CIS FINAL EXAM
CPT-12: The CRM process is a series of activities in which organizations:
(1) identify new prospects and sales leads, (2) track and monitor in-person and online sales opportunities, (3) organize and engage current customers by getting to know their requirements and preferences, (4) establish a relationship with current customers by carefully managing customer communication, and (5) manage the customer life cycle to encourage repeat purchases and referrals
CPT-13: Some of the key activities in the initiating stage include the following:
-Analyzing business requirements -Identifying stakeholders and their roles -Identifying stakeholder needs -Evaluating business processes -Reviewing financial reports and budgets -Conducting a feasibility analysis -Choosing a project manager -Setting up the project team
CPT-12: Four operational KMcomponents:
-Content management -Expertise location -Lessons learned -Community of practice (CoP)
CPT-13: Stage 4: Implementation and Testing- Implementation:
-Conversion of the old system to the new system • Plunge: cut off and migration at a specific time • Parallel: simultaneous transfer • Pilot: limited test of new, then roll out • Phased: specific components in stages
CPT-13: Typical business drivers for systems development include the following:
-Globalization of the economy -E-commerce, mobile commerce Security and privacy issues -Communication, collaboration, and partnerships -Knowledge management -Continuous improvement and total quality management -Business process redesign
CPT-12: Major reasons why companies replace legacy systems:
-High maintenance costs -Inflexibility -Integration obstacles (Hardwired, predefined, process flows) -Lack of staff (qualified/trained professionals) -Cloud-based enterprise systems are lower in cost
CPT-12: CRM Mistakes:
-IT department in charge instead of business users. -Incorrect CRM requirements by not involving key business stake holders from the outset. -Mobility CRM strategy is an afterthought. -Taking the wrong approach to CRM training. -Underestimating users' resistance to change
CPT-13: Project Monitoring: Integrated Change Control:
-Process helps to manage the disruption resulting from requested changes and corrective actions across the project life cycle. -Required to defend: •Approved/rejected change requests •Updates to the project plan/scope •Approved corrective and preventive actions •Approved/validated defect repair
CPT-13: Stages of the SDLC:
-Systems Planning -Systems Analysis -Systems Design -Implementation and Testing -Support and Maintenance -The SDLC is an iterative process, not a linear one
CPT-13: Stage 4: Implementation and Testing- Testing:
-Testing verifies that apps, interfaces, data transfers, and so on, work correctly under all possible conditions. - Users are trained in the use of the new system
CPT-13: There are three classes of CASE tools that automate many of the SDLC activities:
-Upper CASE tools: Used in the planning and analysis stages of the SDLC to perform repetitive activities such as gathering requirements, diagramming processes, and presenting them in an organized way. - Lower CASE tools: Used in the design, implementation/testing, and support/maintenance stages of the SDLC to automatically generate code, test for functionality and defects, monitor implementation, and perform software maintenance activities. -Integrated CASE tools: Used in all the stages of the SDLC fromrequirements gathering to testing and documentation.
CPT-13: Project Monitoring: Project Baseline Plan:
-When the project plan is finalized and accepted, the accepted plan becomes the baseline or masterplan. -The baseline is used for monitoring and controlling. -Any change to the baseline is a deviation, or variance, to the plan—and it needs to be documented
CPT-12: The Three Supply Chain Flows:
1-Material or product flow: This is the movement of materials and goods from a supplier to its consumer. 2-Information flow: This is the movement of detailed data among members of the supply chain, for example, order information, customer information, order fulfillment, delivery status, and proof-of-delivery confirmation. 3-Financial flow: This is the transfer of payments and financial arrangements, for example, billing payment schedules, credit terms, and payment via electronic funds transfer (EFT).
CPT-12: Four rules to consider when selecting an ERP solution or software package:
1-Select an ERP solution that targets the company's requirements. 2-Evaluate potential ERP vendors' strengths and weaknesses. 3-Meet with each vendor and get a hands-on demo of its ERP solutions. 4-Calculate ERP's total cost of ownership (TCO).
CPT-12: Three typical situations where changes are most needed:
1. Changes in how people perform their jobs. 2. Redesign of business processes. 3. Integration of many types of uncoupled legacy system
CPT-13: Project Closing: Lessons Learned-
1. Communication is King 2. Set Realistic and Detailed Project Plans with Adequate Time and Resources 3. Encourage Timely Feedback and Be Willing to Listen 4. Manage Risk with Regular Project Status Reviews
CPT-13: Stage 2: Systems Analysis- During Systems Analysis:
1. User requirements are gathered to better understand the problem. 2. Process models are created to determine the logical design of the system. 3. The deliverable from the systems analysis stage is the Systems Proposal.
