8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 1/13

Q1. What is Client-server Computing?

Ans: The short answer: Client/server is a computational architecture that involves client

 processes

requesting service from server processes.

The long answer: Client/server computing is the logical extension of modular programming.Modular programming has as its fundamental assumption that separation of a large piece of 

software into its constituent parts ("modules") creates the possibility for easier development

and better maintainability. Client/server computing takes this a step farther by recognizing

that those modules need not all be executed within the same memory space.

With this architecture, the calling module becomes the "client" (that which requests a

service), and the called module becomes the "server" (that which provides the service). The

logical extension of this is to have clients and servers running on the appropriate hardware

and software platforms for their functions. For example, database management system

servers running on platforms specially designed and configured to perform queries, or file

servers running on platforms with special elements for managing files. It is this latter  perspective that has created the widely-believed myth that client/server has something to do

with PCs or Unix machines.

Q2 What is a Client process?

Ans: The client is a process (program) that sends a message to a server process (program),

requesting that the server perform a task (service). Client programs usually manage the user-

interface portion of the application, validate data entered by the user, dispatch requests to

server programs, and sometimes execute business logic. The client-basedprocess is the front-

end of the application that the user sees and interacts with. The client process contains

solution-specific logic and provides the interface between the user and the rest of the

application system. The client process also manages the local resources that the user interacts

with such as the monitor, keyboard, workstation CPU and peripherals. One of the key

elements of a client workstation is the graphical user interface (GUI). Normally a part of 

operating system i.e. the window manager detects user actions, manages the windows on the

display and displays the data in the windows.

Q3 What is a Server process?

Ans : A server process (program) fulfills the client request by performing the task requested.

Server programs generally receive requests from client programs, execute database retrievaland updates, manage data integrity and dispatch responses to client requests. Sometimes

server programs execute common or complex business logic. The server-based process "may"

run on another machine on the network. This server could be the host operating system or 

network file server; the server is then provided both file system services and application

services. Or in some cases, another desktop machine provides the application services. The

server process acts as a software engine that manages shared resources such as databases,

 printers, communication links, or high powered-processors. The server process performs the

 back-end tasks that are common to similar applications.

Q4 What is a Two-Tier Architecture?

Ans : A two-tier architecture is where a client talks directly to a server, with no intervening

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 2/13

server. It is typically used in small environments (less than 50 users). A common error in

client/server development is to prototype an application in a small, two-tier environment, and

then scale up by simply adding more users to the server. This approach will usually result in

an ineffective system, as the server becomes overwhelmed. To properly scale to hundreds or 

thousands of users, it is usually necessary to move to a three-tier architecture.

Q5 What is a Three-Tier Architecture?

A three-tier architecture introduces a server (or an "agent") between the client and the server.

The role of the agent is manyfold. It can provide translation services (as in adapting a legacy

application on a mainframe to a client/server environment), metering services (as in acting as

a transaction monitor to limit the number of simultaneous requests to a given server), or 

intellegent agent services (as in mapping a request to a number of different servers, collating

the results, and returning a single response to the client.

For SBI Speciality Officer, Allahabad bank IT Officer Exam

Model Questions: The Descriptive Test should be Prepared on Basis of All Books of Degree

Exam with Special Emphasis on Banking. We are Listing Sample Questions

(i) Kerberos-- Kerberos is a computer network authentication protocol, which allows

nodes communicating over a non-secure network to prove their identity to one another in a

secure manner. Its designers aimed primarily at a client–server model, and it provides mutual

authentication — both the user and the server verify each other's identity. Kerberos protocol

messages are protected against eavesdropping and replay attacks.

Kerberos builds on symmetric key cryptography and requires a trusted third party, andoptionally may use public-key cryptography by utilizing asymmetric key cryptography during

certain phases of authentication.

(ii) IP Security-- Short for  IP Security, a set of protocols developed by the IETF to

support secure exchange of packets at the IP layer. IPsec has been deployed widely to

implement Virtual Private Networks (VPNs).

IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only

the data portion ( payload ) of each packet, but leaves the header untouched. The more secure

Tunnel mode encrypts both the header and the payload. On the receiving side, an IPSec-

compliant device decrypts each packet.

For IPsec to work, the sending and receiving devices must share a public key. This is

accomplished through a protocol known as Internet Security Association and KeyManagement Protocol/Oakley (ISAKMP/Oakley), which allows the receiver to obtain a

 public key and authenticate the sender using digital certificates.

