Short Note

Difference Between Forward Engineering and Reverse Engineering

Forward engineering and Reverse engineering are part of the re-engineering process and closely
related. The crucial difference between the forward engineering and reverse engineering is that forward
engineering employs the change in the subject system during restructuring. Conversely, reverse
engineering whole sole purpose is to examine the system to obtain its more abstract design.

TKIP
TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i
standard for wireless LANs (WLANs). It was designed to provide more secure encryption than the notoriously
weak Wired Equivalent Privacy (WEP), the original WLAN security protocol.

WAP
Wireless Application Protocol (WAP) is a technical standard for accessing information over a mobile wireless
network. A WAP browser is a web browser for mobile devices such as mobile phones that uses the protocol.

WAF
A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application.
A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web
applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can
prevent attacks stemming from web application security flaws, such as SQL injection, cross-site
scripting (XSS), file inclusion, and security misconfigurations.

rootKit
A rootkit is a collection of computer software, typically malicious, designed to enable access to a
computer or an area of its software that is not otherwise allowed and often masks its existence or the
existence of other software. The term rootkit is a concatenation of "root" and the word "kit".

Characteristics of DRAM
The advantage of DRAM is the structural simplicity of its memory cells: only one transistor and a
capacitor are required per bit, compared to four or six transistors in SRAM. This allows DRAM to
reach very high densities, making DRAM much cheaper per bit.

MIME

Multipurpose Internet Mail Extensions (MIME) is an Internet standard that extends the format of email to support:

 Text in character sets other than ASCII

 Non-text attachments: audio, video, images, application programs etc.
 Message bodies with multiple parts
 Header information in non-ASCII character sets
C & C Server in botnet
A command and control server (C&C server) is a computer that issues directives to digital devices that have
been infected with rootkits or other types of malware, such as ransomware. C&C servers can be used to create
powerful networks of infected devices capable of carrying out distributed denial-of-service (DDoS) attacks,
stealing data, deleting data or encrypting data in order to carry out an extortion scheme. In the past, a C&C
server was often under an attacker's physical control and could remain active for several years. Today, C&C
servers generally have a short shelf life; they often reside in legitimate cloud services and use automated domain
generation algorithms (DGAs) to make it more difficult for law enforcement and white hat malware hunters to
locate them.

Antialiasing
In computer graphics, antialiasing is a software technique for diminishing jaggies - stairstep-like lines that
should be smooth. Jaggies occur because the output device, the monitor or printer, doesn't have a high enough
resolution to represent a smooth line.

SOA
Service-oriented architecture is a style of software design where services are provided to the other components
by application components, through a communication protocol over a network. The basic principles of service-
oriented architecture are independent of vendors, products and technologies.

Linker
Linker are also called link editors. Linking is process of collecting and maintaining piece of code and data into a
single file. Linker also link a particular module into system library. It takes object modules from assembler
as input and forms an executable file as output for loader.
Source code -> compiler -> Assembler -> Object code -> Linker -> Executable file -> Loader

ACID Properties
A transaction is a very small unit of a program and it may contain several lowlevel tasks. A transaction in a
database system must maintain Atomicity, Consistency, Isolation, and Durability − commonly known as ACID
properties − in order to ensure accuracy, completeness, and data integrity.

 Atomicity − This property states that a transaction must be treated as an atomic unit, that is, either all
of its operations are executed or none. There must be no state in a database where a transaction is left
partially completed. States should be defined either before the execution of the transaction or after the
execution/abortion/failure of the transaction.

 Consistency − The database must remain in a consistent state after any transaction. No transaction
should have any adverse effect on the data residing in the database. If the database was in a consistent
state before the execution of a transaction, it must remain consistent after the execution of the
transaction as well.

 Durability − The database should be durable enough to hold all its latest updates even if the system
fails or restarts. If a transaction updates a chunk of data in a database and commits, then the database
will hold the modified data. If a transaction commits but the system fails before the data could be
written on to the disk, then that data will be updated once the system springs back into action.

 Isolation − In a database system where more than one transaction are being executed simultaneously
and in parallel, the property of isolation states that all the transactions will be carried out and executed
as if it is the only transaction in the system. No transaction will affect the existence of any other
transaction.

SEO poisoning
SEO poisoning, also known as search poisoning, is an attack method in which cybercriminals create
malicious websites and use search engine optimization tactics to make them show up prominently in search
results. The sites are associated with terms that large numbers of people are likely to be using in searches at any
given time, such as phrases related to holidays, news items and viral videos. According to Websense Security
Labs, up to a quarter of the first page of search results for trending topics are linked to malicious websites.

Cross-Site Scripting
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web
applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. Across-
site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.

RFID
Radio-frequency identification uses electromagnetic fields to automatically identify and track tags attached to
objects. The tags contain electronically stored information. Passive tags collect energy from a nearby RFID
reader's interrogating radio waves.

