Islami banking diploma

Islami Banking Diploma

E-Banking Question Solve

XAMINATION - June-July2013

Question 1(a): What is E-Banking? Write down the names of different Electronic Delivery Channels used in E-Banking. Marks:6

Answer:

E-Banking:

E-banking is a banking system that enables a bank to conduct a range of financial transactions through the electronic means. The E-banking will typically connect to or be part of the core banking system operated by a bank and is in contrast to branch banking that was the traditional way banking services. Traditional banking was ledger banking which was very much time consuming for the employees and customers. But E-banking is that exclusive system, whereas all banking activities are being accomplished with the aid of electronic mechanism within very short time. Computer is the main tool to conduct E-banking. Server, internet, intranet are used to co-ordinate the financial transactions. Now a day, mobile is used in banking which is called mobile banking. So, mobile is also a tool of E-banking. As Automated Teller Machine (ATM) and deposit machine are being used in the financial service. Therefore, ATM and deposit machine also the part of E-banking.

Different Electronic Delivery Channels:

There are different electronic delivery channels to deliver financial services, which is almost clear from the above discussion. Different electronic delivery channels are-

1. Online cash deposit. That is branch to branch remote cash deposit.

2. Online cash withdrawal. That is cash withdrawal from remote branch.

3. Online fund transfer.

4. Internet Banking. Banking through the internet.

5. Mobile banking.

6. Debit/ATM card and ATM (Automated Teller Machine ).

7. Deposit Machine.

8. Credit card.

9. POS purchase etc.

Question 1(b): Discuss about e-Commerce and its business models. Give one example for each of B2C, P2C and G2P e-Commerce sites of Bangladesh.

Marks:6

Answer:

e-Commerce:

Electronic commerce, commonly written as e-Commerce, is the trading or facilitation of trading in products or services using computer networks, such as the internet. e-Commerce draws on technologies such as mobile commerce, electronic fund transfer, supply chain management, internet marketing, online transaction processing, electronic data interchange, inventory management system and automated data collection systems. Modern e-Commerce typically uses the World Wide Web for at least one part of the transaction’s life cycle. Although it may also use other technology such as e-mail.

E-Commerce business model can generally categorized in following model.

· B2B – Business to Business.

· B2C – Business to customer/consumer.

· C2C – Consumer to consumer.

· C2B – Consumer to business.

· B2G - Business to government.

· G2B – Government to business.

· G2P - Government to public.

· P2G – Public to government.

Examples:

B2C: Business to Customer. www.bikroy.com. Customer can buy goods or services seeing the advertisement in this site. Advertisement providing is the business of bikroy.com.

P2C: Production to Consumer. www.bdnews24.com. BDNEWS produces the news and people read it using internet.

G2P: Government to Public. www.passport.bd.gov. This site is used to provide passport to the public from the government.

Question 1(c): What are the advantages and disadvantages of Centralized and Decentralized Database Management System? Which one do you prefer to use in your bank and why? Marks: 8

Answer:

Advantages and disadvantage of centralized and Decentralized Database Management System in IT operation of a bank:

A centralised database holds all data on a central computer such as a mainframe computer or server. On the other hand a decentralized/distributed database is a database in which portions of the database are stored on multiple computers within a network.

Advantage of Centralised Database:

· Data transformation, data can be easily transposed, transformed and managed by experienced programming and statistical staff in Centralised Database.

· Data security, Data is stored securely with documentation and administration of access authorization.

· Data sharing, data dumps can be created in requested formats for sharing with other information system upon request.

· Disaster recovery, data are backed up on a regular basis and can be restored in case of server failure or occurrence of disasters.

Disadvantage of Centralised Database:

· If central server fails, the database system fails totally.

· It is not easy process to get back crashed data.

· The cost of data communication may more high than the distributed database.

Advantage of Decentralized database:

· Reliability, if one of the sites crashes, the system will keep running with the other sites.

· Speed, it is faster because the information is distribute and not packed as a whole.

· Open system, the system could connect to networks to make it bigger and accessible everywhere.

Disadvantage of Decentralized database:

· Networking, if there is a problem with the network, then problems arise from using the database.

· Proper hardware and software, the database needs proper hardware and software to run properly, this is expensive to get.

· Troubleshooting, there might be connection error that could affect the use of the database by other users.

These are the Advantages and disadvantage of centralized and distributed Database Management System in IT operation of a bank:

Which one is preferable and why:

Centralized database is preferable. Because it’s benefits are more than decentralized database systems.

Question 2(a): What is Computer Network? Write down the benefits and applications of networking technology in banking system. Marks: 10

Answer:

Computer Network:

Computer Network is a telecommunication which allows computer to exchange data. In computer networks, networked computing devices exchange data with each other along network link (data connections). The connections between nodes are established using either cable media or wireless media. The best-known computer network is the Internet. Computer networks support an enormous number of application such as access to the World Wide Web, video, digital audio, shared use of aapplication and storage servers, printers, and fax machines, and use of email and instant messaging applications as well as many others.

Benefits and applications of networking technology in banking system:

There are a lot benefits and application of networking technology in banking system. Networking technology has made easy the banking transaction and all other activities. Such as-

a) Entry the transaction as data from different computer to a central computer server.

b) Online fund transfer from one branch to another branch.

c) Cash deposit and withdraw from one branch to another branch.

d) ATM transaction.

e) Printing the document from one computer to another computer by network printer.

f) Transferring the data and document etc.

g) Electronic fund transfer by BEFTN.

h) SWIFT service with international banks.

These all are the example of benefits and application of networking technology in banking system.

Question 2(b): Distinguish among LAN, MAN and WAN. Name the basic devices required to set-up LAN in a bank branch. Marks:10

Answer:

The distinguishing among LAN, MAN and WAN is cleared from the discussion below:

LAN:

1. LAN (Local Area Network) is a group of computers and other network devices which are connected together.

2. All the devices that are part of LAN are within a building or multiple building.

3. LAN network has very high speed mainly due to proximity of computer and network devices.

4. LAN connection speeds can be 10mbs or 100 Mbps or 1000Mbps. Also

5. LAN uses Guided Media;

MAN:

1. MAN (Metropolitan Area Network) is a larger network of computers and other network devices which are connected together usually spans several buildings or large geographical area.

2. All the devices that are part of MAN are span across buildings or small town.

3. Man network has lower speed compared to LAN.

4. MAN connection speeds can be 10 Mbps or 100Mbps.

5. MAN uses Guided Media or Unguided media.

WAN:

1. WAN (Wide Area Network)is a group of computers and other network devices which are connected together which is not restricted to a geographical location. Internet is WAN.

2. All the devices that are part of WAN have no geographical boundaries.

3. WAN speed varies based on geographical location of the servers. WAN connects several LANs.

4. WAN connection speeds can be 10 Mbps or 100Mbps.

5. WAN mainly uses Guided Media or Unguided media. Its long distance communications which may or may not provide by public packet network.

Basic devices required to set-up LAN in a bank branch:

1. Network Cable 2. Network Adapter 3. Power Supply

4. Connector 5. Router/hub/switch 6. Network Software

Question 3( a) Distinguish between System Software and Application Software giving four examples of each. Marks: 8

Answer:

Distinguishing between System Software and Application Software:

System software:

The programs and the file that comprises the operating system are called system software. These files include configuration system preferences, system services, libraries of functions and the drivers for the hardware installed on the computer. The computer programs in system software include compliers, system utilities, assemblers, debuggers and file management tools. Systems software are installed with the installing of operating system. System software runs at most basic level of the computer. It just creates a graphical user interface thorough which the user can interact with hardware with the help of operating system. System software just runs at the back so we don’t need to bother about it. It provides an environment to run application software and controls the computer as well as the applications installed on the machine.

Application software:

The subclass of a computer program which utilizes the capabilities of computer is called application software. There is a common user interface in each application suite which makes it easier for the user to learn different applications. In some cased, such as Microsoft Office, the various application programs have the ability to interact with each other. This facility is very handy for the user. Application software cannot run without the presence of system software. That means, System software contains the application software.

Four Examples:

SL	System software	Application software
1	Windows Media Player	Microsoft Office
2	Windows Movie Maker	Adobe Photoshop
3	Notepad	Adobe Illustrator
4	Calculator	Acrobat Reader

Question 3(b): What is Operating System (OS)? Name at least two OS which are using in desktop Pc. Define BIOS. Marks: 6

Answer:

Operating System:

An operating system (OS) is a set of computer program that manages the hardware and software resources of a computer. At the foundation of all system software, the OS performs basic tasks such as controlling and allocating memory, prioritizing system requests, controlling input and output devices, facilitating networking, and managing files. It also may provide a graphical user interface for higher level functions.

In brief, Operating System is a software program that acts as an interface between the user and the computer. It is a software package which allows the computer to function.

Names of two Operating System:

LINUX
Windows

Definition of BIOS:

BIOS represents the Basic Input Output System. BIOS is the built in software that determines what a computer can do without accessing programs from a disk. This is the program a personal computer’s microprocessor uses to get the computer system started after turning it on. It also manages data flow between the computer’s operating system and attached devices such as the hard disk, video adapter, keyboard, mouse and printer.

Question 3(c): What are the differences between Desktop and Laptop computer? Marks: 6

Answer:

Differences between Desktop and Laptop computer:

Desktop Computer	Laptop computer
Desktop computer is not easily portable.	Laptop computer is easily portable.
The size of desktop computer comparatively larger than laptop.	Laptop computer is comparative small size than desktop.
Desktop computer takes large space.	Laptop takes small space.
Desktop computer is easily repairable.	Laptop computer is not easily repairable.
Desktop computer requires UPS for power backup.	Laptop computer has attached battery for power backup.
Usually desktop computer’s memory size becomes large.	Laptop computer’s memory is generally small.

Question 4(a): What do you mean by Database and DBMS? Who is DBA? Discuss the role of DBA in DBMS. Marks: 12

Answer:

Database and DBMS:

Formally, a database refers to a set of related data and the way it is recognized. It is an organized collection of data, such as the collection of schemes, tables, queries, reports, views and other objects. The data are typically organized to model aspects of reality in a way that supports processes requiring information.

DBMS represents Database Management System. It is a computer software application that interacts with the user, other applications, and the database itself to capture and analyze data. A general-purpose DBMS is designed to allow the definition, creation, querying, update, and administration of databases.