2.Write short notes on each of the following:(a) Trojan Horse--- A destructive program that masquerades as a benign

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 3/13

application. Unlike viruses, Trojan horses do not replicate themselves but they

can be just as destructive. One of the most insidious types of Trojan horse is a

program that claims to rid your computer of viruses but instead introduces

viruses onto your computer. In computers, a Trojan horse is a program in which

malicious or harmful code is contained inside apparently harmless programming or data in

such a way that it can get control and do its chosen form of damage, such as ruining the file

allocation table on your hard disk . In one celebrated case, a Trojan horse was a program that

was supposed to find and destroy computer viruses. A Trojan horse may be widely

redistributed as part of a computer virus.

The most important difference between a trojan virus/trojan horse and a virus is that trojans

don’t spread themselves. Trojan horses disguise themselves as valuable and useful software

available for download on the internet. Most people are fooled by this ploy and end up

dowloading the virus disguised as some other application. The name comes from the mythical

"Trojan Horse" that the Ancient Greeks set upon the city of Troy.

A trojan horse is typically separated into two parts – a server and a client. It’s the client that is

cleverly disguised as significant software and positioned in peer-to-peer file sharing

networks, or unauthorized download websites. Once the client Trojan executes on your 

computer, the attacker, i.e. the person running the server, has a high level of control over your 

computer, which can lead to destructive effects depending on the attacker’s purpose.

A trojan horse virus can spread in a number of ways. The most common means of infection is

through email attachments. The developer of the virus usually uses various spamming

techniques in order to distribute the virus to unsuspecting users. Another method used by

malware developers to spread their trojan horse viruses is via chat software such as YahooMessenger and Skype. Another method used by this virus in order to infect other machines is

through sending copies of itself to the people in the address book of a user whose computer 

has already been infected by the virus.

Types of Trojan Horse Viruses

Trojan Horses have developed to a remarkable level of cleverness, which makes each one

radically different from each other. For an inclusive understanding, we have classified them

into the following:

Remote Access Trojans

Remote Access Trojans are the most frequently available trojans. These give an attacker 

absolute control over the victim’s computers. The attacker can go through the files and access

any personal information about the user that may be stored in the files, such as credit card

numbers, passwords, and vital financial documents.

Password Sending Trojans

The intention of a Password Sending Trojan is to copy all the cached passwords and look for 

other passwords as you key them into your computer, and send them to particular email

addresses. These actions are performed without the awareness of the users. Passwords for 

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 4/13

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 5/13

all files we can receive are guaranteed to be virus-free. With this, a good way of protecting

your PC against malicious programs such as this harmful application is to install and update

an antivirus program.

(b) Smart Cards-- A smart card resembles a credit card in size and shape, but inside it

is completely different. First of all, it has an inside -- a normal credit card is a simple piece of 

 plastic. The inside of a smart card usually contains an embedded microprocessor. The

microprocessor is under a gold contact pad on one side of the card. Think of the

microprocessor as replacing the usual magnetic stripe on a credit card or debit card.

Smart cards are much more popular in Europe than in the United States. In Europe, the health

insurance and banking industries use smart cards extensively. Every German citizen has a

smart card for health insurance. Even though smart cards have been around in their modern

form for at least a decade, they are just starting to take off in the United States.

The microprocessor on the smart card is there for security. The host computer and card

reader actually "talk" to the microprocessor. The microprocessor enforces access to the data

on the card. If the host computer read and wrote the smart card's random access memory

(RAM), it would be no different than a diskette.

Smarts cards may have up to 8 kilobytes of RAM, 346 kilobytes of ROM, 256 kilobytes of 

 programmable ROM, and a 16-bit microprocessor. The smart card uses a serial interface and

receives its power from external sources like a card reader. The processor uses a limited

instruction set for applications such as cryptography.

The most common smart card applications are:

• Credit cards

• Electronic cash

• Computer security systems

• Wireless communication

• Loyalty systems (like frequent flyer points)

• Banking

• Satellite TV

• Government identification

Smart cards can be used with a smart-card reader attachment to a personal computer toauthenticate a user. Web browsers also can use smart card technology to supplement Secure

Sockets Layer (SSL) for improved security of Internet transactions. Visa's Smart Card FAQ 

shows how online purchases work using a smart card and a PC equipped with a smart-card

reader. Smart-card readers can also be found in mobile phones and vending machines.

