«Securing Information in the Digital Age Information Security Policies This document presents a suite of integrated solutions which, together, offer ...»
System Testing The term System Testing can be used in a number of ways. In a general sense, the term ‘system testing’ refers to the testing of the system in artificial conditions to ensure that it should perform as expected and as required.
From a Systems Development perspective, System Testing refers to the testing performed by the development team (the programmers and other technicians) to Glossary 480 ensure that the system works module by module (‘unit testing’) and also as a whole. System Testing should ensure that each function of the system works as expected and that any errors (bugs) are noted and analysed. It should additionally ensure that interfaces for export and import routines, function as required. System Testing does not concern itself with the functionality of the system and whether this is appropriate to meet the needs of the users. Having met the criteria of the Test Plan the software may then be passed for User Acceptance Testing.
Systems Development Systems Development is the term used to describe the function of designing, coding, testing and updating software programs and other code e.g. scripts. The roles within Systems Development, will be Systems Analysts and Programmers and possibly other technical specialists.
Systems Operations Systems Operations refers to a team, or possibly even a department within the IT group, which is responsible for the running of the centralised systems and networks.
Systems Operations personnel have 3 main types duty. Firstly they will run the day to day procedures for each of the main systems. Whilst these operations may well be automated, a systems operator will execute and oversee the operation.
Secondly, they will perform routine housekeeping procedures on the systems, reviewing error logs and responding to any problems which occur day to day.
Thirdly, Systems Operations personnel will run end of day and ‘end of period’ (e.g.
monthly) procedures which will include the creation of backup copies of all the key data files across the systems.
From the above, it will be noted the Systems Operations do not concern themselves with development, testing or the functionality of the various software applications being run. Their task is focussed upon maintaining maximum ‘up-time’ by keeping all system and networks running efficiently.
Talk Mode Originally, a feature supported by some Operating Systems which allows two or more logged-in users to set up an on-line conversation in real time. Now, with the massive growth of the Internet, Chat, Newsgroups, and E-mail it has become much more common. Alternative names are Internet Relay Chat (IRC) Usenet Speak (US), and Espeak.. It combines the immediacy of talking with all the precision (and verbosity) that written language entails. It is difficult to communicate inflection, though conventions have arisen for some of these. Talk mode has a special set of jargon words, used to save typing, which are not used orally – except by some geriatric radio presenters. Some of these are identical to (and probably derived from) Morse-code jargon used by ham-radio amateurs since the 1920s.
TANJ There Ain’t No Justice (Larry Niven, Science Fiction author). Familiar cry of IT developers (when their new software doesn’t work), and of users (when the software they’ve just bought hangs up their system and – as a bonus – requires the hard drive to be reformatted).
Glossary 481 Tank In larger installations, the area within the ‘Computer Centre’ in which the main computer systems are located. The term originates from the design of such rooms, which usually had half, or full, height glass windows on all sides, suggestive of life in a fish tank. Tanks are specially constructed rooms with complex environmental controls, because mainframe computers require low humidity and a relatively cool atmosphere. Access to ‘the tank’ is restricted to authorised personnel only, and usually have independent, clean line, uninterruptible power supplies, and extra (non-H2O) fire protection.
There are fewer Tanks to be seen now as newer servers do not require such critical climate control, but ALL systems irrespective of size, need reliable power supplies, and should be afforded proper fire protection.
TANSTAAFLThere Ain’t No Such Thing As A Free Lunch (Robert A Heinlein, Science Fiction Author) The phrase owes some of its popularity to the high concentration of science-fiction fans and political libertarians in the IT world in general, and the hacking/programming fraternity in particular.
Tape Streamer Peripheral Device used mainly for backing up data, which uses magnetic Tape rather than Disk.
Tape streamers are usually high capacity devices, capable of storing backups from more than one machine.
Techno Crime Techno Crime is the term used by law enforcement agencies to denote criminal activity which uses (computer) technology, not as a tool to commit the crime, but as the subject of the crime itself. Techno Crime is usually pre-meditated and results in the deletion, corruption, alteration, theft or copying of data on an organisation’s systems.
Techno Criminals will usually probe their prey system for weaknesses and will almost always leave an electronic ‘calling card’ to ensure that their pseudonym identity is known.
Techno Vandalism Techno Vandalism is a term used to describe a hacker or cracker who breaks into a computer system with the sole intent of defacing and or destroying its contents.
Techno Vandals can deploy ‘sniffers’ on the Internet to locate soft (insecure) targets and then execute a range of commands using a variety of protocols towards a range of ports. If this sounds complex - it is! The best weapon against such attacks is a firewall which will hide and disguise your organisation’s presence on the Internet.
Terminal Typically a Terminal will have only a screen and keyboard and can only operate by communicating with a host/server, having no processing power of its own. This type of terminal is often known as a ‘Dumb Terminal’ to differentiate it from PCs Glossary 482 which are also used as terminals to communicate with a host, but can, and do, operate on a stand-alone basis without being connected to a host.
Terminals can have speed advantages over PCs since they work directly with the main system. For security conscious companies, dumb terminals are often a better choice than PCs. Users cannot introduce unauthorised software, or make ‘inappropriate’ use of the equipment since there are no facilities to do so. Most companies however, prefer the flexibility and power advantages that desktop PCs offer over terminals.
Terminal ID The terminal ID is the identification number of a specific (physical) terminal or workstation on the network.
Test Plan Tests on hardware and software must always be in accordance with a documented test plan. The key point about a test plan is that it not only documents what will be tested, but also the expected results. In addition, a test plan can identify additional areas which should be tested and the resultant plan more comprehensive.