Who is DBA:

A DBA (Database Administrator) is that person or group who directs or performs all activities related to maintaining a successful database environment. DBA responsibility include designing, implementing, and maintaining the database system; establishing policies and procedures pertaining to the management, security, maintenance, and use of the database management system and training employees in database management and use. A DBA is expected to stay abreast of emerging technologies and new design approaches. Typically a DBA has both a degree in Computer Science and some on the job training with a particular product. A DBA is expected to have experience with one or more of the major database management products, such as SQL (Structured Query Language), SAP and Oracle-based database management software.

Role of DBA in DBMS:

Database Administrator (DBA) is the in charge for implementing DBMS in organization. The role of DBA in this regard is described below:

1. To make decision concerning the content of the database.

2. To Plan about storage structure and access strategies.

3. To provide support to users.

4. To define security and integrity checks.

5. Interprets backup and recovery strategies.

6. Monitoring performance and responding to changes in requirements.

These are the main roles of Database Administrator in Database Management System.

Question 4(b): What do you mean by Database Server Clustering? Marks:8

Answer:

Database Server Clustering:

Database Server Clustering refers to the ability of several servers or instances to connect to a single database. It takes different form, depending on how the data is stored and allocated resources. In another words, database server clustering is actually a mode of synchronous replication between two or possibly more nodes with an added functionality of fault tolerance added to system.

Database Clustering offers two major advantages, especially in high volume database environments:

1. Fault tolerance: Because there is more than one server or instance for users to connect to, clustering offers an alternative, in the event of individual server failure.

2. Load balancing: The database clustering feature is usually set up to allow users to be automatically allocated to the server with the least load.

There are two main way of clustering:

1. Master-Master (or multi-master) replication: Any server can update the database. It is usually taken care of by a different module within the database. It is flexible and it can support the failure of any server while still having the database updated. But it is very hard to do well, and some systems lose ACID properties when in this mode of replication.

2. Master-slave replication: There is only a single copy of authoritative data, which is the pushed to the slave servers. It is easier to do than multi-master and it usually preserve ACID properties. But it is fewer faults tolerant, if the master dies, there are no further changed in the slaves.

Question 5(a): What is Automation? How the banking industry can be benefited from Automation? Marks:8

Answer:

What is Automation:

Automation is the technique, method, or system of operating or controlling a process by highly automatic means, as by electronic devices, reducing human intervention to a minimum. The biggest benefit of automation is that it saves time and labour, however, it is also used to save energy and material and to improve quality, accuracy and precision.

Automation has been achieved by various means including mechanical, hydraulic, pneumatic, electrical, electronic devices and computers, usually in combination. In this modern age banks, hospitals, modern factories, airplanes and ships typically use all these combined techniques of automation.

How the banking industry can be benefited from Automation:

The banking industry is being benefited instantly from Automation like this way.

1. Improving efficiency: Automation makes banking operations more efficient in processing transactions. It reduces the risks of human error. For instance, people can make withdrawals using ATMs.

2. Lowering operation cost: Automation helps to reduce costs in the areas of hiring staff, training employees, purchasing office equipments and paying for other physical overhead cost.

3. Increasing productivity: Automation in banking business helps to increase productivity. Because it eliminates the tedious, repetitive and cumbersome tasks such as paperwork often associated with the banking process.

4. Improving personalization: Increasing personalization boosts customer response and conversion rates and increases marketing investment.

5. Enhancing flexibility: Automation can help banks become more flexible so that they can adjust instantly to changing banking conditions within or outside the country.

6. Saving time: Automation helps to save the time of regular activities. Because computerized systems do it more quickly than previous manual system.

7. Saving energy: Automation saves the human energy in the banking industry both of employees and customers.

8. Reducing difficulties: Automation has reduced the difficulties in the banking industries, such as to verify a customer’s signature, we need not to open paper file. We can verify it seeing the signature in the computer within very short time.

Thus banking industries are being benefited from Automation.

Question 5(b): What is Server? What are the differences between Server and Pc? Marks:6

Answer:

What is Server:

A server is a computer program that provides service to other computer programs. It accepts and responds to requests made by another program. In another terms, a server is a computer that provides data to other computers. It may serve data to systems on a local area network (LAN) or a wide area network (WAN) over the internet.

Many types of servers exist, including web servers, mail servers, file servers etc.

Servers are used to manage network resources, For example, a user may set up a server to control access to a network, send/receive email, manage print jobs or host a website.

Differences between Server and Pc:

Server	PC
A server manages all the network resources.	A PC manages only it’s own resources (data).
A server usually runs 24 hours. Because it is designed like this way to manage, store, send and process data.	A PC is designed to function normally for using operating system an desktop applications.
The server’s memory capacity is very large.	The PC’s memory capacity is small comparative to server..
The trouble of general PC can’t affect the activities of server.	The trouble of server can affect the regular activities of a PC.
PC can serve one person at a time.	Server can serve many persons simultaneously.

Question 5(c): Discuss about the operational procedure of on-line banking. Marks: 6

Answer:

Operational procedure of on-line banking:

Online banking service is provided through the intranet and internet to the customer.

The operational procedure of online banking is given below.

Ø The procedure, when an employee provides online service to customer through the in house core banking system (CBS):

d Every employee has a user ID and password to log in the CBS. He/she will enter in CBS with his/her ID and password.

d Every branch has a code number. The employee will input the branch code in the system to enter in the remote account for transaction or any other services.

Ø The procedure, when a client want to get service through the internet:

d Firstly, that client is to be registered by user ID and password with the bank to get internet banking facility.

d After being registered, client can enter to his/her account and get the provided facility such as online fund transfer, electronic fund transfer, view the balance and statement etc.

d For any kind of transaction using internet banking, client will be verified by two factor authentication.

These are the procedures of online banking.

Question 6(a): Write down the comparison among Fibre Optics, Radio Link and Satellite Transmission System. Marks: 6

Answer:

Comparison among Fibre Optics, Radio Link and Satellite Transmission System

Fibber-optics is a method of transmitting information from one place to another by sending pulses of light through an optical fibre. The light forms an electromagnetic carrier wave that is modulated to carry information. Because of its advantages over electrical transmission, optical fibbers have largely replaced copper wire communications in core networks in the developed world. Optical fibre is used by many telecommunications companies to transmit telephone signals, Internet communication, and cable television signals.

The process of communicating using fibre-optics involves the following basic steps:

· Creating the optical signal involving the use of a transmitter,

· Relaying the signal along the fibre,

· Ensuring that the signal does not become too distorted or weak,

· Receiving the optical signal, and converting it into an electrical signal.

Radio Link is an automatic repeat request (ARQ) fragmentation protocol used over a wireless (typically cellular) air interface. Mobile companies use radio link to provide communication links between stations in a network supporting a service.

A RL transport cannot ask the air interface to provide a certain payload size. Instead, the air interface scheduler determines the packet size, based upon constantly changing channel conditions, and up calls RL with the chosen packet payload size, right before transmission.

Satellite Transmission is a networking system that relays and amplifies radio telecommunications signals via a transponder; it creates a communication channel between a source transmitter and a receiver(s) at different locations on Earth. Satellite Transmission are used for television, telephone, radio, internet, and military applications.

The comparison among Fibre Optics, Radio Link and Satellite Transmission System is clear from the above distinct description.

Question 6(b): Discuss about the operational procedures of BACPS and BEFTN. Marks:8

Answer:

Operational procedure of BACPS:

v Clients present the instrument to presenting bank.

v Presenting bank receive the instrument and examine genuineness.

v Sorting the instrument is the next step.

v Stamping the instrument.

v Capture of image and making data.

v DIN (Document Identification Number) endorsement.

v Submitting to the BACPS and acceptance by BACPS.

v Participating bank receive the outward presentment.

v Image quality analysis and item processing by participating bank.

v Reconciliation of outward presentment.

v Payment processing by paying bank’s branch.

v Return the instrument, if there any mistake.

Operational procedure of BEFTN:

v Every bank account number in the scheduled bank of Bangladesh has 17 digits, where bank code, branch code, account code is contained.

v Every bank’s branch has a routing number.

v Every bank use a software to conduct the business which is connected with Bangladesh Electronic Fund Transfer Network (BEFTN).

v The bank account number and routing number is to input in the system.

v Execution the sending to BEFTN.

v After checking the name, account, the transfer of fund becomes completed.

Question 6(c): Distinguish among Credit Card, Debit Card and Pre- paid Card.

Marks:6

Distinguishing among Credit Card, Debit Card and Prepaid Card:

Credit Card: Credit Card is a loan card. The client spends money or withdraws cash money from ATM on credit through the credit card for a specific time period up to a specific limit. Client can use this card at the POS centre to purchase goods or services. Customer return his/her debt to card provider bank before or at payment due date. The bank takes service charge for this service from the customer. Moreover interest based banks take interest on the due amount.

Debit Card: Debit card is to be used to debit cash through ATM (Automated Teller Machine) from one’s own account. If anyone’s account does not contain enough balance, he/she cannot withdraw money by debit card.

Pre-paid Card: Prepaid card is generally used in mobile phone. A prepaid mobile phone provides most of the services offered by a mobile phone operator. These cards are stamped with a unique code (often under a scratch-off panel) which must be entered into the phone in order to add the credit onto the balance. Through electronic reloading where a specially designed SIM card is used to reload a mobile phone by entering the mobile number and choosing the amount to be loaded.

7. a) Define BCP. Why BCP is essential for the banking industry? As per guideline of Bangladesh Bank describe a standard BCP that can protect a bank Marks: 12

Answer:

Definition of BCP: A business continuity plan (BCP) is a management process to ensure the continuity of businesses in the event of a disaster. It is a process of developing advance arrangements and procedures that enable an organization to respond to an event in such a manner that critical business functions continue without interruption or essential change. Business Continuity Plan is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. BCP will facilitate the identification of how quickly essential business units and/or processes can return to full operation following a disaster. It will delineate the business impact of disaster scenarios on the ability to deliver product or services.

Why BCP is essential for a bank: BCP is essential-

1. For managing a disaster that affects the day to day operations of the bank.

2. For critical disaster events and their recovery information.

3. To provides guidelines for a disaster declaration that will result in the execution.

4. To ensure that maximum possible service levels are maintained.

5. To minimize the impact (risk) of interruptions.

6. To estimate the financial impacts for each business unit, assuming a worstcase scenario.

7. To define the estimated number of personnel required for disaster recovery operations.

8. To identify bank’s business unit processes and the estimated recovery time frame for each business unit BCP is essential.

