Thursday, February 13, 2014

Chapter 15 Computer Careers and Certification

 The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc.  

1. What Career Opportunities Are Available in the Computer Industry?
Career opportunities in the computer industry fall into several areas. In most medium and large businesses and government offi ces, staff in an IT department is responsible for keeping all computer operations and networks running smoothly. They also determine when and if the organization requires new hardware or software. Workers in the computer equipment field manufacture and distribute computers and computer-related hardware. Employees in the computer software field develop, manufacture, and support a wide range of software. People in the computer service and repair field provide preventive maintenance, component installation, and repair services to customers. Computer salespeople determine a buyer’s needs and match these needs to the correct hardware and software. Computer educators and corporate trainers teach students and employees how to use software, design and develop systems, write programs, and perform other computer-related activities. An IT consultant is a professional who draws upon his or her expertise in a specialized area of computers and provides computer services to clients.

2. What Are the Functions of Jobs in an IT Department?
Jobs in an IT department fall into six main areas. Management directs the planning, research, development, evaluation, and integration of technology. System development and programming analyzes, designs, develops, and implements new information technology and maintains and improves existing systems. Technical services evaluates and integrates new technologies, administers the organization’s data resources, and supports the centralized computer operating system and servers. Operations operates the centralized computer equipment and administers the network, including both data and voice commu nications. Training teaches employees how to use components of the information system or answers specifi c questions. Security develops and enforces policies designed to safeguard data and information from unauthorized users.

3. How Are Trade Schools Different from Colleges?
A trade school, also called a technical school, vocational school, or career college, offers programs primarily in the areas of programming, Web design and development, graphics design, hardware maintenance, networking, personal computer support, and security. Students learn specifi c skills instead of taking a broad range of science and humanities courses, which can result in time savings for students.

4. How Are the Various College Computer-Related Courses of Study Different?
Three broad disciplines in higher education produce the majority of entrylevel employees in the computer industry. Computer information systems (CIS), or information technology (IT), programs teach technical knowledge and skills and focus on how to apply these skills. Computer science (CS) programs stress the theoretical side of programming and operating systems. Computer engineering (CE) programs teach students how to design and develop the electronic components found in computers and peripheral devices.

5. How Can People Stay Current with Changing Technology?
Four primary ways to stay current with computer technology are professional organizations and personal networks, professional growth and continuing education activities, computer publications and Web sites, and certification. Professional organizations are formed by computer professionals with common interests and a desire to extend their profi ciency. The Association for Computing Machinery (ACM) is a scientifi c and educational organization dedicated to advancing knowledge and profi ciency of information technology. The Association of Information Technology Professionals (AITP) is a professional association of programmers, systems analysts, and information processing managers.  Maintaining a personal network of job-related contacts can help when seeking change in employment. Professional growth and continuing education include events such as workshops, seminars, conferences, conventions, and trade shows. The International Consumer Electronics Show (CES) is one of the larger technology trade shows, bringing together thousands of vendors and more than 110,000 attendees. Computer industry publications also help to keep people informed about the latest developments in the computer industry. Another source for information is Web sites that discuss or share opinions, analysis, reviews, or news about technology. Certifi cation is a process of verifying the technical knowledge of an individual who has demonstrated competence in a particular area. Computing professionals typically obtain a certifi cation by taking and passing an examination.

6. What Are the Benefits of Certification for Employers, Employees, and Vendors?
For employers, certification ensures quality workmanship standards and can help keep their workforce up to date with respect to computers and technology. For employees, certifi cation can enhance careers, provide better standing as industry professionals, and increase salaries. For vendors, certifi cation is a form of industry self-regulation that sets computer professionals’ competence standards and raises the level of expertise and knowledge in the IT industry as a whole.

7. ow Can People Prepare for Certification?
Certification training options are available to suit every learning style. Self-study programs help professionals prepare for certification at their own pace and supplement other training methods. Online training classes, which are available on the Internet and on many company intranets, allow students to set their own pace in an interactive environment. Instructor-led training classes are available in a variety of forms, including seminars, boot camps, and academic-style classes. Web resources include the certifi cation sponsor’s Web site and individual Web sites. The certifi cation sponsor’s Web site can contain descriptions of certifi cations with FAQs and links to authorized training and testing centers. Detailed course objectives, training guides, sample test questions, chat rooms, and discussion groups often are included. Individuals also set up Web sites to offer their own views and tips on the testing process.

8. What Are the General Areas of IT Certification?
Certifications usually are classified based on the computer industry area to which they most closely relate: application software, operating systems, programmer/developer, hardware, networking, digital forensics, security, the Internet, and database systems.

