Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Network Questions June – 2011 Question B. When designing a network for a company, the likely topology is one of the areas to be looked at. 1) Compare and contrast the relative advantages and disadvantages of ring and star topologies. [6] 2) A network manager uses remote management when managing the network. Describe four tasks that the network manager could do using remote management. [4] Answers: Indicative content: These points could be made but must be related to each topology. Do not give opposites separate marks. 1) Advantages of ring • Network not dependant on central computer • Each computer has the same access as the others so no one computer can hog the network Advantages of star • Fault tolerant – if one of the cables fails, then the other computers can still be used • Load tolerant – extra computers can be added without much loss in performance because all computers have their own path to the server • Easy to add extra computers – extra computers can be added without disturbing the network Disadvantages of ring o If there is a break in the connection then the whole network fails o Faults are difficult to locate o It is impossible to keep the network running whilst equipment is added or removed because there is only one path for the data to follow Disadvantages of star • Higher cost – the large amount of cabling needed makes it more expensive • Dependence on the central server LAN or WAN The ring is a Local Area Network which means it can only be accessed from within the building or organisation. Messages are passed around all devices on the ring and repeated on to the next if not at the destination address. It is usually a peer to peer network so all stations on the network have the same access rights. The star is often a wide area network linking networks via gateways and a classic example of this is the internet or when large banks link up their branches with the HQ computers. All traffic goes through the fileserver. Security and reliability There may be more than one fileserver on the ring network and if one goes down the ring can still function by redirecting network traffic to the functioning server. The ring network depends upon the repeaters sending the signal around the network. If a repeater fails the signal cannot be forwarded but this does not stop limited communication in one direction between some stations on the network. In the star network if a node goes down the others can still function but if the central fileserver/hub goes down then the network cannot function. Can add extra ‘nodes’ without disturbing the rest of the network. In the star network everything goes through the central fileserver/hub which can have firewalls and proxy servers allowing central control of message switching allow a high degree of security. In the ring every device has access to the token before repeating it on, making easier hacking or corruption possible. Transmission speeds In the ring transmission is in one direction only and therefore can be quite fast In the start you can have different transmission speeds on each of the nodes some can be super fast e.g. between file and communications servers and others e.g. to printers can be slower. Costs Cabling for a local area network such as the ring is less and ethernet cable is probably sufficient. However wide area star networks may need expensive fibre optic cabling or even satellite links. Gateways can also be expensive. 2) Any 4 • See which users are using the network • Check on emails being sent when should be working • Check on which sites employees visit • Check on hardware to see what needs upgrading • Check to see right number of licences • Guide users through problems • Check to see no unauthorised software loaded on machines • Log off users who have forgotten to do so • Check on components to see if any failing • Shut down stations • Rebuild stations / re-setup stations / re-install/update software • Send instant messages • Control stations • Clear printer queues at stations NOT manage passwords / delete files / other tasks normally done at the server January – 2011 Question C. 7) Other than cost or size of the organisation, explain in detail three factors that could influence the choice of a computer network for the organisation. [6] 8) Peer-to-peer and client server are two types of computer network. Compare and contrast the two types of network. [6] Question G. The improvement in computer power has led to more people being able to work from home using computer networks, often called teleworking. Discuss, with the aid of suitable examples, the advantages and disadvantages to employees and companies of teleworking. [8] Answers Question C. 7) NOT COST OR SIZE OF ORGANISATION How the system will be used • What type of applications do users require?/ Are the users going to require a wide range of applications? • Will they need large data storage?/ Are they going to store a large number of data files? • From where will they operate the network e.g. at home in office or remote access from different locations. / Where does the processing get done? Existing systems • More often networks are not developed from scratch but need to fit in with existing systems. Sometimes an extension is required e.g. when a new branch office opens. • Therefore any new network must fit in with the existing operating systems and protocols. • It must support any peripherals already in use e.g. bar code readers, printers, etc. • Can the current stock of PC’s and peripherals be used on the new network? Performance in terms of: reliability / user friendliness / capacity / speed of processing Different parts of the organisation may have different performance requirements. e.g. a realtime e-commerce system may require greater speeds and capacity and security than the in house payroll system. Condone security if reference to level of risk NOT hacking / viruses If candidates only list 3 factors then maximum mark is 1. Question G. 6-8 marks Candidates give a clear, coherent answer discussing advantages and disadvantages of teleworking using suitable examples. They use appropriate terminology and accurate spelling, punctuation and grammar. 3-5 marks Candidates discuss advantages and disadvantages and may give examples but responses lack clarity. There are a few errors in spelling, punctuation and grammar 1-2 marks Candidates simply make brief points and may give an advantage or disadvantage. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No valid response. Indicative content Answers have to cover all 4 sections to get full marks. (lose 1 for every section not covered) The advantages of teleworking for the employee • Teleworking makes it easier for people to live and work where they choose, as it is possible for some staff to work from home (less stressful). • It reduces traffic congestion and carbon dioxide emissions and is therefore ‘greener’ /this has an environmental benefit since there is no commuting to work. • Not having to travel to work saves time/money. • Flexibility of working hours / Work your own hours / Fit around family commitments / No need to take time off to see workmen • Ideal for disabled The disadvantages of teleworking to the employee • Home costs such as heating, lighting increase • Employee may feel isolated • Some employers may pay teleworkers less as there is more competition for jobs • No workmates to go out with /socialise • Boundary between home and work is lost • Loss of status for some staff – no plush offices, etc. • May not be a quiet place in the house to work • Passed over for promotion The advantages of teleworking to the company • Smaller offices are needed • Fewer backup staff need to be employed (e.g. cleaners, caretakers) • Staff less likely to spend time off sick • Reduced office overheads (electricity, gas, insurance, furniture etc) • Staff may be more amenable to working flexible hours • Retaining skilled workers / maternity • Employ workers from a wider pool of talent • Comfortable environment can lead to greater productivity The disadvantages of teleworking to the company • Change to organisational structure may be needed • Hard to determine how hard staff are working (monitor progress) • Harder for managers to manage the work • Increased number of sites for ICT equipment may cause more security risks • Employers usually pay for the employees’ ICT equipment • More difficult to hold meetings face to face • Health and Safety checks needed on employee home • More security risks as more sites June – 2010 Network topologies have different properties. (a) Draw and label a star network. [2] (b) State two advantages of a ring network. [2] (c) Other than topology issues, discuss in detail three factors that will influence the choice of a network. [6] Answer 2. (a) 1 mark for star shape and position of file server 1 mark for terminal/peripheral and labelling the cable 2. (b) Any 2 from • There is no dependence upon a central host • Very high transmission speeds are possible • It is deterministic i.e. different performance levels can be determined for different traffic levels • Routing between devices is simple because messages normally travel in one direction. • As data is in one direction it can transmit large volumes of data • No collisions • Cabling costs - less than other topologies • Each computer has the same access as others so no one node can dominate the network 2. (c) 3 x (1 mark for giving each factor and a 2nd mark for a fuller description) Cost of the network • Initial purchasing of equipment • Installation and training • Maintenance / Personnel costs • Size of the available budget will determine what can be done e.g. fibre optic cable is faster but is also more expensive. • Wireless systems are flexible but need more maintenance Size of the organisation • Needs can range from a small LAN to a global WAN. • Some communications media are limited by the distance they have to travel. • Amount of data processing required must also be considered. How the system will be used • What type of applications do users require? • Will they need large data storage? • From where will they operate the network e.g. at home in office or remote access from different locations. Existing systems to integrate • More often networks are not developed from scratch but need to fit in with existing systems. Sometimes an extension is required e.g. when a new branch office opens. • Therefore any new network must fit in with the existing operating systems and protocols. • It must support any peripherals already in use e.g. bar code readers, printers, etc. Performance in terms of: reliability / user friendliness / capacity / speed of processing Different parts of the organisation may have different performance requirements. e.g. a real-time e-commerce system may require greater speeds and capacity and security than the in house payroll system. Condone security if reference to level of risk NOT hacking / viruse January – 2010 2. A company has moved into an old building and has decided to install a network. (a) Compare and contrast the relative advantages and disadvantages of ring and star topologies.[6] The company is considering using a wireless network. (b) Describe two advantages and two disadvantages for the company of using a wireless network over a cabled network. [4] 3. A local doctor’s practice uses a network to manage patient records, appointments and all its financial functions. The Practice Manager is worried about the confidentiality of the patient records. (a) Explain why the practice should have a security policy and give two examples of what this should contain, other than user accounts and logs. [4] (b) Describe the use of user accounts and logs as a way of ensuring the confidentiality of patient records. [3] 6. ‘The increase in bandwidth has resulted in an increasing number of people being able to work from home using computer networks, often referred to as teleworking.’ Discuss, with the aid of suitable examples, the advantages and disadvantages to employees and organisations of such methods of working. [8] Answers 2(a) Answers must mention both ring and star topologies making relative comments for each mark. Maximum two marks per section. Award each point once only. LAN/small or WAN/large The ring is a LAN which means it can only be accessed from within the building or organisation. Messages are passed around all devices on the ring and repeated on to the next if not at the destination address. It is usually a peer to peer network so all stations on the network have the same access rights. The star can be a LAN or a WAN linking networks via gateways and a classic example of this is the internet or when large banks link up their branches with the HQ computers. All traffic goes through the fileserver (hub). Shape and Position of the fileserver - A ring network is a peer to peer network with the fileserver and all peripherals and workstations on a ring. In the star network is a client server network and the file server is in the centre of the spokes with peripherals and workstations on the end of each spoke. (Could be illustrated with labelled diagram). Security and reliability There may be more than one fileserver on the ring network and if one goes down the ring can still function by redirecting network traffic to the functioning server. The ring network depends upon the repeaters sending the signal around the network. If a repeater fails the single cannot be forwarded but this does not stop limited communication in one direction between some stations on the network. In the star network is a spoke goes down the others can still function but if the central file server goes down then the network cannot function. Can add extra ‘spokes’ without disturbing the rest of the network. In the star network everything goes through the central fileserver which can have firewalls and proxy servers allowing central control of message switching allow a high degree of security. In the ring every device has access to the token before repeating it on making easier hacking or corruption possible. Transmission speeds In the ring, transmission is in one direction only and therefore can be quite fast. In the star you can have different transmission speeds on each of the spokes, some can be super fast e.g. between file and communications servers and others e.g. to printers can be slower. Cabling costs Cabling for a local area network such as the ring is less and Ethernet cable is probably sufficient. However wide area star networks may need expensive fibre optic cabling or even satellite links. Gateways can also be expensive (if qualified). Advantages of ring networks: • the network is not dependent on a central computer • each computer has the same access as the others so no one computer can ‘hog’ the network. • faster speeds possible because of uni direction. Disadvantages of ring networks: • if there is a break in the connection (wire or wireless), then the whole network fails • faults are difficult to locate • it is impossible to keep the network running whilst equipment is added or removed because there is only one path for the data to follow. Advantages of star topology networks: • fault tolerant – if one of the cables fails, then the other computers can still be used • load tolerant – extra computers can be added without much loss in performance because all computers have their own path to the hub • easy to add extra computers – extra computers can be added without disturbing the network. Disadvantages of star topology networks: • higher cost – the large amount of cabling needed makes it a more expensive topology • dependence on the central hub, switch or router – if the device at the centre of the network fails, then the whole network will fail. 2(b) To get full marks have to have at least 1 advantage and 1 disadvantage (max 4) Advantages of Wi-Fi: • allows inexpensive LANs to be set up without cables • allows people the freedom of working anywhere a signal can be received • ideal for networks in old listed buildings where cables would not be allowed to be installed • global set of standards – you can use Wi-Fi all over the world • health and safety – tidier desktop with no trailing cables. Disadvantages of Wi-Fi: • power consumption is high – which means laptops soon exhaust their rechargeable batteries • there may be health problems in using Wi-Fi • there may be security problems even when encryption is used • Wi-Fi networks have a very limited range (e.g. 150 ft) • can get interference if wireless network signals start to overlap • transmission speed slower than cable. 3(a) DPA puts an onus on the practice to keep this information secure (1) because of its potential for misuse (1). Illustrated example of any two of the following points that may be in a security policy: Rules on Passwords and user id’s Access rights Firewalls Virus checkers Encryption Physical security measures Backup and restoration strategies Staff code of conduct Disciplinary procedures Not accounts and logs and No marks for a list. 3(b) One mark for each relevant point Auditing keeps a record of who has done what on the network. Auditing keeps records of: • usernames • the times they logged on and off Who, what, when • details of programs they used • details of files accessed • details of changes made • details of from which machine. Auditing is used to identify abuses of the systems by authorised staff (1) and also to investigate instances of unauthorised access (i.e. by hackers) (1). Managing user accounts by allocation of access levels to users 6 6-8 marks Candidates give a clear, coherent answer fully and accurately discussing, with suitable examples the advantages and disadvantages of teleworking. They use appropriate terminology and accurate spelling, punctuation and grammar. 3-5 marks Candidates discuss several advantages and disadvantages with some examples but responses lack clarity. There are a few errors in spelling, punctuation and grammar. 1-2 marks Candidates make brief points and may give an advantage, disadvantage or example. