the cloud computing system. All
the cloud computing systems do not give the same interface to users. For example - Web services like
electronic mail programs use some existing web browsers such as Firefox, Microsoft’s Internet
Explorer or Apple’s Safari. Other types of systems have some unique applications which provide
network access to its clients.
b) Back End: Back end refers to some physical peripherals. In cloud computing, the back end is cloud
itself which may encompass various computer machines, data storage systems and servers. Groups of
these clouds make a whole cloud computing system. Theoretically, a cloud computing system can
include practically any type of web application program such as video games to applications for data
processing, software development and entertainment residing on its individual dedicated server for
services. There are some set of rules, generally called as Protocols which are followed by this server
and it uses a special type of software termed as Middleware that allow computers that are connected
on networks to communicate with each other. If any cloud computing service provider has many
customers, then there’s likely to be very high demand for huge storage space. Many companies that
are service providers need hundreds of storage devices.

21
Question 8
Discuss Service models of Cloud Computing.
Answer
Service Models of Cloud Computing are as follows:
a) Infrastructure as a Service (IaaS): It is the foundation of cloud services that provides clients with
access to server hardware, storage, bandwidth and other fundamental computing resources. The
service is typically paid for on a usage basis and may also include dynamic scaling so that if the
customer needs more resources than expected, s/he can get them on the fly (probably to a given
limit). It provides access to shared resources on need basis, without revealing details like location and
hardware to clients.
b) Software as a Service (SaaS): It includes a complete software offering on the cloud. Users can access a
software application hosted by the cloud vendor on pay-per-use basis. SaaS is a model of software
deployment where an application is hosted as a service provided to customers across the Internet by
removing the need to install and run an application on a user’s own computer. SaaS can alleviate the
burden of software maintenance and support but users relinquish control over software versions
and requirements.
c) Platform as a Service (PaaS): It provides clients with access to the basic operating software and
optional services to develop and use software applications (e.g. database access and payment service)
without the need to buy and manage the underlying computing infrastructure. For example, Google
App Engine allows clients to run their web applications (i.e. software that can be accessed using a web
browser such as Internet Explorer over the internet) on Google’s infrastructure.
d) Network as a Service (NaaS): It is a category of cloud services where the capability provided to the
cloud service user is to use network/transport connecting services. NaaS involves optimization of
resource allocation by considering network and computing resources as a whole. Some of the
examples are: Virtual Private Network, Mobile Network Virtualization etc.
e) Communication as a Service (CaaS): CaaS is an outsourced enterprise communication solution that
can be leased from a single vender. The CaaS vendor is responsible for all hardware and software
management and offers guaranteed Quality of Service (QoS). It allows businesses to selectively deploy
communication devices and modes on a pay-as- you-go, as-needed basis. This approach eliminates the
large capital investments. Examples are: Voice over IP (VoIP), Instant Messaging (IM), Collaboration
and Videoconferencing application using fixed and mobile devices.
Question 9
What is Mobile Computing? Discuss its components.
Answer
Mobile Computing: Mobile Computing is the use of portable computing devices (such as laptop and
handheld computers) in conjunction with mobile communication technologies to enable users to access
the Internet and data on their home or work computers from anywhere in the world. Mobile computing is
enabled by use of mobile devices (portable and hand held computing devices) such as PDA, laptops,
mobile phones, MP3 players, digital cameras, tablet PC and Palmtops on a wireless network.
Mobile computing involves Mobile Communication, Mobile Hardware and Mobile Software; which are
discussed as follows:
a) Mobile Communication: Mobile Communication refers to the infrastructure put in place to ensure
that seamless and reliable communication goes on. These would include devices such as Protocols,
Services, Bandwidth and Portals necessary to facilitate and support the stated services. The data
format is also defined at this stage. The signals are carried over the air to intended devices that are
capable of receiving and sending similar kind of signals. It will incorporate all aspects of wireless
communication.

23
b) Mobile Hardware: Mobile Hardware includes mobile devices or device components that receive or
access the service of mobility. They would range from Portable laptops, Smart phones, Tablet PC’s to
Personal Digital Assistants. These devices will have receptors that are capable of sensing and receiving
signals. These devices are configured to operate in full- duplex, whereby they are capable of sending
and receiving signals at the same time.
c) Mobile Software: Mobile Software is the actual program that runs on the mobile hardware. It deals
with the characteristics and requirements of mobile applications. This is the engine of that mobile
device. In other terms, it is the operating system of that appliance. It is the essential component that
makes the mobile device operates.
Question 10
What is a Database Model? Discuss its various types.
Answer
A Database Model is a type of data model that determines the logical structure of a database and
fundamentally determines in which manner data can be stored, organized and manipulated. Some
prominent database models are as follows:
a) Hierarchical Database Model: In a hierarchical database model, records are logically organized into a
hierarchy of relationships. A hierarchically structured database is arranged logically in an inverted tree
pattern. All records in hierarchy are called nodes. The top parent record in the hierarchy is called the
root record. Records that “own” other records are called parent records. Each node is related to the
others in a parent-child relationship. Each parent record may have one or more child records, but no
child record may have more than one parent record.
Thus, the hierarchical data structure implements one-to-one and one-to-many relationships. (Refer
the fig.)

Pavement Improvement

Reconstruction Maintenance Rehabilitation

Routine Corrective Preventive

b) Network Database Model: The network model is a variation on the hierarchical model such that it is
built on the concept of multiple branches (lower-level structures) emanating from one or more
nodes (higher-level structures) and that branch may be connected to multiple nodes. The network
model is able to represent redundancy in data more efficiently than in the hierarchical model. The
network model also permits a record to be a member of more than one set at one time that allows the
network model to implement the many-to- one and the many-to-many relationship types.

24
c) Relational Database Model: A relational database allows the definition of data and their structures,
storage and retrieval operations and integrity constraints that can be organized in a table structure. A
table is a collection of records and each record in a table contains the same fields. Three key terms are
used extensively in relational database models: Relations, Attributes and Domains. A relation is a
table with columns and rows. The named columns of the relation are called attributes, and the domain
is the set of values the attributes are allowed to take.
A relational database contains multiple tables, with at least similar value occurring in two different
records (belonging to the same table or to different tables) that implies a relationship among those
two records. Tables can also have a designated single attribute or a set of attributes that can act as a
"key" which can be used to uniquely identify each record in the table. A key that can be used to
uniquely identify a row in a table is called a Primary key. Any column can be a key, or multiple columns
can be grouped together into a Compound key.
d) Object Oriented Data Base Model (OODBMS): It is based on the concept that the world can be
modeled in terms of objects and their interactions. An Object-oriented database provides a
mechanism to store complex data such as images, audio and video, etc. An OODBMS helps
programmers make objects created in a programming language behave as a database object. Object-
oriented programming is based on a series of working objects. Each object is an independently
functioning application or program, assigned with a specific task or role to perform. An OODBMS is a
relational database designed to manage all of these independent programs, using the data produced
to quickly respond to requests for information by a larger application.
Question 11
What is an Operating System? Discuss various activities it performs.
Answer
An Operating System (OS) is a set of computer programs that manages computer hardware resources
and acts as an interface with computer applications programs. The operating system is a vital component
of the system software in a computer system. Application programs usually require an operating system
to function that provides a convenient environment to users for executing their programs. Computer
hardware with operating system can thus be viewed as an extended machine which is more powerful and
easy to use. Some prominent Operating systems used nowadays are Windows 7, Windows 8, Linux,
UNIX, etc. A variety of activities are executed by Operating systems which include:
a) Performing hardware functions: Application programs to perform tasks have to obtain input from
keyboards, retrieve data from disk & display output on monitors. Achieving all this is facilitated by
operating system that acts as an intermediary between the application program and the hardware.
b) User Interfaces: An important function of any operating system is to provide user interface. DOS has a
Command based User Interface (UI) i.e. text commands were given to computer to execute any
command, whereas Windows has Graphic User Interface (GUI) which uses icons & menus.
c) Hardware Independence: Every computer could have different specifications and configurations of
hardware. Operating system provides Application Program Interfaces (API) which can be used by
application developers to create application software, thus obviating the need to understand the inner
workings of OS and hardware. Thus, OS gives us hardware independence.
d) Memory Management: Memory Management features of Operating System control how memory is
accessed and maximizes available memory & storage. Operating systems also provides Virtual
Memory by carving an area of hard disk to supplement the functional memory capacity of RAM.
e) Task Management: Task Management feature of Operating system helps in allocating resources to
make optimum utilization of resources. This facilitates a user to work with more than one application
at a time i.e. multitasking and also allows more than one user to use the system i.e. timesharing.
f) Networking Capability: Operating systems can provide systems with features& capabilities to help
connect computer networks. Like Linux & Windows 8 give us an excellent capability to connect to

25
 internet.
g) Logical Access Security: Operating systems provide logical security by establishing a procedure for
identification & authentication using a User ID and Password. It can log the user access thereby
providing security control.
h) File Management: The Operating System keeps a track of where each file is stored and who can
access it, based on which it provides the file retrieval.
Question 12
What is CPU? What are the three functional units of a Central Processing Unit (CPU)?
Answer:
The Central Processing Unit (CPU or microprocessor) is the actual hardware that interprets and executes
the program (software) instructions and coordinates how all the other hardware devices work together.
The CPU is built on a small flake of silicon and can contain the equivalent of several million transistors. We
can think of transistors as switches which could be “ON” or “OFF” i.e., taking a value of 1 or 0. The
processor or CPU is like the brain of the computer. The main function of CPU is to execute programs
stored in memory. It consists of three functional units:
a) Control Unit (CU): CU controls the flow of data and instruction to and from memory, interprets the
instruction and controls which tasks to execute and when.
b) Arithmetic and Logical Unit (ALU): Performs arithmetic operations such as addition, subtraction,
multiplication, and logical comparison of numbers: Equal to, Greater than, Less than, etc.
c) Registers: These are high speed memory units within CPU for storing small amount of data (mostly 32
or 64 bits). Registers could be:
i) Accumulators: They can keep running totals of arithmetic values.
ii) Address Registers: They can store memory addresses which tell the CPU as to where in the memory
an instruction is located.
iii) Storage Registers: They can temporarily store data that is being sent to or coming from the system
memory.
iv) Miscellaneous: These are used for several functions for general purpose.

Question 13
Discuss Information System Life Cycle.
Answer
Information System Life Cycle is commonly referred as Software/System Development Life Cycle (SDLC)
which is a methodology used to describe the process of building information systems. SDLC framework
provides a sequence of activities for system designers and developers to follow. It consists of a set of
steps or phases in which each phase of the SDLC uses the results of the previous one. Various phases for
developing an Information System are given as follows:
Phase 1: System Investigation: This phase examines that ‘What is the problem and is it worth solving’? A
feasibility study is done under the dimensions – Technical, Economical, Legal, Operational etc.
Phase 2: System Analysis: This phase examines that ‘What must the Information System do to solve the
problem’? System analyst would be gathering details about the current system and will involve
interviewing staff; examining current business; sending out questionnaires and observation of current
procedures.
The Systems Analyst will examine data and information flows in the enterprise using data flow diagrams;
establish what the proposed system will actually do (not how it will do it); analyze costs and benefits;
outline system implementation options. (For example: in-house or using consultants); consider possible
hardware configurations; and make recommendations.
Phase 3: System Designing: This phase examines that ‘How will the Information System do what it must

26
do to obtain the solution to the problem’? This phase specifies the technical aspects of a proposed system
in terms of Hardware platform; Software; Outputs; Inputs; User interface; Modular design; Test plan;
Conversion plan and Documentation.
Phase 4: System Implementation: This phase examines that ‘How will the solution be put into effect’? This
phase involves coding and testing of the system; acquisition of hardware and software; and either
installation of the new system or conversion of the old system to the new one.
Phase 5: System Maintenance and Review: This phase evaluates results of solution and modifies the
system to meet the changing needs. Post implementation review would be done to address Programming
amendments; Adjustment of clerical procedures; Modification of Reports, and Request for new programs.
Question 14
Differentiate between the following:
(a) Random Access Memory and Read Only Memory
(b) Hierarchical Database Model and Network Database Model
(c) Complex Instruction Set Computer (CISC) and Reduced Instruction Set Computer (RISC)
Answer
a) The differences between Random Access Memory (RAM) and Read Only Memory (ROM) are given
below:

Random Access Memory (RAM) Read Only Memory (ROM)

RAM is a volatile memory and when the Unlike RAM, ROM is non-volatile. The contents of
computer is turned off, RAM loses its data. When ROM remain even after the computer is switched
the computer is turned on again, operating off.
system and other files are once again loaded into 18
RAM usually from the hard disk.
This is Read Write memory wherein information Originally, the ROM used to be read-only; however,
can be read as well as modified. the new versions of ROM allow limited rewriting
making it possible to upgrade firmware such as the
BIOS by using installation software.

b) The differences between Hierarchical Database Model and Network Database Model are given below:

Hierarchical Database Model Network Database Model

The hierarchical model permits a record to be a Unlike the hierarchical mode, the network model
member of only one set at one time. permits a record to be a member of more than one
set at one time.
The hierarchical data structure implements one- The network model allows us to represent one-to-
to-one and one-to-many relationships. one, one-to-many and many-to- many relationships.

Each parent record may have one or more child Each parent record may have one or more child
records, but no child record may have more than records, and even a child record may have more
one parent record. than one parent record.
The hierarchical model does not represent The network model is able to represent redundancy
redundancy in data efficiently. in data more efficiently than in the hierarchical
model.
The hierarchical data structures require specific The network data structures can be entered and
entrance points to find records in a hierarchy. traversed more flexibly.