Stamp Coupling:
Definition of Stamp Coupling. Stamp coupling occurs between modules when data are passed by parameters
using a data structure containing fields which may or may not be used.

Stub and Driver

Stubs are dummy modules that always used to simulate the low level modules.

Stubs are the called programs.

Stubs are used when sub programs are under construction.

Stubs are used in top down approach

Drivers are dummy modules that always used to simulate the high level modules.

Drivers are the calling programs.

Drivers are only used when main programs are under construction.

Drivers are used in bottom up integration.

SRAM (Static RAM)

SRAM is composed of a flip-flop,5 so it does not require any refresh operations and is able to speed up
information reading and writing.

DRAM (Dynamic RAM)

DRAM consists of condensers and transistors, representing whether or not there is electrical charge in the
condensers, by using 1 or 0. As time elapses, the electrical charge in the condensers gets discharged, resulting in
memory loss; therefore, it needs to be re-written (refreshed) at certain time intervals (every few milliseconds).

Interleaving (Memory Interleaving)

The main memory is divided into multiple units called banks, and addresses are assigned across the banks.
Often, the main memory is accessed over a sequential range of addresses at a time, so the speed can be enhanced
by accessing a sequential range of addresses concurrently. For example, even when the operation of Bank 0 is
not yet completed, Bank 1 can be accessed. Below is an example of 4-way interleaving (with 4 banks).

Data and programs are stored over a sequence of addresses (horizontally), but the memory is accessed in bank
units (vertically). This allows concurrent access to a sequence of addresses.

Paging Algorithms
If a page necessary for processing is not found in the real memory, an interruption called a page fault occurs,
and the page is read into the real memory from virtual memory. This is called page-in. On the other hand, page-
out is to move an unnecessary page out to virtual memory. Page-in and page-out are together called paging.

If paging occurs frequently, the time for executing the control program increases, reducing the performance.
This is called slashing. To minimize the occurrence of slashing as much as possible, various algorithms are
proposed to select pages that are subjects of page-outs. Common page-out methods and their properties are
shown below.

Expert system: It is a system created with the knowledge base of various specialists (experts) in a variety of
fields; given certain conditions, the system applies the knowledge based on certain rules so that problems can be
solved as if they were solved by the experts.

Computer graphics (CG):

It is the technology of creating images via computers, or images made by such technology. There are methods
where the computer processes already existing images, and there are other methods where the computer creates
images themselves. The latter method is called CGI (computer-generated images).

Procedure of Compiler
Unit test
A unit test is a quality test for modules (smallest units within a program). In a test of the entire program it can be
difficult to identify the cause of an error, so unit tests are performed for each module as a unit. In unit tests, we
perform function tests52 and structure tests.53 Since modules do not function by themselves, we prepare drivers
and stubs.

Integration test
With multiple modules linked together, we test these linked programs (load modules) in integrated tests. The
main goal here is to examine the interface between modules as well as the input and output. Methods for
integration tests include top-down tests, bottom-up tests, big-bang tests,55 and sandwich tests.

ADSL
ADSL (Asymmetric Digital Subscriber Line) is the technology for high-speed data transfer using existing
telephone lines. This can be used simply by connecting an ADSL modem to the conventional equipment. The
speeds are 0.5M to 1Mbps upstream and 1.5M to 40Mbps downstream. The transmission speeds upstream and
downstream differ in this “asymmetric” digital subscriber line. It shows its power in downloading massive data
such as video-on-demand and Web pages containing video data.

ABC Analysis
ABC analysis is a method of analysis that divides the subject up into three categories: A, B and C. Category A
represents the most valuable products or customers that you have. These are the products that contribute heavily
to your overall profit without eating up too much of your resources.

Computer Virus
A computer virus is a type of malicious software that, when executed, replicates itself by modifying other
computer programs and inserting its own code. When this replication succeeds, the affected areas are then said
to be "infected" with a computer virus.

Trojan Horse Virus

Home Endpoint Protection Trojan Horse Virus. ATrojan is also known as Trojan horse. It is a type of
malicious software developed by hackers to disguise as legitimate software to gain access to target users'
systems.

Cyber criminals send emails with malicious links or attachments. Users get tricked by attractive advertisements and
offers and when they open the attachment or click on the links, get their device infected with a Trojan Virus.

Worm Virus
A worm virus is a malicious, self-replicating program that can spread throughout a network without human
assistance.

Malware
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer
network. Malware does the damage after it is implanted or introduced in some way into a target's computer and
can take the form of executable code, scripts, active content, and other software.

Phising
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card
details by disguising as a trustworthy entity in an electronic communication.

3C Analysis

The 3C analysis business model was originally created by Kenichi Ohmae, a management consultant. It has been

used as a strategic business model for many years and is often used in web marketing today. This method has you

focusing your analysis on the 3C’s or strategic triangle: the customers, the competitors and the corporation. By

analyzing these three elements, you will be able to find the key success factor (KSF) and create a viable marketing
 strategy. Many variations have been derived from this method because of its simplicity.

