THE INSTITUTE OF CHARTERED ACCOUNTANTS OF PAKISTAN EXAMINERS COMMENTS

SUBJECT Information Technology General:

SESSION Intermediate Examination - Spring 2009

Overall response of the candidates was average. It was seen that students perform well in the areas where standard definitions and explanations are required, for example Q. 2, 4 and 6. However, majority of them fail to repeat the same performance in questions where they are required to apply their knowledge in a practical situation, for example, Q. 1, 3, 5 and 8. Question wise comments are as given hereunder: Q.1 While explaining intranet and extranet most of the students restricted their answers to the definitions whereas the question clearly required an explanation of intranet and extranet. Most of the students decided to oppose the views of the finance manager and rightly so, in view of the security threats involved in the use of Internet which is a public network. However, mostly the views were general in nature and did not touch upon the key issue of linkage with the systems of trading partners and the related risks. Q.2 In this question the students were required to explain some commonly used hardware which are used in networks. Most of the students were able to identify basic features of these hardware. Some confusion was however witnessed in explaining bridge and router. Some of the students explained router as bridge and vice versa. It was a simple but practical question. Students at this level should have been able to answer it with the help of general knowledge and simple common sense. However, a large majority gave poor response and mixed up answers to part (a), (b) and (c) of the question. Specially in part (a) many students mentioned the documents that are used for input instead of mentioning the data to be input such as Customer ID, Product Code, Quantity etc. Majority of the students correctly explained that a computer virus is a program that can copy itself and infect a computer program/file without the permission or knowledge of the user. It needs to attach itself with an existing program or file. On the other hand, a worm does not need to attach itself to an existing program. It uses the network to send copies of itself to other computers on the network without any user intervention. A Trojan Horse is a form of malware that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine. Page 1 of 2

Q.3

Q.4

Examiners Comments on Information Technology Spring 2009 Part (b) was well answered by almost every student as every computer user is now well aware of the commonly used preventive measures that mitigate the risk of virus attacks. Q.5 The performance in this question was generally poor. Most of the students were not sure about the technique and methodology for constructing a decision table. Many students made the tables but conditions and rules were framed incorrectly. A large number of students stopped after constructing the initial table. The required decision table could have been constructed by using different approaches. One such approach is given below, for the guidance of the students. Consumed Rs. 1000 in a calendar month Call is made to own network Standard Rate/No Discount 50% Discount Consumed Rs. 1000 in a calendar month Call is made to own network Standard Rate/No Discount 50% Discount Q.6 Y Y X Y Y X Y N X N -X Y N X N Y X N N X

This question was attempted well by majority of the students as SDLC is one of their favourite topics. However, in many cases lengthy explanations were given without considering the fact that it was just a 9 mark question and hence only 1.5 marks were allotted to explanation of each stage. This was a very simple question in which the examiner tested the students ability to search the desired information on the Internet in an efficient and effective manner. Many students answered the first two parts correctly but only a few were able to obtain full marks in this question. Surprisingly, many students seemed to be confused between the words AND; OR and NOT. This was a practical but very easy question. There were several controls that could be identified in the given scenario and the students were required to identify only four of them. Surprisingly very few students were able to identify more than two controls. Many students who were able to identify four different controls could not indicate the relevant risk.

Q.7

Q.8

(THE END)

Page 2 of 2