9. What Are Some Specific IT Certifications in Each Certification Area?
Application software certifications, sometimes called end-user certifications, include Microsoft Certified Application Specialist (MCAS), Microsoft Certified Application Professional (MCAP), Microsoft Certified Desktop Support Technician (MCDST), Adobe Certified Associate, Adobe Certified Expert (ACE), Adobe Certified Instructor (ACI), and IBM Certified Professional for Lotus Software. Operating system certifications include IBM Certified Specialist, Microsoft Certified IT Professional (MCITP), Microsoft Certified Technology Specialist (MCTS), Novell Certified Linux Professional (CLP), Red Hat Certified Engineer (RHCE), Red Hat Certified Technician (RHCT ), and Sun Certified System Administrator (SCSA). Programmer/developer certifications include Certified Software Development Professional (CSDP ), IBM Certifi ed Solution Developer, Microsoft Certified Professional Developer (MCPD), Sun Certified Enterprise Architect (SCEA), Sun Certified Java Developer (SCJD), Sun Certified Java Programmer (SCJP), and Sun Certified Mobile Application Developer (SCMAD). Hardware certifications include A+, Dell Certified Systems Expert, and IBM eServer Certified Specialist. Networking certifications include Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP ), Cisco Certified Internetwork Expert (CCIE), Microsoft Certified Systems Administrator (MCSA), Network+, Novell Certified Administrator (CNA), Novell Certified Engineer (NCE), and Sun Certified Network Administrator (SCNA). Digital forensics certifications include Certified Computer Examiner (CCE ), Certified Computer Forensics Examiner (CCFE), Certified Electronic Evidence Collection Specialist (CEECS ), and Certified Information Forensics Investigator (CIFI ). Security certifications include Certified Information Systems Security Professional (CISSP ), Security Certified Network Architect (SCNA), Security Certified Network Professional (SCNP ), Security Certified Network Specialist (SCNS), and Systems Security Certified Practitioner (SSCP ). Internet certifications include Certified Internet Webmaster (CIW ) and Certified Web Professional (CWP ). Database certifications include IBM Certified Solutions Expert – DB2, IBM Certified Solutions Expert – Informix, Microsoft Certified IT Professional (MCITP), Oracle Certified Professional (OCP ), and Sybase Certified Professional.

Chapter 14 Enteeprise Computing

 The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc.  

1. What Are the Special Information Requirements of an Enterprise-Sized Corporation? A large organization, or enterprise, requires special computing solutions because of its size and geographical extent. Enterprise computing involves the use of computers in networks, such as LANs and WANs, or a series of interconnected networks to satisfy the information needs of an enterprise. Executive management, which includes the highest management positions in a company, needs information to make strategic decisions. Middle management, which is responsible for implementing the strategic decisions of executive management, needs information to make tactical decisions. Operational management, which supervises the production, clerical, and other nonmanagement employees, needs information to make an operational decision that involves day-to-day activities. Nonmanagement employees also need information to perform their jobs and make decisions. Managers use business intelligence (BI ), business process management (BPM ), and business process automation (BPA ) tools to focus on information that is important to the decision-making process.

2. What Information Systems and Software Are Used in the Functional Units of an Enterprise?
An information system is a set of hardware, software, data, people, and procedures that work together to produce information. In an enterprise, the individual functional units have specialized requirements for their information systems. Accounting and fi nancial systems manage transactions and help budget, forecast, and analyze. A human resources information system (HRIS) manages human resources functions. An employee relationship management ( ERM ) system automates and manages communications between employees and the business. Computer-aided design (CAD) assists engineers in product design, and computer-aided engineering (CAE) tests product designs. Computer-aided manufacturing (CAM) controls production equipment, and computer-integrated manufacturing (CIM) integrates operations in the manufacturing process. Material Requirements Planning (MRP) uses software to help monitor and control processes related to production. A quality control system helps an organization maintain or improve the quality of its products or services and typically includes quality control software. A marketing information system serves as a central repository for marketing tasks. Sales force automation (SFA) software equips salespeople with the electronic tools they need. Distribution systems control inventory, manage and track shipping, and provide information and analysis on warehouse inventory. Customer interaction management (CIM) software manages day-to-day interactions with customers. Web site management programs collect data to help organizations make informed decisions regarding their Web presence. Security software enables the IT department to limit access to sensitive information.

3. What Information Systems Are Used throughout an Enterprise?
Some general purpose information systems, called enterprise-wide systems, are used throughout an enterprise. An office information system (OIS) enables employees to perform tasks using computers and other electronic devices. A transaction processing system (TPS) captures and processes data from dayto- day business activities. A management information system (MIS) generates accurate, timely, and organized information, so that users can make decisions, solve problems, supervise activities, and track progress. A decision support system (DSS) helps users analyze data and make decisions. An expert system captures and stores the knowledge of human experts and then imitates human reasoning and decision making. Customer relationship management (CRM) systems manage information about customers. Enterprise resource planning (ERP) provides centralized, integrated software to help manage and coordinate the ongoing activities of an enterprise. A content management system (CMS) is a combination of databases, software, and procedures that organizes and allows access to various forms of documents and fi les.

4. What Are Types of Technologies Used throughout an Enterprise?
Technologies used throughout an enterprise include the following items. A portal is a collection of links, content, and services presented on a Web page and designed to guide users to related to their jobs. A data warehouse is a huge database that stores and manages the data required to analyze historical and current transactions. An enterprise’s communications infrastructure consists of hardware (such as wired and wireless network connections and devices, routers, fi rewalls, and servers), software (such as e-mail, instant messaging, VoIP, and server management), and procedures for using and managing hardware and software. An extranet allows customers or suppliers to access part of an enterprise’s intranet. Web services allow businesses to create products and B2B interactions over the Internet. Many enterprises employ a serviceoriented architecture (SOA) to allow better communications and services between diverse information systems. A document management system (DMS) allows for storage and management of a company’s documents. A workflow application assists in the management and tracking of the activities in a business process from start to finish. A virtual private network (VPN) provides users with a secure connection to a company’s network server.

5. What Are Virtualization, Cloud Computing, and Grid Computing?
Virtualization is the practice of sharing or pooling computing resources, such as servers and storage devices. Server virtualization provides the capability to divide a physical server logically into many virtual servers; storage virtualization provides the capability to create a single logical storage device from many physical storage devices. Cloud computing is an Internet service that provides computing needs to computer users. Grid computing, which often is used in research environments, combines many servers and/or personal computers on a network to act as one large computer. Cloud and grid computing usually charge a fee based on usage or processing time.

