WGU C724 Study Sets. Questions and accurate answers, 100% Accurate, graded A+

Document Content and Description Below

WGU C724 Study Sets. Questions and accurate answers, 100% Accurate, graded A+ The evolution of software has produced the ability to manage large databases of information, known as - ✔✔-data... base management systems (DBMS) was the first computer software language for business applications - ✔✔-Common Business Oriented Language (COBOL) is a programming environment that provides tools to developers to write code. - ✔✔-Integrated Development Environment (IDE) components include devices that provide input into the processing unit. These include peripherals, such as the keyboard, mouse, microphone (audio input), sensors, and document or visual scanners. - ✔✔- Input which is the brain of the computer. Historically, this unit included several components, such as a control unit, a processor, an arithmetic or logic unit, and memory components. - ✔✔-Central Processing Unit (CPU) components include primary temporary storage and secondary long-term storage devices. - ✔✔-Storage is temporary or short-term storage used by the processor. - ✔✔-Random Access Memory (RAM) components include internal storage devices or processes, as well as external peripherals such as monitor screens (visual output), speakers (audio output), and printers (physical output). - ✔✔-Output which is the medium through which communications between the input, processor, storage, and output occur. - ✔✔-System Bus or similarly the backplane, of a system is the device that contains the system bus and connects the various input and output devices that compose any given computer system. - ✔✔-Motherboard tracking barcodes and wireless sensor networks, some used in supply chain operations. - ✔✔-radio frequency identification (RFID) A person interacts with digital data through a physical environment. - ✔✔-Tangible User Interface (TUI) is the most advanced integrated circuit and holds millions of integrated circuits in a semiconductor chip. They are programmable devices that process instructions and incorporate the four functions of a computer central processing unit (CPU), which includes fetch, decode, execute and store. - ✔✔- Microprocessor A chip with multiple CPUs is called a ........ This typically provides more computing power for they can run multiple instructions in parallel. - ✔✔-Multicore processor coined by the co-founder of Intel, described that components in integrated circuits or microchips will double every two years. - ✔✔-Moore's Law otherwise known as CPU cache and random access memory (RAM), are typically referred to as volatile flash memory, meaning that information storage is temporary and can only be stored until power is removed. - ✔✔-Primary Storage is accessed only through a system's input/output bus and is generally several orders of magnitude slower than primary storage technologies. On the other hand, costs per byte for ........... have historically been quite a bit less than primary storage technologies. Examples of ............. include magnetic hard disk drives, which are spinning magnetic disks with moving read and write heads, as well as newer, more modern solid state nonvolatile flash storage. ............. also includes removable media, such as magnetic floppy disks, optical discs (CDs & DVDs), and USB flash drives. - ✔✔-Secondary Storage Small systems are used on an individual basis (i.e., one-person use) and include traditional multicomponent desktop systems (monitor, computer, keyboard, mouse) and integrated systems, such as laptops and tablet computers. - ✔✔-Personal Computer (PC) A more powerful system used by individuals in order to run more resource-intensive applications. - ✔✔- Workstation A system used to provide services to other systems. Servers need not be powerful computers. Server operating systems may be used on personal computers, including desktops or laptops, though usually servers are built on more resilient and reliable components. - ✔✔-Server A high-capacity, high-performance system built for large organizations and used to quickly process large volumes of data. - ✔✔-Mainframe This term merely implies the fastest category of computer available. Supercomputers are purpose built to handle vast amounts of information very quickly. Examples of supercomputer applications include simulating global weather patterns, decoding genome structures, or simulating the human mind. - ✔✔- Supercomputer A form of supercomputer constructed from many smaller systems that have been connected together. - ✔✔-Grid computing A software-based platform that allows multiple virtual servers, isolated from host computer, to operate on a single or, potentially, a fabric of many systems. Initially intended to more efficiently use expensive and underutilized hardware, virtualization has allowed for better fault tolerance and flexible, dynamic, and automated server operation and maintenance. - ✔✔-Virtual computing is software whose source-code is freely available to developers and users. .............. is developed not by single users or companies, but by communities of connected users and groups. - ✔✔-Open Source Software is a system used to convert plain-text document into one optimized for viewing as a Web page, integrating colors, graphics, fonts, and links. - ✔✔-Hyper Text Markup Language (HTML) A computer language similar to HTML, XML makes it easier to exchange, validate, store, and interpret data between a variety of applications and systems. - ✔✔-Extensible markup language (XML) Many graphical and traditional text based HTML editors exist and range from the unsophisticated text editors to feature rich graphical WYSIWIG (What You See Is What You Get) interfaces. Modern popular examples include Adobe's Dreamweaver and Microsoft's Visual Studio. - ✔✔-Web design tools Graphics, video, animations, and interactive multimedia are popular elements in Web pages. Popular tools used to