9. To protect employees/assets/reputation of the bank.

10. To meet legal and regulatory requirements.

How a standard BCP can protect a bank as per Guidelines of Bangladesh Bank:

A standard BCP can protect a bank in crucial moment to continue its business within a reasonable time. Modern banking is totally dependent on Information Communication Technology (ICT). In this regard Bangladesh Bank introduces Guidelines for scheduled banks of Bangladesh. How a standard BCP as per Guidelines of Bangladesh Bank can protect a bank is described below.

(1) Covering Operational Risk: A standard BCP cover the operational risk. Because Bangladesh Bank Guideline provides that policy about it.

(2) Surviving in crucial moment: A business institution or company can survive in crucial situation by a standard Business Continuity Plan (BCP).

(3) Re-establish Business: Business can be re-established if a BCP is ready for accidental condition.

(4) Safe Data Backup: BCP policy provided by Bangladesh Bank Guideline has ensured safe data backup.

(5) Restoring Data: Loosen data can be restored by a standard BCP.

(6) Preparation for disaster: BCP is a preparation for disastrous situation.

(7) Recovery of Disaster: Standard BCP helps to recover the loss of disaster.

(8) Prepared Action Plan: BCP is a prepared action plan in disaster which indicates the alertness for disturbing situation.

(9) Testing effectiveness: BB Guideline has suggested to test the effectiveness of BCP.

(10) Supervising the Condition: Preparation according to BCP is required to be supervised frequently to apply in proper time.

Finally it can be stated that, it is cleared by above discussion, how a standard BCP as per Guideline of Bangladesh Bank can protect.

Question 7(b): What are the differences between DC and DRS? What is the relation of DRS with BCP? Marks: 8

Answer:

Difference between DC and DRS:

SL	DC	DRS
1	DC = Data Centre	DRS= Disaster Recovery Site
2	Data Centre generally is situated in head office.	DRS must be situated at a 10 kilometres (radius) distance from data centre as per BB Guidelines.
3	The function of DC is to store data.	The function of DRS to support in disastrous situation.
4	DC is active in all time for data storage.	DRS is active in accidental situation.
5	The DC is preliminary data storage.	The DRS is secondary data storage.

Relation of DRS with BCP:

The relation of DRS (Disaster Recovery Site) with BCP is very close. A bank without DRS is like a company without business plan. Every organization has critical functions and system that must be protected from unplanned events. DRS is the secondary data storage to support in the failure of Data Centre. It is to be situated minimum 10 km distance from data centre as per BB guideline. DRS can be called as the data archive centre. Disaster may occur suddenly before taking any precautious preparation. There are different types of disaster such as natural, technical, men made etc. Disaster Recovery Site is the preparation for that accidental situation.

Finally we can say from the above discussion, the relation of DRS with BCP is undeniable in respect of business continuity plan (BCP) of banking industries in the disastrous situation.

Question 8(a): Discuss about MIS in banks. Describe how a bank can be benefited from on-line MIS. Marks: 5

Answer:

MIS:

The acronym of MIS is Management Information System. It is a computer based information system where management related all information is gathered. It broadly refers to a computer based system that provides managers with the tools to organize, evaluate and efficiently manage departments within an organization. In another words, a management information system (MIS) is a computerized database of financial information organized and programmed in such a way that it produces regular reports on operations for every level of management in a company.

How a bank can be benefited from on-line MIS:

The MIS represents the electronic automation of several different kinds of counting, tallying, record-keeping, and accounting. The MIS satisfies the diverse needs through variety of systems such as query system, analysis system, modelling system and decision support system. It helps the middle management in short term planning, target setting and controlling the business functions. The MIS in an organization can be compared to the role of heart in the body. It helps the clerical person in the transaction processing and answers the queries on the data pertaining to transaction. The top level management can get help in goal setting, strategic planning and evolving the business plans and their implementation. So, a bank can get a lot of benefits from on-line MIS.

Question 8(b): Write short notes on the following: Marks: 6x1.5=9

i) DOS attack; ii) Smart Card; iii) USSD; iv) Mobile Financial Service;

v) Green Banking; and vi) Financial Inclusion and Automation.

Answer:

i) DOS attack; It means Denial-of-Service attack. DOS is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

ii) Smart Card; A smart card is a device that includes an embedded integrated circuit chip (ICC) that can be either a secure microcontroller or equivalent intelligence with internal memory or a memory chip alone. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface.

iii) USSD;Unstructured Supplementary Service Data (USSD) is a Global System for Mobile(GSM) communication technology that is used to send text between a mobile phone and an application program in the network.

iv) Mobile Financial Service: It is a financial inclusion program to provide banking service to unbanked peole through the mobile phone.

v) Green Banking; Green banking refers to how environmentally friendly the bank is, and how committed to green and ethical policies they are.

vi) Financial Inclusion and Automation: The steps and processes to include unbanked people in the banking service is called Financial Inclusion.

Automation is the use of various control systems for operating equipment and applications with minimal or reduced human intervention. Such as online banking, core banking system (CBS) etc.

Question 8(c): Write down the elaboration of the following: 6x1=6

i) SWIFT: Society for WorldWide Inter Bank Financial Telecommunication

ii) VPN: Virtual private network (VPN)

iii) MICRL: Magnatic Ink Charecter Recognition

iv) PCIDSS: Payment Card Industry Data Security Standard

v) http: Hiper Text Transfer Protocol

vi) ATM: Automated Teller Machine

EXAMINATION - March 2014

Question 1(a): What are the main components of a PC? Marks: 3

Answer:

The main components of a PC are-

i) CPU (Central Processing Unit)

ii) Monitor

iii) Keyboard

iv) Mouse etc.

The main components of CPU are processor, motherboard, RAM (Random Access Memory), ROM, (Read Only Memory), Hard Disk etc.

Question 1(b): Name the five devices that are using to develop the 'Wide Area Network'. Marks: 5

Answer:

Devices that are using to develop the 'Wide Area Network':

1. Network Cable 2. PC

3. Switch 4. Software device

5. Connector 6. Router

Question 1(c) Write short notes on the following: Marks: 12

a) Internet Explorer

b) Networking Technology in Banking

c) Environmental Security of Server room

Answer:

a) Internet Explorer: Internet Explorer is one of the browsing software developed by Microsoft Corporation. It is used to access in the internet or website. Besides Internet Explorer, many web browser are available like Mozilla Firefox, Opera etc.

b) Networking Technology in Banking: Networking Technology in Banking means the rapid communication system using information technology among all branches of a Bank or between Bank to Bank. This is very important for quick decision making, controlling, and maintain the better intercommunication. Moreover Networking Technology have made the Banking easy and shortened the lengthy process.

c) Environmental Security of Server Room: Today's network technology based world mostly depends on internet. Server room, from which internet service is provided to operate the all activities of modern Institute specially Bank. Server room must be air conditioned for temperature and humidity control. Water leakage precautions and water drainage system from Air Conditioner must be installed. Power generator must be in place to continue operations in case of power failure. UPS must be in place to provide uninterrupted power supply to the server. Proper attention must be given on overloading electrical outlets with too many devices. Channel alongside the wall must be prepared to allow all the cabling to be in neat and safe position with the layout of power supply and data cables. Proper earthling of electricity must be ensured. Address and telephone or mobile numbers of all contact persons (e.g. fire service, police station, service providers, vendors and all ICT/ responsible personnel) must be available to cope with any emergency situation.

Question 2(a): What is digital signature? What do you understand by two factor authentication system? Marks: 8

Answer:

Digital Signature :

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message and that the message was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

Two factor authentication

An authentication factor is an independent category of credential used for identity verification. The three most common categories are often described as something you know (the knowledge factor), something you have (the possession factor) and something you are (the inherence factor). For systems with more demanding requirements for security, location and time are sometimes added as fourth and fifth factors.

Two-factor authentication is a security process in which the user provides two means of identification from separate categories of credentials; one is typically a physical token, such as a card, and the other is typically something memorized, such as a security code. In this context, the two factors involved are sometimes spoken of as something you have and something you know. A common example of two-factor authentication is a bank card: the card itself is the physical item and the personal identification number (PIN) is the data that goes with it.

Question 2(b): Why IT policy is important for a banking institution? Marks: 8

Answer:

The important for a banking institution:

• Protect the ICT investment of the Bank.

• Ensure the Security and Stability of the Information System.

• Prioritize information and information systems.

• Identify ICT risk and develop its mitigation process.

• Aware and train all the stakeholder of the system.

• Protect the goodwill of the Bank.

• Generate computerized MIS for prompt, accurate and quick management decision.

• Ensure the best practices (industry standard) of the usage of ICT that is not limited to this guideline.

Question 2(c): What are the desktop policies of personal computer in banking?

Marks: 4

Answer:

1. Desktop computer must be connected to UPS to prevent damage of data and hardware.

2. Before leaving a desktop computer unattended, users should apply the “Lock Workstation” feature.

3. Password protected screen saver must be used to protect desktop and laptop from unauthorized access.

4. Desktop computers and monitors must be turned off at the end of each workday.

5. Other information storage media containing confidential data such as paper, files, tapes, etc. must be stored in a secured location or locked cabinet when not in use.

6. User identification (ID) and authentication (password) must be required to access all desktops and laptops whenever turned on or restarted.

7. Desktop and laptop computers must be configured to log all significant computer security relevant events. (E.g. password guessing, unauthorized access attempts or modifications to applications or systems software.)

Question 3(a): What are the difference between online and offline Ups?

Marks: 4

Answer:

Difference between online and offline Ups:

(1) Online ups is the one which in on position (both cases: power supply on&off).but in case of offline ups is on at the time power failure.

(2) On line UPS means Supply will come from batteries on line and charging also on OFF line UPS supply will come from batteries when main line supply fails.Batteries will charge on line.

(3) In ONLINE UPS, the load is always connected to inverter output only in both the cases, whether normal power supply is available or not. In OFFLINE UPS, Inverter output is connected to load only when normal AC power supply fails, means when AC power is available it is directly goes to output.

(4) Online UPS is the one which gives output all the time from battery whether there is power failure or power on. You get backing from battery all the time. Offline UPS supplies Mains to the output when power supply is regular and charges batteries as well at the same time. When power fails it switches those batteries to produce output for power backup.

(5) Online UPS is the one which gives output all the time from battery whether there is power failure or power on. You get backing from battery all the time. Offline UPS supplies Mains to the output when power supply is regular and charges batteries as well at the same time. When power fails it switches those batteries to produce output for power backup.

(6) Online is costly while Off-line ups is relatively less costly.