6. What Are the Computer Hardware Needs and Solutions for an Enterprise?
Enterprise hardware allows large organizations to manage and share information and data using devices geared for maximum availability and effi ciency. Enterprises use a variety of hardware types to meet their large-scale needs. A RAID (redundant array of independent disks) is a group of integrated disks that duplicates data and information to improve data reliability. Network attached storage (NAS) is a server that provides storage for users and information systems attached to the network. A storage area network (SAN) is a highspeed network that provides storage to other servers. An enterprise storage system uses a combination of techniques to consolidate storage so that operations run effi ciently. A blade server, sometimes called an ultradense server, packs a complete computer server on a single card, or blade, rather than a system unit. A thin client is a small, terminal-like computer that mostly relies on a server for data storage and processing.

7. What Are High Availability, Scalability, and Interoperability?
The availability of hardware to users is a measure of how often it is online. A high-availability system continues running and performing at least 99 percent of the time. Scalability is the measure of how well computer hardware, software, or an information system can grow to meet an enterprise’s increasing performance demands. An information system often must share information, or have interoperability, with other information systems within the enterprise.

8. Why Is Computer Backup Important, and How Is It Accomplished?
A backup duplicates a fi le or program to protect an enterprise if the original is lost or damaged. A full, or archival, backup copies all of the programs and fi les in a computer. A differential backup copies only fi les that have changed since the last full backup. An incremental backup copies only fi les that have changed since the last full or incremental backup. A selective, or partial, backup allows users to back up specifi c fi les. Continuous data protection (CDP), or continuous backup, is a backup plan in which data is backed up whenever a change is made. Backup procedures specify a regular plan of copying and storing data and program fi les.

9. What Are the Steps in a Disaster Recovery Plan?
A disaster recovery plan describes the steps a company would take to restore computer operations in the event of a disaster. A disaster recovery plan contains four components. The emergency plan specifi es the steps to be taken immediately after a disaster strikes. The backup plan stipulates how a company uses backup fi les and equipment to resume information processing. The recovery plan identifies the actions to be taken to restore full information processing operations. The test plan contains information for simulating disasters and recording an organization’s ability to recover.

Chapter 13 Programming Language and Program Development

 The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc.  

1. How Are Machine Languages Different from Assembly Languages? 
A programming language is a set of words, abbreviations, and symbols that enables a programmer, often called a developer, to communicate instructions to a computer. A machine language uses a series of binary digits, or combinations of numbers and letters that represent binary digits, and is the only language a computer directly recognizes. With an assembly language, a programmer writes instructions using symbolic instruction codes, which are meaningful abbreviations.  

2. What Is the Purpose of Procedural Programming Languages, and What Are the Features of C and COBOL? In a procedural language, or thirdgeneration language (3GL), a programmer writes instructions that tell a computer what to accomplish and how to do it. Programmers use English-like words to write instructions, which simplifi es the program development process for the programmer. A compiler or an interpreter translates the 3GL source program into machine language object code or object program that a computer can execute. Standard procedural languages include C and COBOL. C is a powerful language that requires professional programming skills and is used for business and scientifi c problems. It runs on almost any type of computer or operating system. COBOL (COmmon Business-Oriented Language) is a programming language designed for business applications that uses English-like statements that are easy to read, write, and maintain.

3. What Are the Characteristics of Object-Oriented Programming Languages and Program Development Tools? 
Programmers use an object-oriented programming (OOP) language or object-oriented program development tool to implement object-oriented design. A program that provides a user-friendly environment for building programs often is called a program development tool. An object is an item that can contain both data and the procedures that read or manipulate the data. A major benefi t of OOP is the ability to reuse and modify existing objects, allowing programmers to create applications faster. Often used in conjunction with OOP, RAD (rapid application development) is a method of developing software in which a programmer writes and implements a program in segments instead of waiting until the entire program is completed. OOP languages include Java, C11, and C#. Java uses a just-in-time ( JIT) compiler to convert bytecode into machine-dependent code that is executed immediately. The  Microsoft .NET framework, or .NET, allows almost any type of program to run on the Internet or an internal business network, as well as stand-alone computers and mobile devices. C11 is an object-oriented extension of the C programming language. C# is based on C11 and has been accepted as a standard for Web applications and XMLbased Web services. F# is a new programming language that combines the benefi ts of an object-oriented language with the benefi ts of a functional language. Visual Studio is Microsoft’s suite of program development tools that assists programmers in building programs for Windows, Windows Mobile, or operating systems that support .NET. Visual Studio includes the programming languages Visual Basic, Visual C11, and Visual C#. A visual programming language uses a visual or graphical interface, called a visual programming environment (VPE), for creating all source code. Two other program development tools include Delphi and PowerBuilder.

4. What Are the Uses of Other Programming Languages and Other Program Development Tools? 
A 4GL (fourth-generation language) is a nonprocedural language that enables users to access data in a database. A popular 4GL is SQL, a query language for relational databases.An application generator creates source code or machine code from a specifi cation of the required functionality. A macro, which is a series of statements that instructs an application how to complete a task, allows users to automate routine, repetitive tasks. 