create these elements include Adobe's Photoshop, Flash, and Premier products. - ✔✔- Graphics tools Tools that allow webmasters and developers to achieve better rankings from search engines, implying that traffic would better route to a site as a result. - ✔✔-Search engine optimization Services are provided in-house on servers or in a datacenter owned, managed, and administered by the organization. - ✔✔-On Premises (private cloud) Software licensed and hosted on centralized or distributed servers that belong to a service provider. Users access this software using a connection to the Internet and a Web browser. Examples include Salesforce.com's CRM (Customer Relationship Management) application or Google Apps. - ✔✔-Software as a service (SAAS A service provider provides server space, the server, virtualization, operating system, database, and development environment in a platform that can be used for application development. An example would be Amazon Web Services. - ✔✔-Platform as a service (PAAS) A service provider provides a cloud fabric, or pooled services, including server space, servers, storage, and all other aspects of the computing platform, with the exception of the operating system and applications, which the client organization would install and manage. Benefits include dynamic scaling and may include geographic distribution. An example would be Windows Azure or Rackspace. - ✔✔- Infrastructure as a service (IAAS) ensures that only authorized personnel are admitted access. - ✔✔-Confidentiality ensures that data is produced and modified in the correct way. - ✔✔-Integrity ensures that access to resources is unimpeded. - ✔✔-Availability The potential for loss, commonly associated with the monetary and non-monetary impact to such a ,,,,,,,,,,, as well as the probability of occurrence. - ✔✔-Risks A weakness in the technology, process and procedure, or people involved with any given information asset. Such ,,,,,,,,,,,,,,, may include weaknesses in the technologies used, including their configurations, and the security policies that are enforced or not within an organization. - ✔✔-Vulnerabilities The identified and unidentified actors that have the potential for attacking the information assets. Such actors may include elements both internal and external to the organization. - ✔✔-Threats The damaging or potentially damaging acts that are the product of an attacker's process, which may include: reconnaissance, scanning, gaining and maintaining access, escalating privileges, building backdoors, and destroying evidence. - ✔✔-Attacks a loss of access created by cut cables or power services, malware, hoaxes, bots and botnets (i.e. a computer or groups of hijacked computers to attack others, often without notice to their owners), smurf attacks, SYN floods, DNS poisoning, or outright hijacking and/or redirection of services. - ✔✔-Denial of service malicious software applications - ✔✔-Malware One high-profile example of a malware threat is SQL Injection, which uses vulnerabilities in the most popular type of database, SQL, to modify, delete, or steal information. Malware is spread through a variety of methods, direct download (intentional or not), as a part of another application or utility - ✔✔-Trojan Horse website visit (e.g. drive-by download), or merely by being connected to the Internet or affected network - ✔✔-worm In some cases, internal attackers, such as disgruntled employees, may introduce malware - ✔✔-logic bomb One high-profile example of a malware threat is.................... which uses vulnerabilities in the most popular type of database, SQL, to modify, delete, or steal information. - ✔✔-SQL Injection a threat or attack that exploits known or unknown vulnerabilities in software. Software developers quickly patch vulnerabilities once known, though identifying these vulnerabilities takes time. Once found and fixed, developers must send patches to all affected or potentially affected users, which, unfortunately, does not occur consistently. In other cases, the public release of patches is used as a tool for malware authors to reverse engineer and easily attack those who have not updated their systems in time. - ✔✔-Zero Day Attack normally low tech attacks used to trick individuals into disclosing information, providing access, or changing their patterns. Examples include phishing, spear-phishing (i.e. targeted phishing), dumpster diving, baiting, tailgating, and quid pro quo. - ✔✔-Social Engineering an authorized and ethical computer hacker**, one who helps organizations to protect their networks and systems from others, via penetration testing, or the design and implementation of policies. - ✔✔- White Hat a computer hacker** with skills and intent to help organizations protect their networks and systems from others, but whose services may come at a price, or sold to the highest bidder. - ✔✔-Grey Hat a computer hacker** with criminal intent. - ✔✔-Black Hat an individual or organization interested in vandalism, cyber-terrorism, or hacking for a stated cause or purpose. - ✔✔-Hacktivist an individual or organization interested in exploiting computers and networks for the purpose of generating revenue. Note that organized crime has a very active presence in cybercrime. - ✔✔-Cyber Criminal government focused and funded individuals or organizations interested in cyber-warfare against other nations and economic infrastructures. - ✔✔-Nation state A low tech attack where an attacker depends on the victim's greed or curiosity to provide sensitive information. An example might be an intentionally dropped USB drive left openly in a busy parking lot. A victim, through greed or curiosity might take such a device and plug it into a corporate computer, perhaps attempting to identify or return it to its owner or merely to obtain the value of the materials contained, but receive malicious code. - ✔✔-Baiting Gathering sensitive or nonsensitive information from refuse. This sometimes