27
c) Complex Instruction Set Computer (CISC): If the Control Unit contains a number of micro-electronic
circuitry to generate a set of control signals and each micro-circuitry is activated by a micro-code, this
design approach is called CISC design. Examples of CISC processors are: Intel 386, 486, Pentium, Pentium
Pro, Pentium II, Pentium III processors etc. CISC chips have a large, variable length and complex
instructions and generally make use of complex addressing modes. Different machine programs can be
executed on CISC machine. Since CISC processors possess so many processing features, the job of machine
language programmers become easier. But at the same time, they are complex as well as expensive to
produce. Now-a-days, most of the personal computers use CISC processors.
Reduced Instruction Set Computer (RISC): To execute each instruction, if there is separate electronic
circuitry in the control unit, which produces all the necessary signals, this approach of the design of the
control section of the processor is called RISC design. It is also called hard-wired approach. Examples of
RISC processors: IBM RS6000, MC88100 processors etc. RISC processors use a small and limited number of
instructions and mostly use hardwired control unit. These consume less power and are having high
performance. RISC processors use simple addressing modes and RISC instruction is of uniform fixed
length. Since RISC processors have a small instruction set, they place extra demand on programmers who
must consider how to implement complex computations by combining simple instructions. However, RISC
processors are faster, less complex and less expensive than CISC processors because of their simpler
design.

Question 15
What is mobile computing? What are the three major concerns related to mobile computing?
Answer
Mobile Computing: Mobile Computing is the use of portable computing devices (such as laptop and
handheld computers) in conjunction with mobile communication technologies to enable users to access
the Internet and data on their home or work computers from anywhere in the world. Mobile computing is
enabled by use of mobile devices (portable and hand held computing devices) such as PDA, laptops,
mobile phones, MP3 players, digital cameras, tablet PC and Palmtops on a wireless network.
Major concerns relating to mobile computing are given as follows:
 Mobile computing has its fair share of security concerns as any other technology.
 Dangers of misrepresentation - Another problem plaguing mobile computing are credential verification.
 Power consumption - When a power outlet or portable generator is not available, mobile computers
must rely entirely on battery power.
 Potential health hazards.

Question 16
Describe any four benefits of database management solution for an organization.
Answer
Major benefits of DBMS are given as follows:
a) Permitting data sharing: One of the principle advantages of a DBMS is that the same information can
be made available to different users.
b) Minimizing Data Redundancy: In a DBMS duplication of information or redundancy is, if not
eliminated, carefully controlled or reduced i.e. there is no need to repeat the same data over and over
again. Minimizing redundancy can therefore significantly reduce the cost of storing information on
hard drives and other storage devices.
c) Integrity can be maintained: Data integrity is maintained by having accurate, consistent, and up-to-
date data. Updates and changes to the data only have to be made in one place in DBMS ensuring
Integrity. The chances of making a mistake increase if the same data needs to be changed at several
different places than making the change in one place.

28
d) Program and file consistency: Using a DBMS, file formats and programs are standardized. This makes
the data files easier to maintain because the same rules and guidelines apply across all types of data.
The level of consistency across files and programs also makes it easier to manage data when multiple
programmers are involved.
e) User-friendly: DBMS makes the data access and manipulation easier for the user. DBMS also reduce the
reliance of users on computer experts to meet their data needs.
f) Improved security: DBMSs allow multiple users to access the same data resources which could lead to
risk to an enterprise if not controlled. Security constraints can be defined i.e. Rules can be built to give
access to sensitive data. Some sources of information should be protected or secured and only viewed
by select individuals. Through the use of passwords, database management systems can be used to
restrict data access to only those who should see it.
g) Achieving program/data independence: In a DBMS data does not reside in applications but data bases
program & data are independent of each other.
h) Faster application development: In the case of deployment of DBMS, application development
becomes fast. The data is already therein databases, application developer has to think of only the
logic required to retrieve the data in the way a user needs.
Question 17
Name the various phases of System Development Life Cycle (SDLC) in the logically correct order.
Answer
The various phases of System Development Life Cycle (SDLC) are as follows:
a) Phase 1: System Investigation
b) Phase 2: System Analysis
c) Phase 3: System Designing
d) Phase 4: System Implementation
e) Phase 5: System Maintenance and Review

Question 18
What is Server? Briefly explain any four types of servers based on the nature of service they provide.
Answer
Server: A server is a computer program running to serve the requests of other programs, the "clients".
Servers are often dedicated, meaning that they perform no other tasks besides their server tasks. The
clients either run on the same computer, or they connect through the network.
Some of the different types of servers based on the nature of service they provide are as follows:
a) File server: This is a computer and storage device dedicated to storing files. Any user on the network
can store files on the server.
b) Print server: This is a computer that manages one or more printers.
c) Network server: This is a computer that manages network traffic.
d) Database server: This is a computer system that processes database queries.
e) Application Server: This is a program that handles all application operations between users and an
enterprise's backend business applications or databases.
f) Web Server: Web server has an IP address and possibly a domain name, and is the computer that
delivers (serves up) web pages.
g) Mail Server: Mail servers move and store mail over corporate networks.

29
ALL INDIA RANKERS - NOV 2018
Question 19
(a) Mention briefly the different types of application software.
(b) What are the major advantages and disadvantages of DBMS?
Answer
a) The different types of application software are as under:
i) Application Suite: Has multiple applications bundled together. Related functions, features and user
interfaces interact with each other. E.g. MS Office 2010 which has MS Word, MS Excel, MS Access,
etc.
ii) Enterprise Software: Addresses an enterprise’s needs and data flow in a huge distributed
environment. E.g. ERP Applications like SAP.
iii) Enterprise Infrastructure Software: Provides capabilities required to support enterprise software
systems. E.g. email servers, Security software.
iv) Information Worker Software: Addresses individual needs required to manage and create
information for individual projects within departments. E.g. Spreadsheets, CAAT (Computer
Assisted Audit Tools) etc.
v) Content Access Software: Used to access contents and addresses a desire for published digital
content and entertainment. E.g. Media Players, Adobe Digital etc.
vi) Educational Software: Holds contents adopted for use by students. E.g. Examination Test CDs.
vii) Media Development Software: Addresses individual needs to generate and print electronic media for
others to consume. E.g. Desktop Publishing, Video Editing etc.
b) Major advantages of Database Management Systems (DBMS) are given as follows:
i) Permitting data sharing: One of the principle advantages of a DBMS is that the same information
can be made available to different users.
ii) Minimizing Data Redundancy: In a DBMS duplication of information or redundancy is, if not
eliminated, carefully controlled or reduced i.e. there is no need to repeat the same data over and
over again. Minimizing redundancy can therefore significantly reduce the cost of storing information
on hard drives and other storage devices.
iii) Integrity can be maintained: Data integrity is maintained by having accurate, consistent, and up-to-
date data. Updates and changes to the data only have to be made in one place in DBMS ensuring
Integrity. The chances of making a mistake increase if the same data needs to be changed at several
different places than making the change in one place.
iv) Program and file consistency: Using a DBMS, file formats and programs are standardized. This
makes the data files easier to maintain because the same rules and guidelines apply across all types
of data. The level of consistency across files and programs also makes it easier to manage data when
multiple programmers are involved.
v) User-friendly: DBMS makes the data access and manipulation easier for the user. DBMS also reduce
the reliance of users on computer experts to meet their data needs.
vi) Improved security: DBMSs allow multiple users to access the same data resources which could lead
to risk to an enterprise if not controlled. Security constraints can be defined i.e. Rules can be built to
give access to sensitive data. Some sources of information should be protected or secured and only
viewed by select individuals. Through the use of passwords, database management systems can be
used to restrict data access to only those who should see it.
vii) Achieving program/data independence: In a DBMS data does not reside in applications but data
bases program & data are independent of each other.
viii) Faster application development: In the case of deployment of DBMS, application development
becomes fast. The data is already therein databases, application developer has to think of only the
logic required to retrieve the data in the way a user needs

31
 Major disadvantages of DBMS are as under:
i) Cost: Implementing a DBMS system can be expensive and time-consuming, especially in large
enterprises. Training requirements alone can be quite costly.
ii) Security: Even with safeguards in place, it may be possible for some unauthorized users to access the
database. If one gets access to database, then it could be an all or nothing proposition.

Question 20
Describe the following recent technologies in the field of IT:
(a) iPad
(b) Ultra Mobile PC (UMPC)
Answer
a) iPad: The iPad runs a version of iOS. iOS is designed for finger based use and has none of the tiny features
which required a stylus on earlier tablets. Apple introduced responsive multi touch gestures, like moving
two fingers apart to zoom in. iOS uses less power, and so gives better battery life than the Intel devices used
by Windows tablets.
b) Ultra-Mobile PC (UMPC): An Ultra-Mobile PC is a small form factor version of a pen computer, a class of
laptop whose specifications were launched by Microsoft and Intel in spring 2006. UMPCs are smaller
than subnotebooks, have a TFT display measuring (diagonally) about 12.7 to 17.8 cm (5 to 7 inches
screen), are operated like tablet PCs using a touch screen or a stylus, and can also have a physical
keyboard.

32
 Chap 3- Telecommunication and Networks
Question 1
Define the following terms briefly:
(a) Network Interface Card (NIC) (b) MODEM
(c) Multiplexer (d) Internetwork Processors
(e) Switch (f) Router
(g) Hub (h) Bridge
(i) Repeater (j) Gateway
(k) Server (l) Protocol
Answer
(a) Network Interface Card (NIC) – Network Interface Card (NIC) is a computer hardware component that
connects a computer to a computer network. It has additional memory for buffering incoming and
outgoing data packets, thus improving the network throughput.
(b) MODEM – A MODEM is a device that converts a digital computer signal into an analog telephone signal
(i.e. it modulates the signal) and converts an analog telephone signal into a digital computer signal
(i.e. it demodulates the signal) in a data communication system.
(c) Multiplexer – A multiplexer is a communication processor that allows a single communication channel
to carry simultaneous data transmissions from many terminals. A multiplexer merges the transmission
of several terminals at one end of a communication channel while a similar unit separates the
individual transmissions at the receiving end.
(d) Internetwork Processors – Telecommunication networks are interconnected by special- purpose
communication processors called internetwork processors such as switches, routers, hubs, bridges,
repeaters and gateways.
(e) Switch – Switch is a communication processor that makes connections between telecommunication
circuits in a network so that a telecommunication message can reach its intended destination.
(f) Router – Router is a communication processor that interconnects networks based on different rules or
protocols, so that a telecommunication message can be routed to its destination.
(g) Hub – Hub is a port-switching communication processor. This allows for the sharing of the network
resources such as servers, LAN workstations, printers, etc.
(h) Bridge – Bridge is a communication processor that connects number of Local Area Networks (LAN). It
magnifies the data transmission signal while passing data from one LAN to another.
(i) Repeater – Repeater is a communication processor that boosts or amplifies the signal before passing it
to the next section of cable in a network.
(j) Gateway – Gateway is a communication processor that connects networks and use different
communication architectures.
(k) Server – A server is one or more multi-user processors with shared memory providing computing,
connectivity and the database services and the interfaces relevant to the business need.
(l) Protocol – A protocol is the formal set of rules for communicating, including rules for timing of message
exchanges, the type of electrical connection used by the communications devices, error detection
techniques, means of gaining access to communications channels, and so on.

Question 2
Differentiate between the following:
(a) Guided Media and Unguided Media
(b) Client Server Network and Peer-to-Peer Network

33
(c) Serial Transmission and Parallel Transmission
(d) Synchronous Transmission and Asynchronous Transmission

Answer
a) The differences between Guided Media and Unguided Media are given below:

Guided Media Unguided Media

Guided Media are those media that provide a Unguided Transmission Media consists of a
conduit from one device to another. means for the data signals to travel but nothing
to guide them along a specific path.
Guided Transmission Media uses a "cabling" It passes through a vacuum; it is independent of
system that guides the data signals along a a physical pathway.
specific path.
Example – Coaxial Cable, Twisted Pair, Fiber Optic Example – Infrared Waves, Micro Waves, Radio
Cable. Waves etc.

b) The differences between Client Server Network and Peer-to-Peer Network are given below:

Client Server Network Peer-to-Peer Network

A client computer typically communicates only Every computer is equal and can communicate
with servers, not with other clients. with any other computer on the network to
which it has been granted access rights.
A central server handles all security and file Each machine shares its own resources and
transactions. handles its own security.
It is more expensive as it requires a central file It is relatively less expensive as it does not
server, server software and client licenses. require a dedicated machine, server software or
special client licenses.
More secure. Lesser secure as the network control is handed to
the end-users.
Backup is centralized on the server; managed by Backup is decentralized; managed by users.
network administrator. Backup by device and Backup devices and media are required at each
media only required at server. workstation.
The performance is relatively high as the server is The performance is relatively low.
dedicated and does not handle other tasks.
In case of failure of server, the whole network No single point of failure in the network.
fails.
C/S model relies on the power and stability of a P2P gives each workstation equivalent
single computer ie. Server. Capabilities and relies heavily on the power and
bandwidth of each individual computer.
Example - Email, network printing, and the World Example - Napster, Gnutella, Freenet, BitTorrent
Wide Web. and Skype.

34
c) The differences between Serial Transmission and Parallel Transmission are given below:

Serial Transmission Parallel Transmission

In this, the data bits are transmitted serially one In this, the data bits are transmitted
after another. simultaneously.
Data is transmitted over a single wire and is thus Data is transmitted over eight different wires and
relatively slower. is thus relatively faster.
It is a cheaper mode of transferring data. It is relatively expensive mode of transferring
data.

It is useful for long distance data Not practical for long distance
transmissions. communications.
d) The differences between Synchronous Transmission and Asynchronous Transmission are given below:

Synchronous Transmission Asynchronous Transmission

Allows characters to be sent down the line without Each data word is accompanied with start and
Start-Stop bits. stop bits.
Transmission is faster as in absence of Start and Extra Start and Stop bits slow down the
Stop bits, many data words can be transmitted transmission process relatively.
per second.
The synchronous device is more expensive to It is relatively cheaper.
build as it must be smart enough to differentiate
between the actual data and the special
synchronous characters.
Chances of data loss are relatively higher. More reliable as the start and stop bits ensure
that the sender and the receiver remain in step
with one another.
It is more efficient. It is relatively less efficient.

Question 3
Discuss Transmission Media in detail.
Answer
Transmission Media connects the message source with the message receiver by means of Guided or
Unguided Media.
Guided Media/Bound Media: Guided Transmission Media uses a "cabling" system that guides the data
signals along a specific path. Some of the common examples of guided media are Twisted Pair, Coaxial
cable and Fiber optics.
a) Twisted-Pair Wire: Twisted-pair is ordinary telephone wire, consisting of copper wire twisted into
pairs. It is the most widely used media for telecommunications and is used for both voice and data
transmissions. It is used extensively in home and office telephone systems and many LANs and WANs.

