8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 1/13
Q1. What is Client-server Computing?
Ans: The short answer: Client/server is a computational architecture that involves client
processes
requesting service from server processes.
The long answer: Client/server computing is the logical extension of modular programming.Modular programming has as its fundamental assumption that separation of a large piece of
software into its constituent parts ("modules") creates the possibility for easier development
and better maintainability. Client/server computing takes this a step farther by recognizing
that those modules need not all be executed within the same memory space.
With this architecture, the calling module becomes the "client" (that which requests a
service), and the called module becomes the "server" (that which provides the service). The
logical extension of this is to have clients and servers running on the appropriate hardware
and software platforms for their functions. For example, database management system
servers running on platforms specially designed and configured to perform queries, or file
servers running on platforms with special elements for managing files. It is this latter perspective that has created the widely-believed myth that client/server has something to do
with PCs or Unix machines.
Q2 What is a Client process?
Ans: The client is a process (program) that sends a message to a server process (program),
requesting that the server perform a task (service). Client programs usually manage the user-
interface portion of the application, validate data entered by the user, dispatch requests to
server programs, and sometimes execute business logic. The client-basedprocess is the front-
end of the application that the user sees and interacts with. The client process contains
solution-specific logic and provides the interface between the user and the rest of the
application system. The client process also manages the local resources that the user interacts
with such as the monitor, keyboard, workstation CPU and peripherals. One of the key
elements of a client workstation is the graphical user interface (GUI). Normally a part of
operating system i.e. the window manager detects user actions, manages the windows on the
display and displays the data in the windows.
Q3 What is a Server process?
Ans : A server process (program) fulfills the client request by performing the task requested.
Server programs generally receive requests from client programs, execute database retrievaland updates, manage data integrity and dispatch responses to client requests. Sometimes
server programs execute common or complex business logic. The server-based process "may"
run on another machine on the network. This server could be the host operating system or
network file server; the server is then provided both file system services and application
services. Or in some cases, another desktop machine provides the application services. The
server process acts as a software engine that manages shared resources such as databases,
printers, communication links, or high powered-processors. The server process performs the
back-end tasks that are common to similar applications.
Q4 What is a Two-Tier Architecture?
Ans : A two-tier architecture is where a client talks directly to a server, with no intervening
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 2/13
server. It is typically used in small environments (less than 50 users). A common error in
client/server development is to prototype an application in a small, two-tier environment, and
then scale up by simply adding more users to the server. This approach will usually result in
an ineffective system, as the server becomes overwhelmed. To properly scale to hundreds or
thousands of users, it is usually necessary to move to a three-tier architecture.
Q5 What is a Three-Tier Architecture?
A three-tier architecture introduces a server (or an "agent") between the client and the server.
The role of the agent is manyfold. It can provide translation services (as in adapting a legacy
application on a mainframe to a client/server environment), metering services (as in acting as
a transaction monitor to limit the number of simultaneous requests to a given server), or
intellegent agent services (as in mapping a request to a number of different servers, collating
the results, and returning a single response to the client.
For SBI Speciality Officer, Allahabad bank IT Officer Exam
Model Questions: The Descriptive Test should be Prepared on Basis of All Books of Degree
Exam with Special Emphasis on Banking. We are Listing Sample Questions
(i) Kerberos-- Kerberos is a computer network authentication protocol, which allows
nodes communicating over a non-secure network to prove their identity to one another in a
secure manner. Its designers aimed primarily at a client–server model, and it provides mutual
authentication — both the user and the server verify each other's identity. Kerberos protocol
messages are protected against eavesdropping and replay attacks.
Kerberos builds on symmetric key cryptography and requires a trusted third party, andoptionally may use public-key cryptography by utilizing asymmetric key cryptography during
certain phases of authentication.
(ii) IP Security-- Short for IP Security, a set of protocols developed by the IETF to
support secure exchange of packets at the IP layer. IPsec has been deployed widely to
implement Virtual Private Networks (VPNs).
IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only
the data portion ( payload ) of each packet, but leaves the header untouched. The more secure
Tunnel mode encrypts both the header and the payload. On the receiving side, an IPSec-
compliant device decrypts each packet.
For IPsec to work, the sending and receiving devices must share a public key. This is
accomplished through a protocol known as Internet Security Association and KeyManagement Protocol/Oakley (ISAKMP/Oakley), which allows the receiver to obtain a
public key and authenticate the sender using digital certificates.
