Information Technology > QUESTIONS & ANSWERS > Systems Analysis and Design, Tenth Edition End of Chapter Solutions CHAPTER 12 Managing Systems Supp (All)

Systems Analysis and Design, Tenth Edition End of Chapter Solutions CHAPTER 12 Managing Systems Support and Security

Document Content and Description Below

Systems Analysis and Design, Tenth Edition End of Chapter Solutions CHAPTER 12 Managing Systems Support and Security Chapter Exercises s Questions 1. Describe four types of system maintenance and p... rovide two examples of each type. Students can refer to examples shown in Figure 12-5 on page 509. Instructors might want to try a different approach to this question and ask students to cite an automotive example for each type of maintenance. Sample answers might include the following: a. Corrective maintenance diagnoses and corrects errors in an operational system. (An automotive example would be replacing a burned out headlight.) b. Adaptive maintenance involves adding new capability and enhancements to the existing system. (An automotive example would be adding a trailer hitch to your SUV so you can tow your boat.) c. Perfective maintenance is designed to improve efficiency. (An automotive example would be having a tune-up performed in order to improve gas mileage.) d. Preventive maintenance is performed to reduce the possibility of future system failure. (An automotive example would be changing your oil every 3,000 miles to avoid engine problems). (Page 509) 2. As an IT manager, would you assign newly hired systems analysts to maintenance projects? Why or why not? Newly hired and recently promoted IT staff members sometimes are assigned to maintenance projects because most IT managers believe that maintenance work offers the best learning experience. The practice is common, and the pros and cons of that approach are discussed in the chapter. (Page 508) 3. What is configuration management and why is it important? Configuration management (CM) is a process for controlling changes in system requirements during the development phases of the SDLC. It also is an important management tool for managing systems changes and costs after a system becomes operational. (Page 516) 4. Define the term what­if analysis. How could you use a spreadsheet in capacity planning? What-if analysis allows you to vary one or more elements in a capacity planning model to measure the effect on the other elements. Capacity planning is a process that monitors current activity and performance levels, anticipates future activity, and forecasts the resources needed to provide the desired level of service.A spreadsheet is an extremelySystems Analysis and Design, Tenth Edition Page 2 of 41 useful tool in capacity planning because it allows the analyze the overall effect when one or more variables are changed. (Page 522) 5. What is a release methodology? Why is version control important? Under a release methodology, all noncritical changes are held until they can be implemented at the same time. Each change is documented and installed as a new version of the system called a maintenance release. When a release method is used, a numbering pattern distinguishes the different releases. In a typical system, the initial version of the system is 1.0, and the release that includes the first set of maintenance changes is version 1.1. A change, for example, from version 1.4 to 1.5 indicates relatively minor enhancements, while whole number changes, such as from version 1.0 to 2.0, or from version 3.4 to 4.0, indicates a significant upgrade. A release methodology offers several advantages, especially if two teams perform maintenance work on the same system. When a release methodology is used, all changes are tested together before a new system version is released. The release methodology also reduces costs, because only one set of system tests is needed for all maintenance changes. This approach results in fewer versions, less expense, and less interruption for users. Using a release methodology also reduces the documentation burden. Version control is the process of tracking system releases. Typically, when a new version is released, it is archived by a systems librarian who is responsible for archiving current and previously released versions of the system. Using version control, in the event of major system failure, the company can reinstate the prior version for system recovery. Version control also allows one individual to track version changes. (Page 517) 6. Define the following terms: response time, bandwidth, throughput, and turnaround time. How are the terms related?  Response time measures the overall time between a request for system activity and the delivery of the response to the user.  Bandwidth describes the amount of data that the system can handle in a fixed time period.  Throughput expresses a data transfer rate that measures actual system performance under specific circumstances.  Turnaround time applies to centralized batch processing operations and measures the time between submitting a request and the fulfillment of the request. Each term represents a different way of measuring system performance. Taken together, response time, bandwidth, throughput, and turnaround time provide a comprehensive view of system operations and performance. (Pages 520-521) 7. What are some key issues that you must address when considering data backup and recovery? The cornerstone of business data protection is a backup policy, which contains detailed instructions and procedures for all backups. The backup policy should specify backup media, schedules, and retention periods. An effective backup policy can help assure continued business operations, and in some cases, be the key to a firm’s survival. In addition to backing up critical business data, some companies have taken a more dramatic step by establishing a hot site. A hot site is a separate IT location, which might be in another state or even another country that can support critical business systems in the event of a power outage, system crash, or physical catastrophe. (Page 541)Systems Analysis and Design, Tenth Edition Page 3 of 41 8. Explain the concept of risk management, including risk identification, assessment, and control. Risk management involves constant attention to three interactive tasks: risk identification, risk assessment, and risk