CPT-12: Effective CRM can provide managers with a:
360-degree view of the customer relationship, enablereal-time responses, and improve salesproductivity and predictability
CPT-11: A Robot is:
A machine capable of carrying out a complex series of actionsautomatically, especially one programmable by a computer
CPT-13: stakeholders are:
All interested parties in a project including program team members, project sponsors and end users.
CPT-13: Critical Path Analysis:
All projects have a critical path that extends the length of the projectand determines the shortest path along which all projects tasks mustbe completed in order to finish the project
CPT-12: Independent ERP consultant:
An ERP consultant offers customized consulting services that include identifying and vetting different ERP options, selecting the best ERP for the task at hand, and implementing and supporting the ERP when it is in operation
CPT-12: ERP vendors:
An ERP vendor develops ERP software and implements and supports its own product(s).
CPT-13: Cost Estimation:
Costs are not technically part of the WBS, but projects' estimated cost can be calculated from the WBS using star tdate and duration
CPT-13: Statement of Work (SOW) -
Definitive statement thatdefines the project plan, but does not offer any optionsor alternatives in the scope
CPT-10: Ciphertext is:
Encrypted text
CPT-13: Project success is becoming increasingly reliant on four things:
Engaged executive sponsors • Projects aligned with organizational strategy • Control over scope creep • High project management technology quotient (PMTQ): PMTQ is a person's ability to adapt, manage, and integrate technology based on the needs of the projector the organization
CPT-12: Enterprise social platforms (ESPs):
Enhance social networks, both within the enterprise and across key members of the enterprise's supply and distribution chains. An important method for enhancing communication, coordination, and collaboration for business purposes
CPT-12: Enterprise knowledge management systems (EKMS):
Help organize company knowledge about business productivity, competitive business models, business intelligence. It is made up of different software modules linked by a central user interface
CPT-12: Customer relationship management (CRM):
Helps create a total view of customers to maximize share-of-wallet and profitability. A business strategy to segment and manage customers to optimize customer lifetime value
CPT-13: Work Breakdown Structure (WBS):
Identifies all work or activities that need to be performed, the schedule of work, and who will perform the work.
CPT-12: CRM refers to the methodologies and software tools to leverage customer data in order to achieve the following:
Identify the appropriate customer experience for a customer. • Predict and prevent attrition (loss) of a customer, unless he or sheis not worth retaining. • Acquire new customers who are most likely to become profitable. • Up-sell or cross-sell to unprofitable customers to move them to aprofit position. • Reduce inefficiencies that waste advertising dollars.
CPT-12: Enterprise resource planning (ERP):
Integrates an enterprise's internal applications, supports its external business processes, and links to its external business partners.
CPT-11: Skills is:
New AI applications in companies willrequire a shift in worker skillsets. Demand forworkers with AI skills is greater than supply
CPT-13: Portfolio Management:
Occurs at the strategic level of the organization • Is the centralized management of all projects currently proposed, in progress, or planned for the future to identify investment synergies, resource and budget considerations between projects
CPT-11: Discourse is:
One of the most challenging problems in NLP is how to model ways that utterances in language stick together to form coherent discourse.
CPT-13: The two most widely used PPPM frameworks are:
PMI® Project Management Body of Knowledge (PMBOK6e) and PRINCE2 (PRojects IN a Controlled Environment)
CPT-12: Enterprise content management system (ECMS):
Provides capability for multiple users throughout an organization with different permission levels to manage a website or a section of the content
CPT-11: Types of Robotic Machines: SCARA:
Selective Compliance Assembly Robot Arm or SCARA robots havetwo connected arms that can rotate around a fixed base
CPT-10: Asset:
Something of value that needs to be protected, such as customer data, trade secrets, proprietary formulas
CPT-13: Project Charter -
Specifies scope, authority, milestones,budget, source of funding for project
CPT-12: Supply Chain Management: Order Fulfillment:
Step 1: Make sure the customer will pay• Step 2: Check in-stock availability and reorder as necessary• Step 3: Arrange shipments• Step 4: Insurance• Step 5: Replenishment• Step 6: In-house production• Step 7: Use suppliers• Step 8: Contacts with customers• Step 9: Returns
CPT-12: Supply chain management (SCM):
Supports the steps in the supply chain—procurement, sourcing, manufacturing, storage, inventory control, scheduling, order fulfillment, and distribution. Improves decision-making, forecasting, optimization, and analysis
CPT-13: Stage 3: Systems Design- The deliverable from the design stage is the?
System Design Specification
CPT-13: Phase Five: Project Closing- Project Closing or Post mortem is:
The enterprise and people who worked on the project benefit from lessons learned. - Post-project reviews, or post mortems, identify the reasons the project was successful or not, strengths and weaknesses of the project plan, how problems were detected and resolved, and how the project was successful in spite of them.