illegal act is as simple as foraging through household or corporate garbage receptacles for information. Even innocuous information tied with other innocuous information may, when combined, paint an attractive picture for identity thieves. - ✔✔-Dumpster Diving Often completed through email, this generic act of fraud is often in the form of an email requesting a response containing sensitive information, such as a username or password. However, it can also take the form of a misleading and/or masked hyperlink that directs a victim to an official looking website (i.e. a pharming page) that asks for sensitive information. - ✔✔-Phishing creating a believable scenario (e.g. whether innocuous or serious) for the purpose of obtaining information. For example, a user receives an official looking email that alerts them to recent successful phishing attacks, and asks them to respond with their credentials in order to ensure their validity. - ✔✔- Pretexting An exchange of something of value for information. For example, the gift of a T-Shirt in exchange for personally identifiable information. - ✔✔-Quid Pro Quo A low-tech attack that is as simple as watching someone type in their password, or obtaining sensitive information from a computer screen. - ✔✔-Shoulder Surfing A low-tech attack that allows unauthorized personnel access to sensitive or restricted areas merely by overtly or covertly following an authorized employee through a controlled access entry point. Organization entry points are often protected by electronic badge access, which may be circumvented by not allowing a door to close properly, or authorized personnel who are not observant, are ignorant of or not properly trained in information security, intentionally or unintentionally allowing an unauthorized person to enter an otherwise locked door. - ✔✔-Tailgating A high-tech attack that is an act of using malicious code to redirect users to a website that mimics the appearance of an official page, but that merely collects sensitive information such as names, addresses, phone numbers, usernames and passwords, and security questions and answers. One particularly insidious example of pharming is DNS poisoning, which changes the DNS record for a specific site to redirect all requests and web access to another specific site, even without providing the user with a fraudulent phishing message. - ✔✔-Pharming of 1996, which requires organizations and individuals who handle medical information to adhere to rules and procedures for billing and information transfer. - ✔✔-Health Insurance Portability and Accountability Act (HIPAA) of 1999, which requires organizations and individuals to adhere to rules and procedures for storing and transferring financial information. - ✔✔-Financial Services Modernization Act (aka Gramm-Leach-Bliley Act) of 2002, which requires organizations to adhere to rules and procedures to ensure the accuracy, integrity, and security of financial information that leads to the creation and storage of financial statements. - ✔✔-Public Company Accounting Reform and Investor Act (aka Sarbanes-Oxley Act) of 1974, which requires educational institutions receiving certain federal funding to protect the information and privacy of certain aspects of a student record. - ✔✔-Family Education Rights and Privacy Act (FERPA) is an important decision point for a business to implement controls or security for any risk, because managers need to evaluate the benefits versus the financial cost for implementing these controls. - ✔✔- cost-benefit analysis (aka strategic level) frameworks are documents that establish the security program, define specific or general risks that it will be responsible for handling, and specify its purpose, extent, objectives, responsibilities (including the command structure within the security department), and enforcement. - ✔✔-Program/Charter level policy address specific issues or concerns that a security policy is needed, or even controversial areas where the company takes a given position on an issue. Examples include policies for: - ✔✔-Issue specific policies which requires each individual in an organization to be appropriately identified and authenticated at specific entry points to an organization and its information systems, and which help with the enforcement of access control, with the appropriate authorizations pre-selected for them. - ✔✔-Identity management which specifies acceptable and tolerable uses of an organization's computer systems, equipment, and information assets. - ✔✔-Acceptable use is a process by which a business identifies its critical processes, or those areas of its business that must occur without failure lest the business will also fail. Such planning defines specific lengths of time for acceptable outages, responsible parties, contact information, and partners that have assumed the risk of supporting emergency continuity services. - ✔✔-Business continuity planning is that which is primed for discharge in the case that a disastrous event occurs and business operations need recovery. Such measures include the creation and execution of processes, and the assignment of certain people to help to restore a business to an operational state. - ✔✔-Disaster recovery planning is a control known by quite a number of divisions and departments within an organization. to an accounting department implies that an impartial and independent third party will determine if policies and procedures have been followed, and whether fraud exists within the organization's finances. - ✔✔- Auditing are actions by which individuals may help to avoid data theft, but that may have little to do with the computer-based actions mentioned below. - ✔✔-Behavioral actions include those actions that require the use of a computer to apply. Several tactics and strategies exist, though each is derived from behavioral actions, strategies, and tactics. Awareness, understanding threats, minimizing or eliminating