35
b) Coaxial Cable: This telecommunication media consists of copper or aluminum wire wrapped with
spacers to insulate and protect it. Coaxial cables can carry a large volume of data and allows high-
speed data transmission used in high-service metropolitan areas for cable TV systems, and for short-
distance connection of computers and peripheral devices. It is used extensively in office buildings and
other work sites for local area networks.
c) Fiber Optics: This media consists of one or more hair-thin filaments of glass fiber wrapped in a
protective jacket. Signals are converted to light form and fired by laser in bursts. Optical fibers can
carry digital as well as analog signals and provides increased speed and greater carrying capacity than
coaxial cable and twisted-pair lines.

Transmission Media

Guided Media (Wired) Unguided Media (Wireless)

Terrestrial Microwave
Twisted-Pair Wire
Radio Wave
Co-axial Cable
Micro Wave
Fiber Optics
Infrared Wave

Communication Satellite

Unguided Media/Unbound Media: Unguided Transmission Media consists of a means for the data signals
to travel but nothing to guide them along a specific path. The data signals are not bound to a cabling
media. Some of the common examples of unguided media are Terrestrial Microwave, Radio Waves, Micro
Waves, Infrared Waves and Communication Satellites.
a) Terrestrial Microwave: Terrestrial microwave media uses the atmosphere as the medium through
which to transmit signals and is used extensively for high-volume as well as long- distance
communication of both data and voice in the form of electromagnetic waves.
b) Radio Waves: Radio waves are an invisible form of electromagnetic radiation that varies in
wavelength from around a millimeter to 100,000 km, making it one of the widest ranges in the
electromagnetic spectrum. Radio waves are most commonly used transmission media in he wireless
Local Area Networks.
c) Micro Waves: Microwaves are radio waves with wavelengths ranging from as long as one meter to as
short as one millimeter, or equivalently, with frequencies between 300 MHz (0.3 GHz) and 300 GHz.
These are used for communication, radar systems, radio astronomy, navigation and spectroscopy.
d) Infrared Waves: Infrared light is used in industrial, scientific, and medical applications. Night-vision
devices using infrared illumination allow people or animals to be observed without the observer being
detected.
e) Communication Satellites: Communication satellites use the atmosphere (microwave radio waves) as
the medium through which to transmit signals. A satellite is some solar- powered electronic device
that receives, amplifies, and retransmits signals; the satellite acts as a relay station between satellite
transmissions stations on the ground (earth stations). They are used extensively for high-volume as
well as long-distance communication of both data and voice.
f)

36
Question 4
How can Client Computers be classified?
Answer
Client Computers can be classified as Fat Client, Thin Client or Hybrid Client.
a) Fat / Thick Client: A Fat Client or Thick Client is a client that performs the bulk of any data processing
operations itself, and does not necessarily rely on the server. Thick clients do not rely on a central
processing server because the processing is done locally on the user system, and the server is accessed
primarily for storage purposes. For that reason, thick clients often are not well-suited for public
environments. To maintain a thick client, IT needs to maintain all systems for software deployment and
upgrades, rather than just maintaining the applications on the server. For example – Personal Computer.
b) Thin Client: A Thin Client use the resources of the host computer. A thin client generally only presents
processed data provided by an application server, which performs the bulk of any required data
processing. A thin client machine is going to communicate with a central processing server, meaning
there is little hardware and software installed on the user's machine. A device using web application
(such as Office Web Apps) is a thin client.
c) Hybrid Client: A Hybrid Client is a mixture of the above two client models. Similar to a fat client, it
processes locally, but relies on the server for storing persistent data. This approach offers features from
both the fat client (multimedia support, high performance) and the thin client (high manageability,
flexibility). Hybrid clients are well suited for video gaming.

Question 5
Discuss some of the characteristics and issues of Client Server (C/S) architecture.
Answer
Some of the prominent characteristics of C/S architecture are as follows:
a) Service: C/S provides a clean separation of function based on the idea of service. The server process is
a provider of services and the client is a consumer of services.
b) Shared Resources: A server can service many clients at the same time and regulate their access to the
shared resources.
c) Transparency of Location: C/S software usually masks the location of the server from the clients by
redirecting the service calls when needed.
d) Mix-and-Match: The ideal C/S software is independent of hardware or Operating System software
platforms.
e) Scalability: In a C/S environment, client workstations can either be added or removed and also the
server load can be distributed across multiple servers.
f) Integrity: The server code and server data is centrally managed, which results in cheaper maintenance
and the guarding of shared data integrity. At the same time, the clients remain personal and
independent.
Issues in Client/Server Network
a) When the server goes down or crashes, all the computers connected to it become unavailable to use.
b) Simultaneous access to data and services by the user takes little more time for server to process the
task.

37
 Question 6
Discuss advantages and disadvantages of following:

a) Peer-to-Peer Network b) Single Tier Systems

Tw c) Tier Systems d) d) Three Tier Systems
e) Centralized
e) Computing f) Decentralized Computing
g) Star Topology h) Ring Topology
i) Bus Topology j) Mesh Topology
Answer
a) Peer-to-Peer Network
Advantages: Following are the major advantages of Peer-to-Peer networks:
(i) Peer-to-Peer Networks are easy and simple to set up and only require a Hub or a Switch to connect all
the computers together.
(ii) It is very simple and cost effective.
(iii) If one computer fails to work, all other computers connected to it continue to work.
Disadvantages: The major disadvantages of peer-to-peer networks are as below:
(i) There can be a problem in accessing files if computers are not connected properly.
(ii) It does not support connections with too many computers as the performance gets degraded in case
of high network size.
(iii) The data security is very poor in this architecture.
b) Single Tier Systems
Advantages: A single-tier system requires only one stand-alone computer. It also requires only one
installation of proprietary software which makes it the most cost-effective system available.
Disadvantages: It can be used by only one user at a time. A single tier system is impractical for an
organization which requires two or more users to interact with the organizational data stores at the same
time.
c) Two Tier Systems
The advantages of Two-Tier systems are as follows:
i) The system performance is higher because business logic and database are physically close.
ii) Since processing is shared between the client and server; more users could interact with system.
iii) By having simple structure, it is easy to setup and maintain entire system smoothly.
The disadvantages of Two-Tier systems are as follows:
i) Performance deteriorates if number of users increases.
ii) There is restricted flexibility and choice of DBMS since data language used in server is proprietary to
each vendor.
d) Three Tier Systems
The following are the advantages of Three-Tier systems:
i) Clear separation of user-interface-control and data presentation from application-logic: Through this
separation, more clients are able to have access to a wide variety of server applications. The two main
advantages for client-applications are quicker development through the reuse of pre-built business-
logic components and a shorter test phase.
ii) Dynamic load balancing: If bottlenecks in terms of performance occur, the server process can be
moved to other servers at runtime.
iii) Change management: It is easy and faster to exchange a component on the server than to furnish
numerous PCs with new program versions.
The disadvantages of Three-Tier systems are as below:
i) It creates an increased need for network traffic management, server load balancing, and fault

38
 tolerance.
ii) Current tools are relatively immature and are more complex.
iii) Maintenance tools are currently inadequate for maintaining server libraries.
e) Centralized Computing
Advantages are as follows:
i) Ease of management – There are relatively few computers to manage;
ii) Enhanced security – The physical and logical securing of the computing environment can be more
easily managed since there is only one location and a few computers;
iii) Ease of control – The introduction of change can be managed closely since there is only one location
and a few computers;
iv) Reduced cost of ownership – Fewer computing elements to manage and therefore few people needed
to manage them;
v) Multiple types of workload – All of the work associated with the business runs at the central
computing location.
Disadvantages are as follows:
i) The central computer performs the computing functions and controls the remote terminals. In case of
failure of central computer, the entire system will go down.
ii) Central computing relies heavily on the quality of administration and resources provided to its users.
Empowerment of the central computer should be adequate by all means, else the usage suffers
greatly.
f) Decentralized Computing
Advantages are as follows: A decentralized system utilizes the potential of desktop systems
to maximize the potential performance of the business applications.

Disadvantages are as follows: All computers have to be updated individually with new software,
unlike a centralized computer system.

g) Star Topology
Advantages are as follows:
i) Several users can use the central unit at the same time.
ii) It is easy to add new nodes and remove existing nodes.
iii) A node failure does not bring down the entire network.
iv) It is easier to diagnose network problems through a central hub.

Disadvantages are as follows:

i) The whole network is affected if the main unit “goes down,” and all communications stop. If it
fails, there is no backup processing and communications capability and the local computers will be
cut off from the corporate headquarters and from each other.
ii) Cost of cabling the central system and the points of the star network together are very
high.
h) Ring Topology
Advantages are as follows:
i) Ring networks neither require a central computer to control activity nor does it need a file server.
ii) Each computer connected to the network can communicate directly with the other computers in the
network by using the common communication channel, and each computer does its own
independent applications processing.
iii) The ring network is not as susceptible to breakdowns as the star network, because when one
computer in the ring fails, it does not necessarily affect the processing or communications
capabilities of the other computers in the ring.
iv) Ring networks offer high performance for a small number of workstations or for larger networks
where each station has a similar workload.

39
 v) Ring networks can span longer distances than other types of networks.
vi) Ring networks are easily extendable.
Disadvantages are as follows:
i) Relatively expensive and difficult to install.
ii) Failure of one computer on the network can affect the whole network.
iii) It is difficult to troubleshoot a ring network.
iv) Adding or removing computers can disrupt the network.
i) Bus Topology
Advantages are as follows:
i) There is no host computer or file server which makes bus network reliable as well as easy to use and
understand.
ii) If one of the microcomputers fails, it will not affect the entire network.
iii) Requires the least amount of cable to connect the computers together and therefore is less
expensive than other cabling arrangements.
iv) Is easy to extend. Two cables can be easily joined with a connector, making a longer cable for more
computers to join the network.
v) A repeater can also be used to extend a bus configuration.
Disadvantages are as follows:
i) Heavy network traffic can slow a bus considerably since any computer can transmit at any time.
ii) Each connection between two cables weakens the electrical signal.
iii) The bus configuration can be difficult to troubleshoot. A cable break or malfunctioning computer
can be difficult to find and can cause the whole network to stop functioning.
j) Mesh Topology
Advantages are as follows:
i) Yields the greatest amount of redundancy in the event that if one of the nodes fails, the network
traffic can be redirected to another node.
ii) Network problems are easier to diagnose.
Disadvantages are as follows:
Installation and maintenance cost is very high as more cable is required in Mesh Topology.

Question 7
Discuss the common Switching techniques used in computer networking.
Answer
The common switching techniques used in computer networking are – Circuit switching, Packet
Switching and Message Switching.
a) Circuit Switching: When two nodes communicate with each other over a dedicated communication
path, it is called Circuit Switching. An important property of circuit switching is the need to set up an
end-to-end path before any data can be sent which can either be permanent or temporary.
Applications which use circuit switching may have to go through three phases: Establish a circuit,
Transfer of data and Disconnect the circuit. The bandwidth is reserved all the way from sender to
receiver and all the data packets follow the same path, thus, ensuring the sequence of data
packets are in order.
b) Packet Switching: The entire message is broken down into smaller transmission units called packets.
The switching information is added in the header of each packet and transmitted independently. It is
easier for intermediate networking devices to store smaller size packets and they do not take much
resources either on carrier path or in the switches’ internal memory. In packet switched network, first
packet of a multi-packet message may be forwarded before the second one has fully arrived, thus
reducing delay and improving throughput. Since, there is no fixed bath, different packets can follow
different path and thus they may reach to destination out of order.

40
c) Message Switching/ Store-and-Forward: In message switching, no physical path is established
between sender and receiver in advance. The whole message is treated as a data unit and is
transferred in its entirety which contains the entire data being delivered from the source to
destination node. A switch working on message switching first receives the whole message and buffers
it until there are resources available to transfer it to the next hop. If the next hop is not having
enough resource to accommodate large size message, the message is stored and switch waits. E-mail
and voice mail are examples of message switching systems.

Question 8
Explain the OSI Model of communication in detail.
Answer
OSI Model – The International Standards Organization (ISO) developed a seven-layer Open Systems
Interconnection (OSI) model to serve as a standard model for network architectures. Seven layers of OSI
include the following:
a) Layer 7 or Application Layer: This layer is closest to the end user and interacts with software
applications and provides user services by file transfer, file sharing, etc. At this layer, communication
partners are identified; quality of service is identified; user authentication and privacy are considered;
any constraints on data syntax are identified; and database concurrency and deadlock situation
controls are undertaken.
b) Layer 6 or Presentation Layer: Also referred as Syntax Layer, this layer is usually a part of an
operating system that converts incoming and outgoing data from one presentation format to another
(for example, from a text stream into a popup window with the newly arrived text). It further controls
onscreen display of data, transforms data to a standard application interface, encryption and data
compression.
a) Layer 5 or Session Layer: This layer sets up, coordinates, and terminates conversations; exchanges
and dialogs between the applications at each end. It deals with session and connection coordination
and provides for full-duplex, half-duplex, or simplex operation, and establishes check pointing,
adjournment, termination, and restart procedures.
b) Layer 4 or Transport Layer: This layer ensures reliable and transparent transfer of data between user
processes; assembles and disassembles message packets and provides error recovery and flow
control. Multiplexing and encryption are undertaken at this layer level.
c) Layer 3 or Network Layer: The Network Layer provides the functional and procedural means of
transferring variable length data sequences from a source to a destination via one or more networks,
while maintaining the quality of service requested by the Transport Layer. The Network Layer makes a
choice of the physical route of transmission; creates a virtual circuit for upper layers to make them
independent of data transmission and switching; establishes, maintains, terminates connections
between the nodes and ensure proper routing of data.
d) Layer 2 or Data Link Layer: The Data Link Layer responds to service requests from the Network Layer
and issues service requests to the Physical Layer. This layer transfers data between adjacent network
nodes in a WAN or between nodes on the same LAN segment. This layer also specifies channel access
control method and ensures reliable transfer of data through the transmission medium. It provides
the functional and procedural means to transfer data between network entities and detects and
possibly corrects errors that may occur in the Physical Layer.
e) Layer 1 or Physical Layer: The Physical Layer is a hardware layer which specifies mechanical features as
well as electromagnetic features of the connection between the devices and the transmission.
Establishment and termination of a connection to a communications medium; participation in the
process whereby the communication resources are effectively shared among multiple users; and
modulation or conversion between the representation of digital data in user equipment and the
corresponding signals transmitted over a communications channel are the major tasks of this layer.