Question 3(b): Differentiate between T & T phone and IP phone. Marks: 4

Answer:

Difference between T&T phone and IP phone:

SL	T&T Phone	IP Phone
1	T&T Phone are linked by telephone cable.	IP phone are linked by internet cable
2	T&T phone line is used only for telephone call	IP phone line is used both for internet connection and phone call.
3	T&T phone’s extension capacity is very little.	IP phone’s extension capacity is very much.
4.	T&T phone is costly comparative to IP phone.	IP phone is very cost saving specially for big business organization.
5.	T&T phone can work without power in the respective premise.	IP phone cannot work without power in the respective premise.
6.	To connect T&T phone. It requires much cable/wire.	IP phones do not require much cable/wire comparative to T&T phone.

The difference between T&T phone and IP phone is clear from this discussion.

Question 3(c): Write short notes on the followings IT related hardware.

i) Router ii) Firewall iii) Switch Marks: 12

Answer:

i) Router

A router is a device or, in some cases, software in a computer, that determines the next network point to which a packet should be forwarded toward its destination. The router is connected to at least two networks and decides which way to send each information packet based on its current understanding of the state of the networks it is connected to. It is located at any gateway (where one network meets another), including each point-of-presence on the Internet. It may create or maintain a table of the available routes and their conditions and use this information along with distance and cost algorithms to determine the best route for a given packet. Typically, a packet may travel through a number of network points with routers before arriving at its destination. Routing is a function associated with the Network layer (layer 3) in the standard model of network programming, the Open Systems Interconnection (OSI) model. A layer-3 switch is a switch that can perform routing functions.

ii) Firewall

A firewall is a set of related programs, located at a network gateway server that protects the resources of a private network from users from other networks. It is a network security system, either hardware- or software-based, that controls incoming and outgoing network traffic based on a set of rules. Acting as a barrier between a trusted network and other untrusted networks -- such as the Internet -- or less-trusted networks -- such as a retail merchant's network outside of a cardholder data environment -- a firewall controls access to the resources of a network through a positive control model. This means that the only traffic allowed onto the network defined in the firewall policy is; all other traffic is denied.

iii) Switch

A Switch (also called switching hub, bridging hub, is a computer networking device that connects devices together on a computer network, by using packet switching to receive, process and forward data to the destination device. Unlike less advanced network hubs, a network switch forwards data only to one or multiple devices that need to receive it, rather than broadcasting the same data out of each of its ports.

Question 4(a): What is BCP? Why is essential for a bank? Marks: 6

Answer:

What is BCP:

A business continuity plan (BCP) is a management process to ensure the continuity of businesses in the event of a disaster. BCP is a process of developing advance arrangements and procedures that enable an organization to respond to an event in such a manner that critical business functions continue without interruption or essential change. Business Continuity is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. BCP will facilitate the identification of how quickly essential business units and/or processes can return to full operation following a disaster. It will delineate the business impact of disaster scenarios on the ability to deliver product or services.

Why BCP is essential for a bank: BCP is essential-

1. For managing a disaster that affects the day to day operations of the bank.

2. For critical disaster events and their recovery information.

3. To provides guidelines for a disaster declaration that will result in the execution.

4. To ensure that maximum possible service levels are maintained.

5. To minimize the impact (risk) of interruptions.

6. To estimate the financial impacts for each business unit, assuming a worstcase scenario.

7. To define the estimated number of personnel required for disaster recovery operations.

8. To identify bank’s business unit processes and the estimated recovery time frame for each business unit BCP is essential.

9. To protect employees/assets/reputation of the bank.

10. To meet legal and regulatory requirements.

11. To minimize loss and legal exposure.

12. To ensure backup of Mission Critical data.

Question 4(b): What do you understand by data backup and data archival system of a database? Marks: 7

Answer:

Data Backup:

Data Backup is the process of copying data to a different location than the original one. The actual copy of the data is called data backup too. The purpose of data backup is to create additional copy of the existing data. It is done as a safety precaution, in case the original data is damaged or inaccessible for some reason. If this happens, the data can be restored from the data backup. Making data backups can save a lot of trouble to any business using digital data, in the long run. Imagine what will happen if there is unrecoverable hard drive failure with the main database server used by a small software company. If the company doesn’t have a backup of the data on this server, then entire business is in jeopardy. If the company has a backup, the normal business processes will be disrupted for only several hours, until the server is restored from the data backup.

Data Archival System:

Data archiving is the process of moving data that is no longer actively used to a separate data storage device for long-term retention. Data archives consist of older data that is still important and necessary for future reference, as well as data that must be retained for regulatory compliance. Data archives are indexed and have search capabilities so that files and parts of files can be easily located and retrieved. Data archives are often confused with data backups, which are copies of data. Data backups are used to restore data in case it is corrupted or destroyed. In contrast, data archives protect older information that is not needed for everyday operations but may occasionally need to be accessed.

Question 4 (c): What is DRS? Describe its importance in a bank. Marks: 7

Answer:

What is DRS:

Disaster Recovery Site is a location where an organization can relocate following a disaster, such as fire, flood, terrorist threat or other disruptive event. This is an integral part of the disaster recovery plan and wide business continuity planning of an organization. The DRS mainly focuses on the IT or technology infrastructure and system supporting critical business functions, as oppose to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. DRS is therefore a subset of business continuity.

Importance of DRS (Disaster Recovery Site):

The importance of Disaster Recovery Site is an unavoidable subject. A bank without DRS is like a company without business plan. Every organization has critical functions and system that must be protected from unplanned events. DRS is the secondary data storage to support in the failure of Data Centre. It is to be situated minimum 10 km distance from data centre as per BB guideline. DRS can be called as the data archive centre. Disaster may occur suddenly before taking any precautious preparation. There are different types of disaster such as natural, technical, men made etc. Disaster Recovery Site is the preparation for that accidental situation.

Finally we can say from the above discussion, the importance of DRS is undeniable in respect of business continuity plan (BCP) of banking industries.

Question 5(a): What is CBS? Write down five renowned CBS being used by different banks in Bangladesh. Marks: 6

Answer:

What is CBS:

Core Banking System/Solution (CBS) is networking of branches, which enables Customers to operate their accounts, and avail banking services from any branch of the Bank on CBS network, regardless of where he maintains his account. The customer is no more the customer of a Branch. He becomes the Bank’s Customer. Thus CBS is a step towards enhancing customer convenience through Anywhere and Anytime Banking. All CBS branches are inter-connected with each other. Therefore, Customers of CBS branches can avail various banking facilities from any other CBS branch located any where in the world. These services are:

To make enquiries about the balance; debit or credit entries in the account.
To obtain cash payment out of his account by tendering a cheque.
To deposit a cheque for credit into his account.
To deposit cash into the account.
To deposit cheques / cash into account of some other person who has account in a CBS branch.
To get statement of account.
To transfer funds from his account to some other account – his own or of third party, provided both accounts are in CBS branches.
To obtain Demand Drafts or Banker’s Cheques from any branch on CBS – amount shall be online debited to his account.
Customers can continue to use ATMs and other Delivery Channels, which are also interfaced with CBS platform. Similarly, facilities like Bill Payment etc.

Five renwond CBS being used by different banks in Bangladesh

1) Islami Bank Bangladesh Ltd.- eIBS

2) Exim Bank- T24

3) Shahjalal Bank - "BankUltimus"

4) First Security Bank- "BankUltimus"

5) Union Bank- Ababil

Question 5(b): What are the advantages and disadvantage of centralized and distributed Database Management System in IT operation of a bank? Marks: 6

Answer:

Advantages and disadvantage of centralized and distributed Database Management System in IT operation of a bank:

A centralised database holds all data on a central computer such as a mainframe computer or server. On the other hand a distributed database is a database in which portions of the database are stored on multiple computers within a network.

Advantage of Centralised Database:

· Data transformation, data can be easily transposed, transformed and managed by experienced programming and statistical staff in Centralised Database.

· Data security, Data is stored securely with documentation and administration of access authorization.

· Data sharing, data dumps can be created in requested formats for sharing with other information system upon request.

· Disaster recovery, data are backed up on a regular basis and can be restored in case of server failure or occurrence of disasters.

Disadvantage of Centralised Database:

· If central server fails, the database system fails totally.

· It is not easy process to get back crashed data.

· The cost of data communication may more high than the distributed database.

Advantage of Distributed database:

· Reliability, if one of the sites crashes, the system will keep running with the other sites.

· Speed, it is faster because the information is distribute and not packed as a whole.

· Open system, the system could connect to networks to make it bigger and accessible everywhere.

Disadvantage of Distributed database:

· Networking, if there is a problem with the network, then problems arise from using the database.

· Proper hardware and software, the database needs proper hardware and software to run properly, this is expensive to get.

· Troubleshooting, there might be connection error that could affect the use of the database by other users.

These are the Advantages and disadvantage of centralized and distributed Database Management System in IT operation of a bank:

Question 5(c): Describe the operational procedure of BACPS and BEFTN. How these help customer service of banks? Marks:8

Answer:

Operational procedure of BACPS:

v Clients present the instrument to presenting bank.\

v Presenting bank receive the instrument and examine genuineness.

v Sorting the instrument is the next step.

v Stamping the instrument.

v Capture of image and making data.

v DIN (Document Identification Number) endorsement.

v Submitting to the BACPS and acceptance by BACPS.

v Participating bank receive the outward presentment.

v Image quality analysis and item processing by participating bank.

v Reconciliation of outward presentment.

v Payment processing by paying bank’s branch.

v Return the instrument, if there any mistake.

Operational procedure of BEFTN:

v Every bank account number in the scheduled bank of Bangladesh has 17 digits, where bank code, branch code, account code is contained.

v Every bank’s branch has a routing number.

v Every bank uses a software to conduct the business which is connected with Bangladesh Electronic Fund Transfer Network (BEFTN).

v The bank account number and routing number is to input in the system.

v Execution the sending to BEFTN.

v After checking the name, account, the transfer of fund becomes completed.

How BACPS and BEFTN help customer service of banks:

v Interbank fund transfer by cheque and deposit to customer’s account.

v These save the customer’ time.

v BACPS and BEFTN save customer’s money.

v These secure the customer’s fund.

v Customer can get this service without standing in the long line.