control. Risk identification analyzes the organization’s assets, threats and vulnerabilities. Risk assessment measures risk likelihood and impact. Risk control develops safeguards that reduce risks and their impact. (Page 524) 9. What are the six security levels? Provide examples of threat categories, attacker profiles, and types of attacks. The six security levels are physical security, network security, application security, file security, user security, and procedural security. The following is a list of issues that pertain to each security level: Physical Security Issues  Computer room security Biometric scanning systems Motion sensors  Servers and desktop computers Keystroke loggers Tamper­evident cases BIOS­level passwords; boot­level passwords; power­on passwords  Notebook computers Universal Security Slot (USS) Tracking software Stringent password requirements Account lockout thresholds Network Security Issues  Encrypting network traffic Encryption vs. plain text Public key encryption Wi­Fi Protected Access (WPA and WPA2) Wired Equivalent Privacy (WEP)  Private networks Tunnels  Virtual private networks  Ports and services Destination ports Services Port scans Denial of service attacks  Firewalls Protocols that control traffic Application Security Issues  Services Security holes PermissionsSystems Analysis and Design, Tenth Edition Page 4 of 41  Input validation  Patches and updates File Security Issues  Permissions  User groups User Security Issues  Identity management  Password protection  Social engineering  User resistance Procedural Security Issues  Managerial policies and controls  Corporate culture that stresses security  Define how particular tasks are to be performed  Employee responsibility for security  Dumpster diving  Use of paper shredders  Classification levels. An attack is a hostile act that targets the system, or the company itself. Thus, an attack might be launched by a disgruntled employee, or a hacker who is 10,000 miles away. Attackers break into a system to cause damage, steal information, or gain recognition, among other reasons. Attackers typically can be identified by one or more the following profiles:Systems Analysis and Design, Tenth Edition Page 5 of 41 Typical types of attacks and examples of each are: (Pages 526­527 10. Provide an example of technical obsolescence, and explain how it can be a threat to an information system. Typical examples of technical obsolescence are:  Operational costs or execution times are increasing rapidly, and routine perfective maintenance does not reverse or slow the trend.  A software package is available that provides the same or additional services faster, better, and less expensively than the current system.  New technology offers a way to perform the same or additional functions more efficiently.  Maintenance changes or additions are difficult and expensive to perform.  Users request significant new features to support business requirements. As the chapter points out, constantly changing technology means that every system has a limited economic life span. Analysts and managers can anticipate obsolescence in several ways and it never should come as a complete surprise. A system becomesSystems Analysis and Design, Tenth Edition Page 6 of 41 obsolete when it no longer supports user needs, or when the hardware or software platform becomes outmoded. (Page 543) Discussion Topics 1. Assume that your company uses a release methodology for its sales system. The current version is 5.5. Decide whether each of the following changes would justify a version 6.0 release, or be included in a version 5.6 update: (a) Add a new report, (b) add a Web interface, (c) add data validation checks, (d) add an interface to the marketing system, and (e) change the user interface. In general, a whole number change in the version number of an information system, such as a change from 4.5 to 5.0, indicates the presence of significant upgrades to the system. A change from 4.5 to 4.6 indicates that the new version contains relatively minor changes from the prior version. These guidelines might produce the following results: These changes are minor, and probably would result in version 4.6:  Add a new report  Add data validation checks These changes are more significant, and would be more likely to result in version 5.0:  Add a Web interface  Add an interface to the marketing system  Change the user interface 2. The four types of IT system maintenance also apply to other industries. Suppose you were in charge of aircraft maintenance for a small airline. What would be a specific example of each type of maintenance? Answers will vary. Possible responses might include the following:  Corrective maintenance: Resolving specific problems noted by flight crew members in the aircraft log book.  Adaptive maintenance: Upgrading and adding new capability, such as an in-flight movie system or a more powerful radar system.  Perfective maintenance: Improving engine efficiency, reducing fuel consumption rates, or increasing intervals between scheduled maintenance.  Preventive maintenance: Developing maintenance procedures that will avoid future problems. Examples might include inspecting and tightening fasteners, checking lubricant levels, and examining hard-to-reach areas to determine whether or no [Show More]

Last updated: 1 year ago

Preview 1 out of 41 pages

Add to cart

Instant download

We Accept:

We Accept
document-preview

Buy this document to get the full access instantly

Instant Download Access after purchase

Add to cart

Instant download

We Accept:

We Accept

Reviews( 0 )

$9.00

Add to cart

We Accept:

We Accept

Instant download

Can't find what you want? Try our AI powered Search

OR

REQUEST DOCUMENT
108
0

Document information


Connected school, study & course


About the document


Uploaded On

Aug 22, 2022

Number of pages

41

Written in

Seller


seller-icon
QuizMaster

Member since 5 years

1095 Documents Sold


Additional information

This document has been written for:

Uploaded

Aug 22, 2022

Downloads

 0

Views

 108

Document Keyword Tags

What is Browsegrades

In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.

We are here to help

We're available through e-mail, Twitter, Facebook, and live chat.
 FAQ
 Questions? Leave a message!

Follow us on
 Twitter

Copyright © Browsegrades · High quality services·