5. What Are Web Page Program Development Techniques Such as HTML and XHTML, XML and WML, Scripting Languages, DHTML, Ruby on Rails, Web 2.0 Development, and Web Page Authoring Software? 
Web developers use a variety of techniques to create Web pages. HTML (Hypertext Markup Language) is a special formatting language that programmers use to format documents for display on the Web. XHTML (extensible HTML) is a markup language that includes features of HTML and XML. XML and WML are popular formats used by Web developers. A scripting language is an interpreted language that programmers use to add dynamic content and interactive elements to Web pages. Popular scripting languages include JavaScript, Perl, PHP, Rexx, Tcl, and VBScript. Dynamic HTML (DHTML) is a type of HTML that allows developers to include more graphical interest and interactivity in a Web page. Ruby on Rails (RoR or Rails) is an open source framework that provides technologies for developing object-oriented, databasedriven Web sites. Web 2.0 Web sites often use RSS 2.0 and Ajax. Developers use Web page authoring software to create sophisticated Web pages. Four popular Web page authoring programs are Dreamweaver, Expression Web, Flash, and SharePoint Designer.

6. How Are Popular Multimedia Authoring Programs Used? Multimedia authoring software allows developers to combine text, graphics, animation, audio, and video into an interactive presentation. Popular authoring software includes ToolBook and Director. ToolBook has a graphical user interface and uses an object-oriented approach so that programmers can design multimedia applications using basic objects. Director has powerful features that allow programmers to create highly interactive multimedia applications. 

7. What Are the Six Steps in the Program Development Life Cycle? 
The program development life cycle (PDLC) is a series of steps programmers use to build computer programs. The program development life cycle consists of six steps: (1) analyze requirements, (2) design solution, (3) validate design, (4) implement design, (5) test solution, and (6) document solution.

8. How Is Structured Design Different from Object-Oriented Design? 
In structured design, a programmer typically begins with a general design and moves toward a more detailed design. A programmer starts with the program’s major function, called the main routine or main module, and breaks it down into smaller sections, called subroutines or modules. Structured design results in programs that are reliable and easy to read and maintain, but it does not provide a way to keep the data and the program together and can result in redundant programming code. With object-oriented (OO) design, the programmer packages the data and the program (or procedure) into a single unit, an object. Objects are grouped into classes. A detailed class diagram represents each object, its attributes (data), and its methods (procedures). The programmer translates the methods into program instructions.

9. What Are the Basic Control Structures and Design Tools Used in Designing Solutions to Programming Problems? 
A control structure, also known as a construct, depicts the logical order of program instructions. A sequence control structure shows one or more actions following each other in order. A selection control structure tells the program which action to take, based on a certain condition. Two types of selection control structures are the if-then-else control structure, which yields one of two possibilities (true or false), and the case control structure, which can yield one of three or more possibilities. The repetition control structure enables a program to perform one or more actions repeatedly as long as a certain condition is met. The two forms of the repetition control structure are: the do-while control structure, which tests a condition at the beginning of the loop, in a process called a pretest, and continues looping as long as a condition is true; and the do-until control structure, which tests a condition at the end of the loop, in a process called a posttest, and continues looping until the condition is true. Some design tools include a program fl owchart, or simply flowchart; pseudocode; and the UML (Unifi ed Modeling Language).

Chapter 12 Information System Development

 The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc.  

1. What Is System Development, and What Are the System Development Phases? 
An information system (IS) is hardware, software, data, people, and procedures that work together to produce quality information. System development is a set of activities used to build an information system. System development activities often are grouped into larger categories called phases. This collection of phases sometimes is called the system development life cycle (SDLC). Many SDLCs contain five phases: planning; analysis; design; implementation; and operation, support, and security.

2. What Are Guidelines for System Development? 
System development should follow three general guidelines: (1) group activities into phases; (2) involve the users, which includes anyone for whom a system is being built; and (3) define standards, which are sets of rules and procedures an organization expects employees to accept and follow.

3. Why Are Project Management, Feasibility Assessment,
Documentation, and Data and Information Gathering Techniques Important? Project management is the process of planning, scheduling, and then controlling the activities during system development. The goal of project management is to deliver an acceptable system to the user in an agreed-upon time frame, while maintaining costs. For larger projects, project management activities often are separated between a project manager and a project leader. Some organizations use extreme project management. The project leader identifies the scope of the project, required activities, time estimates, cost estimates, the order of activities, and activities that can take place simultaneously. The project leader records this information in a project plan. Feasibility is a measure of how suitable the development of a system will be to the organization. A systems analyst typically uses four tests to evaluate feasibility of a project: operational feasibility, which measures how well the proposed system will work; schedule feasibility, which measures whether established project deadlines are reasonable; technical feasibility, which measures whether the organization has or can obtain the hardware, software, and people to deliver and then support the system; and economic feasibility, also called cost/benefit feasibility, which measures whether the lifetime benefits of the proposed system will be greater than its lifetime costs. Documentation is the collection and summarization of data and information and includes reports, diagrams, programs, or other deliverables. A project notebook contains all documentation for a single project. To gather data and information, systems analysts and other IT professionals review documentation, observe, survey, interview, participate in joint-application design ( JAD) sessions, and research.

4. What Activities Are Performed in the Planning Phase? 
The planning phase for a project begins when the decision-making body for the organization, called the steering committee, receives a project request. During the planning phase, four major activities are performed: (1) review and approve the project requests, (2) prioritize the project requests, (3) allocate resources such as money, people, and equipment to approved projects, and (4) form a project development team for each approved project.