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No valid response. Indicative content There has to be at least one advantage, one disadvantage and one example to get full marks. Cannot gain mark twice for use of reverse argument. The advantages of teleworking for the employee • Teleworking makes it easier for people to live and work where they choose, as it is possible for some staff to work from home (less stressful). • It reduces traffic congestion and carbon dioxide emissions and is therefore ‘greener’ /this has an environmental benefit since there is no commuting to work. • Not having to travel to work saves time/money. • Flexibility of working hours. The disadvantages of teleworking to the employee • Home costs such as heating, lighting increase • Employee may feel isolated • Some employers may pay teleworkers less as there is more competition for jobs • No workmates to go out with • Boundary between home and work is lost • Loss of status for some staff – no plush offices, etc. • May not be a quiet place in the house to work • Passed over for promotion The advantages of teleworking to the employer • Smaller offices are needed • Fewer backup staff need to be employed (e.g. cleaners, caretakers) • Staff less likely to spend time off sick • Reduced office overheads (electricity, gas, insurance, etc.) • Staff may be more amenable to working flexible hours • Retaining skilled workers / maternity • Employ workers from a wider pool of talent • Comfortable environment can lead to greater productivity The disadvantages of teleworking to the employer • Change to organisational structure may be needed • Hard to determine how hard staff are working • Harder for managers to manage the work • Increased number of sites for ICT equipment may cause more security risks • Employers usually pay for the employees’ ICT equipment • More difficult to hold meetings • Health and Safety checks needed on employee home June 2009 6. A business has thirty staff each of whom have their own stand-alone computer. The business is considering networking all these computers but is concerned at problems this may create. As an ICT consultant you have been asked to prepare a report for the company’s owners, outlining the issues that networking the computers could bring. Your report should include: • The benefits and drawbacks of moving to a networked system • The factors involved in choosing a network • The extra communications facilities and possible changes in working practices that this network could provide. [18] Quality of Written Communication. [2] Answer 6.Any 18 points or 9 well argued or a mixture of both but have to cover all 4 sections to get full marks Benefits •Data can be pooled and therefore accessed by a wide range of users. This helps to ensure data integrity. •Hardware resources such as printers and scanners can be shared. This is a much more cost effective solution than providing each user with their own set of peripheral devices. •Software resources can be shared. One version of the software can be purchased and installed centrally which cuts down on management needs. •Security is centralised and so improved. The network manager can control access by setting access rights and user permissions and by auditing computer use etc. •Back up procedures are easier to complete if centrally located and managed. Instead of each user being responsible for backing up their data, the network manager will take responsibility for running regular back-ups and recoveries. Disadvantages •Setting up a network is more costly than running a group of standalone computers. In addition to the stations a central server is needed. •Networks are particularly vulnerable to viruses. If one machine is ‘infected’, it is easier for this infection to spread than would be the case in a standalone environment. •Network management requires a degree of specialist knowledge and this will mean employing a network manager for this purpose. •Networks are vulnerable to crashes and if the network crashes you cannot use any of the computers. •Networks require more maintenance. There are more things that can go wrong, cables can break, network files can be corrupted, the system can be jammed due to network traffic. Staff have to be employed to complete this maintenance. Factors •Cost of the network. Fibre optic cable cabling offers faster transmission rates than other media but costs significantly more. One has to also take into account the ongoing maintenance costs. •The size of a network can vary depending on the size of the organisation and can go from a small room containing one or two PCs to a global network. •How the system will be used. Are the users going to require a wide range of applications? Are they going to store a large number of data files? Where does the processing get done? •Existing systems. Can the current stock of PCs and peripherals be used on the new network? •Performance required. Speed of processing, reliability, user friendliness, capacity •Security. Will they have to prepare for outsider access? etc. •Topology Communications / Changes in working practices •Email and being able to transfer information between employees. •Video conferencing to get expert help on particularly tricky work •Internet access to research particular procedures or latest developments. •Wireless access and its benefits •Ability to telework •Re-training of staff June 2008 2. Network topologies have different properties. (a) Draw and label a ring network. [2] (b) State two advantages of a star network. [2] (c) Other than cost or topology issues discuss in detail three factors that will influence the choice of a network. [6] Answer 2.(a) 1 mark for ring shape and labelling cable 1 mark for position of file server and terminal (b) If cable breaks network can continue working Very easy to add new machines (c) 1 mark for naming each factor and 1 mark for fuller description x 3 (i) Security issues • How secret is the data • Consequences of others seeing it • Firewall • Number of users • Spyware, viruses, hackers, etc. (ii) Size of the organisation • Needs can range from a small LAN to a global WAN • Some communications media are limited to the distance they have to travel • Amount of data processing required must also be considered. (iii) How the system will be used • What type of applications do users require? • Will they need large data storage? • From where will they operate the network e.g. at home in office or remote access from different locations. (iv) Existing systems to integrate • More often networks are not developed from scratch but need to fit in with existing systems. Sometimes an extension is required e.g. when a new branch office opens. • Therefore any new network must fit in with the operating systems and protocols of the existing. • It must support any peripherals already in use e.g. bar code readers, printers, etc. (v) Performance and speed required Performance in terms of: • reliability • user friendliness • capacity • speed of processing. Different parts of the organisation may have different performance requirements. e.g. a real time e-commerce system may require greater speeds and capacity and security than the in house payroll system. June 2007 6. Networks can be arranged in several topologies. (a) Draw and label a star network. [4] (b) Describe a suitable use for a ring network. [2] (c) Discuss in detail the advantages and disadvantages of a ring network. [6] (d) Other than security and topology issues, discuss in detail two factors that will influence the choice of a network. [4] (e) Networks make use of intranets. Explain the function of an intranet and give an example of how it could be used. [2] Quality of Written Communication [2] Answer 6. (a) 4 Marks 1 mark for star shape 1 mark for position of file server 1 mark for position of terminal or peripheral 1 mark for labelling the cable Example 6. (b) 1 mark 2 marks LAN or similar description 1 mark suitable use Peer to peer network School site Large offices Any reasonable answer 6. (c) 1 mark x 6 for advantages or disadvantages 6 Marks (must be at least one of each) Advantages of a Ring network � There is no dependence upon a central host as data transmission is supported by all devices on the ring. Each node has sufficient intelligence to control the transmission of data from and to its own node. � Very high transmission speeds are possible. � It is deterministic i.e. different performance levels can be determined for different traffic levels. � Routing between devices is simple because messages normally travel in one direction. � As data is in one direction it can transmit large volumes of data. Disadvantages of a Ring network � Systems depends upon the reliability of the ring repeater although it can be designed to bypass faulty repeaters. If one node malfunctions this can affect the operation of the network. � Cabling costs � Difficult to extend the ring. 6. (d) 1 mark for naming each factor and 1 mark for fuller description x 2 4 marks (i) Cost of the network � Initial purchasing of equipment � Installation and training � Maintenance costs � Size of the available budget will determine what can be done e.g. fibre optic cable is faster but is also more expensive. Wireless systems are flexible but need more maintenance (ii) Size of the organisation � Needs can range from a small LAN to a global WAN. � Some communications media are limited to the distance they have to travel. � Amount of data processing required must also be considered (iii) How the system will be used � What type of applications do users require? � Will they need large data storage? � From where will they operate the network e.g. at home in office or remote access from different locations (iv) Existing systems to integrate � More often networks are not developed from scratch but need to fit in with existing systems. Sometimes an extension is required e.g. when a new branch office opens. � Therefore any new network must fit in with the operating systems and protocols of the existing. � It must support any peripherals already in use e.g. bar code readers, printers etc. (v) Performance and speed required Performance in terms of; � reliability � user friendliness � capacity � speed of processing. Different parts of the organisation may have different performance requirements. E.g. a realtime e-commerce system may require greater speeds and capacity and security than the in house payroll system Mark for definition and 1 mark example 2 marks Intranet is a facility only accessible within the organisations network. e.g. bulletin boards / internal messages. Quality of Communication 2 marks 6. (e) 1 mark for explanation 2 Marks 1 mark for example An intranet is network set up entirely within a LAN and can only be accessed internally. Examples � Web pages can be stored and accessed from anywhere on the network � Email can be sent internally within the LAN. � It can also be used for staff training or daily bulletins Any reasonable answer June 2006 3. (a) Other than cost or security issues, explain in detail two factors that could influence the choice of a computer network for a company. 2 × [2] (b) Two types of network that could be used are peer to peer and client server. Compare and contrast these two types of network. [4] Answers 3 (a) Any two factors, with explanation, such as: 2 x 2 size of organisation how the system will be used existing systems / what is already in place performance required network configuration 3 (b) Any four relevant points (1 mark each), but must make reference to features of both systems to gain maximum four marks: Peer to peer system Lower setting up costs Simpler to set up and/or maintain Does not rely on a single server Only suitable for small networks Data is not centrally stored Backup and security is not centralised Client server system Generally quicker than peer to peer networks Security and backups are centrally managed Data is easily accessible to all users A server is required so it costs more to set up May need a network manager to run effectively If the central server crashes the whole network goes down. Website Questions June 2011 Question E. A multi-national company uses a website for its e-commerce activities. 9) Define two methods by which a customer could find the website and explain how each might be used to find the website on the internet. [4] 10) Describe the four main requirements the company has to put in place for this website to be used for interactive online shopping. [4] Answers 9) Any 2 from x 2 • Use of a search engine (1) enter key words to find the information you require (1). (can award marks for Boolean search if they mention putting in terms as well) • Use the Uniform Resource Locator (URL) (1): if you know the web address (URL) of a site you can simply type/enter it in (1). If you do not know the address of the sites of interest, then you can buy books (called directories) (1) or buy one of the popular Internet magazines that contain them (1). • Surf the Internet by following hyperlinks (1): click on a link to move from one area of interest to another (1). • The use of a web crawler (1) which browses the web and keeps an index of what it finds (1) Must have an action for second mark 10) Any four of the following, discussed in suitable detail: 4 x 1 • Maintaining a company website / need for trained staff • Catalogue of stock / stock database/table • Methods of secure payment / shopping trolley • Database/table of customer orders/bids • Order/bid tracking / email confirmation If candidates just state four points then maximum mark is 1 June 2010 3. Many organisations use the Internet for commercial activity. Describe the facilities that an organisation has to put in place in order to turn its web site into an e commerce operation. [4] Answer 3. Any four of the following, discussed in suitable detail: 4 x 1 Maintaining a company website / need for trained staff Catalogue of stock, stock database Methods of secure payment / shopping trolley Database of customer orders/bids Order/bid tracking / email confirmation If candidates just state four points then maximum mark is 1 January 2010 4. An organisation has a website on the internet to advertise its products and allow customers to order online. (a) Define and explain two methods by which a customer could find the website using the Internet. [4] (b) Explain, by giving an example, how each of the following could be used by the organisation: (i) File transfer protocol (FTP); [2] (ii) On-line databases. [2] Answers 4(a) Any 2 from: The use of a web crawler continually searches the web looking for new pages (1) and recording information they find (1) which browses the web and keeps an index of what it finds (1). Use of a search engine an application accessed over the internet that maintains indexes of web pages. (1) and logical operators/key words to find the information you require (1). Use the Uniform Resource Locator (URL) the recognised method for referring to resources on the internet. (1) If you know the web address (URL) of a site you can simply type it in. (1) Use hyperlinks an area of a web page that contains a link to another location on the Web.(1) You can surf the Internet, which means that you are using hyperlinks to move from one area of interest to another. (1) 4(b)I FTP is a standard set of rules that have been established to allow the exchange of (large) files over the internet (1). Used for uploading a database of sales from one branch of the organisation to the head office (1). Or Used for down/uploading a website from/onto the internet (1).or other relevant example (1). 4(b)ii Product, customer and order information is readily available to the company from anywhere (1) and customers can place their orders/check stock/etc over the internet (1). A database of something on the internet (1) what it is used for (1) June 2009 2. A sports shop wishes to set up an e-commerce system to offer its customers an online shopping service. (a) Other than hardware, describe in suitable detail four requirements for a successful on-line shopping service. [4] (b) Discuss the advantages and the disadvantages of on-line shopping to both the customer and the business. [6] 4. Recently the government urged internet service providers to ban websites which promote illegal activities. Discuss the legal, moral and ethical issues raised by this request. [8] Answer 2. (a) Any four of the following, discussed in suitable detail: 4 x 1 ISP Maintaining a company website/ need for trained staff Catalogue of stock, stock database so that one can immediately see if something is available or whether there will be a delay. Methods of secure payment (i.e. use of systems such as Paypal or ensuring that the system is secure from fraud). Database of customer orders/ shopping trolley so that immediate searches can be made to find and update customer information. Tracking on-line orders, etc. If candidates just state four points then maximum mark is 2. (b) Any 6 points, but must include 1 of each type to get full marks Appropriate advantages for shopper such as: 24 hour access, greater choice, no need to travel/order from comfort of home/ less stressful, allows disabled to shop more easily, better prices Appropriate advantages for business such as: cheaper as no need to pay high rates, wider customer base, takes pressure off staff, offer wider choice due to ‘just in time’, make money from advertising, saves on staff costs Any possible problems such as: customer worries over security, anyone can set up, no longer a social activity, fraud, power cut, hidden costs of carriage or import tax, hidden costs and phone costs, what you get is not what you see/ cannot see/feel the item, harder to return (if well argued), initial set up costs, need for specialist staff to maintain Note – question mentions ‘describe’ not just ‘state’. 4. 4x2 or 2x4 if well argued. Censorship / Freedom of speech – people have the right to say what they want. You should not use the internet to promote illegal activities; by allowing them there you are promoting them. Certain people and children can be wrongly influenced by this type of material and do things that they wouldn’t otherwise do. By driving them from main sites you are making them more attractive and more people will then look at them. Who has the right to censor the internet? Will the government go on to ban information that puts them in a bad light? Is it practical to do it? Who is going to police it and resource the enforcement? June 2008 7. Many businesses use the Internet for commercial activity. (a) Describe the facilities a company has to put in place in order to turn its web site into an e-commerce operation. [4] (b) Evaluate the impact that e-commerce has had on businesses and their customers. [14] Quality of Written Communication [2] Answer 7.(a) At least one sentence to get a mark. • Keeping a catalogue of stock for sale • Methods of secure payment • Database of customers’ orders • Maintenance/monitoring of web site • Some sites allow you to keep track of the progress of your order. Any valid point 1mark (max 14). Very well argued point could be worth 2.Reasons • They can advertise. It enables people to find out what they do and what they sell. • People can email them with enquiries; orders; requests. • They can reach an international audience. • Technology has advanced and now made a lot more possible. Services • Companies can advertise goods and services only • Companies sell goods and services e.g. Tesco home shopping, buying music, making customised t-shirts • Subscription services which sell information e.g. MetOffice weather data, research papers, legal cases database • Interactive sites which encourage feedback on products • Auction sites such as Ebay Advantages to customers • There is no travelling – it can be done from home so saving in costs and time • Allows disabled people to do more shopping • Can be done 24/7 • Much quicker to do a price comparison • Can find obscure goods not available locally Advantages to businesses • Overheads cut. Large savings on shops, warehouse and office space • Wider customer base • Customers can be kept in touch with by email and informed of new products. Disadvantages • Credit card fraud • Fake websites - goods do not exist • Copycat websites to extract bank account info • Fewer shops on the High Street • Lack of social interaction • Increase in delivery vans Other effects • Code of conduct • Security issues • Firewalls • Job loss • Change in working practices June 2007 2. Products can be purchased on the Internet using a company website. (a) Describe two methods a customer could use to find the website. (b) Describe two methods a customer could use to quickly find information within the website. Answer 2. (a) 1 mark for each method 1 mark for description of how used Urls Type in the exact address of the website into the address bar Web crawlers /search engines Type in a key word and select from given list Boolean searches Type in key words with AND and OR etc to give more precise list (b) 1 mark for each method 1 mark for description of how used Bookmarks / Hyperlinks Predefined links which take you directly to part or the page Hotspots Click on an image of the product to find out more details of the product / go to product section Key word searches Type in a keyword and go directly to that section Internet Questions June 2011 Question K. The use of the internet causes major moral, social and ethical issues. Discuss using appropriate examples these issues and the effect that they are having on modern society. [18] Answers Issues • Deliberately setting up websites containing incorrect information – people may rely on and use this information thinking it is correct. • Bullying – in chat rooms, by e-mail, in blogs, by text message is a problem