What is a Socket ? Write two differences between a TCP Socket and a

UDP Socket.

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 6/13

A server application normally listens to a specific port waiting for connection requests from a

client. When a connection request arrives, the client and the server establish a dedicated

connection over which they can communicate. During the connection process, the client is

assigned a local port number, and binds a socket to it. The client talks to the server by writing

to the socket and gets information from the server by reading from it. Similarly, the server 

gets a new local port number (it needs a new port number so that it can continue to listen for connection requests on the original port). The server also binds a socket to its local port and

communicates with the client by reading from and writing to it.

The client and the server must agree on a protocol--that is, they must agree on the language of 

the information transferred back and forth through the socket.

Definition: A socket is one end-point of a two-way communication link between two

 programs running on the network.

The java.net package in the Java development environment provides a class--Socket--that

represents one end of a two-way connection between your Java program and another program

on the network. The Socket class implements the client side of the two-way link. If you are

writing server software, you will also be interested in the ServerSocket class which

implements the server side of the two-way link. This lesson shows you how to use the Socket

and ServerSocket classes.

A TCP socket is defined as an endpoint for communication. A socket consists of the pair <IP

Address,Port>. For our purposes, a port will be defined as an integer number between

1024 and 65535. This is because all port numbers smaller than 1024 are considered well-known -- for example, telnet uses port 23, http uses 80, ftp uses 21, and so on. On Unix

machines, the file /etc/services contains a list of services provided by that machine, alongwith their well-known ports

A TCP connection consists of a pair of sockets. Sockets are distinguished by client and

server sockets. A server listens on a port, waiting for incoming requests from clients.

For example, a web server listens at port 80 for incoming request from clients (web

 browsers). When a client wishes to make a connection with a server socket, the client is

assigned a port from the local host. Suppose that client X (at IP address 146.86.3.15)

wishes to browse a web page on the server 146.86.5.20. If the port the local host assigned

client X is port 12345, the connection between the client and the server is uniquely identified

 by the socket pair 

What is Network Address Translation (NAT) ? Give any two advantages

and two disadvantages of NAT.

 NAT (Network Address Translation or Network Address Translator) is the translation of anInternet Protocol address (IP address) used within one network to a different IP address

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 7/13

known within another network. One network is designated the inside network and the other is

the outside. Typically, a company maps its local inside network addresses to one or more

global outside IP addresses and unmaps the global IP addresses on incoming packets back 

into local IP addresses. This helps ensure security since each outgoing or incoming request

must go through a translation process that also offers the opportunity to qualify or 

authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP address in

its communication with the world.

 NAT is included as part of a router and is often part of a corporate firewall. Network 

administrators create a NAT table that does the global-to-local and local-to-global IP address

mapping. NAT can also be used in conjunction with policy routing . NAT can be statically

defined or it can be set up to dynamically translate from and to a pool of IP addresses. Cisco's

version of NAT lets an administrator create tables that map:

• A local IP address to one global IP address statically

• A local IP address to any of a rotating pool of global IP addresses that a company mayhave

• A local IP address plus a particular TCP port to a global IP address or one in a pool of 

them

• A global IP address to any of a pool of local IP addresses on a round-robin basis

 NAT is described in general terms in RFC 1631. which discusses NAT's relationship to

Classless Interdomain Routing (CIDR ) as a way to reduce the IP address depletion problem.

 NAT reduces the need for a large amount of publicly known IP addresses by creating a

separation between publicly known and privately known IP addresses. CIDR aggregates

 publicly known IP addresses into blocks so that fewer IP addresses are wasted. In the end,

 both extend the use of IPv4 IP addresses for a few more years before IPv6 is generally

supported.

2a (i) what are distributed system?

The word distributed in terms such as "distributed system", "distributed programming", and

"distributed algorithm" originally referred to computer networks where individual computers

were physically distributed within some geographical area.[3] The terms are nowadays used in

a much wider sense, even referring to autonomous processes that run on the same physical

computer and interact with each other by message passing.[4]

While there is no single definition of a distributed system,[5] the following defining properties

are commonly used:

•  There are several autonomous computational entities, each of which hasits own local memory.[6]

•  The entities communicate with each other by message passing.[7]

In this article, the computational entities are called computers or  nodes.