5. What Is the Purpose of Activities Performed in the Analysis Phase? 
The analysis phase consists of two major activities: (1) conduct a preliminary investigation, sometimes called the feasibility study, to determine the exact nature of the problem or improvement and decide whether it is worth pursuing, and (2) perform detailed analysis. Detailed analysis involves three major activities: (1) study how the current system works; (2) determine the users’ wants, needs, and requirements; and (3) recommend a solution. Detailed analysis sometimes is called logical design. Most systems analysts use either a process modeling or object modeling approach to analysis and design.

6. What Are Tools Used in Process Modeling? 
Process modeling, sometimes called structured analysis and design, is an analysis and design technique that describes processes that transform inputs into outputs. Tools used for process modeling include the following. An entity-relationship diagram (ERD) graphically shows the connections among entities in a system. An entity is an object in the system that has data. A data flow diagram (DFD) graphically shows the fl ow of data in a system. Key elements of a DFD are a data flow, which shows the input or output of data or information; a process, which transforms an input data fl ow into an output data fl ow; a data store, which is a holding place for data and information; and a source, which identifies an entity outside the scope of the system. The project dictionary, sometimes called the repository, contains all the documentation and deliverables of a project. Techniques used to enter items in the project dictionary include structured English, a decision table and/or a decision tree, and a data dictionary.

7. What Are Tools Used in Object Modeling? 
Object modeling, sometimes called object-oriented (OO) analysis and design, combines the data with processes that act on the data into a single unit, called an object. Object modeling can use the same tools as those used in process modeling, but the UML (Unified Modeling Language) has been adopted as a standard notation for object modeling and development. Two common tools in the UML are the use case diagram and the class diagram. A use case diagram graphically shows how actors interact with the information system. An actor is a user or other entity, and the use case is the function that the actor can perform. A class diagram graphically shows classes and one or more lower levels, called subclasses, in a system. Lower levels (subclasses) contain attributes of higher levels (classes) in a concept called inheritance.

8. What Activities Are Performed in the Design Phase?
The design phase consists of two major activities: (1) if necessary, acquire hardware and software and (2) develop all of the details of the new or modified information system. Acquiring necessary hardware and  software involves identifying technical specifications, soliciting vendor proposals, testing and evaluating vendor proposals, and making a decision. Detailed design includes developing designs for the databases, inputs, outputs, and programs. During detailed design, many systems analysts use a prototype, which is a working model of the proposed system. Computer-aided software engineering (CASE) products are tools designed to support one or more activities of system development.

9. Why Is Program Development Part of System Development? 
During the design phase, an organization can purchase packaged software, which is mass-produced, copyrighted, prewritten software. If suitable packaged software is not available, however, a company may opt for custom software, which is application software developed at the user’s request to match the user’s requirements exactly. Programmers write custom software from the program specification package created during the analysis phase, following an organized set of activities known as the program development life cycle.

10. What Activities Are Performed in the Implementation Phase? 
The purpose of the implementation phase is to construct, or build, the new or modified system and then deliver it to the users. System developers perform four major activities in this phase: (1) develop programs, (2) install and test the new system, (3) train users, and (4) convert to the new system.

11. What Activities Are Performed in the Operations, Support, and Security Phase? 
The purpose of the operation, support, and security phase is to provide ongoing assistance for an information system and its users after the system is implemented. The operations, support, and security phase consists of three major activities: (1) perform maintenance activities, (2) monitor system performance, and (3) assess system security. Organizations today often have a chief security officer (CSO) who is responsible for physical security of an organization’s property and people and also is in charge of securing computing resources. The CSO develops a computer security plan, which sum marizes in writing all safeguards that protect the organization’s information assets.

Chapter 11 Computer Security and Safety, Ethic, and Privacy

 The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc.  

1. What Are Computer Security Risks, and What Are the Types of Cybercrime Perpetrators?
A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability. Any illegal act involving a computer is a computer crime; the term cybercrime refers to online or Internet-based illegal acts. Perpetrators of cybercrime include: hacker, cracker, script kiddie, corporate spy, unethical employee, cyberextortionist, and cyberterrorist.

2. What Are Various Internet and Network Attacks, and How Can Users Safeguard against These Attacks?
A computer virus is a potentially damaging program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission. A worm is a program that copies itself repeatedly, using up resources and possibly shutting down the computer or network. A Trojan horse is a program that hides within or looks like a legitimate program. A rootkit is a program that hides in a computer and allows someone from a remote location to take full control of the computer. To take precautions against this malware, do not start a computer with removable media in the drives or ports. Never open an e-mail attachment unless you are expecting the attachment and it is from a trusted source. Disable macros in documents that are not from a trusted source. Install an antivirus program and a personal fi rewall. Stay informed about any new virus alert or virus hoax. To defend against a botnet, a denial of service attack, improper use of a back door, and spoofing, users can install a firewall, install intrusion detection software, and set up a honeypot.

3. What Are Techniques to Prevent Unauthorized Computer Access and Use? 
Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or illegal activities. Organizations can take measures such as implementing a written acceptable use policy (AUP), a firewall, intrusion detection software, an access control, and an audit trail. Access controls include a user name and password or passphrase, a CAPTCHA, a possessed object, and a biometric device.

4. What Are Safeguards against Hardware Theft and Vandalism? 
Hardware theft is the act of stealing computer equipment. Hardware vandalism is the act of defacing or destroying computer equipment. The best preventive measures against hardware theft and vandalism are common sense and a constant awareness of the risk. Physical devices and practical security measures, such as locked doors and windows, can help protect equipment. Passwords, possessed objects, and biometrics can reduce the risk of theft or render a computer useless if it is stolen.

5. How Do Software Manufacturers Protect against Software Piracy? 
Software piracy is the unauthorized and illegal duplication of copyrighted software. To protect themselves from software piracy, manufacturers issue a license agreement and require product activation.