especially for the young. • Inappropriate websites – people are able to view inappropriate material such as pornography, racism, violent videos, how to make explosives, etc. • Using e-mail to give bad news (e.g. redundancy, demotion, firing, etc.) when explaining faceto- face would have been better. • Spreading rumours – it is easy to spread rumours using the Internet. You only have to tell a few people in a chat room and the rumour will soon spread. Normally, if someone started a rumour that was untrue and it caused another person distress, then the person starting the rumour could be sued. When rumours are started over the Internet it is difficult to identify the person responsible. • Plagiarism – copying material without attributing or referencing the source of the information. This could also involve using websites which sell essays or coursework. • Sending spam (i.e., the same advertising e-mail to millions of people) – people waste time deleting spam if the spam filter allows it through. • Companies monitoring staff use of the Internet and e-mail. Some organisations will even read personal e-mails. • Using someone’s wireless Internet connection without permission. • Sometimes it is possible to connect to the Internet using an open network. The net result of using the network is to slow the network down for legitimate users. • Mobile phone stalking. • Using photo editing software to distort reality – by using photo/video editing software you can distort reality and you can no longer believe what you see in video, TV, newspapers, magazines and on websites. • Censorship Invasion of privacy by governments. • Privacy issues – social networking sites, e-commerce sites, Internet service provider records, e-mail monitoring at work, etc., all erode a user’s privacy. • Gambling addiction – gambling can cause many social problems and it is on the rise with the ease with which bets can be made using the Internet. • Addiction to computer games – many children spend hours playing computer games and their social skills and schoolwork can suffer as a result. Have and have nots – Digital divide Closing down of local stores Example answers Censorship • No-one owns the Internet. It is international. Material which would be illegal if published in hard copy form is freely available on the Internet e.g. racist propaganda, bomb making instructions, pornography. Some say the Internet should be censored but who will do the censoring and how can centralised control be implemented. • If you ban sites will they become more appealing so people will search for them more avidly. Issue Accurracy Privacy Effects upon communities Ownership Intellectual property rightsOwnership rights to data. Discussion point • There is no guarantee that any information on the Internet is accurate or true. Some web sites giving medical advice have been known to give wrong information but they are not held liable. Magazines can write untrue stories. • Individuals can spread malicious rumours about people in emails. • What about plagiarism – if you get thrown out of university because you copied an essay of the Internet • It is relatively easy to capture internet traffic. • Freedom of speech • Do we have the right to the privacy of our emails and data files? • Do we have the right to encrypt our data? In the light of the increase in Internet crime, security scares and increased terrorist activity should the security services be allowed to monitor all Internet traffic • Some argue that the Internet has increased; • the number of valuable interactions e.g. keeping people in touch with families whilst travelling using Internet cafes. • increased awareness of geographically separated cultures • Others argue that it has led to a lack of individual social interaction by frequent Internet users e.g. you can work, shop or bank from home without ever having to mix with others. This could cause small local business to go out of business thus increasing social isolation. • Exercises undue influence on vulnerable young people e.g. inciting people to become terrorists • Who owns the Internet? • Who controls the Internet • Because of the increased commercial value of activities on the internet will a few media giants take control and effectively determine content? • The law of individual countries is beginning to address some of the legal issues such as intellectual property rights on the Internet but laws only apply to the country which passed them. International laws may go some way to address misuse of the Internet but this is still a long way off. • If you put a joke on the Internet do you own it? • If you see a joke on the Internet can you sell that joke to a professional comedian? • If you scan in the text of the book ‘The Da Vinci Code’ and put it on the Internet for all to be freely read; are you breaking the law? • Can you sue someone who sells you an essay which is full of factual errors? • The growth and exchange of ideas on the Internet has led to many legal disputes and lack of legal clarity as to ones intellectual property rights. • Do the Copyright Laws of one country apply to another country? January 2011 Question B. A multi-national company uses FTP. Describe in detail what is meant by FTP. [2] Describe an advantage it gives the company and give an example of its use. The company also makes use of the internet. Define and explain how the following can be used to access information: URL (Uniform Resource Locator) [2] Web crawler [2] Boolean search. [2] Answers FTP (File Transfer Protocol) is a standard Internet protocol providing a simple way of transferring files between computers using the Internet, (by a process which bunches the data into packages and sends messages back and forth to say each package has been received.) OR FTP is a standard set of rules (1) that have been established to allow the exchange of (large) files over the internet (1). MUST BE CLEARLY NOT ABOUT EMAIL OR COMPRESSION Not Instructions instead of rules or Data instead of files You are not limited to file size unlike with email attachments / allows reliable transfer of files between platforms / greater security in transfer of information / can have greater control of remote computer (if well developed). Used for uploading a database of sales from one branch of the organisation to the head office (1). (Always need to know what the data are) Or to distribute information between the company and their customers and suppliers Or Used for down/uploading a website from/onto the internet/server (1). Or other relevant example (1) e.g. Transfer files from mac to pc. NO SCHOOL EXAMPLES URL (Universal Resource Locator) is the web address of a site / the address for a web page on the world wide web / the recognised method for referring to resources on the internet / the unique address for a file that is accessible on the Internet. You simply type it in / click on it to go directly to the website you want. (action and effect) A web crawler is • a program that automatically browses all web pages (in a systematic manner). • one type of software agent, or bot which (automatically) visits a list of URLs. Provides data about web pages in order to produce an index (database/list) which can be used by a search engine to enable fast searches. Can be used for automating maintenance tasks on a Web site, such as checking links or validating HTML code. Can be used to gather specific types of information from Web pages, such as harvesting e-mail addresses. A Boolean search is a search using the operators AND, OR or NOT. NOT YES or NO. Using AND narrows a search by combining terms; it will retrieve documents that use both the search terms you specify, (e.g. Portland AND Oregon) Using OR broadens a search to include results that contain either of the words you type in, (e.g. liberal OR democrat) Using NOT will narrow a search by excluding certain search terms, (e.g. France NOT Canada) It helps save time searching for information as it helps you narrow down a search. Example for 2 marks A Boolean search allows you to combine words and phrases using the words AND, OR, NOT and NEAR to limit, widen, or define your search. June 2010 8. The Internet, whilst bringing a number of benefits to society has also raised a number of issues. Discuss in detail moral, social or ethical issues associated with the use of the Internet. Illustrate your answers with distinctly different examples for each issue. Answers Up to four of the following, discussed in detail, with different examples: 4 x 2 or any two of the following, discussed in greater detail: 2 x 4 • censorship - for example in Burma, China • accuracy of information - if it is on the Net people believe it to be true • privacy - e.g. people can look at photos which are meant to be for family only, etc. • effects upon communities (e.g. corner shop closing) • ownership and control / intellectual property rights – who owns the information • Plagiarism (e.g. buying exam answers) • lack of social interaction – people don’t go out and talk to other people • gaming addiction – led to a big increase in addicts – online poker • electronic bullying – pupils sending nasty emails to each other, etc. • bad websites / inappropriate content/activity (suicide, racism, hard-core pornography,Grooming, ) NOT crimes such as fake websites January 2010 5. Many large research projects make use of distributed computing using the Internet. (a) Explain what is meant by distributed computing. [3] (b) Describe an application where distributed computing is used. [2] (c) State the advantages and disadvantages of distributed computing. [4] 9. ‘There is no effective ownership or control of the Internet’. Discuss, with suitable examples, whether you consider this statement to be true or false. [8] Answers 5(a) Distributed computing – where a series of computers are networked together (1) and they each work on solving the same problem (1). Each computer shares data processing, storage and bandwidth in order to solve a single problem (1) 5(b) 1 mark for a basic description with further mark for expansion with further detail EXAMPLE The SETI (Search for Extraterrestrial Intelligence) project The purpose of the SETI project is to search for intelligent life outside the Earth and to do this a radio telescope is used. (1) In order to search for the narrow-bandwidth signals lots of computing power is needed. At first supercomputers containing parallel processors were used to process the huge amount of the data from the telescopes. Then someone came up with the idea of using a virtual supercomputer consisting of a huge number of Internet-connected home computers. Popular Power project: helping to develop flu vaccines 5(c) At least one advantage and disadvantage for full marks Advantages • reduces cost because an expensive powerful computer such as a supercomputer is not needed • can pass work to computers anywhere in the world using the Internet • improved performance as each computer can work on part of the data • can improve performance by adding more computers. Disadvantage • issues with the security of data spread out on so many different computers • issues with communication breakdowns. 9 6-8 marks Candidates give a clear, coherent answer with a full and accurate discussion using suitable examples. They use appropriate terminology and accurate spelling, punctuation and grammar. 3-5 marks Candidates discuss several points with some examples but responses lack clarity. There are a few errors in spelling, punctuation and grammar. 1-2 marks Candidates make brief points and may give an example. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No valid response. Indicative content Answers have to consider at least one point for and one against, with at least two examples to get full marks. A well argued point or detailed example can gain a further mark. • The Internet is for everybody and no one actually owns it. • There is little control over the content of the material on the Internet, although some governments have started to control what can be seen. • There is also no control over the people who can access the material on the Internet. • This means that unless special software is used, children can easily gain access to pornographic or violent images. • The lack of ‘policing’ of the Internet also means that the information is not checked to make sure that it is accurate. • It is therefore up to the users of the Internet to check the material’s accuracy. • When you are using information off the Internet you need to be able to check the material for its suitability and accuracy. • There are a lot of pornographic images/videos on the Internet. • There are laws covering the production and distribution of this material but as much of this material comes from other countries, where the material is perfectly legal, there is not much that can be done to stop it. • The main worry adults have is that young children could accidentally access this material. • Even with a software filter it is hard to be completely sure material is excluded. • If a site is banned it could make it more popular. June 2009 sports shop wishes to set up an e-commerce system to offer its customers an on-line shopping service. (a) Other than hardware, describe in suitable detail four requirements for a successful on-line shopping service. [4] (b) Discuss the advantages and the disadvantages of on-line shopping to both the customer and the business. [6] Answers 2. (a) Any four of the following, discussed in suitable detail: 4 x 1 ISP Maintaining a company website/ need for trained staff Catalogue of stock, stock database so that one can immediately see if something is available or whether there will be a delay. Methods of secure payment (i.e. use of systems such as Paypal or ensuring that the system is secure from fraud). Database of customer orders/ shopping trolley so that immediate searches can be made to find and update customer information. Tracking on-line orders, etc. If candidates just state four points then maximum mark is 2. (b) Any 6 points, but must include 1 of each type to get full marks Appropriate advantages for shopper such as: 24 hour access, greater choice, no need to travel/order from comfort of home/ less stressful, allows disabled to shop more easily, better prices Appropriate advantages for business such as: cheaper as no need to pay high rates, wider customer base, takes pressure off staff, offer wider choice due to ‘just in time’, make money from advertising, saves on staff costs. Any possible problems such as: customer worries over security, anyone can set up, no longer a social activity, fraud, power cut, hidden costs of carriage or import tax, hidden costs and phone costs, what you get is not what you see/ cannot see/feel the item, harder to return (if well argued), initial set up costs, need for specialist staff to maintain Note – question mentions ‘describe’ not just ‘state’. June 2008 5. The Internet, whilst bringing a number of benefits to society has also raised a number of issues. Discuss in detail moral, social or ethical issues associated with the use of the Internet. Illustrate your answers with a distinctly different example of each issue. [8] Answers 5. Any four of the following, discussed in detail, with examples: 4 x 2 or 2 x 4 • censorship, for example in Burma, China • accuracy of information – if it is on the Net people believe it to be true • privacy – people can look at photos etc, which are meant to be for family only, etc. • effects upon communities (e.g. corner shop closing) • ownership and control / intellectual property rights – who owns the information • plagiarism (buying exam answers) • lack of social interaction – people don’t go out and talk to other people • gaming addiction – led to a big increase in addicts – online poker • electronic bullying – pupils sending nasty emails to each other, etc. • bad websites / inappropriate content (suicide, racism, pornography) If candidate mentions four crimes (e.g. bomb building instructions), maximum two marks June 2007 3. The Internet can be used to access many types of online distributed databases. (a) Explain, using a suitable example, what is meant by a distributed database. (b) Describe how distributed databases can be beneficial to an organisation. (c) Landscape gardeners can use wireless technology to access a library of garden designs held on a database in their office. Describe in detail two other applications which use wireless technology. 4. Many bank customers have online bank accounts. Customers can complete online forms to pay bills and transfer money between their accounts using the Internet. Verification or validation procedures are used to reduce data entry errors. (a) Explain, giving a different example in each case, how both the bank and the customer can minimise data entry errors when filling in the online forms. (b) The bank must protect data from accidental loss or malicious damage. Discuss in detail the security measures the bank needs to introduce to prevent: (i) accidental loss due to; (I) human error; (II) fire or flood; 2 × [2] (ii) malicious damage by unauthorised users. [2] (c) The bank has undertaken a ‘risk analysis’ in order to produce a strategy to protect data. Identify two factors which should be taken into account when determining how much money a company spends on controlling and minimising risk. [2] Answers 3. (a) 1 mark Shared processing across the Internet/networks / Distributed databases are different databases stored at different locations but linked together so they appear to be one large database. 