Thus BACPS and BEFTN help customer service of banks:

Question 6 (a): What is financial inclusion? How mobile banking play an important role in financial inclusion? Marks: 8

Answer:

Financial Inclusion:

Financial Inclusion is the delivery of financial services at affordable costs to sections of disadvantaged and low-income segments of society. An estimated 2 billion working age adults globally have no access to the types of formal financial services delivered by regulated financial institutions. It is argued that as banking services are in the nature of public good; the availability of banking and payment services to the entire population without discrimination is the prime objective of Financial Inclusion. The United Nations defines the goals of Financial Inclusion as follows.

1) Access at a reasonable cost for all households to a full range of financial services, including savings or deposit services, payment and transfer services, credit and insurance.

2) Sound and safe institutions governed by clear regulation and industry performance standards.

3) Financial and institutional sustainability, to ensure continuity and certainty of investment and

4) Competition to ensure choice and affordability for clients.

Role of mobile banking in financial inclusion:

The rapid growth of mobile phone users and countrywide coverage of mobile operator's network have made their delivery channel an important tool-of-the-trade for extending banking services to the unbanked/ banked population. The main target of financial inclusion is to include unbanked population in the banking financial service. Mobile banking is playing very important role in this regard. Specially to expedite faster delivery of remittances across the country, mobile banking is greatly used. mCash, bKash, Prime cash, Sure cash etc are the example of mobile banking service.

Question 6(b): Write down short notes on the following. Marks: 12

i) Agent Banking ii) Virtual Banking and iii) Green Banking

Answer:

i) Agent Banking: As a part of financial inclusion and offering limited banking service to both rural and urban unbanked people, BB initiated Agent Banking. It will provide banking services to the bank customers through the engaged agents under a valid agency agreement, rather than a teller/cashier. "Agent" is the owner of an outlet who conducts banking transactions on behalf of the concerned bank.

ii) Virtual Banking:

A bank that offers services predominately of exclusively over the internet. A virtual bank offers normal banking services, including access to one’s checking and savings accounts and personal and business loans. Nowadays non virtual banks almost always offer virtual banking services.

iii) Green Banking

Green Banking is a component of the global initiative by a group of stakeholders to save the environment. Global warming is an issue that needs to be addressed and due to this phenomenon, the state of the environment in Bangladesh is deteriorating. Because of a Bank’s position in the economic system, implementing Green Finance as part of Green Banking can make significant contributions to the transition to resource efficient and low carbon industries. In response to our environmental degradation, MDB shall play an important role by establishing Green Banking and be a front runner as an environmentally responsible bank.

Question 7(a): What is Alternative Delivery Channel? How does it help the banking business? Marks: 5

Answer:

What is Alternative Delivery Channel:

Alternative Delivery Channel in banking is a distribution channel strategy used for delivering financial services without relying on bank premises. While the strategy may complement an existing bank branch network for giving customers a broader range of channels through which they can access financial services. Examples of Alternative Delivery Channel in banking technologies are the Internet, automated teller machines (ATMs), POS devices, deposit machine and mobile banking, agent banking, online banking . Each of these technologies serve to deliver a set of banking services and are part of distribution channels that may be used either separately or in conjunction to form the overall distribution channel strategy.

How does ADC help the banking business:

1. ATM, Deposit Machines are kept in the public place like small shop. So the general people are being inspired at banking seeing this service. It helps in financial inclusion and expands baking business.

2. Mobile banking is an important alternative delivery channel. It is being popular day by day for its easy and instant service which may be called banking at finger point. It also helps in financial inclusion and expands baking business.

3. Internet banking is an interesting service to modern generation through which total banking service are at the customer’s premise. It decreases the crowd in the branches which helps in tip-top banking.

4. Now a day, Call Centre also is a vital part to provide 24 hours banking service, which helps to financial inclusion.

In conclusion, we can say that ADC in playing a vital role in banking business providing smart and green banking service.

Question 7(b): Name and describe in short five services / products being provided by the banks as Alternative Delivery Channel. Marks: 10

Answer:

Name and description of five ADC:

1) ATM: Automated Teller Machine is and electronic telecommunications device that enables the customers of a financial institution to perform financial transaction, particularly cash withdrawal without the need for a human cashier. The customer is identified by a plastic smart card with a chip that contains a unique card number and some security information such as an expiration date. Using and ATM, customers can access their bank accounts in order to make a variety of transactions such as cash withdrawals, check balances, or credit mobile phones. It is an important service which is used as Alternative Delivery Channel vastly.

2) Deposit Machine: Deposit Machine is a self service terminal that lets customer to make deposits in the machine box. It supplies customer an advice slip of successful deposit. This deposit is credit to the customer’s account in that day or in the next day. Mostly, people gathering occur in the bank’ branches for credit transaction. This gathering can be flowed out of branch providing deposit machine outside. This is being done fast in the banking service of Bangladesh to reduce the crowd in the banking ground.

3) Internet banking: Internet banking is an electronic banking service system that enables customers of a bank to conduct a range of financial transaction through the website. This service is authenticated by tow factor authentication. As a result the accuracy and genuineness is ensured. A variety of services are provided by internet baking, such as balance check, account statement, fund transfer, mobile balance recharge, cheque book requisition, fund transfer in other bank using EFTN, stop payment etc. This service is performing as an important part of Alternative Delivery Channel.

4) Mobile Banking: The rapid growth of mobile phone users and countrywide coverage of mobile operator's network have made their delivery channel an important tool-of-the-trade for extending banking services to the unbanked/banked population, specially to expedite faster delivery of remittances across the country. Checking balance, seeing mini statement, fund transfer, mobile balance recharge, cash out by ATM etc service are available by mobile banking. Mobile banking service is being provided by the banks as Alternative Delivery Channel significantly.

5) Call centre: A call centre can be defined as a coordinated system of people, processes, technologies and strategies that provides access to information, resources, and expertise, through appropriate channels of communication, enabling interactions that create value for the customer and organization. Through call centers, valuable information about banking are routed to appropriate people. It is generally a part of bank’s customer relationship management. The majority of large companies use call/contact centers as a means of managing their customer interaction. These centers can be operated by either an in house department responsible or outsourcing customer interaction to a third party agency.

Question 7(c): What is ecommerce? Give an example for P2G eCommerce site of Bangladesh. Marks: 5

Answer:

E-commerce:

E-commerce means electronics commerce, which is used as buying and selling of goods and services, or the transmitting of funds or data, over an electronic network, primarily the Internet. These business transactions occurs business-to-business, business-to-consumer, and consumer-to- business. Online shopping, online marketplace is the example of e-commerce.

One example of P2G e-commerce.

P2G e-commerce means Public to Government E-commerce.

www.hajj.gov.bd, Government gives Hajj services through this website. People are being registered to go to Hajj by this site and Government takes fees for registration.

8. Write Short notes on the following: Marks5x4=20

1. Cloud Computing:

Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing, where shared resources, data and information are provided to computers and other devices on-demand. It is a model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources. Cloud computing and storage solutions provide users and enterprises with various capabilities to store and process their data in third-party data centres. It relies on sharing of resources to achieve coherence and economies of scale, similar to a utility (like the electricity grid) over a network. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services. Cloud computing has now become a highly demanded service or utility due to the advantages of high computing power, cheap cost of services, high performance, scalability, accessibility as well as availability. Proponents claim that cloud computing allows companies to avoid upfront infrastructure costs, and focus on projects that differentiate their businesses instead of on infrastructure.

2. IVR:

Interactive voice response (IVR) is a technology that allows a computer to interact with humans through the use of voice and DTMF (Dual Tone Multi Frequency) tones input via keypad. In telecommunications, IVR allows customers to interact with a company’s host system via a telephone keypad or by speech recognition, after which they can service their own inquiries by following the IVR dialogue. IVR systems can respond with prerecorded or dynamically generated audio to further direct users on how to proceed. IVR applications can be used to control almost any function where the interface can be broken down into a series of simple interactions. IVR systems deployed in the network are sized to handle large call volumes. The purpose of an IVR is to take input, process it, and return a result, whereas the job of an Automated Attendant is to route calls. Emerging telephony and VoIP professionals often use the term IVR as a catch-all to signify any kind of telephony menu, even a basic automated attendant

3. Prepaid Card:

· Prepaid debit card, a card that debits money from an associated account that ordinarily requires use of a PIN code for verification

· Prepaid credit card, a card that debits money from an associated account that ordinarily uses a signature rather than a PIN for verification.

· Stored-value card, a card that has a monetary value that is recorded as data on the card itself, and thus can be used without online access to an associated account.

· Prepaid Phone card, A prepaid mobile phone provides most of the services offered by a mobile phone operator. These cards are stamped with a unique code (often under a scratch-off panel) which must be entered into the phone in order to add the credit onto the balance. Through electronic reloading where a specially designed SIM card is used to reload a mobile phone by entering the mobile number and choosing the amount to be loaded. .

4. Cyber Crime:

Ccybercrime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Dr. Debarati Halder and Dr. K. Jaishankar (2011) define Cybercrimes as: "Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS)". Such crimes may threaten a nation’s security and financial health. Issues surrounding these types of crimes have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is intercepted or disclosed, lawfully or otherwise. Internationally, both governmental and non-state actors engage in cybercrimes, including espionage, financial theft, and other cross-border crimes.

5. Intranet:

An intranet is a private network accessible only to an organization's staff. Generally a wide range of information and services from the organization's internal IT systems are available that would not be available to the public from the Internet. Increasingly, intranets are being used to deliver tools, e.g. collaboration (to facilitate working in groups and teleconferencing) or sophisticated corporate directories, sales and customer relationship management tools, project management etc. Intranets are also being used as corporate culture-change platforms. For example, large numbers of employees discussing key issues in an intranet forum application could lead to new ideas in management, productivity, quality, and other corporate issues. Intranets can help users to locate and view information faster and use applications relevant to their roles and responsibilities. With the help of a web browser interface, users can access data held in any database the organization wants to make available, anytime and — subject to security provisions — from anywhere within the company workstations, increasing employees' ability to perform their jobs faster, more accurately, and with confidence that they have the right information. It also helps to improve the services provided to the users.

EXAMINATION, September-2014

Question 1 (a) What is computer network? Write down the benefits and applications of networking technology in banking industry. Marks: 10

Answer:

Computer Network:

Computer Network is a telecommunication which allows computer to exchange data. In computer networks, networked computing devices exchange data with each other along network link (data connections). The connections between nodes are established using either cable media or wireless media. The best-known computer network is the Internet. Computer networks support an enormous number of application such as access to the World Wide Web, video, digital audio, shared use of application and storage servers, printers, and fax machines, and use of email and instant messaging applications as well as many others.