2.Write short notes on each of the following:(a) Trojan Horse--- A destructive program that masquerades as a benign
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 3/13
application. Unlike viruses, Trojan horses do not replicate themselves but they
can be just as destructive. One of the most insidious types of Trojan horse is a
program that claims to rid your computer of viruses but instead introduces
viruses onto your computer. In computers, a Trojan horse is a program in which
malicious or harmful code is contained inside apparently harmless programming or data in
such a way that it can get control and do its chosen form of damage, such as ruining the file
allocation table on your hard disk . In one celebrated case, a Trojan horse was a program that
was supposed to find and destroy computer viruses. A Trojan horse may be widely
redistributed as part of a computer virus.
The most important difference between a trojan virus/trojan horse and a virus is that trojans
don’t spread themselves. Trojan horses disguise themselves as valuable and useful software
available for download on the internet. Most people are fooled by this ploy and end up
dowloading the virus disguised as some other application. The name comes from the mythical
"Trojan Horse" that the Ancient Greeks set upon the city of Troy.
A trojan horse is typically separated into two parts – a server and a client. It’s the client that is
cleverly disguised as significant software and positioned in peer-to-peer file sharing
networks, or unauthorized download websites. Once the client Trojan executes on your
computer, the attacker, i.e. the person running the server, has a high level of control over your
computer, which can lead to destructive effects depending on the attacker’s purpose.
A trojan horse virus can spread in a number of ways. The most common means of infection is
through email attachments. The developer of the virus usually uses various spamming
techniques in order to distribute the virus to unsuspecting users. Another method used by
malware developers to spread their trojan horse viruses is via chat software such as YahooMessenger and Skype. Another method used by this virus in order to infect other machines is
through sending copies of itself to the people in the address book of a user whose computer
has already been infected by the virus.
Types of Trojan Horse Viruses
Trojan Horses have developed to a remarkable level of cleverness, which makes each one
radically different from each other. For an inclusive understanding, we have classified them
into the following:
Remote Access Trojans
Remote Access Trojans are the most frequently available trojans. These give an attacker
absolute control over the victim’s computers. The attacker can go through the files and access
any personal information about the user that may be stored in the files, such as credit card
numbers, passwords, and vital financial documents.
Password Sending Trojans
The intention of a Password Sending Trojan is to copy all the cached passwords and look for
other passwords as you key them into your computer, and send them to particular email
addresses. These actions are performed without the awareness of the users. Passwords for
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 5/13
all files we can receive are guaranteed to be virus-free. With this, a good way of protecting
your PC against malicious programs such as this harmful application is to install and update
an antivirus program.
(b) Smart Cards-- A smart card resembles a credit card in size and shape, but inside it
is completely different. First of all, it has an inside -- a normal credit card is a simple piece of
plastic. The inside of a smart card usually contains an embedded microprocessor. The
microprocessor is under a gold contact pad on one side of the card. Think of the
microprocessor as replacing the usual magnetic stripe on a credit card or debit card.
Smart cards are much more popular in Europe than in the United States. In Europe, the health
insurance and banking industries use smart cards extensively. Every German citizen has a
smart card for health insurance. Even though smart cards have been around in their modern
form for at least a decade, they are just starting to take off in the United States.
The microprocessor on the smart card is there for security. The host computer and card
reader actually "talk" to the microprocessor. The microprocessor enforces access to the data
on the card. If the host computer read and wrote the smart card's random access memory
(RAM), it would be no different than a diskette.
Smarts cards may have up to 8 kilobytes of RAM, 346 kilobytes of ROM, 256 kilobytes of
programmable ROM, and a 16-bit microprocessor. The smart card uses a serial interface and
receives its power from external sources like a card reader. The processor uses a limited
instruction set for applications such as cryptography.
The most common smart card applications are:
• Credit cards
• Electronic cash
• Computer security systems
• Wireless communication
• Loyalty systems (like frequent flyer points)
• Banking
• Satellite TV
• Government identification
Smart cards can be used with a smart-card reader attachment to a personal computer toauthenticate a user. Web browsers also can use smart card technology to supplement Secure
Sockets Layer (SSL) for improved security of Internet transactions. Visa's Smart Card FAQ
shows how online purchases work using a smart card and a PC equipped with a smart-card
reader. Smart-card readers can also be found in mobile phones and vending machines.