1 mark description of example e.g. SETI research into radio signals. SETI, or the Search for Extraterrestrial Intelligence, is a scientific effort seeking to determine if there is intelligent life outside Earth. SETI, listens for artificial radio signals coming from other stars. E.g. A hotel chain may store details of guests booking on its local network but because each hotel is networked a distributed database can be used and staff in one hotel can see booking in another hotel and managers can monitor booking across the whole chain. Similarly for a chain of shops. Example might give explanation of 'distributed database'. (b) Benefits 2 Marks Allows the local processor to be used to share processing when not being used for other activities Data used locally can be stored locally and network traffic kept to a minimum If data lost on central site it could be reduplicated from local site Allows sharing of data and of the results of processing of the data. New locations can be added to the database without the need for rewriting the entire database. (c) 1 mark for each example 2 Marks Both must be description 1 mark can be awarded for simply naming two examples. Wireless PDA's used by Doctors at the scene of an accident can accessing patient records. Wireless networks may be used as part of a LAN e.g. a mobile bar code reader in a warehouse transmitting data to a shop or HQ A delivery driver using a hand held device to confirm deliveries with a central database. Hand held chip and pin data entry in restaurants for entering details of cars payments. Wireless PCMCI cards used in a laptop and linked to GSM satellite links which give access to Internet without need for wireless nodes e.g. used by travelling businessmen. Wireless remote controls used to turn over TV channels. Wireless devices such as Printers/ keyboards/mobile phones and description of use. Any reasonable answer 4. (a) 1 mark for customer measure and 1 mark for bank measure Customer. Verification procedures Read data in forms carefully before submitting e.g. when purchasing online Double entry keying e.g. when creating passwords for accounts Bank. Validation procedures Range checks; presence checks; check digits; format checks; input masks etc (b) 1 mark for each problem and 1 mark for each corresponding prevention (allow one type of prevention only once) Must have at least one accidental loss. And one malicious damage ACCIDENTAL LOSS Accidental destruction of files due to fire, terrorism, floods Backup systems must be described keep back up files – offsite - and in fireproof containers use an online tape or disc streamer which automatically backs up data on a network use grandfather father son security system in batch processing systems. e.g. payroll RAID systems – mirror discs (Redundant Array of Inexpensive Disc) Accidental destruction of files due to human error etc Prevent overwriting put the write protect notch on your disc make hard discs read only MALICIOUS DAMAGE Hacking – unauthorised access Prevention Define security status and access rights for users All authorised users should be given user names and passwords. This will limit unauthorised access to the network. Hierarchy of Passwords Identification User Name Authentification Password Authorisation – What files you can see and what your allowed to do Restrict physical access to files e.g. smart cards to control entrance to rooms. Secured areas to hold servers Biometric scans such as voice or hand prints; retina scans; Firewalls. a special environment set up to trap a hacker logging in over remote connections. It authenticates messages coming into the network and verifies the legitimacy of the user to enter the network. Proxy servers This device tries to stop intruders from identifying the IP (Internet Protocol) address of a user workstation accessing the Internet. Call Back procedures Some companies operate a dial-back system. A user logs on to a computer which immediately disconnects the line and dials the user back. This would stop a user logging on with someone else's password. Encryption Data transmitted over a network is coded before transmission. This means that anybody intercepting the transmitted data would not be able to understand it. The data needs to be de-coded by the proper recipient. Spreading a computer virus These are programs introduced into computer systems which destroy or alter files by rewriting over data or by copying themselves over and over again until computer system is full and cannot continue. Prevention Don't' download unknown programs from the Internet straight to hard disc. Only use reputable sources. Write protect media so can't be written onto Don't copy illegal software Use a virus scanning software and virus eradication program. Make sure this is kept up to date with the latest virus definitions – available from the Internet. Use diskless workstations on networks Control access to portable media and do not let users use own disk etc on the organisations system. Computer fraud – white-collar crime Bogus data entry when entering data Bogus output – output may be destroyed to prevent discovery of fraudulent data entry or processing Alteration of files e.g. employee alters salary rate or hours worked Prevention or 'White Collar' computer crimes Monitor all programs and users actions should be monitored and logged. All users should be identifiable and all files capable of being audited keep online transaction logs Auditing procedures to detect fraud 4. (c) 1 mark for each factor 2 Marks Identify potential threat Likelihood of risk occurring Short and long term consequences of the threat How well equipped is the company to deal with the threat June 2006 2. A pet shop wishes to offer customers an interactive on-line shopping service. (a) Other than hardware, discuss in suitable detail, four requirements needed to implement such an interactive on-line shopping service. [4] (b) (i) Give two advantages to the customer of on-line shopping. [2] (ii) Give two advantages to the business of on-line shopping. [2] (iii) Describe two possible problems when shopping on-line. [2] 4. Other than crime, discuss in detail four of the major moral, social or ethical issues associated with the Internet. Use distinctly different examples in each case. 4 × [2] Answers 2 (a) 1 mark • Accurate data is correct / truthful / has no errors 2 (b) 1 mark for clear explanation of difference It would pass any range or format checks but it would not be accurate. 1 mark for specific example Example: a customer completes a form with DOB which is correct. e.g. 12/10/84 A data entry clerk makes a transcription error and types in the numbers the wrong way around 10/12/84. Good example showing the differences clearly worth two marks. 4 Any four of the following, discussed in detail, with examples: 4 x 2 censorship, for example in China accuracy of information privacy effects upon communities (e.g. corner shop closing) Ownership and control / intellectual property rights plagiarism (buying exam answers) lack of social interaction gaming addiction electronic bullying bad websites / inappropriate content (suicide, racism, pornography) If candidates mention four crimes (e.g. bomb building instructions), maximum two marks. Human Computer Interface’s Questions – HCI June 2011 Question A. The Human Computer Interface (HCI) on a computer can be adapted for different tasks. Describe in detail, three factors, other than layout appropriate to task, using different examples that should be taken into account when designing a good HCI. [6] Describe the factors that should be taken into account when designing an appropriate layout of an HCI that would be used by a young child learning how to read. [4] Answers Any three of the following, discussed in detail: 3x2 1 mark per factor - 1 mark per explanation. (No Factor no mark for extension) If mistake in factor but good extension can gain extension mark Note explanations must be distinctly different and match the factor. NOT Layout appropriate to the task. Consistency of signposting and pop up information e.g. Every ‘Next’ should be in the same place using the same icon. Navigation around the program should be clear consistent and easy to follow. – intuitive, learn faster Clear navigational structure e.g. It speeds things up if there is a similar route through the programs (if it is clear) as users do not have to keep learning things / Helps users learn their way around the system. There should be standard ‘feel’ to software. e.g. Large/minimal text for a child to minimise reading which builds up user confidence / Bright colour scheme to attract a young child’s attention. Doing a repetitive task such as entering holiday bookings means you have less guidance on the screen. Note Nothing to do with devices Customisable to suit the needs of the user e.g. Makes it more efficient if the user can change items to suit their work preference. Location of where machine is to be used e.g. No sound in a noisy area. Touch screens in museums / factories / etc (with explanation of why). House Style/Ethos (Not Consistent Layout) e.g. So that it conveys who the organisation is and all the company docs look/feel the same. Specific point about colour blindness e.g. Design to avoid red/green combination - blue/yellow best combination. On Screen / online helpfiles (built in with software) e.g. Rather than wasting time looking in manuals, important if no outside help available when working / Tool tips telling the user what to do / interactive user manual that answers general FAQ. No marks if can be read as a Google search. Disabled Access (If get explanation and factor mixed up can gain 1 mark) e.g. If a person is blind then the computer could recognise voice input / Braille keyboard. Expertise of the user/ ability of user / difference between novice and expert user An expert user will need shortcuts so that the task can be completed as quickly as possible whereas a novice will need a number of steps to guide them. CONDONE: Font size – (but not as a factor) readability, appropriate to level of user, avoid eye strain Any 4 points • Have a minimum amount of text on screen • Use child friendly font/size of font • Use bright colours to attract the child’s attention • Have an uncluttered appearance • Involve minimal use of the keyboard / alternative input devices • Use speech synthesis / sound so that they can hear the words • Animation/videos to keep their interest • Instant feedback on their responses • Interactivity e.g. quizzes, educational games • Visual prompts e.g. pictures of a cat January 2011 Question A. As computer systems have become more complex the interface has become increasingly important. Other than differentiation between user expertise, describe four factors that should be taken into account when designing a good human computer interface and for each factor describe why it is important. [8] Answers Any four of the following, discussed in detail: 4 x 2 1 mark per factor - 1 mark per explanation. (No Factor no mark for extension) Note explanations must be distinctly different and match the factor. NOT differentiation between user expertise. Consistency of signposting and pop up information e.g. Every ‘Next’ should be in the same place using the same icon. Navigation around the program should be clear consistent and easy to follow. – intuitive, learn faster Clear navigational structure e.g. It speeds things up if there is a similar route through the programs (if it is clear) as users do not have to keep learning things / Helps users learn their way around the system. Layout appropriate to the task There should be standard ‘feel’ to software. e.g. Large/minimal text for a child to minimise reading which builds up user confidence./ Bright colour scheme to attract a young child’s attention. Doing a repetitive task such as entering holiday bookings means you have less guidance on the screen. Note Nothing to do with devices Customisable to suit the needs of the user e.g. Makes it more efficient if the user can change items to suit their work preference. Location of where machine is to be used e.g. No sound in a noisy area. Touch screens in museums / factories / etc, (with explanation of why). House Style/Ethos (Not Consistent Layout) e.g. So that it conveys who the organisation is and all the company docs look/feel the same. Specific point about colour blindness e.g. Design to avoid red/green combination - blue/yellow best combination. On Screen / online helpfiles (built in with software) e.g. Rather than wasting time looking in manuals, important if no outside help available when working. / Tool tips telling the user what to do. / interactive user manual that answers general FAQ. No marks if can be read as a Google search. Disabled Access e.g. If a person is blind then the computer could recognise voice input / Braille keyboard. CONDONE: Font size –(but not as a factor) readability, appropriate to level of user, avoid eye strain List of 4 =1 mark June 2010 1. The Human Computer Interface (HCI) is an important part of an ICT system. Describe four factors which should be taken into account when designing a good HCI. Explain why each factor is important. Answer 1. Any 4 of the following well discussed 1 mark per factor. 1 mark per explanation. Note explanations must be distinctly different and match factor. Consistency of signposting and pop up information e.g. Every ‘Next’ should be in the same place using the same icon. Navigation around the program should be clear consistent and easy to follow. Clear navigational structure e.g. It speeds things up if there is a similar route through the programs (if it is clear) as users do not have to keep learning things / Helps users learn their way around the system. Layout appropriate to the task There should be standard ‘feel’ to software e.g. Large/minimal text for a child to minimise reading which builds up user confidence Doing a repetitive task such as entering holiday bookings means you have less guidance on the screen Note Nothing to do with devices Customisable to suit the needs of the user e.g. Makes it more efficient if the user can change items to suit their work preference. Location of where machine is to be used e.g. No sound in a noisy area. Touch screens in museums / factories / etc, (with explanation of why). Differentiation between user expertise – type of user e.g. HCI needs to differentiate between non-technical and technical users. Technical users do not need a set of steps to get to a place, a travel agent who is using a system daily does not need guidance as they do the same steps daily. House Style/Ethos e.g. So that it conveys who the organisation is and all the company docs look/feel the same. Specific point about colour e.g. Effect of colour blindness, blue/yellow best combination. On Screen help e.g. Rather than wasting time looking in manuals, etc. Disabled Access e.g. If a person is blind then the computer could recognise voice input. January 2010 1. The Human Computer Interface (HCI) is an important part of an ICT system. (a) Examine the different needs of an expert user and a novice user and describe how they can be met when designing the HCI. [5] (b) Discuss using examples, the features of a HCI that would be suitable for the disabled user.[4] Answers 1(a) The novice user’s priority will be ease of learning/intuitive (1) and easy access to help (1). The expert user will want to get the job done in the least possible time (1). Novice user will need clear navigation structure (1). Novice user will use wizards which are not as flexible as setting it out yourself (1). Expert user knows the commands (1) and will find it quicker than clicking through a series of windows (1) (dos window to use ipconfig compared to getting the same info from windows (1)) Increased number of ways of performing the same operation (1). Shortcuts which the experienced user can use rather than going through a series of menus (1). Colour scheme making it easier to use (1) If candidates make four or more valid points but do not differentiate between users then Max 2. Condone well argued points made about specific application. 1(b) One mark for each point to a maximum of 4 marks. Use of speech recognition rather than keyboards for users who cannot use keyboard or mouse (1). Use of specialist input devices such as those which use blow pipes or eye movements (1) Ability to magnify areas of the screen to aid users with bad eyesight (1). Ability to increase the font size to aid users with poor eyesight (1). Use of correct colour schemes to help people who are colour blind / dyslexia (1). Illustrated use of Braille device (1). Illustrated use of text to speech output (1). Use visual messages rather than beeps or warning noises for users who are deaf (1). Use of a large mouse for people with poor coordination (1). Use plenty of contrast between the text and the background to aid people with poor eyesight (1). Condone example of not using frames or patterned backgrounds, or DDA requirements for comments attached to images for blind users. June 2009 1. A good Human Computer Interface (HCI) is vital for an information system to work well. Describe four factors which should be taken into account when designing a good HCI, explaining why each factor is important. [4 × 2] Answer 1.Any four of the following, discussed in detail: 4 x 2 Font size – readability, appropriate to level of user, avoid eye strain Consistency of signposting and pop up information – intuitive, learn faster On screen help – important if no outside help available when working Layout appropriate to task – faster to type in for expert or good example of differentiation between user expertise/ intended audience/age Clear navigation structure – saves time wasting, easier to work through Colour – blue/yellow good combination (green/red blindness), ability to customise. Who is going to use it – need to differentiate between non-technical and technical users Disabled use June 2008 1. The Human Computer Interface (HCI) is an important part of an ICT system. (a) Other than on screen help, state two factors which should be taken into account when designing a good user interface. Explain why each factor is important. [4] There are different types of HCI. (b) Describe a different, sensible use and benefit of the following types of HCI. (i) Biometric. [2] (ii) Voice. [2] Answer 1.(a) 1 mark per factor (max 2) 1 mark per explanation (max 2) Consistency of signposting and pop up information Example every ‘Next’ should be in the same place using the same icon. Navigation around the program should be clear consistent and easy to follow. Layout appropriate to the task There should be standard ‘feel’ to software which builds up user confidence e.g. large text for a child. Differentiation between user expertise HCI need to differentiate between non-technical and technical users. Technical users do not need a set of steps to get to a place, a travel agent who is using a system daily does not need guidance as they do the same steps daily. Clear navigational structure It speeds things up if there is a similar route through the programs (if it is clear) as users do not have to keep learning things. Customisable to suit the needs of the user Makes it more efficient if the user can change items to suit their work preference b(i) 1 mark Description of use e.g. retina scan/iris recognition to gain access to room, thumbprints to take out a library book 1 mark Benefit Individual / difficult to copy Accuracy (incl. an explanation of why) Smart cards can be lost or stolen Greater security because …. (ii) 1 mark Description of use Slow typist dictating an essay directly into the computer. Handicapped person dictating work into a computer. 1 mark Benefit Allows people without arms to enter work into a computer. Allows people with poor co-ordination to work faster. Allows people in work which uses their hands to dictate commands to a computer. June 2008 1. Several types of Human Computer Interfaces (HCIs) are used with computer systems. Each type of HCI provides specific benefits to the user. (a) Describe a sensible use and benefit of the following types of HCI. You should describe a different use and benefit in parts (i) and (ii). (i) Touch sensitive screen. [2] (ii) A biometric device. [2] (b) Name an application which uses a voice interface and discuss any problems associated with the use of voice interfaces. [3] Answers 1. (a) (i) A Touch sensitive screen. 1 mark Description of use e.g. Shop POS – don't have to remember prices – no typing /more accurate Public information system such as in museums – no need for a mouse or keyboard which could get stolen or broken easily Disabled use – overcomes difficulties with spelling/dyslexia (ii) biometric device 1 mark Description of use e.g. retina scan/iris recognition to gain access to room, thumbprints to take out a library book 1 mark Benefit Individual / difficult to copy Accuracy Can lose smart cards (b) 3 Marks 1 mark example 2 marks for two problems Or 2 marks for two examples and one mark for problem Speech recognition systems E.g.Voice control in car navigation systems Security systems Control systems Problems Have to train computer to recognise voice which takes a long time Delays in getting commands recognised Natural language interfaces E.g. Giving instruction / asking question such as in expert systems Problems Users may speak different languages; local accents may not be recognised; some words sound the same – two, to, too: there, their, whether, weather punctuation has to be said e.g. user must say 'comma' which is not a natural way of talking. Use of sound makes high demands on memory and processor speed. Speech synthesis This is the computer speaking to the user e.g. giving out telephone numbers or telephone selection systems. Problems The sound is very flat Users complain of confusion and a lack of personal contact if your enquiry isn't on the list of options given or you don't know which option it is in. June 2006 1. The Human Computer Interface is an important part of an ICT system. Name four factors which must be taken into account when designing a good user interface. Explain why each factor is important. 