41
Question 9
Discuss Encryption Model in computer network.
Answer
In Cryptography, encryption is the process of encoding messages (or information) in such a way that
eavesdroppers or hackers cannot read it, but only authorized parties can. The Encryption Model defines
the encryption of plaintext into ciphertext and decryption of ciphertext into plaintext.
a) Plaintext is the message that is to be encrypted. It is transformed by a function that is parameterized
by a key.
b) CipherText is the output of the encryption process that is transmitted often by a messenger or radio.
Passive Intruder Active Intruder can alter
just listens Intruder messages

Plaintext, P Encryption Decryption

Method, D Plaintext, P
Method, E

Ciphertext, C = EK (P)
Encryption Key, K Decryption Key, K

c) Encryption Model – The intruder may hear and accurately copies down the complete ciphertext.
However, unlike the intended recipient, he does not know what the decryption key is and so cannot
decrypt the ciphertext easily. Sometimes the intruder can not only listen to the communication
channel (passive intruder) but can also record messages and play them back later, inject his own
messages, or modify legitimate messages before they get to the receiver (active intruder). The art of
breaking ciphers is known as Cryptanalysis, and the art of devising them (Cryptography) are
collectively known as Cryptology.

Question 10
Discuss in brief, some of the popular Network Security Protocols.
Answer
Some of the popular network security protocols include Secure Shell (SSH), Secure File Transfer Protocol
(SFTP), HyperText Transfer Protocol Secure (HTTPS) and Secure Socket Layer (SSL) etc.
a) SSH – Secure Shell is a program to log into another computer over a network, to execute commands in
a remote machine, and to move files from one machine to another. It provides strong authentication
and secure communications over insecure channels. SSH protects a network from attacks such as IP
spoofing, IP source routing, and DNS spoofing. An attacker cannot play back the traffic or hijack the
connection when encryption is enabled. During ssh login; the entire login session including
transmission of password is encrypted; therefore it is almost impossible for an outsider to collect
passwords.
b) SFTP – The SSH File Transfer Protocol (also known as Secure FTP and SFTP) is a computing network
protocol for accessing and managing files on remote file systems. Unlike standard File Transfer
Protocol (FTP), SFTP encrypts commands and data both, preventing passwords and sensitive
information from being transmitted in the clear over a network.
c) HTTPS – HyperText Transfer Protocol Secure (HTTPS) is a communication protocol for secure
communication over a computer network with especially wide deployment on the to exchange a short
term session key to encrypt the data flow between client and server.
d)

42
e) SSL – It is a protocol that provides a secure channel between two machines operating over the Internet
or an internal network. It is typically used when a web browser needs to securely connect to a web
server over the inherently insecure Internet. In practice, SSL is used to secure online credit card
transactions system logins and any sensitive information exchanged online; to secure the connection
between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange, to
secure intranet based traffic such as internal networks, file sharing, extranets, and database
connections etc.

Question 11
Discuss FCAPS model of network management.
Answer
FCAPS is the ISO Telecommunications Management Network model and framework for network
management. It is an acronym for Fault, Configuration, Accounting, Performance and Security.
a) Fault Management – A fault is an event that has a negative significance. The goal of fault management
is to recognize, isolate, correct and log faults that occur in the network. Most fault management
systems poll the managed objects for error conditions and present this information to the network
manager. Fault management identifies and isolates network issues; proposes problem resolution; and
subsequently logs the issues and associated resolutions.
b) Configuration Management – Monitors network and system configuration information so that the
impact on network operations (hardware and software elements) can be tracked and managed.
Network changes, additions, and deletions need to be coordinated with the network management
personnel.
c) Accounting Management – Accounting management is concerned with tracking network utilization
information, such that individual users, departments, or business units can be appropriately billed or
charged for accounting purposes. For non-billed networks, accounting refers to administration whose
primary goal is to administer the set of authorized users by establishing users, passwords, and
permissions and to administer the operations of the equipment such as by performing software
backup and synchronization.
d) Performance Management – Measures and makes network performance data available so that
performance can be maintained and acceptable thresholds. It enables the manager to prepare the
network for the future, as well as to determine the efficiency of the current network. The network
performance addresses the throughput, network response times, packet loss rates, link utilization,
percentage utilization, error rates and so forth.
e) Security Management – Controls access to network resources as established by organizational
security guidelines. Most network management systems address security regarding network hardware
such as someone logging into a router. Security management functions include managing network
authentication, authorization, and auditing, such that both internal and external users only have
access to appropriate network resources, configuration and management of network firewalls,
intrusion detection systems, and security policies (such as access lists).

Question 12
Discuss strategic capabilities of Internet along with their business applications.
Answer
The strategic capabilities of Internet include the following:
a) Overcome geographic barriers: Capture information about business transactions from remote
locations. This provides better customer service by reducing delay in filling orders and improves cash
flow by speeding up the billing of customers. For example - Use the Internet and Extranet to transmit
customer orders from travelling salespeople to a corporate data center for order processing and
inventory control.

43
b) Overcome time barriers: Provide information to remote locations immediately after it is requested.
Credit inquiries can be made and answered in seconds. For example - Credit authorization at the point
of sale using online POS networks.
c) Overcome cost barriers: Reduce the cost of more traditional means of communication. This reduces
expensive business trips; allows customers, suppliers, and employees to collaborate, thus improving
the quality of decisions reached. For example - Desktop videoconferencing between a company and its
business partners using the Internet, Intranet and Extranet.
d) Overcome structural barriers: Support linkages for competitive advantage. Fast, convenient services
lock in customers and suppliers. For example - Business-to-business electronic commerce websites for
transactions with suppliers and customers using the Internet and Extranet.

Question 13
What do you understand by the term ‘e-Commerce”? Discuss its benefits and risks involved.
Answer
e-Commerce is the process of doing business electronically. It refers to the use of technology to enhance
the processing of commercial transactions between a company, its customers and its business partners.
It involves the automation of a variety of business-to-business and business-to-consumer transactions
through reliable and secure connections.
Benefits of e-Commerce Application and Implementation are as follows:
a) Reduction in costs to buyers from increased competition in procurement as more suppliers are able to
compete in an electronically open marketplace.
b) Reduction in errors, time and overhead costs in information processing by eliminating requirements
for re-entering data.
c) Reduction in costs to suppliers by electronically accessing on-line databases of bid opportunities, on-
line abilities to submit bids, and on-line review of rewards.
d) Reduction in time to complete business transactions, particularly from delivery to payment.
e) Creation of new markets through the ability to easily and cheaply reach potential customers.
f) Easier entry into new markets especially geographically remote markets for enterprises regardless of
size and location.
g) Better quality of goods as specifications are standardized and competition is increased and improved
variety of goods through expanded markets and the ability to produce customized goods.
h) Faster time to market as business processes are linked, thus enabling seamless processing and
eliminating time delays.
i) Optimization of resource selection as businesses form cooperative teams to increase the chances of
economic successes, and to provide the customer products and capabilities more exactly meeting the
requirements.
j) Reduction in inventories and risk of obsolete inventories as the demand for goods and services is
electronically linked through just-in-time inventory and integrated manufacturing techniques.
k) Reduction in overhead costs through uniformity, automation, and large-scale integration of
management processes.
l) Reduction in use of ecologically damaging materials through electronic coordination of activities and
the movement of information rather than physical objects).
m)Reduction in advertising costs.

44
Risks involved in e-Commerce are as follows:
a) Problem of anonymity: There is need to identify and authenticate users in the virtual global market
where anyone can sell to or buy from anyone, anything from anywhere.
b) Repudiation of contract: There is possibility that the electronic transaction in the form of contract,
sale order or purchase by the trading partner or customer may be denied.
c) Lack of authenticity of transactions: The electronic documents that are produced in the course of an
e-Commerce transaction may not be authentic and reliable.
d) Data Loss, Theft or Duplication: The data transmitted over the Internet may be lost, duplicated,
tampered with or replayed.
e) Attack from hackers: Web servers used for e-Commerce may be vulnerable to hackers.
f) Denial of Service: Service to customers may be denied due to non-availability of system as it may be
affected by viruses, e-mail bombs and floods.
g) Non-recognition of electronic transactions: e-Commerce transactions as electronic records and digital
signatures may not be recognized as evidence in courts of law.
h) Lack of audit trails: Audit trails in e-Commerce system may be lacking and the logs may be incomplete,
too voluminous or easily tampered with.
i) Problem of piracy: Intellectual property may not be adequately protected when such property is
transacted through e-Commerce.

Question 14
What are the different types of e-Commerce?
Answer
The general classes of e-Commerce applications are as follows:
a) Business-to-Business (B2B) e-Commerce: B2B refers to the exchange of services, information and/or
products from one business to another. B2B electronic commerce typically takes the form of
automated processes between trading partners and is performed in much higher volumes than
Business-to-Consumer (B2C) applications. B2B can also encompass marketing activities between
businesses and not just the final transactions that result from marketing.
b) Business-to-Consumer (B2C) e-Commerce: It is defined as the exchange of services, information
and/or products from a business to a consumer, as opposed to between one business and another.
This model saves time and money by doing business electronically but customers must be provided
with safe and secure as well as easy-to-use and convenient options when it comes to paying for
merchandise. This minimizes internal costs created by inefficient and ineffective supply chains and
creates reduces end prices for the customers.
c) Consumer-to-Business (C2B) e-Commerce: In C2B e-Commerce model, consumers directly contact
with business vendors by posting their project work online so that the needy companies review it and
contact the consumer directly with bid. The consumer reviews all the bids and selects the company for
further processing. Some examples are guru.com, rentacoder.com, getacoder.com, freelancer.com.
d) Consumer-to-Consumer (C2C) e-Commerce: C2C e-Commerce is an Internet-facilitated form of
commerce that provides a virtual environment in which consumers can sell to one another through a
third-party intermediary.
e) Business-to-Government (B2G) e-Commerce: B2G e-Commerce, also known as e- Government, refers
to the use of information and communication technologies to build and strengthen relationships
between government and employees, citizens, businesses, non- profit organizations, and other
government agencies.

45
 I Am The Best For CA FINAL LAW

CA Final All India Rankers of Nov 2018.

Studied LAW & ISCA From CA Swapnil Patni
f) Business-to-Employee (B2E) e-Commerce: B2E e-Commerce, from an intra- organizational perspective
provides the means for a business to offer online products and services to its employees.

Question 15
Differentiate between Host Based & Network Intrusion Detection System.
Answer
Differences between Host Based Intrusion Detection System and Network Based Intrusion Detection
System are as follows:

Host Based Intrusion Network Based Intrusion

Detection System Detection System
Deterrence Strong deterrence for Strong deterrence for
insiders outsiders
Detection Strong insider detection, Strong outsider detection,
weak outsider detection weak insider detection
Attack Good at trending and None
Anticipation detecting suspicious behavior
patterns
Damage Excellent for determining Very weak damage
Assessment extent of compromise assessment capabilities
Response Weak real-time response, Strong response against
good for long term attacks outsider attacks
Scope Narrow in scope, monitors Broad in scope
specific activities
Dependency Host dependent Host independent.
Question 16
Write short note on the following:
(a) Internet
(b) Intranet
(c) Extranet
(d) HTTPS
(e) Firewall
Answer
(a) Internet: The Internet is the massive global system that connects computer networks around the
world together. Millions of private, public, academic, business and government networks worldwide
connect with each other over the internet to share massive amounts of information, resources and
services. The Internet uses the standard Internet protocol suite (TCP/IP) to allow us to connect to
each other. It has numerous information resources and services, such as the web pages of the World
Wide Web (WWW), games, videos, images, e-mail, social networking, etc.
The Internet carries information from all streams; traditional, such as newspaper, book and other
print publishing; and modern such as blogging and web feeds. It also enables new forms of human
interactions through, instant messaging, e-mail, Internet forums, and social networking.
(b) Intranet: Intranet is an internal network used by companies to connect their computers on a network.
Intranet is accessible only by the organization's members, employees, or others with authorization. A
firewall surrounds an Intranet that fends off unauthorized access. The Intranet is based on TCP/IP
protocol and is inaccessible from the outside. An Intranet resides behind a firewall and is accessible

46
 only to people who are members of the same company or organization.
Intranet is mainly used by corporations as it is a secure network and is much less expensive to build
and manage than private networks based on proprietary protocols. Only the members of the
corporation with authorized access may log on and access the network and the data on the network.
Like all networks, the Intranet is mainly used to share data, information, resources, company
programs, software applications, as well as facilitate communication between people or work groups
within the company. Intranet improves the data sharing capability and overall knowledge base of
the company’s employees.
(c) Extranet: Extranet is basically an internal network that can be accessed externally. The extranet can
be thought as an extension of the company’s intranet. People from outside the company can have a
limited access to the company’s internal network for business or education related purposes. The
access may be granted to the organization’s partners, vendors, suppliers, current and potential
customers, etc. Extranet refers to an Intranet that is partially accessible to authorized outsiders. An
Extranet provides various levels of accessibility to outsiders having a valid username and password.
The Extranet requires security and privacy, so that the information on the network is not wrongly
accessed or misused by external parties. In order to protect the network, the extranets can
incorporate firewall server management, the issuance and use of digital certificates or similar means
of user authentication, encryption of messages, and the use of virtual private networks (VPNs) that
tunnel through the public network.
(d) HTTPS: HyperText Transfer Protocol Secure (HTTPS) is a communications protocol for secure
communication over a computer network, with especially wide deployment on the Internet. The
security of HTTPS uses long term public and secret keys to exchange a short term session key to
encrypt the data flow between client and server.
(e) Firewall: Firewall is a device that forms a barrier between a secure and an open environment when
the latter environment is usually considered hostile, for example, the Internet. It acts as a system or
combination of systems that enforces a boundary between more than one networks. Access controls
are common form of controls encountered in the boundary subsystem by restricting the use of system
resources to authorized users, limiting the actions authorized users can take with these resources
and ensuring that the users obtain only authentic system resources.

