AIST 4720 Final Review
Which of these is NOT a future operating scenario given in the future architecture summary of an architecture transition roadmap?
- Scenario 1: Continuing with the status quo. - Scenario 2: An aggressive business strategy in a good market. - Scenario 3: A defensive business strategy during a market down-turn.
What is the HTTP status code for "OK"?
200
99.999% uptime is equivalent to how much downtime per year?
5.26 minutes
What is a "region pair" in Azure?
A regional pair consists of two regions within the same geography. Azure serializes platform updates (planned maintenance) across regional pairs, ensuring that only one region in each pair updates at a time.
Which of these is NOT an integrated set of control types from NIST SP800-53A?
Access control \ awareness and training \ contingency planning \ incident response \ media protection \ physical/enviro protection \ program management \ security assessment/auth. \ system/comm protection \ system/services acquisition \ audit and accountability \ configuration management \ identification and authentication \ maintenance \ personnel security \ planning \ risk assessment \ authorization \ system/information integrity
What part of the project management pan do you check to see if the project aligns with your EA goals?
Alignment with the enterprise architecture
What should be included in a business case for the EA?
Alternative analysis, cost-benefit analysis, ROI calculation
What does CPIC stand for?
Capital planning and investment control
According to Chris Clifton, which of the following is a drawback of SOA?
Complex service management
What is N+1 redundancy?
Components (N) have at least one independent backup component (+1).
What is deep learning?
Deep Learning is a subfield of machine learning concerned with algorithms inspired by the structure and function of the brain called artificial neural networks.
What is true about BPMN?
Describes the overall process spanning multiple people
Which of the following is NOT considered a limiting factor for moving to a future view of the EA?
Documentation
How does an EA support better decision making for an organization?
EA improves decision-making by providing comprehensive views of current capabilities and resources, as well as a set of plausible future operating scenarios that reveal needed changes in processes and resources
Which of these is NOT a general step in achieving high availability?
Ensure patching is done at low demand time
What key do you press in Chrome to view developer tools?
F12
What is a feature of use cases?
Focus: desired process (usually) Target audience: analysts/ developers Stick figures for people Ovals for activities
Why are serverless architectures preferred in the cloud?
For many developers, serverless architectures offer greater scalability, more flexibility, and quicker time to release, all at a reduced cost. With serverless architectures, developers do not need to worry about purchasing, provisioning, and managing backend servers.
Which of these is an important aspect of the PATRIOT act?
Gave FBI access to any business record as long as a court order is issued. Allowed the FBI to conduct surveillance of U.S. citizens without showing probable cause of criminal activity Those who operate or own a "protected computer" can give permission for authorities to intercept communications carried out on the machine, thus bypassing the requirements of the Wiretap statute. Can be used to obtain data from the Cloud without the knowledge of the user.
According to Chris Clifton, which of the following is a good candidate for becoming a service in a service oriented architecture?
HTTP ESB - enterprise server bus
An Azure availability zone
Has redundancy build in for power, cooling, and network connectivity
What is redundancy?
Having more components necessary to do the job
Which of the following is NOT a basic attribute of service-oriented architecture?
Heterogenous components- components that are unique and distinct from one another. Components don't overlap. Generic language- a way to describe all the components in the system and what those components do Component descriptors- a way to clearly understand what the component does. Component interfaces- clearly understood input and outputs that allow a user to interact with a component or a component to interact with another component. An integration- a way to bring the heterogenous components together into a system that uses the components for some larger purpose.
What is "uptime?"
How long a sever stays up
What did the USA FREEDOM Act (2015) do?
In 2013 Ed Snowden revealed NSA had program to collect data on phone calls made by Americans. He further revealed PRISM program, gave NSA ability to obtain private information from customers of Google, Facebook, Apple, and Microsoft. Limits PATRIOT ActEnds bulk collection of records Record requests must be for a specific person, device, etc.
An Azure scale set
Is a group of VMs that can be configured and manage as a single unit
What is load balancing?
Load balancing lets you balance the load (demand) for the resource across multiple servers or devices. This increases your capacity, but it can also increase the availability of a service.
Which of these is not a benefit of the EA?
NOT enhances resource-planning capabilities and supports better decision-making.
Which of these is not considered a significant benefit for developing an EA?
NOT promote enterprise-wide thinking about resource utilization | Promotes more efficient enterprise-wide common operating environments | Makes an enterprise more agile and able to respond to internal and external drivers of change, which promotes greater levels of competitiveness
Select the best reason that workforce skills matter in an EA future view?
People are often the most valuable resource an enterprise has, and IT workforce plans should detail training requirements for component operations support
Which of these has the CPIC phases in the right sequence?
Planning -> Selection -> Control -> Evaluation
Which of the following often has redundancy in a server?
Power Supplies
What document do you check to see when the project will be done?
Project schedule
What part of the project management plan do you check to see who will work on the project?
Project sponsor, manager, and team structure
What are the two ways that project risks are assessed?
Qualitative and Quantitative
Which of these is an important aspect of the FISMA act?
Recognizes importance of information security to the economic and national security interests of the United States. Provides uniform regime to address levels of risk that may arise from domestic and international sources. Requires federal agencies to create and implement programs to review information security and report the results to the Office of management and Budget (OMB).
What is the technical term for the machine learning approach that has algorithms compete against one another?