Benefits and applications of networking technology in banking industry:

There are a lot benefits and application of networking technology in banking industry. Networking technology has made easy the banking transaction and all other activities. Such as-

a) Entry the transaction as data from different computer to a central computer server.

b) Online fund transfer from one branch to another branch.

c) Cash deposit and withdraw from one branch to another branch.

d) ATM transaction.

e) Printing the document from one computer to another computer by network printer.

f) Transferring the data and document etc.

g) Electronic fund transfer by BEFTN.

h) SWIFT service with international banks.

These all are the example of benefits and application of networking technology in banking industry.

Question 1 (b) Distinguish among LAN, MAN & WAN. What are the basic devices required to set-up WAN in a bank branch? Marks: 10

Answer:

The distinguishing among LAN, MAN and WAN is cleared from the discussion below:

LAN:

6. LAN (Local Area Network) is a group of computers and other network devices which are connected together.

7. All the devices that are part of LAN are within a building or multiple building.

8. LAN network has very high speed mainly due to proximity of computer and network devices.

9. LAN connection speeds can be 10mbs or 100 Mbps or 1000Mbps. Also

10. LAN uses Guided Media;

MAN:

6. MAN (Metropolitan Area Network) is a larger network of computers and other network devices which are connected together usually spans several buildings or large geographical area.

7. All the devices that are part of MAN are span across buildings or small town.

8. Man network has lower speed compared to LAN.

9. MAN connection speeds can be 10 Mbps or 100Mbps.

10. MAN uses Guided Media or Unguided media.

WAN:

6. WAN (Wide Area Network)is a group of computers and other network devices which are connected together which is not restricted to a geographical location. Internet is WAN.

7. All the devices that are part of WAN have no geographical boundaries.

8. WAN speed varies based on geographical location of the servers. WAN connects several LANs.

9. WAN connection speeds can be 10 Mbps or 100Mbps.

10. WAN mainly uses Guided Media or Unguided media. Its long distance communications which may or may not provide by public packet network.

Basic devices required to set-up WAN in a bank branch:

1. Network Cable 2. Computer 3. Switch

4. Connector 5. Router 6. Server etc.

Question 2 (a) what are the basic components of a computer? Differentiate among Laptop, PC and Server. Marks: 10

Answer:

Basic components of a computer:

Input Device	Output Device	Computer case	Data Port	Removable Data Storage
Keyboard	Monitor	CPU	Ethernet	DVD Rom
Mouse	Printer	Motherboard	Firewire	CD Rom
Image Scaner	Speaker	Hard Disk	USB	Flopy Disk
Joystick	Plotter etc	RAM	Parallel Port	Memory Card
Webcam		Video/sound Card	Audio jack etc	USB flash drive etc
Microphone etc		Power Supply

Difference among Laptop, PC and Server:

SL	Laptop	PC	Server
1.	Typically laptops is small size and takes comparatively little amount of space	PC is comparatively bigger than laptop and it takes big amount of space.	Server is larger in size than laptop and PC. So it requires a large amount of space.
2.	Laptop creates the data.	PC also creates the data.	Server can create data but generally it used to store the data.
3.	Laptop sends the data to server using the network.	PC also sends the data to server using the network.	Server accepts the data created by PC and laptop.
4.	The trouble of laptop can’t affect the activities of server.	The trouble of general PC can’t affect the activities of server.	The trouble of server can affect the regular activities of PC and laptop.
5.	Laptop is less expensive than server.	PC also is less expensive than server.	Server is more expensive than laptop or PC.
6.	Laptop can serve one person at a time.	PC also can serve one person at a time.	Server can serve many persons simultaneously.
7.	The storage capacity of laptop is very little comparative to server.	The storage capacity of PC is also very little comparative to server.	The storage capacity of server is very larger than laptop or PC.

Question 2 (b) Define Network Printer and Printer Sharing. Explain the Cost Savings Method of a printer. Marks: 10

Answer:

Definition of Network Printer:

A Network Printer is a printer connected to a wired or wireless network. It may be Ethernet enabled and be cabled to an Ethernet switch, or it may connect to a Wi-Fi (wireless) network, or both. It enables user in locations geographically separate from each other and from their print devices to produce documents for themselves and others. Print servers enable multiple clients to share one or more print devices. It is designed for high volume, high speed printing. They are usually shared by many users on a network and can print at speed of 45 to around 120 ppm.

Printer Sharing:

Printer Sharing is the process of allowing multiple computers and devices connected to the same network to access one or more printers. Each node or device on the network can print to any shared printer and, to some extent, make changes to the printer settings, depending on the permissions set by the administrator for each user. When a print request is sent from a networked computer, this is received by the computer where the shared computer is attached; this is host computer initializes the printer and then sends the print job to it. So it can be said that Printer Sharing is an operational state in computer that lets other users in the network copy files and use the printer.

Cost saving method of printer:

The cost saving methods of printer is described below.

1. To see the print preview whether it requires the correction.

2. To print more than one page per sheet.

3. Both side print of the paper.

4. To print the selected part which we need.

5. Using draft mode as the default setting.

6. To print to PDF instead of paper.

7. Taking care of printer and toner.

These are the Cost saving method of printer. We should follow these cost saving methods. Because these methods not only save the cost, but also ensure the green banking.

Question 3(a): Define BCP. Discuss the highlighted points of BCP in banking industry. Marks: 10

Answer:

BCP:

Highlighted points of BCP in banking industry:

1. Disaster: such as natural disaster, technical disaster, men made disaster and the level of disaster.

2. Response to disaster: such as making team for recovery, and trained up about restoration.

3. Data back up: How the data backup will be stored for reusing.

4. Data Recovery: How the data will be recovered for BCP.

5. Alternate site: The site which will work alternatively.

6. Restoration and migration: The process to return at previous business condition including migration.

7. External Communication: The process to communicate with external level.

8. Staff security policy. How the security of the staff will be ensured.

These are the highlighted points of BCP in banking industry.

Question 3(b): Discuss the importance of DC (Data Centre) and DRS (Disaster Recovery Site) in respect of BCP in banking. Marks: 10

Answer:

Importance of DC (Data Centre):

Data Centre stores the data backup. It is very essential to continue the business in disastrous situation. It is generally set in head office or near the head office. Data centre is the preliminary data storage in centralized database system. We know that, banking industries are the financial service industries. The banks generate a lot of financial data which are related with the customer’s financial wealth. The importance of these data can be imagined in this regard. Data Centre contains these data. So how much important the data centre, it is easily understood.

Importance of DRS (Disaster Recovery Site):

Finally we can say from the above discussion, the importance of DRS is undeniable in respect of business continuity plan (BCP) of banking industries.

Question 4(a): What is internet banking? What are the main features of internet banking? Marks: 8

Answer:

Internet Banking:

Banking means money transaction with the financial institution for personal or business purposes. Usually clients have to come in the premise of banking institution for the transaction. Internet Banking is that banking system where clients can make transaction without coming in the bank premise. Using the internet, people can get this financial service. This is the Internet Banking.

Main features internet banking:

The main features of internet banking are cited below.

1. Internet Banking is two factor authentication oriented system ensure the security and safety of customer’s account.

2. To view the account balance.

3. To see the account statement.

4. To recharge the mobile balance.

5. Fund transfer facility within the same bank.

6. Fund transfer facility within different bank using BEFTN.

7. Stop payment facility.

8. Cheque requisition facility etc.

These are the features of Internet Banking.

Question 4(b): What is MIS? Why is it required for a dynamic organization?

Marks: 6

Answer:

MIS:

Why MIS is required for a dynamic organization:

Question 4(c): How IT based MIS can help a banking institution? Marks: 6

Answer:

How can IT base MIS help a banking institution:

A management information system (MIS) provides information that organization need to manage themselves efficiently. Management information systems are typically IT based which is used for managing five primary components: hardware, software, data, procedures, and people.

IT based MIS can help a banking institution like this way:

1. To provide information instantly for taking decision.

2. To make plan by given information properly.

3. To control the subordinate with justice.

4. To operate the administration efficiently.

5. To manage the human resource productively.

6. To maintain proper documentation.

7. To develop the organization.

Thus IT based MIS help the management to take plan, to control, to take necessary action in human resource management.

Question 5(a): What is ICT Policy? Discuss the key points of ICT Policy of a bank. Marks: 10

Answer:

What is ICT Policy:

ICT represents Information Communication Technology. Policy means a course or principle of action adopted or proposed by an organization or individual. In another words, policy is a deliberate system of principle to guide decisions and achieve rational outcomes. So ICT Policy is the key principle to give direction about the application in information communication technology.

Key points of ICT policy of a bank:

1. ICT Security Management

2. ICT Operation Management

3. Physical security

4. Information Security Standards

5. Software Development and Acquisition

6. Service provider management

7. Virus protection

8. Monitoring

These are the key points which should be the ICT policy of a bank according to Bangladesh Bank Guideline.

Question 5(b): What do you understand by User Acceptance Testing of a system? Marks: 5

Answer:

Acceptance Testing of a system

User acceptance testing (UAT) consists of a process of verifying that a solution works for the user. In software development, user acceptance testing (UAT) - also called beta testing, application testing, and end user testing. It is a phase of software development in which the software is tested in the "real world" by the intended audience. This is typically the last step before the product goes live or before the delivery of the product is accepted. For example, eIBS, the core banking system of IBBL is being modified several times. When the developers of this software think to run it finally, they test its application for the users. This is the User Acceptance Testing.

Question 5(c): What are the restrictions of email and internet uses? Marks: 5

Answer:

Email users should refrain from:

ü Sending or forwarding chain e-mail, i.e., messages containing instructions to forward the message to others.

ü Broadcasting e-mail, i.e., sending the same message to more than 10 recipients or more than one distribution list.

ü Conducting a personal business using bank resources.

ü Transmitting any content that is offensive, harassing, or fraudulent.

ü Sending e-mail that contains a threatening or violent message.

ü Creating or exchanging obscene messages of any kind, including pornographic material.

ü Sending e-mail that promotes discrimination on the basis of race, gender, national origin, age, marital status, sexual orientation, religion, or disability.

ü Exchanging proprietary information, trade secrets, or other confidential information with anyone not affiliated with the bank.

Restriction about Internet:

Social networking site, blog site, chatting, online voting or survey site of political or any purpose without prior permission.

Video, Audio download or upload.

Browsing illegal, material, porn, spam or infected site.

Sports, games download, online game.

Newspaper, Stock Exchange, Job Site and any other defined by the authority.

The user should not accept (clicking OK or YES) any unknown or unrelated POP-UP message /offer.