What is a Socket ? Write two differences between a TCP Socket and a
UDP Socket.
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 6/13
A server application normally listens to a specific port waiting for connection requests from a
client. When a connection request arrives, the client and the server establish a dedicated
connection over which they can communicate. During the connection process, the client is
assigned a local port number, and binds a socket to it. The client talks to the server by writing
to the socket and gets information from the server by reading from it. Similarly, the server
gets a new local port number (it needs a new port number so that it can continue to listen for connection requests on the original port). The server also binds a socket to its local port and
communicates with the client by reading from and writing to it.
The client and the server must agree on a protocol--that is, they must agree on the language of
the information transferred back and forth through the socket.
Definition: A socket is one end-point of a two-way communication link between two
programs running on the network.
The java.net package in the Java development environment provides a class--Socket--that
represents one end of a two-way connection between your Java program and another program
on the network. The Socket class implements the client side of the two-way link. If you are
writing server software, you will also be interested in the ServerSocket class which
implements the server side of the two-way link. This lesson shows you how to use the Socket
and ServerSocket classes.
A TCP socket is defined as an endpoint for communication. A socket consists of the pair <IP
Address,Port>. For our purposes, a port will be defined as an integer number between
1024 and 65535. This is because all port numbers smaller than 1024 are considered well-known -- for example, telnet uses port 23, http uses 80, ftp uses 21, and so on. On Unix
machines, the file /etc/services contains a list of services provided by that machine, alongwith their well-known ports
A TCP connection consists of a pair of sockets. Sockets are distinguished by client and
server sockets. A server listens on a port, waiting for incoming requests from clients.
For example, a web server listens at port 80 for incoming request from clients (web
browsers). When a client wishes to make a connection with a server socket, the client is
assigned a port from the local host. Suppose that client X (at IP address 146.86.3.15)
wishes to browse a web page on the server 146.86.5.20. If the port the local host assigned
client X is port 12345, the connection between the client and the server is uniquely identified
by the socket pair
What is Network Address Translation (NAT) ? Give any two advantages
and two disadvantages of NAT.
NAT (Network Address Translation or Network Address Translator) is the translation of anInternet Protocol address (IP address) used within one network to a different IP address
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 7/13
known within another network. One network is designated the inside network and the other is
the outside. Typically, a company maps its local inside network addresses to one or more
global outside IP addresses and unmaps the global IP addresses on incoming packets back
into local IP addresses. This helps ensure security since each outgoing or incoming request
must go through a translation process that also offers the opportunity to qualify or
authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP address in
its communication with the world.
NAT is included as part of a router and is often part of a corporate firewall. Network
administrators create a NAT table that does the global-to-local and local-to-global IP address
mapping. NAT can also be used in conjunction with policy routing . NAT can be statically
defined or it can be set up to dynamically translate from and to a pool of IP addresses. Cisco's
version of NAT lets an administrator create tables that map:
• A local IP address to one global IP address statically
• A local IP address to any of a rotating pool of global IP addresses that a company mayhave
• A local IP address plus a particular TCP port to a global IP address or one in a pool of
them
• A global IP address to any of a pool of local IP addresses on a round-robin basis
NAT is described in general terms in RFC 1631. which discusses NAT's relationship to
Classless Interdomain Routing (CIDR ) as a way to reduce the IP address depletion problem.
NAT reduces the need for a large amount of publicly known IP addresses by creating a
separation between publicly known and privately known IP addresses. CIDR aggregates
publicly known IP addresses into blocks so that fewer IP addresses are wasted. In the end,
both extend the use of IPv4 IP addresses for a few more years before IPv6 is generally
supported.
2a (i) what are distributed system?
The word distributed in terms such as "distributed system", "distributed programming", and
"distributed algorithm" originally referred to computer networks where individual computers
were physically distributed within some geographical area.[3] The terms are nowadays used in
a much wider sense, even referring to autonomous processes that run on the same physical
computer and interact with each other by message passing.[4]
While there is no single definition of a distributed system,[5] the following defining properties
are commonly used:
• There are several autonomous computational entities, each of which hasits own local memory.[6]
• The entities communicate with each other by message passing.[7]
In this article, the computational entities are called computers or nodes.