Reinforcement learning
Which of these is not considered a significant cost for developing an EA?
Server upgrades and OS maintenance agreements
When considering security and privacy in an organization, what two things are held in tension?
Sharing and protection
Which of these is NOT considered a quantifiable benefit of an EA?
Shortened time to determine new strategies
According to Dr. Bernard, what is another name for the job title "business analyst?"
Solution architect
Which of the following Azure disk types is cheapest?
Standard HDD
Which of these is not a key element of a security and privacy program?
Standard operating Procedures
What part of the project management plan do you check to see if a project's deliverables will meet standards?
System performance metrics
What is tacit knowledge?
Tacit knowledge refers to the knowledge, skills, and abilities an individual gains through experience that is often difficult to put into words or otherwise communicate.
Which of these is not considered a significant risk for developing an EA?
Taking business managers away from other priority projects
According to Dr. Bernard, which of the following kinds of documents are NOT included in the EA?
Tax documents
Which amendment to the US constitution prohibits the government from seizing personal property without a proper warrant?
The Constitution, through the Fourth Amendment, protects people from unreasonable searches and seizures by the government.
When planning the future view of the enterprise, which of these is NOT as important as the others?
The EA of competitors
What is the best description of security and privacy in the EA program?
The Security and Privacy Program is intended to provide expertise, processes, and solutions for the protection of IT resources active in the business and technology operating environment.
Which of these best describes a disaster recovery plan?
The assessment and recovery procedures for responding to a man-made or natural event that significantly disrupts or eliminates business and technology operations yet does not threaten the existence of the enterprise.
Which of the following best describes the role of security in an EA program?
The role of security and privacy within an EA program is best described as a comprehensive set of controls that pervade all architectural domains (layers) and are a key part of an organization's risk management strategy
Which of these best describes "authentication" in information security?
This refers to being able to verify the source of information.
Which of these best describes a continuity of operations plan?
This refers to procedures that are invoked if all or part of the enterprise are unexpectedly destroyed or forced to disband.
According to Chris Clifton, which of the following is NOT a guiding principle for service oriented architectures?
Tight coupling of apps and logic
In Azure programming, what is a trigger?
Triggers are what cause a function to run. A trigger defines how a function is invoked and a function must have exactly one trigger.
Which of these is NOT a key element of the personal portion of the security and privacy program?
User disaster recovery
How are fast food companies beginning to use AI in their restaurants?
Using voice recognition in the drive through to place orders
The project selection bubble chart evaluates projects on two dimensions. What are they?
Value and Risk
What is IBM Watson?
Watson is a question-answering computer system capable of answering questions posed in natural language, developed in IBM's DeepQA project by a research team led by principal investigator David Ferrucci.
What document do you check to see what tasks the project will complete?
Work breakdown structure
Which of the following code snippets would produce the text "Hello World" in PowerShell?
Write-Host "Hello World"
What is provided by PaaS?
a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.
What is provided by SaaS?
allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft Office 365).
What is the purpose of an architecture transition roadmap?
describes how an enterprise will manage the transition of its current processes and resources to those which will be needed in the future.
What does a sequencing diagram show?
documents the tasks, milestones, and timeframe for implementing new components and artifacts.
Which of the following best describes what a load balancer does?
evenly distributing load (incoming network traffic) across a group of backend resources or servers.
You run the Get-AZVMUsage cmdlet in Azure. What output do you expect?
gets the virtual machine core count usage for a location.
Why are skills considered a limiting factor in moving to the future view of the EA?
hard and expensive to grow skills in-house. Also expensive to "buy" skills through consultants or new hires
If a service is load balanced, then it:
has high availabilty
What is an outcome measure for the EA program?
identify progress being made toward some new end-state, such as better EA component integration, increased application end user satisfaction, or more effective IT investment decision-making
Which of these is an important aspect of the Stored Communications Act?
limits the government's ability to compel Internet service providers to disclose information stored with them. The Act defines service providers as Electronic Communications Services (ECS) and Remote computing Services (RCS). The level of privacy protection afforded by a stored communication differs based on which category the service provider falls in and sometimes, for how long the communication was stored.
What is provided by IaaS?
offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis.
What is an output measure for the EA program?
provide data on activities and things, such as how many databases exist, how many e-mail are sent each day, or how closely an IT project is meeting baseline estimates for cost/schedule/performance
An Azure availability set:
puts resources in multiple availability zones
What is another common name for BPMN diagrams?
swim lane diagrams
What is the sunk cost fallacy?
the phenomenon whereby a person is reluctant to abandon a strategy or course of action because they have invested heavily in it, even when it is clear that abandonment would be more beneficial.
According to Dr. Bernard, how does EA help security?
x
According to Dr. Bernard, what does "service oriented" in "service-oriented architecture" mean?
x
Are machines intelligent?
x
How far out should an enterprise architect plan when establishing the future view?
x
What did you do with events that were triggered by connecting to your HTTP endpoint and sending your name?
x
What does it mean to "quantify" something?
x
What is the target audience for a use case and use case diagram?
x
Where should the chief architect try and bring the most value from an EA?
x
Which of the following is NOT a characteristic of a good enterprise architect?
x
Which of the following is true about TLS 1.2?
x
Which of these is NOT a key element of the security and privacy program?
x
Which of these is an important aspect of HIPAA?
x