Having completed the tests, the results need to be considered and a determination of whether or not, any results have failed to meet an acceptable standard. In particular, each failure should be allocated a ‘severity level’. Without this gradation, an objective view cannot be taken. See also System Testing and User Acceptance Testing.
TFTThin Film Transistor. Type of Laptop Screen
Three Finger Salute The keyboard combination that, under DOS, forces a warm (or soft) re-boot. On the great majority of PCs this is Ctrl+Alt+Delete but other machines may use other combinations. With Windows® 95 and beyond, Microsoft intercepted this command and presented some user options. However, if the PC is really hung, then continued three fingered salutes would normally cause a reboot.
(Alternatively, most of us powered off or ‘re-set’, at this stage). This was a favourite part of the PC user’s day in the early 1990s when Microsoft Windows® 3.1 / 3.11 used to crash, freeze, and generally stop working, on a regular basis.
Three Strikes Jocular reference to the security system of locking out users who fail to provide a valid password within three attempts - ‘Three Strikes, You’re Out !’ Time-bomb As the name suggests, a piece of hidden program code designed to run at some time in the future, causing damage to, or loss of, the computer system. Time bombs are less sophisticated than Logic Bombs, being concerned only with the system date, rather than some specific event. Unless the date is changed, or the code removed, the Bomb will go off on a specific date, come what may.
Tool A utility program used primarily to create, manipulate, modify, or analyse other programs, such as a compiler or an editor or a cross-referencing program, or perform maintenance and/or repairs on system hardware or application software.
Tools include Hex editors, disk checkers, file backup and recovery programs, etc.
Tools are powerful pieces of software and the use of tools within a organisation should be restricted to those personnel who have either received the proper training or have otherwise proven their competence in the use of such software.
Toolkit A collection of tools with related purposes or functions, eg Anti-Virus Toolkit, Disk Toolkit, etc.
Total Cost of Ownership – TCO The Total Cost of Ownership (TCO) is an annual cost representing the actual ‘all in’ cost of ‘end user computing’. The issue has been pioneered by the respected business technology research company, Gartner Group Inc which currently estimates that a networked PC ‘costs about $13,200 per node annually for hardware, software, support and administrative services and end-user operations’.
Such costs are often greeted with disbelief; especially as the cost of the hardware continues to drop so appreciably. However, the material costs are found in ‘end user operations’ where the end users try to perform Systems Administration functions on their PCs or where they are simply trying to resolve a problem due to the ability to configure the operating system and desktop environments how they please. Many professionals in IT continue to rue the day when the computer became ‘Personal’!
Managing TCO is consequently a substantial challenge to many large organisations.
Trojan Term coined by hacker, turned spook, Dan Edwards. A Trojan Horse is a malicious, security-breaking program that is disguised as something benign, such as a directory lister, archiver, game or, in one notorious 1990 case on the Apple Macintosh, a program to search and destroy viruses! A Trojan is a type of virus which normally requires a user to perform some action before the payload can be activated. Famous examples include the recent (May 2000) attack by a virus known as ‘Resume’ in which an E-mail is received with an attachment which purports to be the CV of a lady seeking employment. A CV is actually attached, but embedded within it is a macro-virus which activates the Trojan program as soon as the document is opened for viewing. If the attachment is not opened, the virus cannot deliver the payload and no damage is done.
A basic defence against all viruses is a strict organisation policy that E-mail attachments should not be opened until they have been checked by an anti-virus scanner and then only if they originate from a known, reliable, source (even other known users may be infected). Any attachment which does not meet these criteria should be saved to a floppy disk and passed to your anti virus software vendor’s investigation team to investigate. Meanwhile the original E-mail message with its attachment must be deleted from the user’s system.
Troll An E-mail message, Usenet posting, or other electronic communication, which is intentionally incorrect, but – unlike flame bait - not overtly controversial. Trolling aims to elicit an emotional reaction from those with a hair-trigger on the Reply To… key. A really subtle troll makes some people lose their minds. Not a good idea for organisation e-mail addresses to be associated with Trolls.
Trolling Baiting readers on Usenet newsgroups with a post designed to incite a large volume of angry responses. Posts such as those that scream out racist epithets are common trolls. This activity is not normally a problem for companies - unless the person trolling happens to be using a organisation machine when the likely result may well be mail-bombing or other denial of service activity.
Trusted Operating Systems Trusted Operating Systems are ones which have been specially modified to be so secure as to be almost unusable! They afford maximum security for those systems which require it …..
The reason for this development is due to the substantial rise in concern over the apparent ease by which hackers are able to gain access to seemingly secure systems, a number of vendors have developed variations on mainstream version of UNIX and Windows® which go well beyond the standard Operating System hardening which is advisable for all and any desktop and server systems.
However, the deployment of a trusted Operating system, does require substantially more training of your systems operations staff as, no longer does the Administrator necessarily have ‘ultimate power’. Henceforth the functions which control say, file, print or network access, are now split into separate ‘sandboxes’ which permit only a subset of actions to be performed by one systems administrator. It will be apparent that a substantially higher degree of coordination Glossary 485 is required with the Systems Operations team, and also a much deeper level of planning before any changes are made.
Whilst this may appear to be a high overhead; it does prevent a system from gradually being changed over time by a single Systems’ Administrator making small changes ‘here and there’. In effect the Operating System is locked down and such Trusted Systems lend themselves to any e-commerce business where maximum security is paramount; say e-banking.
Tunafish Allegedly an age-old joke to be found in a computer manual, now advanced as a reason (or excuse) why something cannot be done, consisting of the line ‘You can tune a file system, but you can't Tunafish’. Rumour has it that the joke was excised from later versions of the manual by humourless management droids.