Any kind of modem (Zoom, Edge, Wimax etc.) is strictly prohibited to use in Bank’s Desktop computers.

Question 6(a): Describe the Settlement Process of BACH with examples.

Marks: 14

Answer:

Settlement Process of BACH with examples:

The elaboration of BACH is Bangladesh Automated Clearing House. Bangladesh Bank has set this clearing house centrally to settle the interbank cheques payment. The settlement process is given in BB circular PSD Circular No-01/2010 like this-

“Prior to presenting an approved payment item to (or receiving an approved payment item from) the Bangladesh Bank, a Participating Bank must designate a Settlement Account on the Bangladesh Bank’s books, and identify the transactions to be settled through the Account. The Bangladesh Bank may in its discretion, recover the unpaid balance of the Participating Bank’s obligation with respect to an item from the Participating Bank, respectively, without prior notice or demand. The Bangladesh Bank may charge against a Participating Bank’s designated Settlement Account

the amount of the Bank’s BACPS transactions, unless the Bangladesh Bank and the Participating Bank agree to other arrangements for settlement. By designating a Settlement Account, a Bank authorizes the Bangladesh Bank to debit the

designated Account on the Settlement Date the amount of items sent by the Bank to the Bangladesh Bank and to debit and credit to the designated Settlement Account the amount of other transactions (including fees, unless otherwise agreed) with respect to BACPS Items. The Bank agrees to maintain to its credit in the designated Settlement Account, consistent with paragraph 10 of these Rules, a balance of Actually and Finally Collected Funds sufficient to cover charges under these Rules and all other charges to its Account. By designating a Settlement Account, and in consideration of the processing and settlement by the Bangladesh Bank of items sent to and/or received by the Bank and other Participating Bank companies, the Participating Bank agrees to the applicable BACPS Operating rules, as amended from time to time, for the benefit of all parties. A settlement designation supersedes all prior inconsistent designations with respect to items. The Participating Bank may terminate a settlement designation by written notice to the Bangladesh Bank and the Bangladesh Bank may terminate a settlement designation by written notice to the Bank. On the Settlement Date, the Bangladesh Bank debits and credits the Participating banks Designated Settlement Accounts in the amount of presented approved payment items. Settlement for these items must be made by the Paying Bank at the time provided in processing schedules, and is available for withdrawal or other use by the Participating Bank at that time, subject to the provisions of these Rules. Settlement among participating banks will occur on a net basis and will be final when posted.’’

The settlement process of BACH with example is described below.

AB bank and IBBL are two banks. Mr Jayed is a client of AB bank. He has gotten a cross cheque of IBBL from his party. Now he has presented the cheque of IBBL to his AB bank for collecting money and depositing to his account. Now the processing of settlement will be started step by step.

1. The respective branch of AB bank will receive the instrument from Mr Jayed.

2. To prepare the instrument for clearing, this instrument will be stamped, scanned and sent to the BACH site.

3. The main branch of AB bank will receive and send all of its other branch’s instruments to the BACH centrally.

4. The main branch of IBBL will receive the images of inward clearing instruments from the BACH and transfer to the respective branch.

5. The respective branch of IBBL will verify the instrument’s validity and if possible they will honour the instrument.

6. The money of the presented cheque will be deposited to Mr Jayed account.

7. Every scheduled bank has the Settlement Account in Bangladesh Bank. Bangladesh Bank will adjust the amount from IBBL Settlement account to AB bank Settlement account.

Question 6(b): What do you understand by net settlement and gross settlement of clearing system? Marks: 6

Answer:

Net settlement:

A net settlement is the process by which banks calculate the collective total of all transactions on any given day. Credit and debit transactions are recorded on the clearing house books through the business day; final settlement of the net transactions, the credits less the debits, occurs when funds due to a bank are credited to its reserve account by a central bank. In a nut shell, it can be stated that Net Settlement in banking is simply the sum of the day’s credit and debits. For example, XYZ bank’s today has the outflow: Cheque Payment- 400,00 tk, Debit card transaction– 500,000 tk, Credit card transaction 300,000 tk, Total- 12,00,000 tk. Now the inflow: Check deposits. 300,000 tk, cash deposits. 200,000 tk. Total 500,000 tk. So the Net Settlement = 12,00,000-500,000 tk = 700,000 tk.

Gross Settlement:

Gross Settlement means the transaction is settled on one to one basis without bundling or netting with any other transaction. Once processed, payments are final and irrevocable. Real Time Gross Settlement (RTGS) systems are typically used for high-value transactions that require immediate clearing. In another words, Gross Settlement is the transfer of funds that will be immediately available to the recipient. This is and electronic transfer between banks, and usually involves separate payment instruction for each transaction.

Question 7(a): What do you mean by ICT Security Management? Why is it so important in banking? Marks: 8

Answer:

ICT Security Management:

ICT Security Management means to take necessary action for the security of Information Communication Technology. It refers to manage the situation in such way, as if the ICT of the organization keep free from all of the possible threats. Because, ICT is an unavoidable tool to operate the organization dynamically and smoothly. It deals with ICT Security Policy Documentation, Internal information System Audit, Training and Insurance as per Bangladesh Bank Guideline. ICT Security Management must ensure that the ICT functions and operations are efficiently and effectively managed. They should be aware of the capabilities of ICT and be able to appreciate and recognize opportunities and risks of possible abuses. They have to ensure maintenance of appropriate systems documentations, particularly for systems, which support financial reporting. They have to participate in ICT security planning to ensure that resources are allocated consistent with business objectives. They have to ensure that sufficient and qualified technical staffs are employed so that continuance of the ICT operation area is unlikely to be seriously at risk all times. This is the ICT security management.

Why ICT is so important in banking:

The 21^st century has brought about an all-embracing convergence of computing, communications, information and knowledge. It has changed the way of live, work and thinks. In this regard, modern banking is not running more based on manual ledger (ledger banking). It has converted into ICT based operation. This change has brought an enormous motion and development in the banking services. Advances in technology are allowing for delivery of banking products and services more conveniently and effectively than ever before. ICT has made possible rapid access to critical information and ability to act quickly and effectively. The importance of ICT will be more clear from the below quoted ICT facility.

- Remote banking

- Internet banking

- Mobile banking

- Anytime banking

- Management Information System

- Accounting Information System etc

These all are the gifts of ICT. So, we can understand ICT is very much important in banking.

Question 7(b): Discuss the main features of mobile banking. How does mobile banking play an important role in financial inclusion? Marks: 6

Answer:

Main features of mobile banking:

Modern banking is becoming easy and convenient day by day with the development of information communication technology. Mobile banking is such kind of modern banking service. The main features of mobile banking are given below.

1. Account balance check.

2. Mini statement check.

3. Merchant payment.

4. Mobile phone recharge.

5. Fund transfer etc.

Role of mobile banking in financial inclusion:

Question 7(c): Explain the operational procedures of cash in and cash out of mCash system. Marks: 6

Answer:

Operational procedures of cash in and cash out of mCash system.

Cash in (deposit):

o Customer will give the deposited amount and mobile account number to the agent

o Agent will start the cash in process from his mobile phone

o Agent will give the deposit slip to the customer

o Than both the customer and agent will receive a SMS as the confirmation of the cash in (deposit)

o After receiving the SMS, customer will confirm about his cash in. So, he/she must not leave the agent counter before getting the SMS

Cash Out (Withdraw):

o Customer will give mobile account number and tell the amount of cash out (withdraw) to the agent

o Customer will call *259# from his mobile and get the Cash Out (withdraw) menu

o Then he will submit the agent's mobile account number, amount of money and PIN number

o Then transaction will complete and both the customer and the agent will receive the confirmation SMS from the System

o Agent will take the customer's signature/finger print and give the cash out (withdraw) receipt and money to the customer

Question 8. Write short notes on the following: Marks: 5x4=20

Answer:

i) Khidmah Card of IBBL:

Khidmah Card of IBBL is a shariah compliant product of IBBL facilitating the customer to purchase goods or service on credit. It also facilitates the user to withdraw cash from ATM up to a specific limit. As shariah forbids the interest (Riba), IBBL does not create any interest on credit limit usage. But it applies a specific service charge on its service. IBBL shall not be responsible for payment/purchase of any Shariah forbidden/illegal goods/products/services by the cardholder/supplementary cardholder. Family member or beneficiary of cardholder can have supplementary card.

ii) Merchant Payment:

Merchant Payment is a term defines the payment to merchants through the payment card from the clients of them. The merchant or businessperson is to maintain a type of bank account that allows businesses to accept payments by payment cards, typically debit or credit cards. A merchant account is established under an agreement between an acceptor and a merchant acquiring bank for the settlement of payment card transactions. Hence, the merchant can accept payment by swiping or entering t card information in the card terminal. So we can say that, the term ‘Merchant Payment’ indicates the accepting payment from others by the businessperson through the debit or credit card. They get this facility according to their agreement with the respective bank.

(iii) Contact Centre:

A contact centre can be defined as a coordinated system of people, processes, technologies and strategies that provides access to information, resources, and expertise, through appropriate channels of communication, enabling interactions that create value for the customer and organization. Through contact centers, valuable information about company are routed to appropriate people, contacts to be tracked and data to be gathered. It is generally a part of company’s customer relationship management. Contact centers, along with call centers and communication centers all fall under a larger umbrella labeled as the contact centre management industry. The majority of large companies use contact centers as a means of managing their customer interaction. These centers can be operated by either an in house department responsible or outsourcing customer interaction to a third party agency.

(iv) KIOSK:

KIOSK is a mode of software operation. It is a self employment ccomputerized technology. KIOSK s may store data locally, or retrieve it from a computer network. Some KIOSK s provide a free, informational public service, while others serve a commercial purpose such a small KIOSK . Touch screen, trackballs, computer keyboard, and pushbuttons are all typical input device for computer KIOSK . Touch screen KIOSK s are commercially used as industrial appliances, reducing lines, eliminating paper, improving efficiency and service. Their uses are unlimited from refrigerators to airports, health clubs, movie theatres and libraries. ATM, Deposit Machine, Phone or Recharge Machine etc are the example of KIOSK .

(v) Firewall:

A firewall is a set of related programs, located at a network gateway server, that protects the resources of private network users from other networks. It is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed to not be secure or trusted. Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls are a software appliance running on general purpose hardware or hardware-based firewall computer appliance that filters traffic between two or more networks. Host-based firewalls provide a layer of software on one host that controls network traffic in and out of that single machine.