risks of loss, and acting to ensure fraud and abuse is limited or eliminated will reduce the potential for impact from computer-related sources. - ✔✔-Computer based actions is a process by which data is encoded so that only persons with a decryption code may unlock and retrieve stored messages. - ✔✔-Encryption Offsite office space awaiting occupancy, equipment, personnel, and utility service, allowing recovery within days. - ✔✔-Cold sites Offsite office space with available systems and service connections, requiring staffing and updates allowing recovery within hours to days. - ✔✔-Warm sites Offsite office space with available and up-to-date systems and service connections, requiring only adequate or prioritized staffing, allowing recovery within minutes to hours. - ✔✔-Hot sites Offsite facilities shared with other organizations for the purpose of disaster recovery, requiring only adequate or prioritized staffing, but at a cost shared with another organization. An obvious disadvantage and risk is that multiple tenants affected by a common event may cause a conflict. - ✔✔- Shared hot sites are moral principles and concepts, rules of behavior, and often the underpinning of codes of conduct based on accepted standards of right and wrong. - ✔✔-Ethics is a perceived, moral, or legal duty that someone possesses to control or handle a specific or general task. - ✔✔-Responsibility is the application of responsibility or an obligation to accept responsibility. An example might be the person who has agreed to pay for a meal that she or someone else has consumed. - ✔✔-Accountability is the legal state of being responsible. An example would be the CEO and CFO who have certified the accuracy and validity of financial documentation and who would be legally penalized should errors be found. - ✔✔-Liability Issues created by barriers to access, implying that some should have access while others should not. - ✔✔-Accessibility issues Issues created by the trustworthiness, accuracy, and legitimacy of information. - ✔✔-Accuracy issues Issues created by the collection, storage, distribution, or mere availability of potentially sensitive information. - ✔✔-Privacy issues Issues created by the association of rights of property ownership to tangible and intangible goods and information. - ✔✔-Property issues says that computing power and storage capacity will continue to increase or double approximately every two years. - ✔✔-Moores Law With the increasing use of computer-based information systems, an ocean of data has been collected, stored, and made available for a wide array of analyses. These analyses may be general or specific, potentially very intricate, and may expose information or nonobvious relationships and connections, leading to breaches of privacy and trust. - ✔✔-Advanced Data Analysis Creations of networks that connect widely disparate regions, peoples, and cultures allows for information sharing on a global scale, causing issues concerning the appropriateness and authority of those sharing it. Although the availability of information on a wide basis is generally a positive attribute, property rights and the propriety of information sharing may cause and perpetuate conflict. - ✔✔- Advanced networking With the increasing use of mobile computing platforms connected to the Internet, including smartphones and tablets, more information input and output is available to more people in more places. This availability of information allows benefits, such as localization and personalization, but direct and specific invasions of privacy require faster reputation management and for information controls in more places. - ✔✔-Mobile Information Availability This big picture approach values choices and motivations that perpetuate value for everyone, to sustain a positive whole-community benefit, despite individual income or position. - ✔✔-Common good approach This approach values individual moral rationality, otherwise referred to as the Golden Rule, or "do unto others as you would have them do unto you," asks society to reflect on the consistent treatment of others based on the desires of how an individual expects to be treated. - ✔✔-Fairness approach This approach values rights specified by society, which may be largely based on the analysis of other ethical approaches, and allows individuals to weigh decision choices based on legal or legislative precedent. - ✔✔-Rights approach This approach assesses the consequences and/or outcomes of an action to determine the greatest good or least harm for the greatest number, regardless of the justice or fairness of or to the individual. - ✔✔- Utilitarian approach This approach values human behaviors that allow us to act in aspirational ways, including compassion, trustworthiness, honesty, generosity, kindness, autonomy, courage, obedience, and many more. - ✔✔- Virtue approach Schema is a planned design of the data organization. - ✔✔-What is a database schema? Online transaction processing - ✔✔-What does OLTP stand for? database applications enable businesses to store and analyze essential sales data - ✔✔-How can database applications help managers respond to changing market conditions? conceptual, logical, and physical - ✔✔-Data models used when mapping business processes, relationships, and data requirements flexibility, consistency, and organization - ✔✔-Benefits of database normalization structured query language - ✔✔-What computer language is used with relational database applications? petabytes - ✔✔-What is the typical data size of big data? improves decision making, delivers business intelligence - ✔✔-Benefits of data warehousing to businesses getting data from data sources - ✔✔-What is the definition of data extraction? dividing database for manageability - ✔✔-What is the definition of a partition in database concepts? analyzing data to gain insight or intelligence - ✔✔-Describe the proces [Show More]

Last updated: 1 year ago

Preview 1 out of 45 pages