Examination Papers Template by RussellBawden





Time allowed: 2 hours
Answer THREE from FIVE questions

Calculators are not allowed in this examination

All questions carry equal marks

1. Mary has been asked to plan the installation of a web server from the ground up. The only
   proviso is that the server will be built on existing PC hardware that until recently was used
   to support a service that is no longer needed.
   a) Describe the choices Mary must make regarding available operating system and web
      server application software. Explain the advantages and disadvantages of her available
      choices.                                                                            [9]
   b) In the installation process, Mary must choose a filesystem type to use. What issues
      must she bear in mind when making this choice?                                      [6]
   c) What principles should Mary adhere to as she decides how to partition and lay out the
      filesystems on the disks of her web server? What are the benefits and drawbacks of
      choosing to partition disks?                                                        [9]
   d) What security principles should Mary adhere to as she installs the web service?        [9]

2. This question concerns issues of security on an Internet connected site.
   You are asked to set up a small network connected by broadband technologies to the
   Internet. The network is to support a group of mobile research workers, to provide a
   common point for information interchange of commercially sensitive data. The mobile
   workers will access the site through the Internet from a variety of independent ISPs.
   The base site will provide, as a minimum, a private web space and file sharing services.
   The base network will also provide desktop PC access for the support staff, who will also
   want to share data between themselves. Occasionally targeted emailings will be sent to
   journalists to indicate press releases on the web site that they may wish to access.
   a) With reference to this scenario and based on services studied in this module, describe
      the types of Internet Services that will be made available from this site for the remote
      users. Analyse the key security risks these services entail and offer suggestions on how
      these security risks may be minimised.                                                [23]
   b) What other services should be provided at the base site to increase security? Specify the
      manner in which these should be established to minimise the risks, and the role of
      support staff in their maintenance.                                                 [10]

                                                  Page 1 of 2                                  Turn over
3. a)      Discuss, in the context of an academic IT environment, how you would manage the
   process of defining a service level agreement for information security. You should provide
   an outline of the document’s structure.                                               [18]
   b) Explain your understanding of the specific IT security concerns of each of these three
      classes of stakeholder. Describe how, in each case, you would seek to validate this
                i. Corporate managers                                                       [5]
                ii. IT service providers                                                    [5]
                iii. Undergraduate service users                                            [5]

4. You are the Head of Information Services for a multi-campus university in the UK. Part of
   your remit is to manage the provision of robust network and server infrastructures,
   including the control of outsourced resources.
   a) With reference to an example you have studied, describe the role of IT disaster
      recovery planning in a large organisation. You should discuss the scope, interactions
      and constraints associated with such planning.                                      [18]
   b) Discuss, in the form of a project proposal, how you would develop a mechanism for
      testing the disaster readiness of the organisation. Include notes on pre-requisites,
      resource requirements and potential impacts.                                         [15]

5. This question concerns naming and directory services and electronic mail services.
   a) Briefly explain what is meant by a directory service and how this differs from a general
      purpose database facility.                                                           [2]
   b) The Lightweight Directory Access Protocol (LDAP) is progressively becoming adopted
      by more applications.
      (i) Explain the meaning of the term objectclass in an LDAP context.                   [3]
      (ii) What is the role of the distinguished name (DN) with respect to an entry in an
           LDAP directory?                                                                [2]
   c) The Domain Name System (DNS) is very important in terms of most Internet
      (i) Explain the role of a DNS server of type forward and how this might assist in
          providing DNS services to a group of computers using the private IP address
          space.                                                                        [3]
      (ii) Describe how you would go about setting up a DNS server of type forward that
           only had IP addresses within the private IP address space and what other facilities
           would need to be configured and accessed to make this server usable.             [7]
   d) Electronic mail is one of the most important Internet services.
      (i) What is a Mail Transfer Agent (MTA)?                                              [3]
      (ii) Explain how a site’s DNS MX record is used in deciding how to deliver electronic
           mail to a site and describe typical MX records.                              [6]
      (iii) Explain in detail how an MTA connects to a remote computer to transfer mail,
            using as an example how it might be done manually (as you were shown in the
            lectures).                                                                   [7]

Back to Computer Science DEPARTMENT Index

                                                   Page 2 of 2

To top