EXAMINATION, March-2015

Question 1(a): What do you mean by Programming Language? Write down different categories of Language and give example of each. Marks: 8

Answer:

Programming Language: A programming language is a special language programmers use to develop applications, scripts, or other set of instructions for computers to execute.

Wikipedia says- ‘A programming language is a formal constructed language designed to communicate instructions to a machine, particularly a computer. Programming languages can be used to create programs to control the behavior of a machine or to express algorithms.’

This Language is written as a series of human understandable computer instructions that can be read by a compiler and linker, and translated into machine code so that a computer can understand and run it. Coded language used by programmers to write instructions that a computer can understand to do what the programmer (or the computer user) wants. The description of a programming language is usually split into the two components of syntax (form) and semantics (meaning). Some languages are defined by a specification document, while other languages have a dominant implementation that is treated as a reference.

Different categories of Language: There are different categories of Programming Language. Some of them are given below which usually used in practical.

System Languages
Architectural Languages
Application Languages

System Languages: The best uses of these languages are to build operating systems, hardware drivers etc. These languages are fast and give us low level (close to the core) access to the computer. The languages are used when speed is critical. These languages include:

C
C++
Assembler

Architectural Languages: The best uses of these languages are to build frameworks that support (make easy) application building. Not as fast (at run-time) as system level languages, but they provide a higher level of abstraction that makes writing software quicker and more productive. These languages include:

Java
C#

Application Languages

The best uses of these languages are to build the actual business applications like web shopping carts/stores, connecting to databases and creating the screens for users to interact with the database. These languages include:

PHP
Ruby
Perl
Python

There are also some categories of Programming Language such as:

Object Oriented vs. Procedural vs. Prototype
Scripting vs. Programming
Compiled vs. dynamic and many more.

Question 1(b): What is the difference between System Software and Application Software? Give example of each. Marks: 6

Answer:

Difference between System Software and Application Software:

System software and application software are computer programs. The system software is also installed during the installation of the operating system. However, the application software utilizes the capabilities of the computer on which it is installed.

· The programs and the file that comprises the operating system are called system software. The subclass of a computer program which utilizes the capabilities of computer is called application software.

· System software gets installed when the operating system is installed on the computer while application software is installed according to the requirements of the user.

· System software includes programs such as compilers, debuggers, drivers, assemblers while application software includes media players, word processors, and spreadsheet programs.

· Generally, users do not interact with system software as it works in the background whereas users interact with application software while doing different activities.

· A computer may not require more than one type of system software while there may be a number of application software programs installed on the computer at the same time.

· System software can run independently of the application software while application software cannot run without the presence of the system software.

· Example: Windows, Linux, Unix, MAC OSX, DOS etc are System software.

Photoshop, Illustrator, MS Word. Opera (web browser), VLC Player etc are Application Software.

Question 1(c): What is Operating System (OS)? Name different types of OS. Marks 6

Answer:

In brief, Operating System is a software program that acts as an interface between the user and the computer. It is a software package which allows the computer to function.

Names of different types of Operating System:

DOS (Disk Operating System)
UNIX
LINUX
Windows
Windows NT

Question 2(a): How many tiers in banks are categorized depending on ICT operation as per Guidelines of Bangladesh Bank? Describe each in short.

Marks: 12

Answer:

Tiers categorization of banks depending on ICT Operation:

There are three tiers in banks which are categorized depending on ICT operation as per Guidelines of Bangladesh Bank. The locations for which the ICT Security Guideline is applicable are the Head Office, Zonal Office, Branch and/or Booth/Unit of a bank or FI. The three tiers are described below.

Tier‐1: Centralized ICT Operation through Data Center (DC) including Disaster Recovery Site (DRS) to which all other offices, branches and booths are connected through WAN with 24x7 hours attended operation.

Tier‐2: Head Office, Zonal Office, Branch or booth having Server to which all or a part of the computers of that locations are connected through LAN.

Tier‐3: Head Office, Zonal Office, Branch or booth having stand alone computer(s).

The proposed ICT Security Guideline will be applicable for all the three tiers if not mentioned otherwise.

These three tiers are quoted from Guidelines of Bangladesh Bank which is supplied at Bangladesh Bank’s website.

Question 2(b): How do you secure your PC as per Guidelines of Desktop Policies of Bangladesh Bank. Marks: 4

Answer:

Security of PC as per Guidelines of Desktop Policies of Bangladesh Bank.

1. Desktop computer shall be connected to UPS to prevent damage of data and hardware.

2. Before leaving a desktop or laptop computer unattended, users shall apply the "Lock Workstation" feature.

3. Password protected screen saver shall be used to protect desktop and laptop from unauthorized access.

4. Laptop computers that store confidential or sensitive information must have encryption technology.

5. Desktop and laptop computers and monitors shall be turned off at the end of each workday.

6. Laptop computers, computer media and any other forms of removable storage (e.g. diskettes, CD ROMs, zip disks, PDAs, flash drives) shall be stored in a secured location or locked cabinet when not in use.

7. Other information storage media containing confidential data such as paper, files, tapes, etc. shall be stored in a secured location or locked cabinet when not in use.

8. Individual users must not install or download software applications and/or executable files to any desktop or laptop computer without prior authorization.

9. Desktop and laptop computer users shall not write, compile, copy, knowingly propagate, execute, or attempt to introduce any computer code designed to self‐replicate, damage, or otherwise hinder the performance of any computer system .

10. Any kind of viruses shall be reported immediately.

11. Viruses shall not be deleted without expert assistance unless otherwise instructed.

12. User identification (ID) and authentication (password) shall be required to access all desktops and laptops whenever turned on or restarted.

13. Standard virus detection software must be installed on all desktop and laptop computers and shall be configured to check files when read and routinely scan the system for viruses.

14. Desktop and laptop computers shall be configured to log all significant computer security relevant events. (e.g. password guessing, unauthorized access attempts or modifications to applications or systems software.)

15. All computers shall be placed above the floor level and away from windows.

Question 2(c): What guidelines should be followed in using email and internet?

Marks: 4

Answer:

Guidelines to be followed in using email and internet:

1. All Internet connections shall be routed through a firewall for computers connected to network and Anti‐Virus Gateway like Web‐Shield, Trend Micro etc. to get protection from spam, worm, Trojan etc. that is accessing in bank's network while browsing, downloading, or an attachment of any incoming mail to the PCs connected to bank's network.

2. Access to e‐mail system and internet shall only be obtained through official request.

3. E‐mail system and internet shall be used according to the bank's policy.

4. Concerned department shall perform regular review and monitoring of e‐mail service.

5. Users shall not use profanities, obscenities, or derogatory remarks in email messages regarding employees, customers, competitors, or others.

6. All attachments with the incoming e‐mail messages shall be monitored especially for viruses.

7. Mail server must have latest anti‐virus signature.

Question 3(a): Write down the basic difference between Centralized database and Decentralized database. Marks: 10

Answer.

Difference between Centralized database and Decentralized database:

1. Centralized database is a database in which data is stored and maintained in a single location. Decentralized database is a database in which data is stored in storage devices that are not located in the same physical location but the database is controlled using a central Database Management System (DBMS).

2. A centralized database is easier to maintain and keep updated since all the data are stored in a single location. A decentralized database is comparatively less easy to maintain and keep updated since all the data are stored in different location.

3. Centralized database is easier to maintain data integrity and avoid the requirement for data duplication. Decentralized database is less easy to maintain data integrity and it requires data duplication.

4. As all the requests coming to access data are processed by a single entity, and therefore it could easily become a bottleneck in Centralized database. But with Decentralized databases, this bottleneck can be avoided since the databases are parallelized making the load balanced between several servers.

5. Maintenance cost of Decentralized database is comparatively higher than Centralized database.

6. Designing databases for a Decentralized database is more complex than the same for a centralized database.

7. If one of the sites crashes, the system will keep running with the other sites in Decentralized database, which is difficult in Centralized database.

8. Centralized database is comparatively slower because the database is stored on a single computer or server. On the other hand, the Decentralized database is faster because the information is distribute and not packed as a whole.

9. Network problem is frequent in Decentralized database which arise rarely in Centralized database.

10. To access a Centralized database the user must connect to the computer network which will give them access to the central computer. In Decentralized database, the user can access a specific network in a specific area.

Question 3(b): What do you mean by Data Synchronization? How it is applied in case of database interruption for BCP? Marks: 6

Answer:

Definition of Data Synchronization:

Data synchronization is the process of maintaining the consistency and uniformity of data instances across all consuming applications and storing devices. It ensures that the same copy or version of data is used in all devices - from source to destination.

Data synchronization is enabled through specialized software that tracks data versions as they are created and utilized. The process is implemented in distributed systems where data elements are routed between several computers or systems. Each computer may modify original data versions, depending on requirements.

Data synchronization ensures that regardless of data modifications, all changes are merged with the original data source.

Data synchronization is also used in data mirroring, where each data set is exactly replicated or synchronized within another device.

How it is applied in case of database interruption for BCP:

In a business institution, its database is the most important matter. If computerized database becomes interrupted or crash, the business continuity may be hampered. So, as per Business Continuity Plan (BCP), data synchronization application resumes directly the production environment. Mirroring is a synchronous process, i.e., the changes are applied on the replicated server synchronous to the primary server. This is the best method when the requirement is for “zero data loss”. Data synchronization helps to restore data in the disastrous circumstances.

Question 3(c): What are the difference between DC and DRS? Marks: 4

Answer:

Difference between DC and DRS:

SL	DC	DRS
1	DC = Data Centre	DRS= Disaster Recovery Site
2	Data Centre generally is situated in head office.	DRS must be situated at a 10 kilometres (radius) distance from data centre as per BB Guidelines.
3	The function of DC is to store data.	The function of DRS to support in disastrous situation.
4	DC is active in all time for data storage.	DRS functions in accidental situation.
5	The DC is preliminary data storage.	The DRS is secondary data storage.

Question 4(a): Define BCP. Describe how a standard BCP can protect a bank as per Guidelines of Bangladesh Bank. Marks: 8

Answer:

Definition of BCP: A business continuity plan (BCP) is a management process to ensure the continuity of businesses in the event of a disaster. BCP is a process of developing advance arrangements and procedures that enable an organization to respond to an event in such a manner that critical business functions continue without interruption or essential change. Business Continuity is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. BCP will facilitate the identification of how quickly essential business units and/or processes can return to full operation following a disaster. It will delineate the business impact of disaster scenarios on the ability to deliver product or services.