4 × [2] Answer Any four of the following, discussed in detail: 4 x 2 Font size – readability, appropriate to level of user, avoid eye strain Consistency of signposting and pop up information – intuitive, learn faster On screen help – important if no outside help available when working Layout appropriate to task – faster to type in for expert or good example of differentiation between user expertise/ intended audience Clear navigation structure – saves time wasting, easier to work through Colour – blue/yellow good combination (green/red blindness), ability to customise Working With ICT June 2011 Question F. The introduction of a new ICT system can cause a number of changes in the workplace. Describe three of the changes which are likely to be a cause of stress to the staff and the worries each might bring. [6] Describe, using examples, two things that management could do to lessen any worries that the staff might have about the introduction of the new system. [4] Question H. A system analyst has just designed a new ICT system for an organisation. Discuss two of the different changeover strategies that the organisation could use for conversion to the new system. [6] After the new system is working, it will have to be maintained. Describe two different methods of system maintenance, illustrating each method with an appropriate distinct example. [6] Answer Question F. (a) (1 mark for statement of change and 1 mark for explanation of why) 3 x 2 • Job losses or fear of job losses (1) - new system may replace staff who performed manual processes e.g. filing, etc (1) • Having to learn new skills (1) /(Don’t know how to use system) - older staff may be stressed by appearing to look stupid in front of younger staff who have the skill (1) • Fear of change of organisational structure /Relocation (1) - loss of authority by being bypassed by younger staff or having to move location which could make the journey to work harder (1) • Change in work patterns (1) - split shifts or change of hours or night work, 24/7 • Change in internal procedures (1) - may make staff take on extra responsibilities for no extra money (1) • Health fears (1) - Concerned about the health risks of prolonged use of ICT equipment (1) • Big brother watching B)1 mark for brief description of the factor and 1 mark for further explanation or an example x 2 • Appropriate training/retraining – to ensure all staff understand the new system and wondering what to do. • Explanation of the advantages – so that staff can see how they will benefit by making the job easier/ more interesting / answer any queries • Spell out the implications of the new system (meetings)– to help stop rumours which give people stress / allow staff to express worries • Opportunity to learn new skills – enable staff to improve their job prospects • Involvement in the development of the new system – so that the staff can have a system which is straightforward to use. • Keeping social groups together / not disrupt working relationships – less stress / work together as a team Question H A)mark for the correct name and brief explanation for each strategy 1 mark for the benefit/advantage of the method 1 mark for a drawback/limitation/disadvantage of the method x 2 Direct changeover – stop using the old system one day and start using the new system the next day (1). Element of risk particularly if the hardware and software are cutting edge (1). If the system fails then it can be disastrous to the business (1). Requires fewer resources (people, money, equipment) and is simple, provided nothing goes wrong (1). Need more than easiest/quickest and not just cheapest Parallel changeover – Old ICT system is run alongside the new ICT system for a period of time until all the people involved with the new system are happy it is working correctly (1). Used to minimise the risk in introducing a new ICT system (1). Can compare results and be sure it is working properly (1) Disadvantages: lots of unnecessary work (as the work is being done twice) and is therefore expensive in people’s time (1). It also adds to the amount of planning needed for the implementation (1). Accept also: Phased conversion – a module at a time can be converted to the new system in phases until the whole system is transferred (1). Advantage that IT staff can deal with problems caused by a module before moving on to new modules (1). Disadvantage: is only suitable for systems consisting of separate modules (1). Pilot conversion – this method is ideal for large organisations that have lots of locations or branches where the new system can be used by one branch and then transferred to other branches over time (1). Advantage: implementation is on a much smaller and manageable scale (1). Disadvantage is that is takes longer to implement the system in all the branches (1). QWC B) Any two of the following methods: Perfective maintenance (1) – improving the performance of the software (1). Examples: Configuring the network management software to improve performance such as improving access times to data, speed at which reports are produced, etc. (1). Software may need to be modified to improve the user interface upon feedback from users who are finding it more difficult to use than it needs to be (1). Developing on-line tutorials and more help screens to help new staff learn the software (1). The software provider provides upgrades which will improve the performance of the software (1). Corrective maintenance (1) – bugs in the software which were not discovered during testing may need correcting (1). Example: A piece of software may crash when being used with another piece of software (1). A piece of software may crash when used with a particular item of hardware (1). Software may present a security risk which needs correcting (1). Problems with reports not being printed out properly (1) Adaptive maintenance (1) – software may need to be changed owing to the changing needs of the business or organisation (1). Example: Software may need altering so that it is more flexible in supplying the managers with information which was not envisaged at the time of development (1). Changes to values such as the percentage rate of VAT or changes to income tax rates will result in Changes to the software (1). The organisation expands so the software needs to be altered so it is able to cope with an increased number of users (1). Adapting the software to work with newly developed operating systems software or new hardware (1). A new virus threat/hacker threat means that the software will need to be adapted to protect against this (1) QWC January 2011 Question C. A large company has branches all over the UK and uses its ICT systems to manage customer records and all its financial dealings. The company’s Data Officer has written a security policy to protect the data held by the company. Describe the use of user accounts and logs as a way of ensuring the confidentiality of customer records. [2] Explain two other factors which the company should take into account when designing its security policy. [4] Question F. A hospital has a ‘code of conduct’ for all of its employees using ICT systems. Describe what is meant by a ‘code of conduct’ and describe four guidelines it should contain. [6] Explain how the hospital management can enforce the code of conduct. [2] Answer Question F. Max 2 marks for definition An employee code of conduct consists of rules/agreement (1) drawn up by the senior management or their advisors that set out what an employee is/is not allowed to do in the course of their employment. (1) It also details the sanctions which will be applied should the employee not obey the rules. (1). ( 2 out of 3) Description of any 4 from: – List gets 1 mark Responsibilities Respecting rights of others Abiding by current legislation Protecting hardware and software from malicious damage Complying with licensing agreements Authorisation – what parts of the system they can use Permissions on data access Security defining rules about password disclosure, data transfer rules and personal use of emails and the Internet Consequences of breaking the code June 2010 4. Having investigated and analysed a system, a systems analyst will then have to consider which changeover strategy he is going to suggest for the implementation. (a) Describe and evaluate two alternative changeover strategies the analyst could use. [6] (b) Over time, users may become dissatisfied with their ICT system. Discuss why this might be the case. [4] 7. ICT systems have an effect in the workplace. (a) Describe three possible health issues which could have occurred with the introduction of ICT systems and the actions that an organisation should take to prevent them. [3×2] (b) Describe in detail the impact ICT systems could have upon jobs and work patterns. Illustrate your answers with three distinctly different examples. [6] Answer 4. (a) One mark for the correct name and correct brief explanation for each strategy One mark for an advantage and one mark for a disadvantage of each method 2 Direct changeover – stop using the old system one day and start using the new system the next day (1). Disadvantage - Element of risk particularly if the hardware and software are cutting edge (1). If the system fails then it can be disastrous to the business (1). Advantage - Requires fewer resources (people, money, equipment) and is simple, provided nothing goes wrong (1). Parallel changeover – Old ICT system is run alongside the new ICT system for a period of time until all the people involved with the new system are happy it is working correctly (1) Advantage - Used to minimise the risk in introducing a new ICT system (1). The old system is then abandoned and all the work is done entirely on the new system (1). Disadvantage - Lots of unnecessary work (as the work is being done twice) and is therefore expensive in people’s time (1). It also adds to the amount of planning needed for the implementation (1). Phased conversion – A module at a time can be converted to the new system in phases until the whole system is transferred (1). Advantage - IT staff can deal with problems caused by a module before moving on to new modules (1). Disadvantage - Is only suitable for systems consisting of separate modules (1). Pilot conversion – This method is ideal for large organisations that have lots of locations or branches where the new system can be used by one branch and then transferred to other branches over time (1). Advantage - Implementation is on a much smaller and manageable scale (1). Disadvantage - Takes longer to implement the system in all the branches (1). 7. (a) 1 mark for the Issue and 1 mark for the Prevention RSI (repetitive strain injury) / (CTS) Carpal Tunnel Syndrome caused by prolonged working at computers or computer games Ergonomic keyboards / wrist and foot supports / correct chair positioning Eye Strain or epileptic fits Non flickering screens / Screen filters to remove glare / correct lighting in the room / Take regular breaks from looking at the screen Back problems Adjustable chairs foot supports / tilting screens / take regular breaks and walk around the room Stress from having to learn the system Better training Ozone irritation from laser printers Locate personal laser printer 1 metre away from user Radiation affects embryos leading to miscarriages Screen filters Use of Wi-fi Only switch on when needed / any reasonable answer 7. (b) 1 mark for each named example 1 mark for further description x 3 • Teleworking – working from home using computer networks saves on transport cost, time, etc. • Video conferencing – allows remote meetings • Condone re-location – ICT has allowed companies to centralise forcing people to move • Lost jobs – unskilled manual jobs such as filing clerks. Call Centres replacing bank clerks / Call Centres have caused many people to lose jobs as they have been moved abroad where labour is cheaper leading to ICT 'sweat shops'. • New skills required / retraining – acquire skills to use databases, spreadsheets, emails, programming, etc. • New jobs – systems analysts, programmers, data clerk • Collaborative working – working together on same electronic document 4. (b) One mark for each point up to a max of four. Example answers include: • The full range of user requirements has not been met, so the system does not live up to user expectations. • Change in business needs means system cannot deal with new demands placed on it. • Failure to supply users with the information they require. • User interface causes many user problems with increased help-desk use. • Problems with the software or system crashing owing to lack of rigorous testing. • Network performance or speed of access to stored data becomes unacceptable as more users are added to the system. • Modifications to the system are needed regularly and the system needs replacement with a new one. • Too much time is spent updating to the new system. • The cost of user support is too high. • There are security breaches which were not envisaged when the system was first developed. • Speed – hard drive filling up – demands of software • Fashion – hardware satisfaction • Compatibility issues using newer versions of software January 2010 7. Some employees can misuse an organisation’s ICT facilities. (a) Many organisations have a code of conduct to deter their employees from misusing their ICT facilities. Describe what a code of conduct is and describe three things it should contain. [5] (b) Describe three ways in which an employee can misuse the organisation’s ICT facilities and give two possible penalties for misuse. [5] Answers 7(a) Max 2 marks for definition An employee code of conduct consists of rules (1) drawn up by the senior management or their advisors that set out what an employee is/is not allowed to do in the course of their employment. (1) (It also details the sanctions which will be applied should the employee not obey the rules. (1)) Description of any 3 from: Responsibilities Respecting rights of others Abiding by current legislation Protecting hardware and software from malicious damage Complying with licensing agreements Authorisation – what parts of the system they can use Permissions on data access Security defining rules about password disclosure, data transfer rules and personal use of emails and the Internet Consequences of breaking the code 7(b) Description of any 3 from: • Introduction of viruses – by downloading games, not scanning portable media, not keeping virus scanners up-to-date, etc. • Misuse by employees of the ICT facilities, e.g. using telecommunications for own purposes (e.g. phone calls, e-mail, videoconferencing, etc.) and using printers for personal use. • Distribution of material that is racially or sexually offensive – for example, sending offensive jokes by e-mail or text messages, circulating offensive images over the organisation’s network, etc. • Misuse of data for illicit purposes – for example, using e-mails and text messaging to bully someone at work or school/college. • Using data to set up own business, etc. • Blackmail, computer fraud or selling to other organisations. • Violating terms of copyright or software agreements thus causing the company to face legal action from software suppliers or other affected organisations. • Taking data from the system and not protecting it, e.g. losing laptop Any 2 from: • informal (verbal) warnings • written warnings • dismissal • prosecution June 2009 3. A County Council has decided to introduce a code of a conduct for all its ICT users. Describe three problems which might have prompted this decision and suggest suitable guidelines which could be included in the code of conduct, to avoid such problems in the future. 5. A national building society wants to ensure that its financial systems are secure against fraud, as they are used to transfer money and financial information. Other than needing a code of conduct, describe four factors that should be included in an ICT security policy for this company. [8] Answers 3. Any three possible problems & appropriate solutions: Problems • Introduction of viruses / own disks • Personal use of equipment, software or Internet • Running up phone bills • Personal email • Distribution of racial or sexual materials • Fraud • Swapping identities (theft or given) • Abusive emails • Slowing down of network • Games playing • Illegal use of software Not looking after logon/password Using data for personal use Solutions • Responsibilities • Respecting rights of others • Warning about monitoring • Abiding by current legislation • Protecting hardware and software from malicious damage • Complying with licensing agreements • Authorisation • Permissions on data access • Security defining rules • Rules about personal use 5. Four points well argued 4x2 Physical security – Locking the building/rooms where the computers are kept, making sure that if it is a wireless network appropriate security is used. Prevention of misuse – firewalls to prevent hacking, appropriate username and passwords. Audit trails for detection, so that access can be traced and to see who has done what. Continuous investigation of irregularities – always checking logs looking for anything out of the ordinary. System Access – establishing procedures for accessing data such as log on procedures, firewalls. Personnel administration – vetting, etc. Operational procedures including disaster recovery planning and dealing with threats from viruses. Disciplinary procedure June 2007 7. An organisation has introduced new ICT systems. These new systems have had a great impact upon employment opportunities and the way in which people work within the organisation. (a) Discuss three potential health issues which might occur with the introduction of these new ICT systems and describe measures the organisation could take to prevent them. (b) Discuss in detail the impact these new ICT systems could have upon jobs and work patterns. Illustrate your answers with three distinctly different examples in each case. (c) Employees must be aware of both legal and moral issues relating to the use of ICT systems. Explain the differences between legal and moral issues with respect to codes of conduct of employees in the organisation. Illustrate your answers with three distinctly different examples. Quality of Written Communication [2] Answers (b) 1 mark for each named example 1 mark for further description Teleworking – working from home using computer networks saves on transport cost time etc.. Video conferencing – allows remote meetings Lost jobs – unskilled manual jobs such as filing clerks. Call centres replacing bank clerks Call centres have caused many people to lose jobs as they have been moved abroad where labour is cheaper leading to ICT 'sweat shops'. New skills required / retraining – acquire skills to use databases spreadsheets emails, programming etc. New jobs – systems analysts, programmers. (c) 1 mark for discussion /identification of the law 1 mark for identification and example of a moral issues raised (i) DISINFORMATION Not supplying customers with up to date and relevant information/ concealment of information Estate Agent Legal Issues Properties Act covers legal conveyancing Moral example A property developer not telling his client the property has subsidence problems or a violent history Hardware and software sales; Legal Issues Trades Descriptions Act covers suitability of purpose Moral example Not fully informing potential customers or clients of all available facts concerning products or services Prohibit salespersons from selling hardware and software soon to become obsolete Ensure salesmen do not pressurise unwilling customers to accept loyalty cards. (ii) PRIVACY Informing data subjects of their legal rights and the processes for complying with those rights Legal Issues Data Protection Act Moral example An employee using company data to create mailing lists for his own private business Monitoring company emails. Electronic monitoring systems can be used to track emails. A systems technician might open other people's emails to detect misuse or simple to be nosey. (iii) EQUITY Information poor and information rich societies. Legal Issues Patent laws /Trade laws Moral Example Ownership and access to information can often determine which organisations will be successful and which will fail. As these technologies have to be paid for the richer organisations can afford the technology whilst poorer organisation cannot. Consequentially, the rich organisations get richer and the poorer ones get relatively poorer and the gap between them gets greater, e.g. subsidising food production in Europe or putting taxes on imports to prevent the poorer countries obtaining access to richer markets. (iv) INTELLECTUAL PROPERTY RIGHTS Ownership rights to data. Legal Issues Copyright Laws / Patent laws prevent copying Moral examples If you put an idea on the Internet do you own it? If you see a design on the Internet can you sell that design to a company? If you scan in the text of the book and put it on the Internet for all to be freely read; are you breaking the law? Can you sue someone in another continent who sells you a report on you which is full of factual errors? Quality of Communication – 2 marks ICT Security Policies Questions June 2011 Question G. Describe in detail two of the factors an organisation needs to consider when producing a risk analysis. [4] Answer: 1 mark for brief description of the factor and 1 mark for further explanation or an example x 2 • Identify potential risks - e.g. viruses / fire / natural damage / hacking / systems failure / fraud, etc • Likelihood of risk occurring - some things such as power cut are inevitable but explosions much less likely - senior managers have to assess the likelihood of each risk occurring and put in the necessary security • Short and long term consequences of threat - resources (staff equipment, etc) need to be directed towards recovering the data / may have to pay compensation / financial loss due to loss of business through not being able to take orders / embarrassment/ prosecution / loss of integrity / bankruptcy / cost of replacing equipment • How well equipped is the company to deal with the threat (What procedures are in place) has to be reviewed periodically because of changing needs - disaster recovery programme – backup strategy NB Should not be talking about H & S January 2011 Question H. A large travel agency has concerns about losing data. They are reviewing their disaster recovery procedures. Explain with reasons four factors which should be included in a disaster recovery plan. [8] Answers 6-8 marks Candidates give a clear, coherent answer explaining four factors with reasons. They use appropriate terminology and accurate spelling, punctuation and grammar. 