Difference Between Multiprocessor System and Multicomputer System

• Definition: Multiprocessor = multiple CPUs sharing a single memory; Multicomputer = multiple independent computers connected via network.
• Memory: Multiprocessor uses shared memory; Multicomputer uses distributed memory.
• Communication: Multiprocessor uses shared memory; Multicomputer uses message passing.
• Coupling: Multiprocessor is tightly coupled; Multicomputer is loosely coupled.
• Example: Multiprocessor → Multi-core CPU system; Multicomputer → Cluster system.

Pipelining (Definition)

• Pipelining is a technique where multiple instructions are processed simultaneously in different stages of execution.
• It increases throughput by overlapping instruction execution.

4 Stages of Pipeline

• 1. Instruction Fetch (IF): Fetch instruction from memory.
• 2. Instruction Decode (ID): Decode instruction and identify operands.
• 3. Execute (EX): Perform operation (ALU processing).
• 4. Write Back (WB): Store result back to register/memory.

PPI (Parallel Processing Interface)

• PPI is a system where multiple processors or units work simultaneously to perform tasks.
• It improves performance and speed by dividing tasks into smaller parts.
• Used in applications like scientific computing, data processing.

TCP/IP Model (Tabular Representation)

Types of Network Firewall

• Packet Filtering Firewall: Filters packets based on IP, port, protocol.
• Stateful Inspection Firewall: Tracks connection state and allows valid traffic.
• Proxy Firewall: Acts as intermediary between user and internet.
• Application Firewall: Filters traffic at application layer.
• Next-Generation Firewall (NGFW): Advanced firewall with deep inspection and security features.

Advantages of NGFW over Traditional Firewall

• Deep Packet Inspection: Analyzes full packet content, not just headers.
• Application Awareness: Identifies and controls specific applications.
• Intrusion Prevention (IPS): Detects and blocks attacks in real-time.
• Better Security: Protects against modern threats like malware and phishing.
• User-Based Control: Policies based on user identity, not just IP.

Basic Definitions

• Socket: Endpoint for communication between two systems over a network (IP + Port).
• Kernel: Core part of OS that manages hardware, memory, and processes.
• Program: A set of instructions stored on disk.
• Process: A program in execution state.
• Multiprogramming: Multiple programs kept in memory and CPU switches among them to maximize utilization.
• Context Switching: Saving and loading process state when CPU switches from one process to another.

LRU (Least Recently Used) Page Replacement

• Replaces the page that was least recently used.
• Uses past usage to predict future behavior.
• Advantage: Good performance, low page fault rate.
• Disadvantage: Requires tracking usage → overhead.

NRU (Not Recently Used) Page Replacement

• Classifies pages based on Referenced (R) and Modified (M) bits.
• Selects a page from lowest priority class (not recently used).
• Advantage: Simple and efficient.
• Disadvantage: Less accurate than LRU.

Preemptive Priority Scheduling

• CPU is assigned to process with highest priority.
• If a new process with higher priority arrives, current process is preempted.

Example:

• P1 (Priority 2) is running
• P2 (Priority 1, higher) arrives → P1 is stopped
• P2 gets CPU immediately

Transformative Power of ICT in Online Banking

• 24/7 Banking Access: Customers can access banking services anytime, anywhere.
• Real-Time Transactions: Instant fund transfer and payment processing.
• Mobile Banking Apps: Easy access through smartphones.
• Digital Payments: Support for online payments, QR code, e-wallets.
• Enhanced Security: Use of encryption, OTP, biometrics for secure transactions.
• Automation: Automatic bill payment, account alerts, and statements.
• Data Analytics: Banks analyze customer data for better services.
• Customer Support: Chatbots and online helpdesk improve service.
• Paperless Banking: Reduces paperwork using digital documents.
• Global Connectivity: Enables international transactions and services.

Preferred Generator for Data Center Cooling System

Best Choice:

• For a data center cooling backup system, the most practical choice is usually a Diesel Generator.
• Diesel generators are widely preferred for emergency and standby power because they start quickly and are reliable for critical backup applications.

Why Diesel Generator is Preferred:

• Fuel: Diesel fuel is easy to store on-site, ensuring backup power even if external supply fails.
• Cost: Diesel generators are generally more economical for standby use.
• Energy / Performance: Provides strong and reliable power for heavy loads like cooling systems.
• Budget: Suitable for low to medium budget scenarios.