CPT-13: Scope:
The project scope is the specification of what the project is supposed to accomplish—its outcomes or deliverables. Scope is measured in terms of the project size, goals, and requirements.
CPT-13: Cost:
This is the estimation of the amount of money that will be required to complete the project. Cost itself encompasses various things, such as resources, labor rates for contractors, risk estimates, and bills of materials. All aspects of the project that have a monetary component are made part of the overall cost structure. Projects are often approved based on cost.
CPT-10: Encryption is:
Transforming data into scrambled code to protect them from being understood by unauthorized users
CPT-11: Fear of the Unknown is:
Understanding both the risks and the benefits can be more challenging.
CPT-11: Concerns about the Full Data Scope or Data Quality Derived from AI:
Without the infrastructure or without an understanding of the kind of data required, new AI projects will likely fail.
CPT-11: Quantum mechanics is:
a branch of physics that describes the behavior or movement of microscopic objects
CPT-13: business driver is:
a condition, process, resource, or rationale that is vital for an organization to thrive.
CPT-13: sunk cost is:
a cost that has already been incurred and cannot be recovered.
CPT-12: Mindmapping is:
a creative and logical method of note-taking that maps out ideas on a graph.
CPT-13: Go/no-go decision is:
a determination to proceed with or abandon a plan or project
CPT-13: Scrum is:
a framework that consists of small self-organizing, cross-functional Scrum Teams who work together to produce small pieces of a system iteratively and incrementally in sprints to maximize opportunities for feedback
CPT-13: business need is:
a gap between the current state of a business and its goals.
CPT-13: program is:
a group of similar or related projects that are managed and coordinated as a group.
CPT-13: portfolio is:
a group of unrelated programs within an organization that are managed holistically to achieve strategic goals.
CPT-13: project management office (PMO) is:
a group or department that defines and maintains standards for project management within an organization.
CPT-12: Brainstorming is:
a group problem-solving technique in which group members offer up spontaneous ideas for discussion to stimulate creative thinking and develop new ideas.
CPT-13: Gantt chart is:
a horizontal bar chart that graphically displays the project schedule.
CPT-13: postmortem is:
a method for evaluating project performance, identifying lessons learned, and making recommendations for future projects.
CPT-13: System Development Life Cycle (SDLC) is:
a multiple stage approach used by IT professionals to develop high-quality information systems from planning and analysis through support and maintenance
CPT-13: Project sponsor is:
a person or organization that approves and/or supports the allocation of resources for a project, defines its goals, and evaluates the success of the project at completion.
CPT-13: project management technology quotient (PMTQ) is:
a person's ability to adapt, manage, and integrate technology based on the needs of the project or the organization.
CPT-13: extreme programming is:
a pragmatic systems development approach to Agile development that emphasizes business results first and takes an incremental approach to building software, using continual testing and revision.
CPT-13: business case is:
a presentation or document that outlines the justification for the start-up and funding of a project.
CPT-12: Enterprise social platform is:
a private, company-owned social media software app that promotes social connectivity and collaboration with an organization and enhances productivity and employee satisfaction
CPT-10: Access control is:
a security feature designed to restrict who has access to a network, IS, or data
CPT-13: waterfall model is:
a sequential, predictive systems development methodology that is simple to use and understand, but inflexible.
CPT-12: Reverse supply chain is:
a series of activities required to retrieve a used product from a customer to either dispose of it or reuse it.
CPT-13: Systems development is:
a set of activities, methods, best practices, deliverables, and automated tools to creating and maintaining IT architecture and software.
CPT-12: Enterprise content management is:
a set of defined processes, strategies, and tools that allow an organization to effectively obtain, organize, store, and deliver critical information to its employees, stakeholders, and customers.
CPT-13: DevOps is:
a set of processes that encourages collaboration between system designers, developers, testers, and operators.
CPT-10: Hostile malware- Rootkit is:
a set of software tools that enables an attacker to gain control of a computer system without being detected.
CPT-13: sprint is:
a set period of time during which specific work has to be completed and made ready for review.
CPT-13: Joint Application Development (JAD) is:
a team-oriented technique used in the planning and analysis stages of the SDLC to collect business requirements.
CPT-13: project is:
a temporary endeavor undertaken to create a unique product, service, or result.
CPT-13: Agile is:
a very flexible iterative, incremental systems development methodology that overcomes the disadvantages of the waterfall model.
CPT-12: A CRM system is:
a widely used and mature technology thatcan be deployed on the premises, in the cloud, or as on-demand SaaS.
CPT-13: A prototype is:
a working model of a system or part of a system usually built to demonstrate it to users, who can test it, and request rework as necessary.
CPT-12: Core business processes include:
accounting, finance, sales, marketing, human resources, inventory, productions, and manufacturing.