Question 17
Define Virtual Private Networks (VPN).
Answer
Virtual Private Network: It is a private network that uses a public network (usually the Internet) to
connect remote sites or users together. By using a VPN, businesses ensure security – anyone intercepting
the encrypted data can’t read it. VPN is a secure network that uses the Internet as its main backbone
network, but relies on the firewalls and other security features of the Internet and Intranet connections
and those of participating organizations.

Question 18
What do you mean by threat and vulnerability? Explain any three facts responsible for occurrence of
vulnerabilities in the software.
Answer
Threat: A threat is anything that can disrupt the operation, functioning, integrity, or availability of a
network or system.
Vulnerability: Vulnerability is an inherent weakness in the design, configuration, or implementation of a
network or system that renders it susceptible to a threat.

47
The following facts are responsible for occurrence of vulnerabilities in the software:
a) Software Bugs - Software bugs are so common that users have developed techniques to work around
the consequences, and bugs that make saving work necessary every half an hour or crash the computer
every so often are considered to be a normal part of computing. For example - buffer overflow, failure
to handle exceptional conditions, access validation error, input validation errors are some of the
common software flaws.
b) Timing Windows - This problem may occur when a temporary file is exploited by an intruder to gain
access to the file, overwrite important data, and use the file as a gateway for advancing further into
the system.
c) Insecure default configurations - Insecure default configurations occur when vendors use known
default passwords to make it as easy as possible for consumers to set up new systems. Unfortunately,
most intruders know these passwords and can access systems effortlessly.
d) Trusting Untrustworthy information - This is usually a problem that affects routers, or those computers
that connect one network to another. When routers are not programmed to verify that they are
receiving information from a unique host, bogus routers can gain access to systems and do damage.
e) End users - Generally, users of computer systems are not professionals and are not always security
conscious. For example, when the number of passwords of a user increases, user may start writing
them down, in the worst case to places from where they are easy to find. In addition to this, users do
human errors, for example save confidential files to places where they are not properly protected.

Question 19
What is Bus Topology? List its two advantages and two disadvantages
Answer
Bus Topology: In a Bus Topology, a single length of wire, cable, or optical fiber connects a number of
computers. All communications travel along this cable, which is called a bus.
Advantages of Bus Topology include the following:
a) There is no host computer or file server, which makes bus network reliable as well as easy to use and
understand.
b) If one of the microcomputers fails, it will not affect the entire network.
c) It requires the least amount of cable to connect the computers together and therefore is less
expensive than other cabling arrangements.
d) It is easy to extend. Two cables can be easily joined with a connector, making a longer cable for more
computers to join the network.
e) A repeater can also be used to extend a bus configuration.

Disadvantages of Bus Topology include the following:

a) Heavy network traffic can slow a bus considerably since any computer can transmit at any time.
b) Each connection between two cables weakens the electrical signal.
c) The bus configuration can be difficult to troubleshoot. A cable break or malfunctioning computer can
be difficult to find and can cause the whole network to stop functioning.
Question 20
What is a ‘Threat’? Explain any three types of Network Security threat?
Answer
Threat: A Threat is a possible danger that can disrupt the operation, functioning, integrity, or availability
of a network or system. Network security threats can be categorized into four broad themes:

48
a) Unstructured Threats - These originate mostly from inexperienced individuals using easily available
hacking tools from the Internet. Many tools available to anyone on the Internet can be used to
discover weaknesses in a company's network. These include port- scanning tools, address-sweeping
tools, and many others. Most of these kinds of probes are done more out of curiosity than with a
malicious intent in mind.
For example, if a company’s external web site is hacked; the company’s integrity is damaged. Even if
the external web site is separate from the internal information that sits behind a protective firewall,
the public does not know that. All they know is that if the company’s web site is hacked, then it is an
unsafe place to conduct business.

b) Structured Threats - These originate from individuals who are highly motivated and technically
competent and usually understand network systems design and the vulnerabilities of those systems.
They can understand as well as create hacking scripts to penetrate those network systems. An
individual who presents a structured threat typically targets a specific destination or group. Usually,
these hackers are hired by industry competitors, or state-sponsored intelligence organizations.

c) External Threats - These originate from individuals or organizations working outside an organization,
which does not have authorized access to organization’s computer systems or network. They usually
work their way into a network from the Internet or dialup access servers.
d) Internal Threats - Typically, these threats originate from individuals who have authorized access to the
network. These users either have an account on a server or physical access to the network. An internal
threat may come from a discontented former or current employee or contractor. It has been seen that
majority of security incidents originate from internal threats.
Question 21
What are the functions of Transport Layer and Internet Layer in Transmission Control Protocol/ Internet
Protocol (TCP/IP)?
Answer
Transport Layer: The Transport Layer in TCP/IP provides end-to-end communication between applications
and verifies correct packet arrival.
Internet Layer: The Internet Layer in TCP/IP provides packet routing for error checking and addressing
and integrity.
Question 22
What is the difference between Integrity and Authenticity with reference to E-Commerce.
Answer
With reference to E-commerce -
Integrity is defined as the ability to ensure that information being displayed on a web site or transmitted
or received over the internet has not been altered in any way by an unauthorized party.
Authenticity is the ability to identify the identity of a person or entity with whom we are dealing in the
internet.

Question 23
How extranets are used by Business Organization?

Answer
The Extranets can be used by business organizations in some of the following ways:
a) Share product catalogs exclusively with wholesalers or those “in the trades”;
b) Collaborate with other companies on joint development efforts;
c) Jointly develop and use training programs with other companies;
d) Provide or access services provided by one company to a group of other companies;

49
e) Share news of common interest exclusively with partner companies;
f) Establish direct private network links between themselves, or create private secure internet links
between them called virtual private networks; and
g) Use the unsecured internet as the extranet link between its intranet and consumers and others, but
rely on encryption of sensitive data and its own firewall systems to adequate security.
Question 24
Briefly explain three tiers in three tier architecture.

Answer
The three tiers in Three-tier architecture are as follows:
a) Presentation Tier: This tier occupies the top level, communicates with other tiers and displays
information related to services available on a website.
b) Application Tier: Also called the Middle tier, Logic tier, Business Logic or Logic tier; this tier
controls application functionality by performing detailed processing.
c) Database Tier: This tier houses the database servers where information is stored and retrieved. Data in
this tier is kept independent of application servers or business logic.

Question 25
Which network topology can be used in case of Military Installations with a very small number of nodes
and why it should be used? List advantages and disadvantages of such network topology.
Answer
In case of Military installations with a very small number of nodes, Mesh Network topology should be
used.
In fully interconnected Mesh topology, each node is connected by a dedicated point to point link to
every node and thus the reliability is very high which is of prime importance in any military installations.
Even if one node fails, Mesh topology provides high degree of redundancy with each node connected to
remaining nodes.
Advantages of mesh network are as follows:
a) Mesh network topology yields the greatest amount of redundancy in the event that if one of the
nodes fails, the network traffic can be redirected to another node.
b) Network problems are easier to diagnose.

Disadvantages of mesh network are as follows:

a) Mesh networks are not very common because of its high cost of installation and maintenance.
b) More cabling is required than any other configuration.
Question 26
Mention the two categories of encryption/decryption methods. What are two basic approaches to
encryption?

Answer
The two categories of encryption/decryption methods are: the Secret Key Method and the Public Key
Method.
a) Secret Key Method: In Secret key encryption/decryption method, the same key is used by both sender
and the receiver. The sender uses this key and an encryption algorithm to encrypt data; the receiver
uses the same key and the corresponding decryption algorithm to decrypt the data.
b) Public Key Method: In Public key encryption, there are two keys: a private key which is kept by the
receiver and the public key which is announced to the public.

50
The two basic approaches to Encryption are as follows:
a) Hardware Encryption: Hardware encryption devices are available at a reasonable cost, and can
support high- speed traffic. If the Internet is being used to exchange information among branch
offices or development collaborators, for instance, use of such devices can ensure that all traffic
between these offices is secure.
b) Software encryption: Software encryption is typically employed in conjunction with specific
applications. Certain electronic mail packages, for example, provide encryption and decryption for
message security.

Question 27
What are the key aspects to be considered in implementing e-commerce?

Answer
The key aspects to be considered in implementing e-commerce are as follows:
a) Involvement of stakeholders, key trading partners, and external auditors to obtain insight
into the design and deployment of e-commerce solution;
b) Implementing appropriate policies, standards and guidelines;
c) Performing cost benefit analysis and risk assessment to ensure value delivery;
d) Implementing the right level of security across all layers and processes;
e) Establishing and implementing the right level of baseline (best practice) controls;
f) Integration of e-Commerce with the business process and the physical delivery channels;
g) Providing adequate user training; and
h) Performing post implementation review to ensure controls are working as envisaged.

51
 Chap 4- Business Information Systems
Question 1
Differentiate between the following:
a) Data and Information
b) Role-based Access Control (RBAC) and Rules-based Access Control (RAC)
Or
Briefly explain the two main approaches to establish access controls in Software Systems.
c) Explicit Knowledge and Tacit Knowledge
d) Information and Knowledge
Answer
a) The differences between Data and Information are as follows:

Data Information
Data is raw and unorganized fact that needs When data is processed, organized,
to be processed. structured or presented in a given context
so as to make it useful, it is called
Information.
Data in itself is meaningless and is the Information is the second level of
lowest level of knowledge. knowledge.
Observations and recordings are done to Analysis of data is done to obtain
obtain data. information.

b) Role-based Access Control (RBAC): RBAC largely eliminates discretion when providing access to
objects. Instead, administrators or automated systems place subjects into roles. Subjects receive only
the rights and permissions assigned to those roles. RBAC uses a centrally administered set of controls
to determine how subjects and objects interact. When an employee changes jobs, all previous access
is removed, and the rights and permissions of the new role are assigned. RBAC enforces static
constraints based on a user’s role. It is the best system for an organization that has high turnover.
Rules-based Access Control (RAC): RAC takes into account the data affected, the identity attempting
to perform a task, and other triggers governed by business rules. RAC uses specific rules that indicate
what can and cannot happen between a subject and an object. A manager, for example, has the
ability to approve his/her employee’s hours worked. However, when s/he attempts to approve
his/her own hours, a rule built into the application compares the employee record and the user, sees
they are the same, and temporarily removes approval privilege. It is not necessarily identity based.
c) Explicit knowledge: Explicit knowledge is that knowledge which can be formalized easily and as a
consequence is easily available across the organization. Explicit knowledge is articulated, and
represented as spoken words, written material and compiled data. This type of knowledge is
codified, easy to document, transfer and reproduce. For example - Online tutorials, Policy and
procedural manuals.
Tacit knowledge: Tacit knowledge, on the other hand, resides in a few often-in just one person and
hasn’t been captured by the organization or made available to others. Tacit knowledge is
unarticulated and represented as intuition, perspective, beliefs, and values that individuals form
based on their experiences. It is personal, experimental and context- specific. It is difficult to
document and communicate the tacit knowledge. For example - hand-on skills, special know-how,
employee’s experiences.

52
d) Differences between Information and Knowledge are given as follows:

Information Knowledge
Information is piecemeal, fragmented and Knowledge is structured, coherent, and often
particular. universal.
Information is timely, transitory, and may even Knowledge is of enduring significance.
be short-lived.
Information is a flow of messages. Knowledge is a stock, largely resulting from the
flow, in the sense that the “input” of
information may affect the stock of knowledge
by adding to it, restructuring it, or changing it
in any way.
Information is acquired by being told. Knowledge can be acquired by thinking. Thus,
new knowledge can be acquired without new
information being received.

Question 2
Define the following:
a) Business Information System
b) Business Process
c) Knowledge Management
d) eXtensible Business Reporting Language (XBRL)
e) Online Analytical Processing (OLAP)

Answer
a) Business Information System: Business Information Systems may be defined as system integrating
business functions and information modules for establishing effective communication channels which
are useful for making timely and accurate decisions and in turn contribute to organizational
productivity and competitiveness.
b) Business Process: A Business Process is a collection of related, structured activities or tasks that
produce a specific service or product (serve a particular goal) for a specific organization.
c) Knowledge Management: Knowledge Management encompasses both the content and the process of
creating the content. It refers both to what is known and how it came to be known.
d) eXtensible Business Reporting Language (XBRL): XBRL is freely available international standards-based
business reporting language developed by accountants for financial reporting.
e) Online Analytical Processing (OLAP): OLAP is a multi-dimensional analytical tool typically used in data
mining, that gathers and process vast amounts of information into useful packets.

Question 3
What is an Information System? Discuss its components in detail.
Answer
Information System: An Information System (IS) is a combination of people, hardware, software,
communication devices, network and data resources that processes (can be storing, retrieving,
transforming information) data and information for a specific purpose. The system needs inputs from
user (key in instructions and commands, typing, scanning) which will then be processed (calculating,
reporting) using technology devices such as computers, and produce output (printing reports, displaying
results) that will be sent to another user or other system via a network and a feedback method that
controls the operation.

53
In general, any specific Information System aims to support operations, management and decision-
making.
Components of Information System
The main aim and purpose of each Information System is to convert the data into information which is
useful and meaningful. This process consists of four basic concepts:
a) People, hardware, software, and data are four basic resources of information systems;
b) Human resources consist of end users and IT specialists; hardware resources involve machines and
media; software resources consist of programs and procedures; and data resources include data and
knowledge base; and network resources include communications media and networks.
c) A process is used to convert data into information for end users;
d) Information processes consist of input, processing, output, storage, and control processes.
All components of information systems are mutually connected and cannot exist individually. The output
could be in terms of printouts, reports, graphics; Input can be data, information and instructions;
Processing may involve calculations, programming and storing; Controls could be related to decision-
making and the feedback.