6. How Does Encryption Work, and Why Is It Necessary?
Encryption prevents information theft and unauthorized access by converting readable data into unreadable characters. To read the data, a recipient must decrypt, or decipher, it into a readable form. An encryption algorithm, or cypher, converts readable plaintext into unreadable ciphertext. Encryption is used to protect information on the Internet and networks.

7. What Types of Devices Are Available to Protect Computers from System Failure? 
A system failure is the prolonged malfunction of a computer. A common cause of system failure is an electrical power variation such as noise, an undervoltage, or an overvoltage. A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current fl ow, and keep an overvoltage from reaching the computer and other electronic equipment. An uninterruptible power supply (UPS) contains surge protection circuits and one or more batteries that can provide power during a temporary loss of power.

8.What Are Options for Backing Up Computer Resources?
A backup is a duplicate of a file, program, or disk that can be used to restore the file if the original is lost, damaged, or destroyed. Users can opt for a full backup or a selective backup. Some users implement a three-generation backup policy that preserves three copies of important files: the grandparent, the parent, and the child. Others use RAID or continuous backup. Most operating systems and backup devices include a backup program.

9. What Risks and Safeguards Are Associated with
Wireless Communications? Wireless access poses additional security risks. Intruders connect to other wireless networks to gain free Internet access or an organization’s confi dential data. Some individuals intercept and monitor communications as they transmit. Others connect to a network through an unsecured wireless access point (WAP), sometimes using the techniques of war driving or war flying. Some safeguards include firewalls, reconfiguring the WAP, and ensuring equipment uses a wireless security standard, such as Wi-Fi Protected Access (WPA) and 802.11i.

10. How Can Health-Related Disorders and Injuries Due to Computer Use Be Prevented? 
A computer-related repetitive strain injury (RSI) can include tendonitis and carpal tunnel syndrome (CTS). Another health-related condition is eyestrain associated with computer vision syndrome (CVS). To prevent health-related disorders, take frequent breaks, use precautionary exercises and techniques, and use ergonomics when planning the workplace. Computer addiction occurs when the computer consumes someone’s entire social life.

11. What Are Issues Related to Information Accuracy, Intellectual Property Rights, Codes of Conduct, and Green Computing? 
Computer ethics govern the use of computers and information systems. Issues in computer ethics include the responsibility for information accuracy and the intellectual property rights to which creators are entitled for their works. An IT (information technology) code of conduct helps determine whether a specific computer action is ethical or unethical. Green computing reduces the electricity and environmental waste while using a computer.

12. What Are Issues Surrounding Information Privacy?
Information privacy is the right of individuals and companies to deny or restrict the collection and use of information about them. Issues surrounding information privacy include the following. An electronic profile combines data about an individual’s Web use with data from public sources, which then is sold. A cookie is a file that a Web server stores on a computer to collect data about the user. Spyware is a program placed on a computer that secretly collects information about the user. Adware is a program that displays an online advertisement in a banner or pop-up window. Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once. Phishing is a scam in which a perpetrator attempts to obtain personal or financial information. The concern about privacy has led to the enactment of many federal and state laws regarding the disclosure of data. As related to the use of computers, social engineering is defined as gaining unauthorized access or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others. Employee monitoring uses computers to observe, record, and review an employee’s computer use. Content filtering restricts access to certain materials on the Web.

Monday, December 16, 2013

Chapter 10 Database Management

 The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc.  

1. What Is a Database, and How Does a Database Interact with Data and Information?
A database is a collection of data organized in a manner that allows access, retrieval, and use of that data. Database software, often called a database management system (DBMS), allows users to create a computerized database; add, modify, and delete the data; sort and retrieve the data; and create forms and reports from the data. Data is a collection of unprocessed items, which can include text, numbers, images, audio, and video. Computers process data into information. Information is processed data; that is, it is organized, meaningful, and useful. In addition to documents, information can be in the form of audio, images, and video.

2. What Is Data Integrity, and What Are the Qualities of Valuable Information?
Because data is used to generate information, many organizations realize that data is one of their more valuable assets. Data integrity identifies the quality of data. Data integrity is important because computers and people use information to make decisions and take actions. For a computer to produce correct information, the data that is entered in a database must have integrity. For information to be valuable, it should be accurate, verifiable, timely, organized, accessible, useful, and cost-effective. Accurate information is error free. Verifiable information can be proven as correct or incorrect. Timely information has an age suited to its use. Organized information is arranged to suit the needs and requirements of the decision maker. Accessible information is available when the decision maker needs it. Useful information has meaning to the person who receives it. Cost-effective information should give more value than it costs to produce.

3. What Is Meant by Character, Field, Record, and File?
Data is classified in a hierarchy, with each level of data consisting of one or more items from the lower level. A bit is the smallest unit of data a computer can process. Eight bits grouped together in a unit form a byte, and each byte represents a single character, which can be a number, letter, space, punctuation mark, or other symbol. A field is a combination of one or more related characters or bytes and is the smallest unit of data a user accesses. A record is a group of related fields. A data file is a collection of related records stored on a storage medium such as a hard disk or optical disc.

4. What Are File Maintenance Techniques and Validation Techniques?
File maintenance refers to the procedures that keep data current. File maintenance procedures include adding records when new data is obtained, modifying records to correct inaccurate data or to update old data with new data, and deleting records when they no longer are needed. Validation is the process of comparing data with a set of rules or values to find out if the data is correct. Many programs perform a validity check that analyzes data, either as you enter it or after you enter it, to help ensure that it is correct. Types of validity checks include an alphabetic check, a numeric check, a range check, a consistency check, a completeness check, and a check digit.