CPT-13: risk register lists:
all known risks and their source, an estimation of unknown risks and the response to be taken to each risk.
CPT-13: Scrumban is:
an agile systems development methodology that combines certain aspects of Scrum and Kanban originally designed as a way to transition from Scrum to Kanban.
CPT-12: Enterprise knowledge management (EKM) system is:
an information system used to capture, organize and create knowledge to enhance organizational processes.
CPT-12: Always-on supply chain is:
an integrated set of supply networks characterized by a continuous, high-velocity flow of information and analytics creating predictive, actionable decisions to better serve the customer 24/7.
CPT-13: Rapid Application Development (RAD) is:
an interactive process used throughout the SDLC continuing until the system is completely developed and all users are satisfied with the outcome.
CPT-13: rapid prototyping is:
an iterative process used to quickly create an early sample, model or release of a system to test a concept or process.
CPT-13: object-oriented (O-O) is:
an iterative systems analysis and design methodology that emphasizes modularity and reusability.
CPT-13: deliverable is:
any measurable, tangible, verifiable outcome, result, or item that is produced to complete a project or part of a project.
CPT-12: Enterprise knowledge management is:
any solution or system that deals with organizing data into structures that create business knowledge out of existing assets while ensuring its security and managing access.
CPT-12: Enterprise systems:
are large-scale application software packages that support business processes, information flows, reporting, and data analytics in complex organizations.
CPT-12: Legacy systems:
are older information systems (ISs) that have been maintained over several decades because they fulfill critical needs.
CPT-13: CASE tools:
are software apps used by IT project managers, systems analysts, and systems developers to automate SDLC activities.
CPT-13: source code generator:
automatically generates common application source code in any computer programming language, for example, BASIC, VB, PHP, ASP.NET, SQL, C#, Java Script.
CPT-10: When you string together several computers that are infected with malware you have a
botnet.
CPT-10: Hacking is:
broadly defined as intentionally accessing a computer without authorization or exceeding authorized access. Various state and federal laws govern computer hacking.
CPT-12: Enterprise resource planning (ERP) is:
business process management software that allows an organization to use tightly integrated applications to manage business and automate business processes related to services, technology, and human resources.
CPT-11: AI technology is being used by:
businesses, nongovernmental organizations (NGOs), and government agencies
CPT-12: SCM software focuses around improving business functions- Optimal cycle time and customer service:
by increasing control over processes.
CPT-12: SCM software focuses around improving business functions- Procurement:
by managing and automating purchase orders and receipts, creating a transparent audit trail and integrating financial management systems.
CPT-10: Malware's payload is:
code that is dropped on the system that performs any or all the following functions: facilitates the infection or communicates with the command and control server or downloads more code.
CPT-12: Value-added reseller (VAR):
customizes or adds features to a vendor's software or equipment and resells the enhanced product.
CPT-10: Ransomware is:
designed to block access to a computer system until a sum of money has been paid.
CPT-10: Hostile malware- Worm:
doesn't attach itself to a host, like a virus, but these self-contained programs can replicate themselves across computers and networks.
CPT-12: Logistics:
entails all processes and information needed to efficiently move products from origin to destination.
CPT-10: Fair Credit Reporting Act:
governs how a credit reporting agency can collect, access, use, and share credit information to ensure the accuracy, fairness, and privacy of the information in consumer credit bureau files.
CPT-13: Stage 1: Systems Planning- Behavioral feasibility considers:
human issues.
CPT-13: Stage 1: Systems Planning-Economic feasibility determines?
if the project is an acceptable financial risk and if the company can afford the expense and time needed to complete the project.
CPT-13: Stage 1: Systems Planning-Technical feasibility determines?
if the required technology, ITinfrastructure, data structures, analytics, and resources can bedeveloped and/or acquired to solve the business problem
CPT-12: Front-office operations:
involve order fulfillment activities visible to the customer, like sales and advertising.
CPT-12: Electronic data interchange (EDI):
involves electronically communicating information such as purchase order and invoices.
CPT-13: Kanban:
is Japanese for a signboard. It is a visual process and project management methodology used in systems development projects.
CPT-13: responsibility matrix lets everyone
know who is responsible for completion of tasks.
CPT-13: Stage 1: Systems Planning- Legal and organizational feasibility are there?
legal, regulatory, or environmental reasons why the project cannot or should not be implemented?
CPT-13: logical design:
lists and describes all the information resources (data and processes) and the scope of duties and responsibilities of consumers of the information involved in the operation of the new system.
CPT-13: Milestones are used to:
manage the project work effort, monitor results, and report meaningful status to project stakeholders.
CPT-13: The project manager's main responsibility is to:
manage the triple constraint—scope, time, and cost—to meet project objectives while ensuring project quality.