Question 4
Discuss Transaction Processing System (TPS).
Answer
Transaction Processing System (TPS) may be defined as a type of information system that collects, stores,
modifies and retrieves the day-to-day data transactions of an enterprise. Archetypal examples of such
systems would be used in an Airline Reservation Systems, Railway reservation by IRCT, Banking Systems,
or the Accounting System of roughly any outsized company. These are designed to process transactions
virtually instantly to ensure that customer data is available to the processes that require it. Most of the
Transaction Processing Systems include one or additional of the following attributes:
a) Access Control-TPS: Most Transaction Processing Systems come with access control to put a ceiling
on users to only those allowed to accomplish so. Access Control ensures that people who are not
authorized to use the system are not permissible to influence or transform the transaction process.
b) Equivalence-TPS: Transactions are processed in the similar format every time to ensure that full
effectiveness is achieved. The TPS Interfaces are designed to get hold of identical data for each
transaction, despite the consequences of the source.
c) High Volume Rapid Processing-TPS: TPS is designed to process transactions in an immediate to make
confident that the transaction data is available to other users or processes that entail it. The
instantaneous processing of transactions is noteworthy to the success of certain industry such as
banking.
d) Trustworthiness-TPS: A TPS system is designed to be robust and trustworthy. The system is capable
to process transactions very rapidly, yet at the same time, conduct several checks to make certain
that the data integrity is preserved.

Question 5
Discuss Office Automation Systems (OAS) in brief.
Answer
Office Automation System (OAS) is an amalgamation of hardware, software, and other resources used to
smooth the progress of communication and augment efficiency. Office automation refers to the use of
computer and software to digitally generate, collect, store, manipulates, and relay office information
needed for accomplishing basic tasks and goals.

54
In addition to capturing handwritten notes, it comprises of exchange of information; management of
administrative documents; handling of numerical data; and meeting, planning and management of work
schedules. Office Automation System takes into consideration the computer applications and other
problem solving tool along with a database to transform input into output.
Office Automation is a widespread appearance that includes an all-embracing variety of applications of
computer, communication and information technologies in office surroundings.

Question 6
Discuss Knowledge Management System (KMS).
Answer
Knowledge Management Systems (KMS) refers to any kind of IT system that stores and retrieves
knowledge, improves collaboration, locates knowledge sources, mines repositories for hidden
knowledge, captures and uses knowledge, or in some other way enhances the knowledge management
process. KMS treats the knowledge component of any organization’s activities as an explicit concern
reflected in strategy, policy, and practice at all levels of the organization.
a) Two broad categories of knowledge exist – Explicit and Tacit. Explicit Knowledge is formalized,
articulated and written whereas Tacit Knowledge resides in a few often-in-just one person and has
not been captured by the organization.
b) Knowledge base is a special kind of database for knowledge management. It is an information
repository that provides a means for information to be collected, organized, shared, searched and
utilized. It can be either machine-readable or intended for human use.
c) A Knowledge Discovery in databases system is a value-added intranet with facilities to search and
identify captured knowledge, or identify experts who have the knowledge. The system will also help us
establish contact with the expert and have a dialogue with them. It will then capture and make
available the transcripts of such discussions, whether they be on chat, e-mail or discussion forums.

Question 7
Discuss Management Information System (MIS).
Answer
Management Information System (MIS) refers to the data, equipment and computer programs that are
used to develop information for managerial use. It is an integrated system which provides accurate,
timely and meaningful data for management planning, analysis and control to optimize the growth of the
organization. Management Information Systems provide decision- makers with preselected types of
information. MIS is generally in the form of computer- generated reports and usually generated from
data obtained from transaction processing systems.
Airline reservations (seat, booking, payment, schedules, boarding list, special needs, etc.), Bank
operations (deposit, transfer, withdrawal) electronically with a distinguish payment gateways, Integration
of department with the help of contemporary software’s like ERP, and Logistics management application
to streamline the transportation system etc. are some of the examples of MIS.

Question 8
Discuss Decision Support Systems (DSS). Discuss its components in detail.
Or
Explain the different components of Decision Support Systems.
Answer
A Decision Support System (DSS) is a computer-based information system that supports business or
organizational decision-making activities. DSSs serve the management, operations and planning levels of
an organization (usually mid and higher management) and help to make decisions, which may be rapidly
changing and not easily specified in advance. DSS can be either fully computerized, human or a

55
 Combination of both. A properly designed DSS may be defined as an interactive software-based system
intended to help decision makers compile useful information from raw data, documents, personal
knowledge, and/or business models to identify and solve problems and make decisions. DSS are there to
facilitate a manager in making operational decisions, but the ultimate burden of responsibility lies with
the manger. Managers can sometimes be over-optimistic in their expectations of a DSS and develop a
unrealistic reliance on the system.
Two types of planning languages that are commonly used in DSS are: General-purpose Planning
Languages and Special-purpose Planning Languages. These are discussed below:
a) General-purpose planning languages that allow users to perform many routine tasks, for example;
retrieving various data from a database or performing statistical analyses. The languages in most
electronic spreadsheets are good examples of general-purpose planning languages. These languages
enable user to tackle abroad range of budgeting, forecasting, and other worksheet-oriented
problems.
b) Special-purpose planning languages are more limited in what they can do, but they usually do certain
jobs better than the general-purpose planning languages. Some statistical languages, such as SAS and
SPSS, are examples of special purpose planning languages.
The components of DSS are as follows:
a) The user: The user is usually a manager with an unstructured or semi-structured problem to solve and
may be at management - level of an organization.
b) One or more databases: Databases contain both routine and non-routine data from both internal and
external sources.
c) Model Base: Model base is the brain of the DSS as it performs data manipulations and computations
with the data provided to it by the user and the database. The planning language in DSS allows the
user to maintain a dialogue with the model base.

Question 9
What do you understand by the term “Executive Information System (EIS)”. Discuss its components in
detail.

Answer
An Executive Information System (EIS) is the nature of Information System used by executives to access
and administer the data they entail to make informed business decisions. The EIS in itself is not an
instrument, but rather, an infrastructure within a company. It may be defined as just not as a piece of
hardware or software, but an infrastructure that supplies to a firm's executives the up-to-the-minute
operational data, gathered and sifted from various databases. EIS links data from various sources both
internal and external to provide the amount and kind of information executives find useful. These
systems are designed for top management; easy to use; present information in condensed view; access
organization’s databases and data external to the organization.
The typical information mix presented to the executive may include financial information, work in
process, inventory figures, sales figures, market trends, industry statistics, and market price of the firm's
shares.

56
Components of an EIS are as follows:
Component Description
Hardware Includes Input data-entry devices, CPU, Data Storage files and Output
Devices.
Software Includes Text base software, Database, and Graphic types such as time
series charts, scatter diagrams, aps, motion graphics, sequence charts,
and comparison-oriented graphs (i.e., bar charts) Model base.

User Interface Includes hardware (physical) and software (logical) components by which
people (users) interact with a machine. Several types of interfaces can be
available to the EIS structure, such as scheduled reports,
questions/answers, menu driven, command language, natural language,
and input/output.
Telecommunication Involves transmitting data from one place to another in a reliable
networked system.

Question 10
Discuss Customer Relationship Management (CRM).
Answer
Customer Relationship Management (CRM) may be defined as a business process in which client
relationships; customer loyalty and brand value are built through marketing strategies and activities. CRM
allows businesses to develop long-term relationships with established and new customers while helping
modernize corporate performance. CRM incorporates commercial and client-specific strategies via
employee training, marketing planning, relationship building and advertising. The main objective is to
retain as much loyal customers as one can.

To accomplish with CRM, companies need to match products and campaigns to prospect elegantly the
customer life cycle. CRM encompasses the function and responsibilities of those employees who directly
work with customers. CRM establishes the benefits of generating customer loyalty, raising a market
intelligence enterprise, and an integrated relationship. Preserving existing customers and providing
enhanced services to accomplish the loyalty is expressed as CRM. CRM applications smoothen the
progress to capture, consolidate, analysis, and enterprise-wide dissemination of data from existing and
potential customers. CRM can be considered as an amalgamation of people, process and systems rather
than just IT application.

Question 11
What is Supply Chain Management (SCM)? Discuss its components.
Answer
Supply Chain Management (SCM) is a chain that starts with customers and ends with customers. Supply
Chain Management may be defined as the process of planning, implementing and controlling the
operations of the supply chain with the purpose of satisfying the customer's requirement as efficiently
as possible. Supply Chain spans all movement and storage of raw materials, work-in-process, inventory
and finished goods from the point of origin to the point of consumption.
Components of SCM: The main elements of a supply chain are as follows:
a) Procurement/Purchasing – It begins with the purchasing of parts, components, or services.
Procurement must ensure that the right items are delivered in the exact quantities at the correct
location on the specified time schedule at minimal cost. The key issue in procurement is how one
goes about selecting and maintaining a supplier, which can be approached from two directions. The

57
 first concentrates on how a firm might evaluate a potential supplier whereas the second is how a firm
evaluates those businesses that are already suppliers to an operation.
b) Operations – The second major element of SCM is Operations. Having received raw materials, parts,
components, assemblies, or services from suppliers, the firm must transform them and produce the
products or the services that meet the needs of its consumers. It must conduct this transformation in
an efficient and effective manner for the benefit of SCM system.
c) Distribution – The third element of the SCM system is distribution. Distribution involves several
activities - transportation (logistics) of goods across the entire supply chain, warehousing, and CRM.

Purchasing
Supplier
Selection

Operations Integration
Lean
CUSTOMER Coordination
Inventory
Management
Control
Control
Quality

Distribution
Transportation
CRM
Logistics Parties

Core elements of a SCM

d) Integration - The last element of SCM is the need for integration. It is critical that all participants in
the service chain recognize the entirety of the service chain. The impact of the failure to adopt a
system-wide perspective - that is, examining the totality of the chain can significantly increase costs
and destroy value.

Question 12
What is HRMS? Discuss its key modules.
Answer
A Human Resource Management System (HRMS) is a software application that coalesce many human
resources functions together with benefit like administration, payroll, recruiting and training,
performance analysis and assessment into one parcel.
Key Modules of HRMS are as follows:
a) Workforce Management: Integrated across the strategic Human Capital Management (HCM) solution;
Workforce Management provides powerful tools to effectively manage labour rules, ensure
compliance, and control labour costs and expenses.
b) Time and Attendance Management: The time and attendance module gathers standardized time and
work related efforts. The most advanced modules provide broad flexibility in data collection methods,
labor distribution capabilities and data analysis features. Cost analysis and efficiency metrics are the
primary functions.
c) Payroll Management: This module of the system is designed to automate manual payroll functions
and facilitate salary, deductions, calculations etc.; eliminates errors and free up HR staff for more
productive tasks. Data is generally fed from the human resources and time keeping modules to
calculate automatic deposit and manual cheque writing capabilities. This module can encompass all
employee-related transactions as well as integrate with existing financial management systems.
d) Training Management: Training programs can be entered with future dates which allow managers to
track progress of employees through these programs, examine the results of courses taken and
reschedule specific courses when needed. The module tracks the trainer or training organization; costs

58
 associated with training schedules, tracks training locations, required supplies and equipment and
registered attendees.
e) Compensation Management: Compensation Management is more than just the means to attract and
retain talented employees. In today’s competitive labor market, organizations need to fully leverage
their human capital to sustain a competitive position. This requires integrating employee processes,
information and programs with organizational processes and strategies to achieve optimal
organizational results.
f) Recruitment Management: This module helps in hiring the right people with the right target skills.
This module includes processes for managing open positions/requisitions, applicant screening,
assessments, selection and hiring, correspondence, reporting and cost analysis.
g) Personnel Management: The personnel management module comprises of HR master- data,
personnel administration, recruitment and salary administration.
h) Organizational Management: Organizational Management module includes organizational structure,
staffing schedules and job description.
i) Employee Self Service (ESS): The Employee Self Service module allows employees to query HR related
data and perform some Human Resource transactions over the system. For example - Employees may
query their attendance record from the system without asking the information from HR personnel.
j) Analytics: The Analytics module enables organizations to extend the value of an HRMS implementation
by extracting HR related data for use with other business intelligence platforms. For example,
organizations combine HR metrics with other business data to identify trends and anomalies in
headcount in order to better predict the impact of employee turnover on future output.

Question 13
Discuss Core Banking System (CBS).
Answer
Core Banking System (CBS) may be defined as the set of basic software components that manage the
services provided by a bank to its customers through its branches (branch network). The absolute bank's
branches access applications from centralized data centers. All transactions budge through core systems,
which, at an absolute minimum, must remain running and responsive during business hours. Increasingly,
these systems are running 24x7 to support Internet banking, global operations, and real time transactions
via ATM, Internet, phone, and debit card.
The various elements of core banking include making and servicing loans; opening new accounts;
processing cash deposits and withdrawals; processing payments and cheques; calculating interest;
Customer Relationship Management (CRM) activities; managing customer accounts; establishing criteria
for minimum balances, interest rates, number of withdrawals allowed and so on; establishing interest
rates; and maintaining records for all the bank’s transactions.
Normal core banking functions include deposit accounts, loans, mortgages and payments. Banks make
these services available across multiple channels like ATMs, Internet banking, and branches. Examples of
major core banking products include Infosys’ Finacle, Nucleus FinnOne and Oracle's Flexcube application
(from their acquisition of Indian IT vendor i-flex).