A distributed system may have a common goal, such as solving a large computational problem.[8] Alternatively, each computer may have its own user with individual needs, and
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 8/13
the purpose of the distributed system is to coordinate the use of shared resources or provide
communication services to the users.[9]
Other typical properties of distributed systems include the following:
• The system has to tolerate failures in individual computers.[10]
• The structure of the system (network topology, network latency, numberof computers) is not known in advance, the system may consist of different kinds of computers and network links, and the system maychange during the execution of a distributed program.[11]
• Each computer has only a limited, incomplete view of the system. Eachcomputer may know only one part of the input.[12]
(a)–(b) A distributed system.
(c) A parallel system.
[edit] Parallel or distributed computing?
The terms "concurrent computing", " parallel computing", and "distributed computing" have a
lot of overlap, and no clear distinction exists between them.[13] The same system may be
characterised both as "parallel" and "distributed"; the processors in a typical distributed
system run concurrently in parallel.[14] Parallel computing may be seen as a particular tightly-
coupled form of distributed computing,[15] and distributed computing may be seen as a
loosely-coupled form of parallel computing.[5] Nevertheless, it is possible to roughly classify
concurrent systems as "parallel" or "distributed" using the following criteria:
• In parallel computing, all processors have access to a shared memory.
Shared memory can be used to exchange information betweenprocessors.[16]
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 10/13
There is a Reverse ARP (RARP) for host machines that don't know their IP address. RARP
enables them to request their IP address from the gateway's ARP cache.
RARP (Reverse Address Resolution Protocol) is a protocol by which a physical
machine in a local area network can request to learn its IP address from a
gateway server's Address Resolution Protocol (ARP) table or cache. A networkadministrator creates a table in a local area network's gateway router that maps
the physical machine (or Media Access Control - MAC address) addresses to
corresponding Internet Protocol addresses. When a new machine is set up, its
RARP client program requests from the RARP server on the router to be sent its
IP address. Assuming that an entry has been set up in the router table, the RARP
server will return the IP address to the machine which can store it for future use.
RARP is a separate protocol at the data-link level. For example, if the medium
used is Ethernet, then RARP packets will have an Ethertype (still to be assigned)
different from that of ARP. This recognizes that ARP and RARP are twofundamentally different operations, not supported equally by all hosts. The
impact on existing systems is minimized; existing ARP servers will not be
confused by RARP packets. It makes RARP a general facility that can be used for
mapping hardware addresses to any higher level protocol address.
This approach provides the simplest implementation for RARP client hosts, but
also provides the most difficulties for RARP server hosts. However, these
difficulties should not be insurmountable.
RARP is available for Ethernet, Fiber Distributed-Data Interface, and Token RingLANs. ARP (Address Resolution Protocol) performs the opposite function as the
RARP: mapping of an IP address to a physical machine address.
Cluster Computing / Computer Clusters
Definition: Cluster computing is the technique of linking two or more computers into anetwork (usually through a local area network) in order to take advantage of the parallel
processing power of those computers.
An eternal struggle in any IT department is in finding a method to squeeze the maximum processing power out of a limited budget. Today more than ever, enterprises require
enormous processing power in order to manage their desktop applications, databases and
knowledge management (case study: Rolls Royce - pdf ). Many business processes are
extremely heavy users of IT resources, and yet IT budgets struggle to keep pace with the ever
growing demand for yet more power.
IT Limitations Unfortunately, though some of the largest enterprises requirethe processing power of a supercomputer, few enterprises can rustle upsupercomputer-sized IT budgets. While there have been significant advances inmainframe computing in recent years, investment in a single large source of
processing power may be the most cost-effective or flexible solution.
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 11/13
Instead, many enterprises are now choosing to invest their IT budgets incomputer clusters – networks of high-powered, low-cost desktop computers –that provide an attractive alternative to mainframe computers.
Types of Computer Clusters
There are several different varieties of computer clusters, each offering differentadvantages to the user. These varieties are:
* High Availability Clusters
HA Clusters are designed to ensure constant access to service applications. Theclusters are designed to maintain redundant nodes that can act as backupsystems in the event of failure. The minimum number of nodes in a HA cluster istwo – one active and one redundant – though most HA clusters will useconsiderably more nodes. HA clusters aim to solve the problems that arise frommainframe failure in an enterprise. Rather than lose all access to IT systems, HA
clusters ensure 24/7 access to computational power. This feature is especiallyimportant in business, where data processing is usually time-sensitive.