CPT-13: Stage 5: Support and Maintenance- Occurs once:
new system's operations are stabilized. -Audits are performed to assess capabilities and determine operational correctness. -Maintenance must be kept up to date at all times. -Users kept up to date on latest modifications and procedures
CPT-11: Types of Robotic Machines: Articulated is:
one of the most common types of industrial robot, configured like a big arm, with anywhere between two and ten rotary joints
CPT-10: SQL Injection is:
one of the most dangerous vulnerabilities of a network app since attackers can use SQL injection to bypass application security measures.
CPT-13: crowdfunding is:
raising funds for a project from the public, or crowd, via the Web.
CPT-13: Stage 5: Support and Maintenance- Systems development is a:
repetitive process as maintenance turns into the development of a new system
CPT-13: Successful project management is not only built on creating and managing systems and processes, but also:
requires developing and maintaining strong relationships with all project stakeholders
CPT-11: Workers in the field of robotics design computer systems responsible for:
robot control, sensory feedback, and information processing.
CPT-13: template is a:
sample document that already has some details in place.
CPT-10: Hacktivist is:
short for hackeractivist or someone who performs hacking to promote awareness for or otherwise support a social, political, economic, or other cause. Hacking an application, system, or network without authorization, regardless of motive, is a crime.
CPT-11: Content management systems:
software programs used tocurate a collection of digital content in a variety of formats.
CPT-10: Intrusive but not malicious softwares- Adware is a:
software that embeds advertisements in the application. It is considered a legitimate alternative offered to consumers who do not wish to pay for software.
CPT-13: A low-code development platform is:
software that provides developers and nondevelopers with an intuitive graphical user interface instead of a traditional computer programming environment to create apps.
CPT-11: Interferenc is:
something can increase(constructive interference) ordecrease (destructive interference)the behavior of another thing
CPT-13: baseline is a:
specification of the project plan that has been formally reviewed and agreed upon. It should be changed only through a formal change control process.
CPT-12: Supply chain:
starts with the acquisition of raw materials or the procurement (purchase) of products and proceeds through manufacture, transport, and delivery—and the disposal or recycling of products.
CPT-12: Back-office operations:
supports accounting, inventory management and shipping processes in the fulfillment of orders.
CPT-13: Time A project is made up of:
tasks, Each task has a start date and an end date. The duration of a project extends from the start date of the first task to the finish date of the last task. Time needed to produce the deliverables is naturally related to the scope and availability of resources allocated to the project.
CPT-11: Fault tolerance is:
the ability of a computer or a network to keep working despite the failure of one of its components. Current quantum computers have extremely low fault tolerance.
CPT-11: Coherence is:
the ability of a quantum computer to maintain information inqubits that are in a state of superposition
CPT-11: Superposition is:
the ability to be in two places at once.
CPT-10: Risks mitigation is:
the action taken to reduce threats and ensure resiliency.
CPT-11: robotics is:
the branch of technology that deals with the design, construction, operation, and application of robots (Oxford English Dictionary, 2019).
CPT-13: The project manager is:
the central point of contact in a project.
CPT-12: Intellectual capital is:
the collective documented and undocumented knowledge of individuals in an organization or society that can be exploited for some money-making or other useful purpose.
CPT-13: triple constraint is:
the combination of the three most significant elements of any project: scope, time, and cost.
CPT-10: Cyber security is:
the discipline dedicated to protecting information and systems used to process and store it from attack, damage, or unauthorized access.
CPT-10: Privacy paradox is:
the disconnect between how important people say their online privacy is versus how they actually behave in real life.
CPT-12: Supply chain management (SCM) is:
the efficient management of the flows of material, data, and payments among companies in the supply chain, from suppliers to consumers.
CPT-10: Time-to-exploitation is:
the elapsed time between when a vulnerability is discovered and when it is exploited.
CPT-12: Electronic funds transfer (EFT) is:
the electronic transfer of money from one bank account to another, either within a single institution or across multiple institutions using a computer-based system and without direct intervention of bank personnel.
CPT-10: Breach of privacy is:
the loss of, unauthorized access to, or disclosure of, personal information.
CPT-10: Cyber threat is:
the method used to commit a cyberattack that seeks to damage data, steal sensitive data, or disrupt digital life in general.
CPT-13: scope creep is:
the piling up of small changes that by themselves are manageable but in aggregate are significant.
CPT-13: Stage 1: Systems Planning- A feasibility study in this stage determines?
the probability of success of a proposed system and provides a rough assessment of its technical, economic, organizational, and behavioral feasibility
CPT-12: Customer relationship management (CRM) is:
the process of choosing the most suitable and efficient approach to making and maintaining interactions with customer and clients.