Question 14
What do you understand by Accounting Information System (AIS)? Also discuss its key elements.
Answer
Accounting Information System (AIS) is defined as a system of collection, storage and processing of
financial and accounting data that is used by decision makers. An AIS is generally a computer-based
method for tracking accounting activity in conjunction with information technology resources. The
resulting statistical reports can be used internally by management or externally by other interested

59
parties including investors, creditors and tax authorities. Accounting information system takes into
consideration different aspects, which are composed of smaller subsystems, which help an organization
in achieving its goal. The different sub components in AIS include Budgeting and Planning, Expenses
Management, Revenue Management, Cash and Treasury Management, Accounting software, Electronic
Banking, Activity-based Management, Payroll etc.
The key elements that compose the typical Accounting Information System are as follows:
a) People: AIS helps various system users that include accountants, consultants, business analysts,
managers, chief financial officers and auditors etc. from different departments within a company to
work together. With well-designed AIS, everyone within an organization who is authorized to do so
can access the same system and get the same information. AIS also simplify getting information to
people outside of the organization when necessary.
b) Procedure and Instructions: These include both manual and automated methods for collecting,
storing, retrieving and processing data.
c) Data: It refers to the information pertinent to the organization's business practices that may include
sales orders, customer billing statements, sales analysis reports, purchase requisitions, vendor
invoices, check registers, general ledger, inventory data, payroll information, timekeeping, tax
information etc. This data can then be used to prepare accounting statements and reports such as
accounts receivable aging, depreciation/amortization schedules, trial balance, profit and loss, and so
on.
d) Software: These are the computer programs that provide quality, reliability and security to the
company's financial data that may be stored, retrieved, processed and analyzed. Managers rely on
the information it outputs to make decisions for the company, and they need high-quality
information to make sound decisions.
e) Information Technology Infrastructure: This include hardware such as personal computers, servers,
printers, surge protectors, routers, storage media, and possibly a backup power supply used to
operate the system. The hardware selected for AIS must be compatible with the intended software.
f) Internal Controls: These are the security measures such as passwords or as complex as biometric
identification to protect sensitive data against unauthorized computer access and to limit access to
authorized users. Internal controls also protect against computer viruses, hackers and other internal
and external threats to network security.

Question 15
Write a short note on Artificial Intelligence.
Answer
Artificial Intelligence (AI) is the vicinity of computer science focusing on creating machines that can fit
into place on behaviors that humans regard as intelligent. It is a research field that studies how to
comprehend the intelligent human behaviors on a computer. The decisive objective of AI is to make a
computer that can discover, sketch, and crack problems in parallel. The subject of artificial intelligence
spans a wide horizon dealing with various kinds of knowledge representation schemes, different
techniques of intelligent search, various methods for resolving uncertainty of data and knowledge,
different schemes for automated machine learning and many others. Expert systems, Pattern
Recognition, Natural language processing, and many others are some of the various purposes on which
AI may be applied.

Question 16
What are the possible ways to make payments electronically?
Answer

60
Major types of Electronic Payments are as follows:
a) Credit Cards: In a credit card transaction, the steps involved are authorization, batching, clearing and
funding. The consumer presents preliminary proof of his ability to pay by presenting his credit card
number to the merchant. The merchant can verify this with the bank, and create a purchase slip for
the consumer to endorse. The merchant then uses this purchase slip to collect funds from the bank,
and, on the next billing cycle, the consumer receives a statement from the bank with a record of the
transaction.
b) Electronic Cheque: Credit card payments are popular for commerce on the Internet. However, FSTC
amd CyberCash are two systems that let consumers use electronic cheques to pay Web merchants
directly. Financial Services Technology Corporation (FSTC) is a consortium of banks and clearing
houses that has designed an electronic cheque that is initiated electronically, and uses a digital
signature for signing and endorsing. By CyberCash, electronic cheque functions as a message to the
sender’s bank to transfer funds, and, like a paper cheque, the message is given initially to the receiver
who, in turn, endorses the cheque and presents it to the bank to obtain funds.
c) Smart Cards: Smart cards are any pocket sized card with embedded integrated circuits. Smart cards
can provide identification authentications, data storage and application processing. Smart cards may
serve as a credit or ATM cards, Fuel cards, mobile phone SIMs, access-control cards, public transport
or public phone payment cards etc. on the card. Contact cards, Contactless cards and Combi/Hybrid
Cards are the three types of Smart Cards.
d) Electronic Purses: Electronic Purse Card is very similar to a pre-paid card. Bank issues a stored value
card to its customer, the customer can then transfer value from his/her account to the card at an ATM,
a personal computer, or a specially equipped telephone. While making purchases, customers pass
their cards through a vendor's Point of Sale terminal. Validation is done through a Personal
Identification Number (PIN Number). Once the transaction is complete, funds are deducted directly
from the cards and transferred to the vendor's terminal. When the value on a card is spent, consumers
can load additional funds from their accounts to the card.

Question 17
What is an Expert System? Discuss its key components.
Answer
An Expert System (ES) is a computerized information system that allows non-experts to make decisions
comparable to those of an expert. The aim of the expert system is to have a team of seasoned specialists
holding industry-wide experience who further spread across implementations like in Defense,
Government, Finance, Telecom, and Engineering sectors.
Components of an Expert System are as follows:
a) Knowledge Base: This includes the data, knowledge, relationships, rules of thumb (heuristics), and
decision trees used by experts to solve a particular problem. A knowledge base is the computer
equivalent of all the knowledge and insight that an expert or group of experts develop through years
of experience in their field. The knowledge base of expert system encloses both realistic and heuristic
knowledge. Realistic knowledge is that knowledge of the job domain that is extensively shared,
characteristically found in textbooks or journals whereas heuristic knowledge is the fewer rigorous,
extra empirical, supplementary judgmental knowledge of performance.
b) Database of Facts: This holds the user's input about the current problem. The user may begin by
entering as much as they know about the problem or the inference engine may prompt for details or
ask whether certain conditions exist. Gradually a database of facts is built up which the inference
engine uses to come to a decision. The quality and quantity of data gained from the user influences
the reliability of the decision.

61
c) Inference Engine: This program contains the logic and reasoning mechanisms that simulate the expert
logic process and deliver advice. It uses data obtained from both the knowledge base and the user to
make associations and inferences, form its conclusions, and recommend a course of action.
d) Explanation facility: This facility provides the user with an explanation of the logic the Expert System
used to arrive at its conclusion.
e) User Interface: This program allows the user to design, create, update, use and communicate with the
expert system.

Question 18
What is the difference between electronic cheque and paper cheque?
Answer
An e-cheque is an instrument where one person issues it to pay another person but there is no paper
involved. Everything is electronic. An electronic cheque can be protected against any fraud by encoding
sender’s account number with the bank’s public key thereby not revealing the sender’s account number
to the merchant. As with the SET protocol, digital certificates can be used to authenticate the payer, the
payer’s bank, and bank account. However, no such encoding of sender’s account number is possible in
case of paper cheque. E-cheque are faster and more convenient than paper cheque. It is environmentally
friendly too.

Question 19
Explain step by step online transaction processing in an e-commerce environment.
Answer
a) Advertising: The company communicates its products and services (catalogue);
b) Offering: The company offers specific goods and services;
c) Selling: The company agrees with the customer on the content of a specific order;
d) Billing: The company produces the invoice;
e) Paying: The buyer pays the seller by giving a payment instruction;
f) Matching: The seller matches the payment information (the authorization results and the actual
crediting of account) with the orders and feeds the result into the back-office;
g) Delivering: The seller delivers to the buyer; and
h) Resolving: The seller and buyer try to resolve delivery or payment issues related to the purchase.
However, in some cases, the payment can also be a separate off-line transaction or a transaction via a
financial intermediary (depicted by the dotted line). The current payment instruments for use on the
web have different characteristics in terms of risk and security.

Question 20
Explain the pre-requisites of ACID Test for any Transaction Processing System (TPS).
Answer
The ACID Test refers to the following prerequisites for any Transaction Processing System (TPS).
a) Atomicity: This means that a transaction is either completed in full or not at all. TPS systems ensure
that transactions take place in their entirety.
b) Consistency: TPS systems exist within a set of operating rules or integrity constraints. For Example -
If an integrity constraint states that all transactions in a database must have a positive value, any
transaction with a negative value would be refused.
c) Isolation: Transactions must appear to take place in seclusion. For example, the funds cannot be
credited to an account before they are debited from another.

62
d) Durability: Once transactions are completed they cannot be undone. To ensure this, a log will be
created to document all completed transactions.

Question 21
You are an in-charge of Customer Relationship Management (CRM). Describe the relevance of
Old Pareto Rule “80/20 Rule”.
Answer
Pareto Rule emphasizes that most organizations find that approximately 20% of their customer base
generates 80% of the profits. It is merely based on the philosophy that indicates that old trustworthy
customers are most lucrative and help in generating profits.

Question 22
Write short note on “Just-In-Time (JIT)”.
Answer
JIT is a philosophy of continuous improvement in which non-value-adding activities (or wastes) are
identified and removed for the purposes of:
a) Reducing Cost
b) Improving Quality
c) Improving Performance
d) Improving Delivery
e) Adding Flexibility
f) Increase Innovativeness

When the JIT principles are implemented successfully, significant competitive advantages are realized. JIT
principles can be applied to all parts of an organization: order taking, purchasing, operations, distribution,
sales, accounting, design, etc.

63
 Chap 5- Business Process Automation through
Application Software
Question 1
What are the objectives of Business Process Automation (BPA)?
Answer
The success of any business process automation shall only be achieved when BPA ensures:
a) Confidentiality: To ensure that data is only available to persons who have right to see the same;
b) Integrity: To ensure that no un-authorized amendments can be made in the data;
c) Availability: To ensure that data is available when asked for; and
d) Timeliness: To ensure that data is made available in at the right time.
To ensure that all the above parameters are met, BPA needs to have appropriate internal controls put in
place.

Question 2
Differentiate between Manual Information Processing Cycle and Computerized Information Processing
Cycle.
Answer

Manual Information Processing Cycle Computerized Information Processing Cycle

Systems where the level of manual intervention Systems where computers are used at every stage
is very high. For example- Evaluation of exam of transaction processing and human intervention
papers, teaching and operations in operation is minimal.
theatres.
Include following components: Include following components:
 Input: Put details in register.  Input: Entering data into the computer;
 Process: Summarize the  Process: Performing operations on the data;
information; and  Storage: Saving data, programs, or output
 Output: Present information to for future use; and
management in the form of reports.  Output: Presenting the results.

Question 3
What are the major control objectives in Business Process Automation (BPA)?
Answer
Control is defined as policies, procedures, practices and organization structure that are designed to
provide reasonable assurance that business objectives are achieved and undesired events are prevented
or detected and corrected. Major control objectives are given as follows:
a) Authorization – ensures that all transactions are approved by responsible personnel in accordance
with their specific or general authority before the transaction is recorded.

64
b) Completeness – ensures that no valid transactions have been omitted from the accounting records.
c) Accuracy – ensures that all valid transactions are accurate, consistent with the originating transaction
data, and information is recorded in a timely manner.
d) Validity – ensures that all recorded transactions fairly represent the economic events that actually
occurred, are lawful in nature, and have been executed in accordance with management's general
authorization.
e) Physical Safeguards and Security – ensures that access to physical assets and information systems are
controlled and properly restricted to authorized personnel.
f) Error Handling – ensures that errors detected at any stage of processing receive prompts corrective
actions and are reported to the appropriate level of management.
g) Segregation of Duties – ensures that duties are assigned to individuals in a manner that ensures that
no one individual can control both the recording function and the procedures relative to processing a
transaction.

Question 4
What are the characteristics of Cloud Computing?
Answer
The following is a list of some of the characteristics of a cloud-computing environment:
a) Elasticity and Scalability: Cloud computing gives us the ability to expand and reduce resources
according to the specific service requirement. For example, we may need a large number of server
resources for the duration of a specific task. We can then release these server resources after we
complete our task.
b) Pay-per-Use: We pay for cloud services only when we use them, either for the short term or for a
longer duration.
c) On-demand: Because we invoke cloud services only when we need them, they are not permanent
parts of the IT infrastructure. With cloud services, there is no need to have dedicated resources
waiting to be used, as is the case with internal services.
d) Resiliency: The resiliency of a cloud service offering can completely isolate the failure of server and
storage resources from cloud users. Work is migrated to a different physical resource in the cloud
with or without user awareness and intervention.
e) Multi Tenancy: Public cloud service providers often can host the cloud services for multiple users
within the same infrastructure. Server and storage isolation may be physical or virtual depending
upon the specific user requirements.
h) Workload Movement: This characteristic is related to resiliency and cost considerations. Cloud-
computing providers can migrate workloads across servers both inside the data center and across data
centers (even in a different geographic area).

Question 5
Discuss advantages and disadvantages of Cloud Computing.
Answer
Advantages of Cloud Computing: It is a cost efficient method to use, maintain and upgrade with almost
unlimited storage. It provides an easy access to information and is usually competent enough to handle
recovery of information. In the cloud, software integration occurs automatically and the entire system
can be fully functional in a matter of a few minutes.
Disadvantages of Cloud Computing: This technology is always prone to outages and other technical
issues and surrendering all the company’s sensitive information to a third-party cloud service provider
makes the company vulnerable to external hack attacks and threats.

65
Question 6
Discuss some benefits of Grid Computing.
Answer
Some benefits of Grid Computing are as follows:
a) Making use of Underutilized Resources: Grid computing provides a framework for exploiting
underutilized resources and has the possibility of substantially increasing the efficiency of resource
usage by aggregating this unused storage into a much larger virtual data store.
b) Resource Balancing: The grid can offer a resource balancing effect by scheduling grid jobs on machines
with low utilization. This feature of grid computing handles occasional peak loads of activity in parts of
a larger organization.
c) Parallel CPU Capacity: A CPU-intensive grid application can be thought of as many smaller sub-jobs,
each executing on a different machine in the grid. A perfectly scalable application will, for example,
finish in one tenth of the time if it uses ten times the number of processors
d) Virtual resources and virtual organizations for collaboration: The users of the grid can be organized
dynamically into a number of virtual organizations, each with different policy requirements. These
virtual organizations can share their resources such as data, specialized devices, software, services,
licenses, and so on, collectively as a larger grid.
e) Access to additional resources: In addition to CPU and storage resources, a grid can provide access to
other resources as well. For example, if a user needs to increase their total bandwidth to the Internet
to implement a data mining search engine, the work can be split among grid machines that have
independent connections to the Internet.
f) Reliability: High-end conventional computing systems use expensive hardware to increase reliability.
The machines also use duplicate processors in such a way that when they fail, one can be replaced
without turning the other off.
g) Management: The grid offers management of priorities among different projects. Aggregating
utilization data over a larger set of projects can enhance an organization’s ability to project future
upgrade needs. When maintenance is required, grid work can be rerouted to other machines without
crippling the projects involved.