3-5 marks Candidates explain briefly and may give reasons but responses lack clarity. There are a few errors in spelling, punctuation and grammar 1-2 marks Candidates simply make brief points and may give a reason. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No valid response. Make 2 points about each factor x4 The plan will usually cover the following: Cost Set up a budget for it What backup medium should be used? Tape or disc/ Raid systems depending upon the speed or money available to recover the data Hardware can be replaced how much money have they got Software can be re-installed. (or de-bugged by the programming department). Risk What problems could occur? Likelihood of them occurring e.g. are they going to get an earthquake in UK On site or off site depending upon costs and the likelihood of the risk occurring and the criticality of the data. Data No business can afford to lose its data. Backups of all data should be regularly made. This means that the worst case scenario is that the business has to go back to the situation of the last backup and carry on from there. Backups may take a Long time – often tape-streamed at night. Hardware/Software/Communications The total or partial loss of computing equipment or software The complete or partial loss of telecommunications equipment or services The complete or partial loss of the premises housing the IT equipment. The loss of essential services such as electricity, heating or air conditioning Alternative communication /computer systems may be arranged in case a network goes down or alternative power supply. Personnel, Responsibilities and Training The loss of certain key employees (e.g., losing all the qualified network staff in one go due to them choosing to form their own facilities organisation) The loss of maintenance or support Make one person responsible for backups so people don’t think others are doing it and it does not get done or do they use online backup companies or both! Screening potential employees Routines for distributing updated virus information and virus scanning procedures Define procedures for downloading from the Internet, use of floppy discs, personal backup procedures Define staff code of conduct for using computer systems e.g. no abusive emails. No illicit use etc. What response should staff make when the disaster occurs Procedures Produce procedures for minimising the risks Test the plan on a regular basis to make sure it still sufficient Establish physical protection system (firewalls etc.) Establish security rights for file access and updating web pages Establish a disaster recovery programme. This starts with a backup policy to secure the data so it can be recovered later e.g. backup procedures required. How often should backups be taken? Restoration policy backup every day/hour and rotate tapes to ensure there is always a copy to restore files What type of backup? Where the backup is to be stored? Decide upon types of backup full, incremental or differential depending upon how many items of data are changed Set up auditing procedures (Audit trails) to detect misuse Premises relocation June 2010 6. A Health Authority is very dependent on their ICT system for administration. The Health Authority is undertaking a risk analysis. (a) Describe in detail two of the factors the Health Authority should take into account when deciding how to develop, control and minimise the risk to data. [2×2] (b) Identify a problem that could arise if steps are not taken to minimise the risk, discuss its possible impact and describe in detail a suitable strategy to overcome it. [4] 9. Most organisations now have ICT security policies. (a) Discuss in detail the potential threats to data and the possible consequences of accidental or deliberate destruction of data. Illustrate your answer with distinctly different examples in each case. [9] (b) Discuss four methods which could be used to prevent the deliberate destruction or misuse of data. [4×2] Answers 6. (a) 1 mark for each factor and 1 for each further explanation Context must relate to a Health Authority • Identify potential threats / who has access • What is the likelihood of risk occurring / value of data to other people / location • Short and long term consequences of the threat / loss of data • How well equipped is the health authority to deal with the threat • How much money the health authority has 6. (b) Problem (1) expansion in context of impact (consequence) (1) strategy (1) expansion in context (1) Example Problem: Staff unaware of who actually is in their buildings (1 mark) this could be very dangerous if there is a fire or looking for an at risk patient, etc. (2nd mark for more detail) Strategy: Have a backup system on paper or off site (1 mark) which staff could have emergency access to, to look up information. (2nd mark more detail). Other strategies: set up a disaster recovery system, employ a RAID system. Hackers getting in – firewalls as prevention. 9. (a) One mark explanation per relevant point, up to nine: Answers must be sentences and not a list. Consequences must match threats. List of threats 1 mark. List of consequences 1 mark. Threats • Terrorism • Natural disasters • Sabotage • Fire • Theft • Poor training (condone) Note: Hacking and viruses are not a threat in themselves. Insert a virus to deliberately destroy data is sabotage. Hacking to take data is theft. Consequences • Loss of business and income • Loss of reputation • Legal action • Costs of recovering data (Not just data loss) Note - must cover at least two ‘threats’ and two ‘consequences’ for maximum marks. 9. (b) Any four methods, discussed in appropriate detail: Methods for controlling access to computer rooms Methods of securing integrity of transmitted data Methods including private and public keys Call back procedures for remote access Establish firewalls Use virus scanners Proxy servers Password systems Methods to define security status and access rights for users Methods for physical protection of hardware and software Security of document filing systems Condone backup held off-site Note - no credit for simply ‘backup’ January 2010 8. Describe the factors an organisation needs to consider when producing a risk analysis. Answers 8 Most organisations have a corporate information technology security review which looks at the computer processed information with a view to identifying the risks of unavailability, errors and omissions, abuse, unauthorised disclosure and to determining their potential implications. Each risk will need to be examined from the point of view of the security and the loss assessed and its likely occurrence. The aim is to identify those systems crucial to the organisation and to look at the possible consequences of loss of such systems. Organisations will need to look at how well they are equipped to deal with potential threats and how much they are prepared to spend to minimise the risk. One mark for a list of four key points. June 2009 4. A large college has invested heavily in their ICT system for administration. The college is undertaking a risk analysis. (a) Describe in detail two of the factors the college should take into account when deciding how to develop, control and minimise the risk to data. [4] (b) Identify a problem that could arise if steps are not taken to minimise the risk, discuss its possible impact and describe in detail a suitable strategy to overcome it. [4] Answers 4.(a) 1 mark for each factor and 1 for each further explanation • Identify potential threats • Likelihood of risk occurring • Short and long term consequences of the threat • How well equipped is the college to deal with the threat • How much money the college has (b) Example Problem: Staff unaware of who actually is in college (1 mark) this could be very dangerous if there is a fire or looking for an at risk pupil, etc. (2nd mark for more detail) Steps: Have a backup system (1 mark) which staff could have emergency access to lookup information. (2nd mark more detail). Other points: set up a disaster recovery system, employ a RAID system June 2006 6. Most organisations now have ICT security policies. (a) Discuss in detail the potential threats to data and the possible consequences of accidental or deliberate destruction of data. Illustrate your answer with distinctly different examples in each case. [10] (b) Discuss four methods which could be used to prevent the deliberate destruction or misuse of data. 4 × [2] Quality of Written Communication [2] Answers 6 (a) One mark per relevant point, up to ten: 10 x 1 Threats Terrorism Natural disasters Sabotage Fire Theft Poor training (accept, but not condone) Consequences Loss of business and income Loss of reputation Legal action (Not just data loss) Note - must cover at least two points from ‘threats’ and ‘consequences’ for maximum 6 (b) Any four methods, discussed in appropriate detail: 4 x 2 Methods for controlling access to computer rooms Methods of securing integrity of transmitted data e.g. encryption Methods including private and public keys. Call back procedures for remote access Establish firewalls Use virus scanners Proxy servers Password systems Methods to define security status and access rights for users Methods for physical protection of hardware and software Security of document filing systems Note – no credit for simply ‘backup’. Quality of Communication – award marks using the following criteria: straightforward ideas expressed clearly, if not always fluently. Sentences and paragraphs may not always be well connected. Arguments may sometimes stray from the point or be weakly presented. There may be some errors of grammar, punctuation and spelling, but not such as to suggest a weakness in these areas – 1 mark; moderately complex ideas expressed very clearly and fluently. Sentences and paragraphs will follow on from each other smoothly and logically. Arguments will be consistently relevant and well structured. There will be few, if any, errors of grammar, punctuation and spelling – 2 marks. Database System Questions June 2011 Question J. A public library in a large town uses a relational database for their book lending system. When a borrower takes out a book, the loan is recorded. Relational databases hold the data in a number of tables. In this library system there is a table for Borrower, which is partially shown below: BORROWER [BorrowerID, Surname, Firstname, ....] where BorrowerID is the primary key. Explain what is meant by a primary key and a foreign key. [2] Give two other suitable tables, you would expect to see in this library loan system, identifying any primary or foreign keys. [7] Give three reasons why relational databases are more secure than the flat file approach. [3] The Council’s library service uses a data warehouse to hold details about all library loans throughout its area. Holding this large central store of data allows the library staff to use data mining. Describe what is meant by a data warehouse and explain the advantages it might give the library service. [3] Explain what is meant by data mining and give an example of how the library staff might use it. [3] Answers A primary key is unique and used to identify a record/table. / and other fields depend on it A foreign key is a field of one table which is also the primary key of another table / used to establish relationships/links between tables. 2 x (1 mark table name, 1 mark for primary key field, 1 mark for foreign key) and 1 mark for 2 other fields in each table BOOK [BookNo, Title, Author, Genre, ISBN, etc] LOAN [LoanID, BorrowerID#, BookNo#, StartDate, Length, etc] Where underlined are primary keys and # are foreign keys If candidates have produced a fully working real solution using more than three tables full marks can still be awarded. Hierarchy of passwords -- passwords to see separate parts Storage of data separate to programs Access rights to parts of the program. Large, Archive and used for Decision Making – Look for two of these three (1 mark) Data warehouse refers to large amounts of data which are stored together, usually in a single location, for further processing (a huge database specifically structured for information access and reporting) (1) or A database used to store an organisation’s historical data which is used by a MIS to extract information to help managers make decisions. (1) Advantages Allows the council to store information about every book. (1) Allows the council to see who has borrowed books and when. (1) Can use it to plan future changes or developments in their library system. (1) Allows the library system to use data mining. (1) Speeds up searching at the local library. (1) Allows the library to find the most popular book and buy more (1) Issues • Deliberately setting up websites containing incorrect information – people may rely on and use this information thinking it is correct. • Bullying – in chat rooms, by e-mail, in blogs, by text message is a problem especially for the young. • Inappropriate websites – people are able to view inappropriate material such as pornography, racism, violent videos, how to make explosives, etc. • Using e-mail to give bad news (e.g. redundancy, demotion, firing, etc.) when explaining faceto- face would have been better. • Spreading rumours – it is easy to spread rumours using the Internet. You only have to tell a few people in a chat room and the rumour will soon spread. Normally, if someone started a rumour that was untrue and it caused another person distress, then the person starting the rumour could be sued. When rumours are started over the Internet it is difficult to identify the person responsible. • Plagiarism – copying material without attributing or referencing the source of the information. This could also involve using websites which sell essays or coursework. • Sending spam (i.e., the same advertising e-mail to millions of people) – people waste time deleting spam if the spam filter allows it through. • Companies monitoring staff use of the Internet and e-mail. Some organisations will even read personal e-mails. • Using someone’s wireless Internet connection without permission. • Sometimes it is possible to connect to the Internet using an open network. The net result of using the network is to slow the network down for legitimate users. • Mobile phone stalking. • Using photo editing software to distort reality – by using photo/video editing software you can distort reality and you can no longer believe what you see in video, TV, newspapers, magazines and on websites. • Censorship Invasion of privacy by governments. • Privacy issues – social networking sites, e-commerce sites, Internet service provider records, e-mail monitoring at work, etc., all erode a user’s privacy. • Gambling addiction – gambling can cause many social problems and it is on the rise with the ease with which bets can be made using the Internet. • Addiction to computer games – many children spend hours playing computer games and their social skills and schoolwork can suffer as a result. Have and have nots – Digital divide Closing down of local stores Example answers Censorship • No-one owns the Internet. It is international. Material which would be illegal if published in hard copy form is freely available on the Internet e.g. racist propaganda, bomb making instructions, pornography. Some say the Internet should be censored but who will do the censoring and how can centralised control be implemented. • If you ban sites will they become more appealing so people will search for them more avidly. January 2011 Question J. Relational databases are becoming increasingly important to all organisations that handle data. Explain what is meant by each of the following terms: data consistency, data redundancy, data integrity, data independence. [4] A village sports club uses a database management system to operate a membership and fixture system. Members normally register for more than one sport. Fixtures against other villages are arranged in a wide variety of sports involving a large number of teams. One table in this database could be: SPORT[Sportid, Sport name, Home venue] with Sportid being the primary key. Give two other suitable tables you could expect to see in this database, identifying any primary or foreign keys. [8] A commercial company uses a data warehouse to hold details about customers and their purchases. Describe what a data warehouse is and explain the advantages it gives this company.