5. How Is a File Processing Approach Different from the Database Approach?
In a file processing system, each department or area within an organization has its own set of data fi les. The records in one fi le may not relate to the records in any other fi le. Two major weaknesses of fi le processing systems are redundant data (duplicated data) and isolated data. With a database approach, many programs and users share the data in a database. The database approach reduces data redundancy, improves data integrity, shares data, permits easier access, and reduces development time. A database, however, can be more complex than a fi le processing system, requiring special training and more computer memory, storage, and processing power than fi le processing systems. Data in a database also can be more vulnerable than data in fi le processing systems.

6. What Functions Are Common to Most Database Management Systems?
Database management systems (DBMSs) are available for many sizes and types of computers. Whether designed for a small or large computer, most DBMSs perform common functions. A data dictionary, sometimes called a repository, contains data about each fi le in the database and each field in those fi les. A DBMS offers several methods to retrieve and maintain data in the database, such as query languages, query by example, forms, and report generators. A query language consists of simple, English-like statements that allow users to specify the data to display, print, or store. Query by example (QBE) has a graphical user interface that assists users with retrieving data. A form, sometimes called a data entry form, is a window on the screen that provides areas for entering or modifying data in a database. A report generator, also called a report writer, allows users to design a report on the screen, retrieve data into the report design, and then display or print the report. To supply security, most DBMSs can identify different levels of access privileges that define the actions a specific user or group of users can perform for each field in a database. If a database is damaged or destroyed, a DBMS provides techniques to return the database to a usable form. A backup is a copy of the database. A log is a listing of activities that modify the contents of the database. A recovery utility uses the logs and/or backups to restore the database using rollforward or rollback techniques. In a rollforward, also called forward recovery, the DBMS uses the log to reenter changes made to the database since the last save or backup. In a rollback, also called backward recovery, the DBMS uses the log to undo any changes made to the database during a certain period. Continuous backup is a backup plan in which all data is backed up whenever a change is made.

7. What Are Characteristics of Relational, Object-Oriented, and Multidimensional Databases?
A data model consists of rules and standards that define how the database organizes data. Three popular data models are relational, object-oriented, and multidimensional. A relational database stores data in tables that consist of rows and columns. A relational database developer refers to a fi le as a relation, a record as a tuple, and a field as an attribute. A relational database user refers to a fi le as a table, a record as a row, and a field as a  column. A relationship is a link within the data in a relational database. Structured Query Language (SQL) allows users to manage, update, and retrieve data in a relational database. An object-oriented database (OODB) stores data in objects. An object is an item that contains data, as well as the actions that read or process the data. Applications appropriate for an object-oriented database include a multimedia database, a groupware database, a computer-aided design (CAD) database, a hypertext database, and a hypermedia database. Object-oriented databases often use an object query language (OQL) to manipulate and retrieve data. A multidimensional database stores data in dimensions. These multiple dimensions, sometimes known as a hypercube, allow users to access and analyze any view of the database data. No standard query language exists for multidimensional databases. One application that uses multi dimensional databases is a data warehouse, which is a huge database that stores and manages the data required to analyze historical and current transactions. A smaller version of a data warehouse is the data mart, which contains a database that helps a specific group or department make decisions.

8. How Are Web Databases Accessed?
To access data in a Web database, you fill in a form or enter search text on a Web page, which is the front end to the database. A Web database usually resides on a database server, which is a computer that stores and provides access to a database. One type of program that manages the sending and receiving of data between the front end and the database server is a CGI (Common Gateway Interface) script.

9. What Are the Responsibilities of Database Analysts and Administrators?
A database analyst (DA), or data modeler, focuses on the meaning and usage of data. The DA decides on the placement of fields, defines data relationships, and identifies users’ access privileges. A database administrator (DBA) requires a more technical inside view of the data. The DBA creates and maintains the data dictionary, manages database security, monitors database performance, and checks backup and recovery procedures. In small companies, one person often is both the DA and DBA. In larger companies, the responsibilities of the DA and DBA are split among two or more people.

Chapter 9 Communications and Networks

  The assignment from
Mr Tri Djoko Wahjono, Ir., M.Sc. 

1. What Is the Purpose of the Components Required for Successful Communications, and What Are Various Sending and Receiving Devices?
Computer communications describes a process in which two or more computers or devices transfer data, instructions, and information. Successful communications requires a sending device that initiates a transmission instruction, a communications device that connects the sending device to a communications channel, a communications channel on which the data travels, a communications device that connects the communications channel to a receiving device, and a receiving device that accepts the transmission of data, instructions, or information. All types of computers and mobile devices serve as sending and receiving devices in a communications system.

2. How Are Computer Communications Used?
Communications technologies include blogs, chat rooms, e-mail, fax, FTP, instant messaging, newsgroups, RSS, video conferencing, VoIP, Web, Web folders, and wikis. Users can send and receive wireless messages to and from smart phones, cell phones, handheld game consoles, and other mobile devices using text messaging, picture messaging and video messaging, and wireless instant messaging. People connect wirelessly to the Internet through a wireless Internet access point. A hot spot is a wireless network that provides Internet connections to mobile computers and devices. A cybercaf√© is a coffeehouse, restaurant, or other location that provides computers with Internet access. A global positioning system (GPS) analyzes signals sent by satellites to determine an earth-based receiver’s geographic location. Many software products provide a means to collaborate, or work online with other users connected to a server. Groupware is software that helps groups of people work on projects or share information over a network. Voice mail allows someone to leave a voice message for one or more people. Web services describe standardized software that enables programmers to create applications that communicate with other remote computers.