CPT-10: Encryption is:
the process of converting information or data into acode and is essential to prevent unauthorized access to sensitiveinformation transmitted online
CPT-12: Knowledge management (KM) is:
the process of creating, sharing, using and managing knowledge and information in an organization to make the best use of the knowledge.
CPT-10: Data privacy is:
the right to self-determine what information about you is made accessible, to whom, when, and for what use or purpose.
CPT-12: Order fulfillment is:
the set of complex processes involved in providing customers with what they ordered on time and all customer services related to on-time delivery of a product.
CPT-13: Critical path is:
the shortest time possible to complete all tasks required to finish the project. A delay of any task on the critical path will delay the project.
CPT-13: Portfolio management occurs at:
the strategic level of the organization and is the centralized management of all projects currently proposed, in progress, or planned for the future to identify investment synergies, resource and budget considerations between projects that will enable an organization to achieve its strategic objectives.
CPT-10: Data breach is:
the successful retrieval of sensitive information by an unauthorized individual, group, or software system.
CPT-11: Work automation is:
the term used to describe replacing a human worker with machines or computer technology.
CPT-13: Stage 3: Systems Design-System developers utilize the design specifications to create?
the user interface and establish data requirements
CPT-12: Customer lifetime value (CLV) is:
the value a customer contributes to the business over the entire lifetime of their relationship with the company.
CPT-11: Types of Robotic Machines: Cartesian:
these robots are also called rectilinear or gantry robots and have arectangular configuration that allows for precise location of the arm bymoving in three dimensions
CPT-11: Types of Robotic Machines: Delta:
these types of industrial robots get their spider-like look from threesets of parallel fore-arms whose movement can be coordinated for precisionand connect to a common effector
CPT-11: Types of Robotic Machines: Cylindrical:
this type of robot has an arm that rotates around its base creating what is referred to as a donut-shaped work envelope, and another extendable arm that shifts back and forth as well as rotated
CPT-10: Denial-of-Service (DoS):
threats are also on the rise and need to be a top priority for organizations according to cyber security experts.
CPT-12: SCM software focuses around improving business functions-Logistics planning:
to ensure that ready-to-ship items are delivered to the customer as quickly as possible and are handled carefully to ensure they are undamaged.
CPT-12: SCM software focuses around improving business functions-Inventory optimization:
to minimize overhead costs and ensure uninterrupted delivery. Inventory can be tracked using bar codes, serial number, or RFID tags
CPT-12: SCM software focuses around improving business functions- Forecasting:
to reduce uncertainty and variability associated with supply and demand.
CPT-12: SCM software focuses around improving business functions- Warehouse management:
to track materials and goods within a warehouse or distribution center.
CPT-12: SCM software focuses around improving business functions- Supplier management:
to track performance and compliance, measure risk, etc.
CPT-10: Intrusive but not malicious softwares-Spyware is a:
tracking software that is not designed to intentionally damage or disable a system.
CPT-13: Stage 3: Systems Design- physical design:
transforms business requirements into a specific technological solution by identifying all physical servers and major technical components that will be used to support the desired business outcome.
CPT-13: A use case has two parts:
use-case diagram, which is a visual summary of several related use cases within a system; and ause-case description, which is a text-based description of the business event and how users will interact with the system to accomplish the task
CPT-10: Rogue application monitoring is:
used to detect and destroymalicious applications
CPT-11: Quantum physics is:
used to explain thebehavior of things like atoms, electrons,and light
CPT-11: collaborative robots also known as Cobots:
work together with human workers to accomplish a task or set of tasks.
CPT-11: Types of Robotic Machines: Polar:
—these types of robots are another configuration of two robotic arms attached to a fixed base
CPT-13: Project Controlling: Scope Creep:
• Is the piling up of small changes that by themselves are manageable but in aggregate are significant • Contributes to overages in budget, deadline, and/or resources• Standard project management approaches reduce scope creep
CPT-13: Program Management:
• Occurs at the tactical level of an organization • A program is a group of related projects • A program doesn't always have a single, clearly defined deliverable or timeline • Managing related projects as a group in an overarching program results in much better utilization of resources than a single project.
CPT-13: Project Monitoring: Status Report:
• Prepared and reviewed to check on the progress of theproject • Typically prepared once a week • Can include a summary of the project status, work planned, work completed, open issues, open risks, status of project milestones and deliverables, open change requests, projectKPIs, schedule status and cost status
CPT-13: The Role of Program Manager:
• They provide oversight to ensure that each project in the program is completed effectively and efficiently to produce quality deliverables that meet stakeholder requirements. • Their focus is on overseeing project work and resources inprojects that are currently in their program. • This focus on current projects ensures work and resources aremoving between projects at the right time and that resourceneeds of all projects are met. • A project manager creates a master schedule to manage the dependencies between project, a risk manager plan, and a communication strategy to ensure that any changes that are necessary
CPT-10: Critical infrastructure is:
"systems and assets, whether physical or virtual, so vital to a country that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters"
CPT-11: The three stages of AI development used to categorize complexity of AI applications:
1-Artificial narrow intelligence (ANI) also known as "weak" AI, essentially current applications 2-Artificial general intelligence (AGI), also known as "strong" AI, essentially future applications that will be on par with human capabilities 3-Artificial super intelligence (ASI) essentially, future applications with capabilities that surpass what humans are capable of.