IT Portfolio
IT portfolio management takes into account all the current and planned IT resources and provides a framework
for analyzing, planning and executing IT portfolio's throughout the organization. IT portfolio management
exists to create, provide and measure business value of IT.

Enterprise Architecture(EA)

An enterprise architecture (EA) is a conceptual blueprint that defines the structure and operation of an
organization. The intent of an enterprise architecture is to determine how an organization can most effectively
achieve its current and future objectives.

Benchmarking
Benchmarking is the practice of comparing business processes and performance metrics to industry bests and
best practices from other companies. Dimensions typically measured are quality, time and cost.

What is Benchmark Testing?

Benchmark Testing is defined as a software testing type, done to give a repeatable set of quantifiable result from
which present and future software releases for specific functionality can be baselined or compared. It is a
process used to compare the performance of software or hardware system also known as SUT (System Under
Test). An SUT can be a Web-based application.

Ansof/Anzov Growth Matrix

Balanced scorecard
The balanced scorecard is a strategy performance management tool – a semi-standard structured report, that can
be used by managers to keep track of the execution of activities by the staff within their control and to monitor
the consequences arising from these actions.

Kanban
Kanban (看板) (signboard or billboard in Japanese) is a scheduling system for lean manufacturing and just-in-
time manufacturing (JIT). Taiichi Ohno, an industrial engineer at Toyota, developed kanban to improve
manufacturing efficiency. Kanban is one method to achieve JIT.

Control Chart
The control chart is a graph used to study how a process changes over time. Data are plotted in time order.
A control chart always has a central line for the average, an upper line for the upper control limit and a lower
line for the lower control limit. These lines are determined from historical data.

Histogram
A histogram is an accurate representation of the distribution of numerical data. It is an estimate of the
probability distribution of a continuous variable and was first introduced by Karl Pearson. It differs from a bar
graph, in the sense that a bar graph relates two variables, but a histogram relates only one.

Pareto Chart
A Pareto chart, named after Vilfredo Pareto, is a type of chart that contains both bars and a line graph, where
individual values are represented in descending order by bars, and the cumulative total is represented by the line.

Rainbow Attack
A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking
password hashes. Tables are usually used in recovering a password up to a certain length consisting of a limited
set of characters.

Fool Proof Design

Foolproof is an experience design agency. We specialize in digital product and service design for global
brands. The result is evidence-driven design, where both clients and customers are part of the design process to
create new and better digital experiences.

Connection Units between LANs

A connection unit between LANs is a device mutually connecting multiple LANs or networks of different
protocols. The following figure shows the correspondence between each unit and the OSI basic reference model.
social networking service (SNS)
A social networking service (SNS) is an online vehicle for creating relationships with other people who share
an interest, background or real relationship. Social networking service users create a profile with personal
information, photos, etc. and form connections with other profiles.

S Curve Technology
Technological maturity and the S curve model. There is a great deal of empirical evidence that the S
curve reveals the general evolution process of the performance of technologies and that this finding
systematically repeats itself in all industrial sectors.

Fail Safe
A fail-safe in engineering is a design feature or practice that in the event of a specific type of failure, inherently
responds in a way that will cause no or minimal harm to other equipment, the environment or to people. ...
Some systems can never be made fail safe, as continuous availability is needed.

So-called Computer Virus

A computer virus is a type of malicious software that, when executed, replicates itself by modifying
othercomputer programs and inserting its own code. When this replication succeeds, the affected areas are then
said to be "infected" with a computer virus.

Computational Complexity
CIO
CIO (Chief Information Officer) is the highest-ranking officer in charge of overseeing information systems.
Unlike an officer simply in charge of managing the information systems department, CIO is responsible for
developing information strategies to effectively utilize the information resources in corporate management.

Trial balance sheet

What is Boundary Testing?

Boundary testing is the process of testing between extreme ends or boundaries between partitions of the input
values.
 So these extreme ends like Start- End, Lower- Upper, Maximum-Minimum, Just Inside-Just Outside values
are called boundary values and the testing is called "boundary testing".

The basic idea in boundary value testing is to select input variable values at their:

1. Minimum

2. Just above the minimum

3. A nominal value

4. Just below the maximum

5. Maximum

Example 2:

- Equivalence classes are chosen for valid and invalid inputs

- if a value x is defined as 0≤ x ≤ 100, then when we can initially Identify three equivalence classes:

1. x<0 (invalid input values)

2. 0 ≤ x≤100 (valid input )

3. x> 100

Solution:

- Valid are all numbers from 0 to 100,

- Invalid are all negative numbers, all numbers greater than 100, all decimal numbers and all non numerical
values (e.g. “fred”)

- one valid equivalence class: 0 ≤ x ≤ 100

- 1st invalid equivalence class: x <0

- 2nd invalid equivalence class: 0 > 100

- 3rd invalid equivalence class: x = no integer

- 4th invalid equivalence class: x = not numeric (e.g. “abc”)