A distributed system may have a common goal, such as solving a large computational problem.[8] Alternatively, each computer may have its own user with individual needs, and

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 8/13

the purpose of the distributed system is to coordinate the use of shared resources or provide

communication services to the users.[9]

Other typical properties of distributed systems include the following:

•  The system has to tolerate failures in individual computers.[10]

•  The structure of the system (network topology, network latency, numberof computers) is not known in advance, the system may consist of different kinds of computers and network links, and the system maychange during the execution of a distributed program.[11]

• Each computer has only a limited, incomplete view of the system. Eachcomputer may know only one part of the input.[12]

(a)–(b) A distributed system.

(c) A parallel system.

[edit] Parallel or distributed computing?

The terms "concurrent computing", " parallel computing", and "distributed computing" have a

lot of overlap, and no clear distinction exists between them.[13] The same system may be

characterised both as "parallel" and "distributed"; the processors in a typical distributed

system run concurrently in parallel.[14] Parallel computing may be seen as a particular tightly-

coupled form of distributed computing,[15] and distributed computing may be seen as a

loosely-coupled form of parallel computing.[5] Nevertheless, it is possible to roughly classify

concurrent systems as "parallel" or "distributed" using the following criteria:

• In parallel computing, all processors have access to a shared memory.

Shared memory can be used to exchange information betweenprocessors.[16]

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 9/13

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 10/13

There is a Reverse ARP (RARP) for host machines that don't know their IP address. RARP

enables them to request their IP address from the gateway's ARP cache.

RARP (Reverse Address Resolution Protocol) is a protocol by which a physical

machine in a local area network can request to learn its IP address from a

gateway server's Address Resolution Protocol (ARP) table or cache. A networkadministrator creates a table in a local area network's gateway router that maps

the physical machine (or Media Access Control - MAC address) addresses to

corresponding Internet Protocol addresses. When a new machine is set up, its

RARP client program requests from the RARP server on the router to be sent its

IP address. Assuming that an entry has been set up in the router table, the RARP

server will return the IP address to the machine which can store it for future use.

RARP is a separate protocol at the data-link level. For example, if the medium

used is Ethernet, then RARP packets will have an Ethertype (still to be assigned)

different from that of ARP. This recognizes that ARP and RARP are twofundamentally different operations, not supported equally by all hosts. The

impact on existing systems is minimized; existing ARP servers will not be

confused by RARP packets. It makes RARP a general facility that can be used for

mapping hardware addresses to any higher level protocol address.

 This approach provides the simplest implementation for RARP client hosts, but

also provides the most difficulties for RARP server hosts. However, these

difficulties should not be insurmountable.

RARP is available for Ethernet, Fiber Distributed-Data Interface, and Token RingLANs. ARP (Address Resolution Protocol) performs the opposite function as the

RARP: mapping of an IP address to a physical machine address.

Cluster Computing / Computer Clusters

Definition: Cluster computing is the technique of linking two or more computers into anetwork (usually through a local area network) in order to take advantage of the parallel 

 processing power of those computers. 

An eternal struggle in any IT department is in finding a method to squeeze the maximum processing power out of a limited budget. Today more than ever, enterprises require

enormous processing power in order to manage their desktop applications, databases and

knowledge management (case study: Rolls Royce - pdf ). Many business processes are

extremely heavy users of IT resources, and yet IT budgets struggle to keep pace with the ever 

growing demand for yet more power.

IT Limitations Unfortunately, though some of the largest enterprises requirethe processing power of a supercomputer, few enterprises can rustle upsupercomputer-sized IT budgets. While there have been significant advances inmainframe computing in recent years, investment in a single large source of 

processing power may be the most cost-effective or flexible solution.

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 11/13

Instead, many enterprises are now choosing to invest their IT budgets incomputer clusters – networks of high-powered, low-cost desktop computers –that provide an attractive alternative to mainframe computers.

Types of Computer Clusters

 There are several different varieties of computer clusters, each offering differentadvantages to the user. These varieties are:

* High Availability Clusters 

HA Clusters are designed to ensure constant access to service applications. Theclusters are designed to maintain redundant nodes that can act as backupsystems in the event of failure. The minimum number of nodes in a HA cluster istwo – one active and one redundant – though most HA clusters will useconsiderably more nodes. HA clusters aim to solve the problems that arise frommainframe failure in an enterprise. Rather than lose all access to IT systems, HA

clusters ensure 24/7 access to computational power. This feature is especiallyimportant in business, where data processing is usually time-sensitive.