When Natural Gas Generator Can Be Better:

• If you want cleaner operation and already have a reliable gas supply, a Natural Gas Generator can be used.
• However, it may have slower startup and depends on continuous gas supply.

Final Recommendation:

• Low/Medium Budget + Critical Backup: Diesel Generator
• Higher Budget + Cleaner Fuel Preference: Natural Gas Generator

Strategy to Secure Online Banking without Biometric

1. Multi-Factor Authentication (MFA)

• Use Password + OTP + Security Questions instead of single factor.

2. Strong Password Policy

• Enforce complex passwords (length, special characters, expiry).

3. Device Binding

• Allow login only from registered devices.

4. Transaction Limits & Alerts

• Set daily transaction limits and send instant SMS/email alerts.

5. End-to-End Encryption

• Use SSL/TLS encryption to protect data in transit.

6. Behavioral Monitoring

• Detect unusual activity (location, time, device) using AI/analytics.

7. Session Management

• Auto logout after inactivity and use secure session tokens.

8. CAPTCHA & Anti-Phishing

• Prevent bots using CAPTCHA and educate users about phishing.

9. Regular Security Audits

• Perform penetration testing and vulnerability assessment.

10. Secure API & Backend

• Protect APIs using authentication, rate limiting, firewall.

Analyze current applications, servers, databases, and workloads
Identify which systems are suitable for cloud migration
Define goals: cost reduction, scalability, security, compliance

2. Choose Cloud Model

Select Public, Private, or Hybrid Cloud (Banking usually prefers Hybrid Cloud)
Choose cloud providers (e.g., AWS, Azure, GCP)

3. Virtualization & Consolidation

Convert physical servers into virtual machines (VMs)
Use hypervisors to optimize resource usage

4. Migration Strategy

Lift and Shift: Move existing apps directly
Re-platform: Optimize apps for cloud
Re-architect: Redesign critical applications

5. Security & Compliance

Implement encryption, firewalls, IAM, Zero Trust
Ensure compliance with banking regulations (data privacy, audit)

6. Network & Connectivity

Set up secure VPN / dedicated connections
Ensure high-speed and reliable communication

7. Automation & Management

Use cloud management tools, DevOps, CI/CD
Enable auto-scaling and monitoring

8. Backup & Disaster Recovery

Implement cloud backup, replication, failover
Ensure business continuity

9. Testing & Deployment

Test performance, security, and reliability
Gradually migrate services (pilot → full deployment)

10. Training & Optimization

Train IT staff on cloud technologies
Continuously optimize cost, performance, and security

• Secure Web Server: Use Apache, Nginx, or IIS with proper hardening and regular updates.
• SSL/TLS Certificate: Enable HTTPS to encrypt data between user and server.
• Firewall: Use network firewall to control incoming and outgoing traffic.
• Web Application Firewall (WAF): Protect web applications from SQL Injection, XSS, and malicious requests.
• IDS/IPS: Use Intrusion Detection System and Intrusion Prevention System to detect and block attacks.
• Authentication System: Apply MFA, OTP, strong password policy, and RBAC.
• Database Security: Use encryption, access control, backup, and audit logs.
• Load Balancer: Distribute traffic and improve availability and performance.
• SIEM & Monitoring: Use tools like Splunk, ELK, or QRadar for log monitoring and alerting.
• Backup & Disaster Recovery: Maintain regular backup, replication, and failover system.
• Patch Management: Regularly update OS, web server, database, and application.

Policy, Guideline and Procedure

• Policy: High-level rules and principles set by an organization to guide decisions.
• Guideline: Recommended practices that provide direction but are flexible.
• Procedure: Step-by-step instructions to perform a specific task.

Why Auditor Maintains Control as Policy

• Consistency: Ensures all activities follow standard rules.
• Compliance: Helps meet legal and regulatory requirements.
• Risk Reduction: Minimizes chances of fraud, error, or misuse.
• Accountability: Defines roles and responsibilities clearly.
• Audit Trail: Provides documented evidence for verification.

Types of Audit Risks

• Inherent Risk: Risk of error due to nature of business without controls.
• Control Risk: Risk that internal controls fail to detect/prevent errors.
• Detection Risk: Risk that auditor fails to detect existing errors.