* Load-balancing Clusters
Load-balancing clusters operate by routing all work through one or more load-balancing front-end nodes, which then distribute the workload efficientlybetween the remaining active nodes. Load-balancing clusters are extremelyuseful for those working with limited IT budgets. Devoting a few nodes tomanaging the workflow of a cluster ensures that limited processing power can beoptimised.
* High-performance Clusters
HPC clusters are designed to exploit the parallel processing power of multiplenodes. They are most commonly used to perform functions that require nodes tocommunicate as they perform their tasks – for instance, when calculation resultsfrom one node will affect future results from another.
The best known HPC cluster is Berkeley’s Seti@Home Project, an HPC clusterconsisting of over 5 million volunteer home computers devoting processingpower to the analysis of data from the Arecibo Observatory radio telescope.
Benefits of Computer Clusters
Computer clusters offer a number of benefits over mainframe computers,including:
Reduced Cost: The price of off-the-shelf consumer desktops has plummeted inrecent years, and this drop in price has corresponded with a vast increase intheir processing power and performance. The average desktop PC today is manytimes more powerful than the first mainframe computers.
Processing Power : The parallel processing power of a high-performancecluster can, in many cases, prove more cost effective than a mainframe with
similar power. This reduced price per unit of power enables enterprises to get agreater ROI from their IT budget.
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 12/13
Improved Network Technology: Driving the development of computerclusters has been a vast improvement in the technology related to networking,along with a reduction in the price of such technology.
Computer clusters are typically connected via a single virtual local area network(VLAN), and the network treats each computer as a separate node. Informationcan be passed throughout these networks with very little lag, ensuring that datadoesn’t bottleneck between nodes.
Scalability: Perhaps the greatest advantage of computer clusters is thescalability they offer. While mainframe computers have a fixed processingcapacity, computer clusters can be easily expanded as requirements change byadding additional nodes to the network.
Availability: When a mainframe computer fails, the entire system fails.However, if a node in a computer cluster fails, its operations can be simply
transferred to another node within the cluster, ensuring that there is nointerruption in service.
Cloud computing
Cloud computing is a general term for anything that involves delivering hosted services over
the Internet. These services are broadly divided into three categories: Infrastructure-as-a-
Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The name
cloud computing was inspired by the cloud symbol that's often used to represent the Internet
in flowcharts and diagrams.
A cloud service has three distinct characteristics that differentiate it from traditional hosting.It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as
much or as little of a service as they want at any given time; and the service is fully managed
by the provider (the consumer needs nothing but a personal computer and Internet access).
Significant innovations in virtualization and distributed computing, as well as improved
access to high-speed Internet and a weak economy, have accelerated interest in cloud
computing.
A cloud can be private or public. A public cloud sells services to anyone on the Internet.
(Currently, Amazon Web Services is the largest public cloud provider.) A private cloud is a
proprietary network or a data center that supplies hosted services to a limited number of
people. When a service provider uses public cloud resources to create their private cloud, theresult is called a virtual private cloud. Private or public, the goal of cloud computing is to
provide easy, scalable access to computing resources and IT services.
Infrastructure-as-a-Service like Amazon Web Services provides virtual server instances with
unique IP addresses and blocks of storage on demand. Customers use the provider's
application program interface (API) to start, stop, access and configure their virtual servers
and storage. In the enterprise, cloud computing allows a company to pay for only as much
capacity as is needed, and bring more online as soon as required. Because this pay-for-what-
you-use model resembles the way electricity, fuel and water are consumed, it's sometimes
referred to as utility computing.
8/7/2019 Bank IT Specialist
http://slidepdf.com/reader/full/bank-it-specialist 13/13
Platform-as-a-service in the cloud is defined as a set of software and product development
tools hosted on the provider's infrastructure. Developers create applications on the provider's
platform over the Internet. PaaS providers may use APIs, website portals or gateway software
installed on the customer's computer. Force.com, (an outgrowth of Salesforce.com) and
GoogleApps are examples of PaaS. Developers need to know that currently, there are not
standards for interoperability or data portability in the cloud. Some providers will not allowsoftware created by their customers to be moved off the provider's platform.
In the software-as-a-service cloud model, the vendor supplies the hardware infrastructure, the
software product and interacts with the user through a front-end portal. SaaS is a very broad
market. Services can be anything from Web-based email to inventory control and database
processing. Because the service provider hosts both the application and the data, the end user
is free to use the service from anywhere.