* Load-balancing Clusters

Load-balancing clusters operate by routing all work through one or more load-balancing front-end nodes, which then distribute the workload efficientlybetween the remaining active nodes. Load-balancing clusters are extremelyuseful for those working with limited IT budgets. Devoting a few nodes tomanaging the workflow of a cluster ensures that limited processing power can beoptimised.

* High-performance Clusters

HPC clusters are designed to exploit the parallel processing power of multiplenodes. They are most commonly used to perform functions that require nodes tocommunicate as they perform their tasks – for instance, when calculation resultsfrom one node will affect future results from another.

 The best known HPC cluster is Berkeley’s Seti@Home Project, an HPC clusterconsisting of over 5 million volunteer home computers devoting processingpower to the analysis of data from the Arecibo Observatory radio telescope.

Benefits of Computer Clusters 

Computer clusters offer a number of benefits over mainframe computers,including:

Reduced Cost:  The price of off-the-shelf consumer desktops has plummeted inrecent years, and this drop in price has corresponded with a vast increase intheir processing power and performance. The average desktop PC today is manytimes more powerful than the first mainframe computers.

Processing Power :  The parallel processing power of a high-performancecluster can, in many cases, prove more cost effective than a mainframe with

similar power. This reduced price per unit of power enables enterprises to get agreater ROI from their IT budget.

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 12/13

Improved Network Technology: Driving the development of computerclusters has been a vast improvement in the technology related to networking,along with a reduction in the price of such technology.

Computer clusters are typically connected via a single virtual local area network(VLAN), and the network treats each computer as a separate node. Informationcan be passed throughout these networks with very little lag, ensuring that datadoesn’t bottleneck between nodes.

Scalability: Perhaps the greatest advantage of computer clusters is thescalability they offer. While mainframe computers have a fixed processingcapacity, computer clusters can be easily expanded as requirements change byadding additional nodes to the network.

Availability: When a mainframe computer fails, the entire system fails.However, if a node in a computer cluster fails, its operations can be simply

transferred to another node within the cluster, ensuring that there is nointerruption in service.

Cloud computing

Cloud computing is a general term for anything that involves delivering hosted services over 

the Internet. These services are broadly divided into three categories: Infrastructure-as-a-

Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The name

cloud computing was inspired by the cloud symbol that's often used to represent the Internet

in flowcharts and diagrams.

A cloud service has three distinct characteristics that differentiate it from traditional hosting.It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as

much or as little of a service as they want at any given time; and the service is fully managed

 by the provider (the consumer needs nothing but a personal computer and Internet access).

Significant innovations in virtualization and distributed computing, as well as improved

access to high-speed Internet and a weak economy, have accelerated interest in cloud

computing.

A cloud can be private or public. A public cloud sells services to anyone on the Internet.

(Currently, Amazon Web Services is the largest public cloud provider.) A  private cloud is a

 proprietary network or a data center that supplies hosted services to a limited number of 

 people. When a service provider uses public cloud resources to create their private cloud, theresult is called a virtual private cloud. Private or public, the goal of cloud computing is to

 provide easy, scalable access to computing resources and IT services.

Infrastructure-as-a-Service like Amazon Web Services provides virtual server instances with

unique IP addresses and blocks of storage on demand. Customers use the provider's

application program interface (API) to start, stop, access and configure their virtual servers

and storage. In the enterprise, cloud computing allows a company to pay for only as much

capacity as is needed, and bring more online as soon as required. Because this pay-for-what-

you-use model resembles the way electricity, fuel and water are consumed, it's sometimes

referred to as utility computing.

8/7/2019 Bank IT Specialist

http://slidepdf.com/reader/full/bank-it-specialist 13/13

Platform-as-a-service in the cloud is defined as a set of software and product development

tools hosted on the provider's infrastructure. Developers create applications on the provider's

 platform over the Internet. PaaS providers may use APIs, website portals or gateway software

installed on the customer's computer. Force.com, (an outgrowth of Salesforce.com) and

GoogleApps are examples of PaaS. Developers need to know that currently, there are not

standards for interoperability or data portability in the cloud. Some providers will not allowsoftware created by their customers to be moved off the provider's platform.

In the software-as-a-service cloud model, the vendor supplies the hardware infrastructure, the

software product and interacts with the user through a front-end portal. SaaS is a very broad

market. Services can be anything from Web-based email to inventory control and database

 processing. Because the service provider hosts both the application and the data, the end user 

is free to use the service from anywhere.