Question 7
Discuss the constraints that need to be taken into consideration while developing a secured Grid
Architecture.
Answer
To develop secured grid architecture, following constraints are taken from the characteristics of grid
environment and application.
a) Single Sign-on: A user should authenticate once and they should be able to acquire resources, use
them, and release them and to communicate internally without any further authentication.
b) Protection of Credentials: User passwords, private keys, etc. should be protected.
c) Interoperability with local security solutions: Access to local resources should have local security
policy at a local level. Despite of modifying every local resource there is an inter-domain security
server for providing security to local resource.
d) Exportability: The code should be exportable i.e. they cannot use a large amount of encryption at a
time. There should be a minimum communication at a time.

66
Question 8
List out different types of delivery channels though which information is delivered to the user.
Answer
Delivery channels refer to the mode through which information or products are delivered to users.
Delivery Channels for Information include the following:
a) Intranet: Network within the company/enterprise;
b) E-mail: The most widely used delivery channel for information today;
c) Internal newsletters and magazines;
d) Staff briefings, meetings and other face-to-face communications methods;
e) Notice boards in communal areas;
f) Manuals, guides and other printed resources;
g) Hand-held devices (PDAs, etc.); and
h) Social networking sites like Facebook, WhatsApp etc.

Question 9
Briefly explain Grid Computing. What are possible reasons of using grid computing?
Answer
Grid Computing: Grid Computing is a computer network in which each computer's resources are shared
with every other computer in the system. In the ideal grid computing system, every resource is shared,
turning a computer network into a powerful supercomputer. With the right user interface, accessing a
grid computing system is no different than accessing a local machine's resources.
Some of the reasons of using Grid Computing are as follows:
a) Civil engineers collaborate to design, execute, & analyze shake table experiments.
b) An insurance company mines data from partner hospitals for fraud detection.
c) An application service provider offloads excess load to a compute cycle provider.
d) An enterprise configures internal & external resources to support e-Business workload.
e) Large-scale science and engineering are done through the interaction of people, heterogeneous
computing resources, information systems and instruments, all of which are geographically and
organizationally dispersed.

Question 10
What are the components of the Computerized Information Processing Cycle?
Answer
The components of a Computerized Information Processing Cycle include the following:
a) Input: Entering data into the computer;
b) Processing: Performing operations on the data;
c) Storage: Saving data, programs, or output for future use; and
d) Output: Presenting the results.

Question 11
What are the major process controls, which should be enforced through front end application system, to
have consistency in the control process?
Answer
The Process Controls that should be enforced through the front end application system, to have
consistency in the control process are as follows:

67
a) Run-to-Run Totals: These help in verifying data that is subject to process through different stages. A
specific record can be used to maintain the control total.
b) Reasonableness Verification: Two or more fields can be compared and cross verified to ensure their
correctness.
c) Edit Checks: Edit checks similar to the data validation controls can also be used at the processing
stage to verify accuracy and completeness of data.
d) Field Initialization: Data overflow can occur, if records are constantly added to a table or if fields are
added to a record without initializing it .
e) Exception Reports: Exception reports are generated to identify errors in data processed.
f) Existence/Recovery Controls: The check-point/restart logs facility is a short-term backup and recovery
control that enables a system to be recovered if failure is temporary and localized.
Question 12
Write short note on the following:
a) Network Virtualization
b) MS Office Applications
c) Storage Virtualization
Answer
a) Network Virtualization: In IT, Virtualization is the process of creating logical computing resources from
available physical resources. This is accomplished using virtualization software to create a layer of
abstraction between workloads and the underlying physical hardware. Network Virtualization allows a
large physical network to be provisioned into multiple smaller logical networks and conversely allows
multiple physical LANs to be combined into a larger logical network. This behavior allows
administrators to improve network traffic control, enterprise and security.
b) MS Office Applications: These are various office automation systems made available by Microsoft
Corporation which include MS Word, MS Excel, MS PowerPoint, MS Access, etc. Each of these software
help to achieve automation of various tasks in the office. It has features such as customized ribbon,
backstage view, built-in graphics toolset, enhanced security, excel spark lines, pivot for Excel,
PowerPoint broadcast, Power Point compression, paste, preview and outlook conversation view.
c) Storage Virtualization: Storage virtualization is the apparent pooling of data from multiple storage
devices, even different types of storage devices, into what appears to be a single device that is
managed from a central console. Storage virtualization helps the storage administrator perform the
tasks of backup, archiving, and recovery more easily and in less time by disguising the actual
complexity of a Storage Area Network (SAN).

Question 13
Define ‘On-line processing’ and ‘Real-time processing’.
Answer
a) Online Processing: In this, data is processed immediately while it is entered, the user usually only has
to wait a short time for a response. (Example: games, word processing, booking systems). Interactive
or online processing requires a user to supply an input. Interactive or online processing enables the
user to input data and get the results of the processing of that data immediately.
b) Real-time Processing: Real time processing is a subset of interactive or online processing. Input is
continuously, automatically acquired from sensors which are processed immediately in order to
respond to the input in as little time as possible. The system doesn't need a user to control it. Real time
processing is used in warning systems on aircraft, alarm systems in hazardous zones, burglar alarms
etc.

68
 PAPER – 7 : INFORMATION TECHNOLOGY
MAY 2015
Question No. 1 is compulsory Answer any five questions from the rest.
Question 1
Answer all the following questions in brief:
a) What are the key benefits of Business Process Automation (BPA)?
b) How extranets are used by Business Organization?
c) Name the various phases of System Development Life Cycle (SDLC) in the logically correct order.
d) Briefly explain three tiers in three tier architecture.
e) What are the components of the Computerized Information processing Cycle?
(2 x 5 = 10 Marks)
Question 2
ABC Limited is a software development company, which appointed 50 software engineers in August’ 2014
at a monthly salary of Rs. 30,000. All these engineers shall be entitled for an increment in their monthly
salary after six months. The increment on present monthly salary shall be based on their performance to
be evaluated on a 100 marks scale as per detains given below:
a) Performance Marks < 70, then increment shall be 10% of present salary.
a) 70 ≤ Performance marks < 80, then increment shall be 20% of present salary.
b) Performance marks ≥ 80, then increment shall be 30% of present salary.
Draw a Flow-Chart to enable to print the details like name of the engineer, performance marks, monthly
increment amount and revised monthly salary for each of these 50 engineers.
(8 Marks)
Question 3
a) Describe the following service models of cloud computing.
i) Network as a Service (NaaS)
ii) Platform as a Service (PaaS) (4 Marks)
b) What is Server? Briefly explain any four types of servers based on the nature of service they provide.
(4 Marks)
Question 4
a) Which network topology can be used in case of Military Installations with a very small number of
nodes and why it should be used? List advantages and disadvantages of such network topology.
(4 Marks)
b) What is Accounting Information System (AIS)? Briefly describe the key components of AIS. (4 Marks)

Question 5
a) Differentiate between Explicit Knowledge and Tacit Knowledge. (4 Marks)
b) Explain the pre-requisites of ACID Test for any Transaction Processing System (TPS). (4 Marks)
Question 6
a) Discuss any four key characteristics of Cloud Computing. (4 Marks)
b) What are the major process controls, which should be enforced through front end application system,
to have consistency in the control process? (4 Marks)
Question 7
Write short notes on any Four of the following:
a) Radical Redesign
b) Android
c) Peer-to-Peer Network (PsP)
d) Electronic Purses
e) Network Virtualisation (2 x 4 = 8 Marks)
 PAPER – 7 : INFORMATION TECHNOLOGY
NOV 2015
Question No. 1 is compulsory Answer any five questions from the rest.

Question 1
Answer the following in brief.
(a) Mention the challenges in implementing ‘Business Process Automation’.
(b) Distinguish between ‘Cache Memory’ and ‘Virtual Memory’.
(c) In what way a Switch is different from a Router in the computer networks?
(d) What are the key aspects to be considered in implementing e-commerce?
(e) Define ‘On-line processing’ and ‘Real-time processing’. (5 x 2 = 10 Marks)

Question 2
An E-commerce site has the following cash back offers.
(i) If the purchase mode is via website, an initial discount of 10% is given on the bill amount.
(ii) If the purchase mode is via phone app. An initial discount of 20% is given on the bill amount.
(iii) If done via any other purchase mode, the customer is not eligible for any discount. Every purchase
eligible to discount is given 10 reward points.
(a) If the reward points are between 100 and 200 points, the customer is eligible for a further 30%
discount on the bill amount after initial discount.
(b) If the reward points exceed 200 points, the customer is eligible for a further 40% discount on
the bill amount after initial discount.
Taking purchase mode, bill amount and number of purchases as input draw a flowchart to calculate and
display the total reward points and total bill amount payable by the customer after all the discount
calculation. (8 Marks)

Question 3
(a) Mention briefly the different types of application software.
(b) What are the major advantages and disadvantages of DBMS? (2 x 4 = 8 Marks)

Question 4
(a) Mention the two categories of encryption/decryption methods. What are two basic approaches to
encryption?
(b) Mention briefly the prominent characteristics of a ‘Client Server’ architecture. (2 x 4 = 8 Marks)

Question 5
(a) What is meant by a ‘Decision Support System’? Give a brief description of its components.
(b) Discuss key components of an ‘Expert System’. (2 x 4 = 8 Marks)

Question 6
(a) Discuss any four advantages of Cloud Computing.
(b) What is meant by ‘controls’ in BPA? What are their major objectives? (2 x 4 = 8 Marks)

Question 7
Write short notes on any four of the following:
(a) Firewall
(b) Entity-Relationship Diagram
(c) WhatsApp Messenger
(d) MS Office Applications
(e) Core Banking System (4 x 2 = 8 Marks)
 PAPER – 7 : INFORMATION TECHNOLOGY
MAY 2016
Question No. 1 is compulsory Answer any five questions from the rest.
Question 1
Answer the following questions in brief:
(a) Advantages of using E-R Diagram.
(b) Name of any four devices that utilize Bluetooth technology.
(c) What do you understand by “Transmission mode”? Name three types of transmission modes.
(d) Explain the four components of Executive Information System (EIS).
(e) Explain Cryptographic Controls.
(5 x 2 = 10 Marks)
Question 2
(a) Describe any four reasons why documentation is important to Information Systems.
(b) Discuss the types of Data Flow Diagrams (DFDs). Also briefly mention the major components of DFD.
(2 x 4 = 8 Marks)
Question 3
(a) Write any 8 Information Systems Control procedures covering the access safeguards over computer
programs.
(b) Define the term ‘Cloud Computing Architecture’. Explain the two parts of Cloud Computing
Architecture.
(2 x 4 = 8 Marks)
Question 4
(a) What are the characteristics of Star Network? Write any two advantages and two disadvantages of
Star Network.
(b) What is the basic objective for providing network security? Explain the major functions and services
performed by the Physical Layer (Layer 1) of OSI Model of Network Architecture.
(2 x 4 = 8 Marks)
Question 5
(a) What do you mean by ‘Frame Based Expert System’? Also explain the various components of
Executive Information System (EIS).
(b) Explain the ‘Dashboards’ and ‘Scorecards’ as tools of Business Intelligence.
(2 x 4 = 8 Marks)
Question 6
(a) Describe the Information Systems Management Controls usually performed by Top Management.
(b) Discuss the constraints that need to be taken into consideration while developing a secured Grid
Architecture. (2 x 4 = 8 Marks)

Question 7
Write short notes on any four of the following:
(a) Six Sigma
(b) I-Pod
(c) Secure Socket Layer (SSL)
(d) Nucleus FinnOne
(e) Storage Virtualisation
(2 x 4 = 8 Marks)
 PAPER – 7 : INFORMATION TECHNOLOGY
Nov 2016
Question No. 1 is compulsory Answer any five questions from the rest.

Question 1

Answer the following in brief:

a) State two Features of Infrastructure as a Service (IaaS) model of Cloud Computing.
b) List any four features of computerized networking in an organization.
c) Name any four key sub-modules of HRMS module of ERP.
d) Present two differences between Switch and Bridge Telecommunication Network
e) List the four phases of evolution in the Hierarchy of Database modeling.
(5 x 2 = 10 Marks)
Question 2
a) Describe any four output Controls that have to be enforced both in a batch-processing
environment as well as in an online environment.
b) State and describe any two commercial applications of Artificial Intelligence.
(4 x 2 = 8 Marks)

Question 3
a) Describe how the Business Community is benefitted by adopting Information Technology based CRM
process.
b) What is Mobile Computing? Discuss its components in brief.
(4 x 2 = 8 Marks)
Question 4
a) Briefly describe the four stages of processing Credit Card transactions.
b) Explain the Concept of Virtualization. Enumerate any 2 major applications of virtualization.
(4 x 2 = 8 Marks)
Question 5
Draw a Flowchart for the following process:
Leebay is a new e-commerce web site that is setting up business in India. Leebay and their partner bank
Paxis have come up with a joint promotion plan for which the following offers are proposed Customers
can either log in through a mobile app or directly from the website:
(1) If the payment mode chosen is ‘Paxis Credit’, then a 20% discount is given to the user.
(2) If the payment mode chosen is ‘Paxis Debit’, then a 10% discount is given to the user.
(3) If other payment modes are used, then no discount is given.
Also, to promote thedownloads of its new smartphone app, the company has decided to give the
following offer:
1) If the purchase mode is 'Mobile App', then no surcharge is levied on the user.
2) If any other purchase mode is used, then additional 5 surcharge is levied on the user. This
surcharge is applied on the bill after all necessary discounts have been applied.
With bill amount, payment mode and purchase mode as inputs, draw a flowchart for the billing procedure
for Leebay.
(1 x 8 = 8 Marks)
Question 6
a) What is a Data Flow Diagram. Explain the four major components of a Data Flow Diagram.
b) Describe the Wireless technologies that have evolved and widely used in modern day computerized
environment.
(4 x 2 = 8 Marks)
Question 7
Write Short notes on any four:
a) Packet Switching.
b) Object Oriented Data Base Model
c) Memory Management
d) Fat/Thick Client
e) Data Mining
(4 x 2 = 8 Marks)