3. What Are the Advantages of Using a Network, and How Are LANs, MANs, and WANs Different?
A network is a collection of computers and devices connected together via communications devices and transmission media. Advantages of using a network include facilitating communications, sharing hardware, sharing data and information, sharing software, and transferring funds. Networks typically are classified as a local area network (LAN ), which connects computers in devices in a limited geographical area; a metropolitan area network (MAN ), which is a high-speed network that connects local area networks in a larger area, such as city or town; or a wide area network ( WAN ), which covers a large geographic area using a communications channel that combines many types of media.

4. How Are a Client/Server and Peer-to-Peer Networks Different, and How Does a P2P Network Work?
On a client/server network, one or more computers acts as a server, sometimes called a host computer, which controls access to network resources and provides a centralized storage area, while the other computers and devices on the network are clients that rely on the server for resources. A peer-to-peer network is a simple network that typically connects fewer than 10 computers that have equal responsibilities and capabilities. P2P is an Internet peer-to-peer network on which users access each other’s hard disks directly and exchange fi les over the Internet.

5. How Are a Star Network, Bus Network, and Ring Network Different?
A network topology refers to the layout of computers and devices in a communications network. Three commonly used network topologies are the star, bus, and ring. On a star network, all computers and devices on the network connect to a central device, thus forming a star. A bus network consists of a single central cable to which all computers and other devices connect. On a ring network, a cable forms a closed loop (ring) with all computers and devices arranged along the ring.

6. What Are Various Network Communications Standards?
A network standard defines guidelines that specify the way computers access a medium, the type(s) of medium, the speeds on different types of networks, and the type of physical cable or wireless technology used. Network communications standards include the following. Ethernet specifi es that no central computer or device on the network should control when data can be transmitted. Token ring requires devices to share or pass a special signal, called a token. TCP/IP divides data into packets. Wi-Fi identifies any network based on the 802.11 standards for wireless communications. Bluetooth uses short-range radio waves to transmit data. UWB specifies how two UWB devices use short-range radio waves to communicate at high speeds. IrDA transmits data wirelessly via infrared light waves. RFID uses radio signals for communications. WiMAX is a network standard developed by IEEE that specifies how wireless devices communicate over the air in a wide area. The Wireless Application Protocol (WAP) specifies how some mobile devices can display Internet content.

7. What Is the Purpose of Communications Software?
Communications software helps users establish a connection to another computer or network; manages the transmission of data, instructions, and information; and provides an interface for users to communicate with one another.

8. What Are Various Types of Lines for Communications over the Telephone Network?
The telephone network uses dial-up lines or dedicated lines. A dial-up line is a temporary connection that uses one or more analog telephone lines for communications. A dedicated line is an always-on connection established between two communications devices. Dedicated lines include the following. ISDN is a set of standards for digital transmission of data over standard copper telephone lines. DSL transmits at fast speeds on existing standard copper telephone wiring. FTTP, or Fiber to the Premises, uses fiber-optic cable to provide extremely high-speed Internet access to a user’s physical permanent location. Two specific types of FTTP are FTTH (Fiber to the Home) and FTTB (Fiber to the Building). A T-carrier line is a long-distance digital telephone line that carries multiple signals over a single communications line. ATM is a service that carries voice, data, video, and multimedia at extremely high speeds.

9. What Are Commonly Used Communications Devices?
A communications device is hardware capable of transmitting data between a sending device and a receiving device. A dial-up modem converts digital signals to analog signals and analog signals to digital signals so that data can travel along analog telephone lines. A digital modem sends and receives data and information to and from a digital line. An ISDN modem transmits digital data to and from an ISDN line, while a DSL modem transmits digital data to and from a DSL line. A cable modem, sometimes called a broadband modem, is a digital modem that sends and receives digital data over the cable television network. A wireless modem uses the cell phone network to connect to the Internet wirelessly from mobile computers and devices. A network card enables a computer or device that does not have built-in networking capability to access a network. A wireless access point allows computers and devices to transfer data wirelessly. A router connects multiple computers or other routers together and transmits data to its correct destination on the network. A hub or switch is a device that provides a central point for cables in a network.

10. How Can a Home Network Be Set Up?
A home network connects multiple computers and devices in a home. An Ethernet network connects each computer to a hub with a physical cable. A home powerline cable network uses the same lines that bring electricity into the house.A phoneline network uses existing telephone lines in a home. Most home networks use a Wi-Fi network.

11. What Are Various Physical and Wireless Transmission Media?
Transmission media consist of materials or substances capable of carrying one or more signals. Physical transmission media use tangible materials to send communications signals. Twisted-pair cable consists of one or more twisted-pair wires bundled together. Coaxial cable consists of a single copper wire surrounded by at least three layers: an insulating material, a woven or braided metal, and a plastic outer coating. Fiber-optic cable consists of thin strands of glass or plastic that use light to transmit signals. Wireless transmission media send communications signals through the air or space. Infrared (IR) sends signals using infrared light waves. Broadcast radio distributes radio signals through the air over long and short distances. Cellular radio is a form of broadcast radio that is used widely for mobile communications. Microwaves are radio waves that provide a highspeed signal transmission. A communications satellite is a space station that receives microwave signals from an earth-based station, amplifies the signals, and broadcasts the signals back over a wide area.