[5] Explain what is meant by data mining and give an example of how the company might use it. Answers Data consistency is the relationship between the input data, the processed data and the output data as well as other related data. If the system is working properly the data will be correct at each stage and is said to be consistent. OR Data consistency is using one file to hold a central pool of data. A company may hold all its customer data in one file. This avoids the need to input data twice so that if data is changed in one file it won’t need to be changed in another and remains consistent. OR Data being inconsistent in a flat file due to possibility of different formats etc and being consistent in a RDBMS as each record is only stored once so cannot have different attributes Data redundancy is where you store an item of data more than once/ A company may hold its data in different files. This is wasteful because some data may need to be input twice and if data is changed in one it will need to be changed in the other. / Data which is repeated unnecessarily is called redundant data. Data integrity – the correctness of the data. Truthful, Accuracy Data independence – the data and the applications/programs used to access it are independent/separate. / New applications can be developed to access the data without changing the data./ New systems can still use existing data. Example of possible tables MEMBERS [memberid, name, email, phone, DOB etc] FIXTURES [fixtureid, date, home/away, sportid#, memberid#] Underline = primary, # = foreign 1 mark per table name 1 mark per foreign key 1 mark per primary key 1 mark per extra 2 fields per table Large, Archive and used for Decision Making – Look for 2 of these 3 Data warehouse refers to large amounts of data which are stored together (1), usually in a single location, for further processing ( a huge database specifically structured for information access and reporting) (1) or A database used to store an organization’s historical data (1) which is used by a MIS to extract information to help managers make decisions. (1) Alternate second halves • stored in a consistent order • to make interrogation more productive. • Data is non-volatile and time invariant (archive data). • Used to support organisational decision making. Advantages Can be mined It allows the company to store all the details of what it has sold to every customer. The company can see who uses a loyalty card and exactly what they have bought and what method they used to pay for it. Can compare information like the sickness data from different stores. Storing all this historical data better equips managers to make their decisions. NOT JUST MAKING BETTER DECISIONS/MORE INFORMED DECISIONS -MUST SAY WHY OR EXTENSION June 2010 10. (a) A hospital uses a relational database management system for storing patient records. Staff and patients are allocated to wards. (i) Explain what is meant by the term data normalisation. [2] (ii) One table in this database could be STAFF (Staff Id, Name, Contact no, Ward no) With Staff Id being the primary key and Ward no the foreign key. Give two other suitable tables you could expect to see in this database, identifying any primary or foreign keys. [6] (iii) Explain why relational databases are more secure than a flat file approach for storing patient records. [2] (b) Most Health authorities now use distributed databases. Explain what is meant by the term distributed database and discuss their advantages and disadvantages. [7] Answers: 10. (a) (i) Suitable definition of data normalisation, such as: A staged (mathematical) process (1) which removes repeated groups of data and inconsistencies. (1) Or Simplifying data structures (1) so that attributes in each table only relate to the entity. 10. (a) (ii) WARD( Ward no, NumberOfBeds, StaffId) PATIENT ( Patient no, Name, illness, admission date, consultant, address, contact, Ward no) Marking – award one mark for each table name, one mark for each primary key field, one mark for both foreign keys and one mark for two other relevant fields. 10. (a) (iii) Explanation involving any two relevant reasons: Hierarchy of passwords Storage of data separate to programs Access rights to parts of the program 10. (b) 2 marks for definition and 5 for advantages/disadvantages (Must to have at least two of each) A distributed database is a single database that is under the control of a DBMS where the storage devices are not all attached to a common processor. Instead the data is stored in storage devices attached to multiple computers usually located across a network. Or A distributed database has data stored on a number of computers at different locations but appears as one logical database. Advantages: • Faster response to user queries of the database • Non-dependence on one central huge store of data • Easy to backup and copy data from one server to another • If one server fails then the other servers can be used • Reduces network traffic as local queries can be performed using the data on the local server. Disadvantages: • Heavy reliance on networks and communications which may not always be reliable • Security issues particularly if sensitive personal data is being transferred • If one of the links to a server failed then the data could not be obtained from that server • Increased costs owing to the use of expensive communication lines • Greater chance of data inconsistency • Harder to control the security of data spread in many different locations. January 2010 11. A mail order company uses a relational database management system for storing details of orders. Stock and customers are allocated to orders. (a) Explain what is meant by a relational database. [2] (b) One table in this database could be STOCK [StockID, Stock name, Price, Size, ManufacturerID] With StockID being the primary key and ManufacturerID the foreign key. Give two other suitable tables you could expect to see in this database, identifying any primary or foreign keys. [5] (c) The company uses a data warehouse to hold details about customers and their transactions. Explain how the data warehouse and data mining could be useful to a mail order company. [4] (d) Describe the advantages of a relational database approach over a flat-file approach in relation to data redundancy, data integrity and data consistency. [6] 11(a) Suitable definition of a relational database, such as: A large collection of data items and links between them (1) structured in such a way that it allows it to be accessed by a number of different applications programs (1) a group of tables linked together by primary and foreign keys (1). 11(b) Award one mark for each table name, One mark for each primary key field, One mark for two sensible foreign keys. Example of one possible full mark answer: CUSTOMER (CustomerID, Name, contact no, address1, address2, etc.) ORDERS (OrderID, Date, StockID, CustomerID) 11(c) Data Warehousing (any two points) The mail order company generates huge quantities of data stored in a consistent order to make interrogation more productive. Data is non-volatile and time invariant (archive data). Used to support organisational decision making. Data Mining (any two points) Is interrogating the data It is a speculative process / investigates potential patterns Presumption is that dormant within the data are undiscovered patterns / groupings/ sequences / associations. Software uses complex algorithms to search for patterns. Returned information can be tested for plausibility. Data if of value can be processed into a report to help decision making. Could allow company to find a previously unknown relationship between regions of the country and food preferences and they can then target special promotions. 11(d) Two marks for each description One mark for definition and second mark for expansion or example. (x 3) Data redundancy It refers to the unnecessary duplication of data. In a flat-file database details about such information as customer details will be duplicated. In a well designed relational database there should be no ‘repeating attributes', no piece of data should be unnecessarily repeated. Data integrity The integrity of data is the correctness, i.e. the extent to which it truthfully represents the original information. One of the problems of maintaining integrity arises when updating occurs, and every record has to be changed in a flat-file database, if one record was left unchanged the data would no longer be wholly correct. In a relational database you only have to change data in one table and all other references in any other table will automatically be changed. Data consistency When data is held in more than one file it should be stored in a consistent way. A date field could be stored in file as a text field but in another field as a date/time field and the data would be incompatible. In a relational database because the attributes of any one entity are contained within one file, there is no risk of the same attribute being stored in a different format in a different file (Spelling mistakes in names) June 2009 7. (a) A school uses a relational database management system for storing pupil subject choices. A pupil may take many subjects taught by many teachers. (i) Explain what is meant by a relational database. [2] (ii) One table in this database could be: TEACHER (Teacher Code, Name, Room) with Teacher Code being the primary key. Give two other suitable tables you could expect to see in this database, identifying any primary and foreign keys. [8] (iii) Explain why relational databases are more secure than a flat file approach for storing subject choices. [2] (b) (i) Explain, using a suitable example, what is meant by a distributed database. (ii) Hospitals use distributed medical databases. Describe the problems that could arise when using such distributed medical databases. [4] Quality of Written Communication. [2] Answers: 7. (a) (i) Suitable definition of a relational database, such as A large collection of data items and links (1) between them, structured in such a way that it allows it to be accessed by a number of different applications programs. (1) (mention of tables and relationships and different views) (ii) PUPIL [Pupil Code, Name, Form, DOB, Gender] 1 for suitable table name 1 for suitable primary key field and 1 for other 2 suitable fields SUBJECT (Subject Code, Pupil Code, Teacher Code, Time, Day, Room) 1 for suitable table name 1 for suitable primary key field 1 for Pupil Code as foreign field 1 for Teacher Code as foreign field and 1 for other 2 suitable fields Or other suitable structure marked with similar rules. (iii) Any two relevant reasons: 2 x 1 Hierarchy of passwords Storage of data separate to programs Access rights to parts of the program (b) (i) A distributed database is a collection of (different) interrelated databases spread over a network. Some computers on the network each hold part of the data and cooperate in making it available to the user. A hotel chain might use distributed databases to store details of reservations. Each hotel stores its own reservations on a local computer. (ii) Look for four separate points or two very well argued points for maximum marks: 4 x 1 or 2 x 2 (second mark could be for relating the answer to medical databases) More complex hence more expensive to install and maintain Increased security risk from transfer If one location fails might hinder others Could get data inconsistency Quality of Written Communication June 2008 6. (a) A large medical practice uses a relational database management system for storing patient records and running their appointment systems. The practice has several doctors and many patients. Each patient can make one or more appointments with a doctor. The practice receptionist records which patient has made an appointment with which doctor and the time and date of the appointment. (b) (i) Explain what is meant by the term relational database. [2] (ii) One table in this database could be DOCTOR (Doctor Code, Name, Room, Tel Num) Give two other suitable tables you could expect to see in this database, identifying any primary or foreign keys. [6] (c) Distributed databases are now widely used. (i) Explain what is meant by the term distributed database and discuss their advantages and disadvantages in general terms. [6] (ii) Research is ongoing on the use of Electronic Patient Records (EPR). Discuss the specific benefits that the EPR system would bring to medicine and the main concern about its use. [4] Answer 6.(a) A relational database is a large collection of data items and links between them structured in such a way that allows it to be accessed by a number of different application programs. (2nd mark) or use of primary and foreign keys. Accept underline or asterisk as indication of key field and over line as an indication of foreign keys. (b) PATIENT (Patient Code, Name, Address, DOB, Gender) 1 for suitable table name 1 for suitable primary key field APPOINTMENT(Appointment Code, Patient Code, Doctor Code, Time, Date, Room) 1 for suitable table name 1 for suitable primary key field 1 for Patient Code as foreign field 1 for Doctor Code as foreign field (c(i) Distributed databases are different databases stored at different locations but linked together so they appear to be one large database. 1 mark per point (max 6) (at least 1 of each to get 6) Advantages • Data used locally can be stored locally and network traffic kept to a minimum • If data lost on central site it could be reduplicated from local site • Allows sharing of the data and the results of processing the data • New locations can be added to the database without the need for rewriting the entire database Disadvantages • Software more complex than a centralised database system • Because data is transferred it presents more of a security risk by hackers • As all the data is not stored in one location if a local site does not have adequate backup then this data might be lost to others. • If data is stored and updated in more than one place there is an increased chance of data inconsistency. (ii) Any 3 benefits at a mark each and 1 concern If you were taken into any hospital anywhere in Britain they could call up your notes and see if you are, for example, on any medication at the moment. This can only lead to better diagnosis of patient’s problems and improve the chances of survival. The computerising of the patient records would also create a huge database of all the people in Britain. This could also allow an epidemiological investigation to take place. People’s records could be compared to see what treatment worked and what other factors there may have been for some complex illness. Trends could be spotted at their early stage and remedial action taken to stop them quickly. This information would be available no matter where the hospital was or what the condition of it is. A database such as this can also be seen as a step towards a national identity programme where to get treatment one would have to have proof of nationality and proof of residence in this country. You would have to exist on the database before you could be dealt with. Immigrants, legal or otherwise would have to prove their adherence to these rules. The main concern is big brother watching you or the danger of someone getting your data (hacking) and misusing it. June 2007 5. A college keeps details of students, staff and courses in a file. Part of this file is shown below. The data in this file is not normalised. (a) Using data from the above file to illustrate your answer, describe two different problems associated with data not being normalised. (b) The above data can be re-organised into a normalised relational database with tables linked using primary and foreign keys. Re-organise this data into a normalised relational database using two tables. You should clearly indicate the table names and any primary or foreign keys that you use. Answers 5. (a) 1 mark for disadvantage and 1 mark for example x 2 4 Marks Data is duplicated causing unnecessary waste of storage space. Example - the lecturer name H Smith' is repeatedly stored in the above data. Data inconsistency - if data is stored more than once there may be differences [egg in spelling] or transcription errors. Example J Evans might be mistyped as 'J Evins' or the course code 186 might be mistyped as 816. The computer will not know which one is correct. 5. (b) 1 mark for table x 2 5 Marks 1 mark for primary key x 2 1 mark for foreign key in other table Primary and foreign keys must be clearly identified Examples could be; Student [Student No, Student Name, Date of birth, Gender, Course No#] Course [Course No, Course Name, Lecturer No#, Lecturer Name] June 2006 7. (a) A hospital uses a relational database management system for storing patient records. Staff and patients are allocated to wards. (i) Explain what is meant by a relational database. [2] (ii) One table in this database could be WARD (WardId, NumofBeds, StaffId ) with WardId being the primary key and StaffId the foreign key. Give two other suitable tables you could expect to see in this database, identifying any primary or foreign keys. [6] (iii) Explain why relational databases are more secure than a flat file approach for storing patient records. [2] (b) Hospitals use distributed medical databases. Describe the problems that could arise when using such distributed medical databases. [4] (c) The use of video conferencing has now become important in the Health Service. With reference to appropriate examples, discuss two uses of video conferencing in the Health Service. [4] Quality of Written Communication [2] Answers: 7 (a) (i) Suitable definition of a relational database, such as 2 A large collection of data items and links between them, structured in such a way that it allows it to be accessed by a number of different applications programs. 7 (a) (ii) STAFF ( Staff no, Name , expertise, pager no, contact no, Ward no) PATIENT ( Patient no, Name, illness, admission date, consultant, address, contact, Ward no) Marking – award one mark for each table name, 1 mark for each key field, 1 mark for both foreign keys and 1 mark for two other relevant fields. 