CPT-10: The ERM consists of eight components:
1-Internal environment 2-Objective setting 3-Event identification 4-Risk assessment 5-Risk response 6-Control activities 7-Information and communication 8-Monitoring
CPT-11: The Six Branches of Artificial Intelligence:
1-Machine learning—machines that can learn. 2-Deep learning—sophisticated learning machines that use neural networks. 3-Natural language processing (NLP)—machines that can communicate like humans. 4-Expert systems—machines that solve complex problems. 5-Fuzzy logic—machines that replicate the fuzzy logic reasoning abilities of humans. 6-Robotics—robots that use AI to learn, solve problems, and communicate.
CPT-10: The five major categories of general defense controls:
1-Physical controls protect physical computer facilities and resources. 2-Access control is the major line of defense against unauthorized insiders as well as outsiders. 3-Data security controls are needed to protect sensitive data throughout the five stages of its lifecycle from creation to disposal. 4-Communications controls restrict access to devices on the network to endpoint devices that comply with the organization's security policy and secure the flow of data across networks. 5-Administrative controls deal with issuing guidelines and monitoring compliance with an organization's security guidelines.
CPT-11: The three different approaches to machine learning:
1-Supervised learning—this approach is analogous to providing the machine with a teacher, however the "teacher" is really the part of a data set containing the correct answer. 2-Unsupervised learning—with unsupervised learning, the machine is on its own to identify patterns and structures in the data used to categorize things. 3-Reinforcement learning—with this type of learning, the computer learns by trial and error.
CPT-10: The three types of sites are:
A hot site has all the necessary equipment including office space, furniture, communications capabilities and computer equipment. A warm site provides a fully equipped physical data center, but it has no customer data. A cold site provides office space but requires the customer to provide and install the equipment needed to continue operations.
CPT-10: Exploit
A program (code) that allows attackers to automatically break into a system through a vulnerability
CPT-11: Pragmatics is:
A subset of semantic analysis that describes the way context (e.g., participants and their intentions) shape the meaning of certain words or phrases.
CPT-10: Intrusion Prevention Systems (IPSs):
An IPS is designed to take immediate action— such as blocking specific IP addresses—whenever a traffic-flow anomaly is detected.
CPT-10: Antivirus Software:
Anti-malware tools are designed to detect malicious codes and prevent users from downloading them.
CPT-10: Examples of administrative controls are:
Appropriately select, train, and supervise employees, especially in accounting and information systems Foster company loyalty Immediately revoke access privileges of dismissed, resigned, or transferred employees Require periodic modification of access controls, such as passwords Develop programming and documentation standards to make auditing easier and to use the standards as guides for employees Insist on security bonds or malfeasance insurance for key employees Institute separation of duties, namely, dividing sensitive computer duties among as many employees as economically feasible in order to decrease the chance of intentional or unintentional damage Perform periodic random audits of the system
CPT-10: Intrusion Detection Systems (IDSs):
As the name implies, an IDS scans for unusual or suspicious traffic.
CPT-10: An effective IT resilience strategy should consist of four elements:
Availability—keep customers continuously connected to their data and apps. Mobility—be able to move apps and workloads while keeping them fully protected. Agility—maintain the freedom to choose your own cloud and be able to move to, from and between clouds. Training—IT and non-IT employees must understand their roles in case of a disruption or disaster and been trained in how to respond.
CPT-10: Three Classes of Hackers-White hat:
Computer security specialist who breaks into protected systems and networks to test and assess their security.
CPT-10: Exposure:
Estimated cost, loss, or damage that can result if a threat exploits a vulnerability
CPT-10: IP Intelligence Services:
IP intelligence service providers canhelp organizations significantly reduce malicious networkactivity
CPT-11: Neural networks used in deep learning always have an:
Input Layer-consists of data the machine is supposed to act upon, 1 or more hidden layers- represent the data processing that occurs in order to achieve the correct output, and an output layer- the action performed by the machine, or in this case, correctly sorting the images of cats and dogs.
CPT-10: Authentication:
Method (usually based on username and password) by which an IS validates or verifies that a user is really who he or she claims to be
CPT-10: Biometrics:
Methods to identify a person based on a biological feature, such as a fingerprint or retina
CPT-10: Three Classes of Hackers-Black hat:
Person who attempts to find computer security vulnerabilities and exploit them for personal financial gain or other malicious reasons.