7 (a) (iii) Any two relevant reasons: 2 x 1 Hierarchy of passwords Storage of data separate to programs Access rights to parts of the program 7 (b) Look for four separate points or two very well argued points for maximum marks: 4 x 1 or 2 x 2 More complex hence more expensive to install and maintain Increased security risk from transfer If one location fails might hinder others Could get data inconsistency 7 (c) Any two reasonable uses, discussed in appropriate detail, such as: 2 x 2 Regional meetings Consultation at a distance e.g. skin cases referred to experts Management of change Questions Textbook Question An old established company has been bought and the new managers want to increase the profitability of the business by using the latest ICT systems. These new systems will have a great impact on the way the company works and also on the staff they employ. (A) Explain what is meant by the term ‘management of change’ (B) Describe the impact that the new ICT system could have on job and the work patterns. Illustrate your answer with three distinctly different examples. IDEAL ANSWER (A) No marks for the answer that refer simply to the manages managing the change. One mark for mention of the following with a brief description New skills required Changes to organisational structure Alteration of work patterns Changes to internal procedures Worries by the workforce (B) One mark for each point to a maximum of six. Only a maximum of four marks should be given if there if there are no examples. May have to work in a different location (1) as downsizing of offices may occur owing to less paperwork/staff/ computer space needed(1) Telecommuting/teleworking – it may be possible to work from home using computers and telecommunications (1) thus saving the employee travelling cost and time/fitting in with personal life better/environment improvement (1). Retraining – may need to learn new skills (1) in order to use the new ICT systems such as database skills, use of e-mail, data mining skills, website updating skills(1). Different hour of work (1) – new system may operate 24/7 so staff may need to work more flexibly (1). New jobs will be created (1) such as web designers, systems analysts, help-desk staff, network administrators (1), etc. Some jobs will move abroad to call centres (1) wing to cheaper labour cost and the availability of well-qualified staff (1) June 2011 Question F. The introduction of a new ICT system can cause a number of changes in the workplace. Describe three of the changes which are likely to be a cause of stress to the staff and the worries each might bring. [6] Describe, using examples, two things that management could do to lessen any worries that the staff might have about the introduction of the new system. Answers Question F. (1 mark for statement of change and 1 mark for explanation of why) 3 x 2 • Job losses or fear of job losses (1) - new system may replace staff who performed manual processes e.g. filing, etc (1) • Having to learn new skills (1) /(Don’t know how to use system) - older staff may be stressed by appearing to look stupid in front of younger staff who have the skill (1) • Fear of change of organisational structure /Relocation (1) - loss of authority by being bypassed by younger staff or having to move location which could make the journey to work harder (1) • Change in work patterns (1) - split shifts or change of hours or night work, 24/7 • Change in internal procedures (1) - may make staff take on extra responsibilities for no extra money (1) • Health fears (1) - Concerned about the health risks of prolonged use of ICT equipment (1) • Big brother watching mark for brief description of the factor and 1 mark for further explanation or an example x 2 • Appropriate training/retraining – to ensure all staff understand the new system and wondering what to do. • Explanation of the advantages – so that staff can see how they will benefit by making the job easier/ more interesting / answer any queries • Spell out the implications of the new system (meetings)– to help stop rumours which give people stress / allow staff to express worries • Opportunity to learn new skills – enable staff to improve their job prospects • Involvement in the development of the new system – so that the staff can have a system which is straightforward to use. • Keeping social groups together / not disrupt working relationships – less stress / work together as a team Management Information SystemsQuestions June 2011 Question I. More and more organisations are now using Management Information Systems (MIS). Describe using appropriate examples three factors that can lead to an effective MIS. [6] Answer Any three well developed points from: Second mark for good example or expansion x 2 • Accuracy and relevancy of the data � The data used from the transaction systems that supply data to the management system must be accurate. � Avoid information overload by not producing any data that is not needed as this can waste time and make the information harder to use. • Flexibility of the system � Managers of different sections have different requirements and the MIS must be able to cope with this. � Managers of different parts of the business such as marketing and finance have vastly different needs. � Allows individual project planning. � Managers can set up their queries own quickly • Providing data/information in an appropriate form (not format) � Managers will need the data presented in the easiest form for them to interpret, some will want it in tabular form and some in graphical. • Accessible to a wide range of users � Can be used by managers who have a range of ICT skills and knowledge. • Give information when required � Timing is critical as there is no point in giving good information after the date it is needed for. January 2011 Question I. Many schools are now heavily dependent on their Management Information System (MIS). Define what is meant by a MIS and describe, using an appropriate example, a task that could best be accomplished using the MIS. [4] Describe in detail four features of a good MIS. [8] Describe in detail four factors which can lead to a poor MIS. [8] Answers Systems that convert data from internal or external sources (1) into information and resources designed to support the decisions of managers(1). OR MIS are organised collections of people, procedures and resources (1) designed to support the decisions of managers(1). OR MIS are programs designed to produce timely, relevant and accurate information to help managers make good decisions. (1) Examples of use similar to the following: • Looking at pupil attendance figures to try and see if there are patterns and to ensure that less pupils truant. • Looking at exam results to try and find strategies to improve their target figures, etc • A head teacher in a school analysing those pupils who are falling behind in their work as evidenced by test results and whose attendance is poor so that interviews with parents can be arranged. Any four well developed points from: Second mark for good example or expansion. Features of good MIS • Accuracy of the data • Flexibility of data analysis • Providing data in an appropriate form • Accessible to a wide range of users and support a wide range of skills and knowledge • Improve interpersonal communications amongst management and employees • Allow individual project planning • Avoid information overload • Allow speedy decisions for urgent situations Examples of possible responses • Accuracy of the information produced usually dependent on the accuracy of the data input. • Ability to allow managers to set up their own queries flexibly. • Presents the data in an appropriate form, for example a graph, to make it easy to understand. • Can be used by managers who have differing experience and skills in the use of ICT. • Ability to be transferred to other packages for further processing/analysis such as spreadsheet package. Any four well developed points from: Second mark for good example or expansion from: Factors which can lead to poor MIS • Complexity of the system • Inadequate initial analysis • Lack of management involvement in initial design • Inappropriate hardware and software • Lack of management knowledge/training about computer systems and their capabilities • Poor communications between professionals • Lack of professional standards Examples of possible responses • Inadequate consultation with managers during the analysis of the system to find out what their requirements from the system are. • Lack of training for managers means many managers do not use the system as they should. • Inappropriate hardware or software being used. For example, the network may run slowly when processing the information needed when producing MIS reports. • Inadequate initial analysis. The system does not do exactly what it should do. June 2010 5. (a) Describe what is meant by a management information system (MIS). Include in your answer one example of how an MIS can be used. [5] (b) Describe the factors which make a good or a poor MIS using examples to illustrate your answer. [8] Answers 5. (a) A management information system (MIS) is an organised collection of people, procedures and resources (1) designed to support the decisions of managers. (1) Examples of use similar to the following: • A head teacher in a school analysing those pupils who are falling behind in their work as evidenced by test results and whose attendance is poor so that interviews with parents can be arranged. • A production manager of a company using the MIS to make predictions as to how many of a certain product to make based on the sales from the same quarter in previous years. 4-5 marks Candidates give a clear, coherent answer fully and accurately describing MIS illustrated with an example. They use appropriate terminology and accurate spelling, punctuation and grammar. 2-3 marks Candidates describe MIS, but responses lack clarity. There are a few errors in spelling, punctuation and grammar. 1 mark Candidates give a brief comment on MIS. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No appropriate response. 5. (b) Candidates may describe some of the following: Factors which make a good MIS • Accuracy of the data • Flexibility of data analysis • Providing data in an appropriate form • Accessible to a wide range of users and support a wide range of skills and knowledge • Improve interpersonal communications amongst management and employees • Allow individual project planning • Avoid information overload • Allow speedy decisions for urgent situation Factors which can lead to poor MIS • Complexity of the system • Inadequate initial analysis • Lack of management involvement in initial design • Inappropriate hardware and software • Lack of management knowledge about computer systems and their capabilities • Poor communications between professionals • Lack of professional standards Examples of possible responses Features of a good MIS include the following: • Accuracy of the information produced usually dependent on the accuracy of the data input. • Ability to allow managers to set up their own queries flexibly. • Presents the data in an appropriate form, for example a graph, to make it easy to understand. • Can be used by managers who have differing experience and skills in the use of ICT. • Ability to be transferred to other packages for further processing/analysis such as a spreadsheet package. Factors which can lead to a poor MIS: • Inadequate consultation with managers during the analysis of the system to find out what their requirements from the system are. • Lack of training for managers means many managers do not use the system as they should. • Inappropriate hardware or software being used. For example, the network may run slowly when processing the information needed when producing MIS reports. • Inadequate initial analysis. The system does not do exactly what it should do. 6-8 marks Candidates give a clear, coherent answer fully and accurately describing both good and poor factors illustrated with examples. They use appropriate terminology and accurate spelling, punctuation and grammar. 3-5 marks Candidates describe both good and poor factors with at least one example, but responses lack clarity. There are a few errors in spelling, punctuation and grammar. 1-2 mark Candidates simply list good or poor factors or give a brief description of one. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No appropriate response. List of three factors 1 mark (can award twice) January 2010 10. (a) An effective Management Information System (MIS) has become very important to organisations. Describe what is meant by a MIS. Compare and contrast the factors which make the difference between an effective MIS and a poor MIS, using appropriate examples. (b) Despite rigorous testing, it is sometimes necessary for software developers to maintain the systems they have produced. Explain why this situation might arise and describe, using suitable examples, some of the different types of maintenance that might have to be undertaken. Answers 10(a) Management Information Systems (MIS) are organised collections of people, procedures and resources designed to support the decisions of managers. (1) At least four pros and four cons to gain 8 marks. Candidates may include some of the following: Features of good MIS • Accuracy of the data • Flexibility of data analysis • Providing data in an appropriate form • Accessible to a wide range of users and support a wide range of skills and knowledge • Improve interpersonal communications amongst management and employees • Allow individual project planning • Avoid information overload • Allow speedy decisions for urgent situations Factors which can lead to poor MIS • Complexity of the system • Inadequate initial analysis • Lack of management involvement in initial design • Inappropriate hardware and software • Lack of management knowledge about computer systems and their capabilities • Poor communications between professionals • Lack of professional standards 10(b) One mark for each point up to max 8. e.g. Corrective ‘Bugs' (1) which may not have been identified during the testing process (1) become apparent when the system is operating in a live environment (1) Perfective Users may, after a period of time (1) find a particular aspect of the software unsatisfactory (1) e.g. tables may be difficult to format for printing (1) A security issue (1) e.g. a virus threat (1) may emerge which means that the system requires an extra level of protection (1) The software provider may discover a way to make the application run more efficiently (1) e.g. floating editing windows (1) Adaptive Changes in the business environment (1) e.g. change in legislation (1) may mean that the software is required to perform tasks it wasn't originally designed for (1) New software or hardware may be purchased (1) the integration of which requires changes to existing systems (1) e.g. purchase of new printers with incompatible drivers (1) Condone one mark for use of terms, corrective, perfective, adaptive. System Development Life Cycle (SDLC) Questions January 2011 Question E. The first step in producing a new computer system is to investigate the existing system and produce a feasibility report. Describe two different ways a systems analyst can gather information about the existing system. [4] Describe the purpose of the feasibility report and what should be included in the report. [4] Question H. A system analyst has just designed a new ICT system for an organisation. Discuss two of the different changeover strategies that the organisation could use for conversion to the new system. [6] After the new system is working, it will have to be maintained. Describe two different methods of system maintenance, illustrating each method with an appropriate distinct example. [6] Answers Question E. (2 marks for each of 2 points) One mark for describing method and one mark for expansion / purpose / specific use A detailed description of a point can be given 2 marks Interviews – interviews with managers normally reveal how the departments work and any current problems. Normally will say how they want the new system to work and what information they want. Operational staff can supply fine detail on how the current system works. Very time consuming as a lot of people have got to be contacted. Needs skilled interviewers to get the correct information out of people. Observation ( inspect/ look at / shadow) – sit and watch how somebody does their job at present so that one can understand what they do, how and what information flows, the processes that are performed and any time delays, crashes or interruptions. Can be time consuming and span several weeks before you can see everything. Inspection of records – studying the paper based information produced by the company at the moment. Allows one to see what information is currently held and the way it is communicated between different departments or customers and the company. Documents include organisational charts, manuals, reports, minutes of meetings and all documentation. Questionnaires – ideal way to collect information as you do not have to waste time talking to people and can stick to the important points without digressing. Economical to reproduce and distribute. Problem is that people forget to fill them in and hence an incomplete picture. Response rate from posted surveys is often poor. Respondents may misunderstand some of the questions. Cost involved in hiring people to ask others to fill in questionnaires and collect results can be significant. 1 mark for definition, 3 marks for what it includes A feasibility report: is the summary of an initial investigation to look at the likelihood of being able to create a new system with stated aims and objectives at reasonable cost. The document is used by senior managers to assess whether it is worth continuing with the project.Or Considers the request for a new system from different perspectives, (usually economic, operational and technological) to determine whether it is worth the organisation undertaking the project. ( Could be looking at cost benefit) Should include e.g. • User requirements should be identified (aims and objectives). • Definition of the scope of the present system (outline current system). • Major data processing functions and processes (data flow). • Identification of problems with the current system. • Cost benefit analysis of the new system / Consider cost implications in terms of human resources, consultancy fees, training requirements, hardware upgrading, payment to third party providers, licences and fees, etc • Details of existing hardware and software. / Consider technical issues including: do they have equipment to implement; do they have in-house technical expertise; are there compatibility issues with existing systems • Consider operational issues including: impact on day to day work; what training will be required; will re-structuring be necessary; other logistic and practical issues • Potential improvements / benefits on the new system • Conclusions /Is it worth proceeding. Question H. 6-8 marks Candidates give a clear, coherent answer explaining four factors with reasons. They use appropriate terminology and accurate spelling, punctuation and grammar. 3-5 marks Candidates explain briefly and may give reasons but responses lack clarity. There are a few errors in spelling, punctuation and grammar 1-2 marks Candidates simply make brief points and may give a reason. The response lacks clarity and there are significant errors in spelling, punctuation and grammar. 0 marks No valid response. Make 2 points about each factor x4 The plan will usually cover the following: Cost Set up a budget for it What backup medium should be used? Tape or disc/ Raid systems depending upon the speed or money available to recover the data Hardware can be replaced how much money have they got Software can be re-installed. (or de-bugged by the programming department). Risk What problems could occur? Likelihood of them occurring e.g. are they going to get an earthquake in UK On site or off site depending upon costs and the likelihood of the risk occurring and the criticality of the data. Data No business can afford to lose its data. Backups of all data should be regularly made. This means that the worst case scenario is that the business has to go back to the situation of the last backup and carry on from there. Backups may take a long time – often tape-streamed at night. Hardware/Software/Communications The total or partial loss of computing equipment or software The complete or partial loss of telecommunications equipment or services The complete or partial loss of the premises housing the IT equipment. The loss of essential services such as electricity, heating or air conditioning Alternative communication /computer systems may be arranged in case a network goes down or alternative power supply. Personnel, Responsibilities and Training The loss of certain key employees (e.g., losing all the qualified network staff in one go due to them choosing to form their own facilities organisation) The loss of maintenance or support Make one person responsible for backups so people don’t think others are doing it and it does not get done or do they use online backup companies or both! Screening potential employees Routines for distributing updated virus information and virus scanning procedures Define procedures for downloading from the Internet, use of floppy discs, personal backup procedures Define staff code of conduct for using computer systems e.g. no abusive emails. No illicit use etc. What response should staff make when the disaster occurs Procedures Produce procedures for minimising the risks Test the plan on a regular basis to make sure it still sufficient Establish physical protection system (firewalls etc.) Establish security rights for file access and updating web pages Establish a disaster recovery programme. This starts with a backup policy to secure the data so it can be recovered later e.g. backup procedures required. How often should backups be taken? Restoration policy backup every day/hour and rotate tapes to ensure there is always a copy to restore files What type of backup? Where the backup is to be stored? Decide upon types of backup full, incremental or differential depending upon how many items of data are changed Set up auditing procedures (Audit trails) to detect misuse Premises relocation 8