CPT-10: Three Classes of Hackers- Gray hat:
Person who may violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers.
CPT-11: Phonetics/Phonology is:
Phonetics is the study of individual speech sounds. Phonology is the study of sound patterns (phonemes) associated with a certain language and the rules governing pronunciation.
CPT-10: Audit:
Procedure of generating, recording, and reviewing a chronological record of system events to determine their accuracy
CPT-11: Semantics:
Semantic analysis attempts to define the meaning of a single word or a group of words.
CPT-11: Gartner Five-Stage AI Maturity Model:
Stage 1: Awareness—at this stage, AI is a topic that is being discussed across the organization, but not in a strategic or systematic way. There are no projects or pilot projects underway. Stage 2: Active—at this stage, the company begins a more systematic exploration of AI adoption through the development of use cases, proof of concept, and pilot projects. Stage 3: Operational—a company has reached this stage when at least one AI project has moved to production. Stage 4: Systematic—AI adoption is prevalent throughout digitalized processes across the firm and supply chain operations while the organization evaluates options for taking advantage of new, potentially disruptive business models based on AI technology. Stage 5: Transformational—organizations at this stage have already undergone a digital transformation and are using AI in all their business processes.
CPT-10: Fault tolerance is:
The ability of an IS to continue to operate when a failure occurs, but usually for a limited time or at a reduced level
CPT-11: Syntax is:
The arrangement of words so that they make grammatical sense.
CPT-11: Morphology/ Morpheme is:
The study of word structure and word formation including the role of morphemes, the minimal unit of words that still have meaning and can't be divided further.
CPT-11: World Knowledge is:
The use of world knowledge to determine the correct meaning of words and phrases.
CPT-11: An expert system (ES) is:
a branch of AI that has been developed to solve complex problems in a specific discipline with greater speed and information processing capabilities than a human expert.
CPT-10: Data tampering is:
a cyberattack during which someone enters false or fraudulent data into a computer, or changes or deletes existing data.
CPT-10: Acceptable use policy is:
a document that lists the constraints and practices a user must agree to for access to a corporate network or the Internet.
CPT-11: computer vision is:
a field of artificial intelligence that trains computers to see using deep learning and cameras to identify objects in images and video and take appropriate action based on that information.
CPT-10: Hostile malware- Remote access trojans (RATS) is:
a form of Trojan horse that creates an unprotected backdoor into a system through which a hacker can remotely control that system.
CPT-10: Vulnerability is:
a gap in IT security defenses of a network, system, or application that can be exploited by a cyber threat to gain unauthorized access.
CPT-10: Attack vector is:
a path or means by which a computer criminal can gain access to a computer or network server in order to deliver a malicious outcome.
CPT-10: Advanced persistent threat (APT) is:
a prolonged and targeted cyberattack in which an attacker gains access to a network and remained undetected for a period of time.
CPT-10: Enterprise Risk Management Framework ERM is:
a risk-based approach to managing an enterprise developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
CPT-10: Risk is:
a situation involving exposure to danger.
CPT-10: Intrusive but not malicious softwares- Cookie is:
a small piece of data sent from a website and stored in a user's Web browser while the user is browsing a website
CPT-10: Firewall is:
a software or hardware device that controls access to a private network from a public network (Internet) by analyzing data packets entering or exiting it
CPT-10: Patch is:
a software program that users download and install to fix a vulnerability.
CPT-10: Malware signature is:
a unique value that indicates the presence of malicious code.
CPT-10: Cryptojacking is:
a way that cybercriminals can make money with minimal effort.
CPT-11: Sentiment analysis is:
a widely used approach to understanding consumer attitudes and emotions in the era of social media.
CPT-10: Intellectual property is:
a work or invention that is the result of creativity that has commercial value, including copyrighted property such as a blueprint, manuscript, or a design, and is protected by law from unauthorized use by others.
CPT-10: The four different risk mitigation strategies:
acceptance, avoidance, limitation, and transference.
CPT-10: Hostile malware- Backdoor is:
also a difficult to detect malicious computer program used to provide an attacker with unauthorized remote access to a compromised PC by exploiting security vulnerabilities and works in the background hidden from the user.
CPT-10: Cyberattack is:
an actual attempt to expose, alter, disable, destroy, steal, or gain unauthorized access to a computer system, infrastructure, network, or any other smart device.
CPT-10: Biometric control is:
an automated method of verifying the identity of a person, based on physical or behavioral characteristics. The most common biometrics are a thumbprint or fingerprint, voice print, retinal scan, and signature.
CPT-10: Voice biometrics is:
an effective authentication solution across awide range of consumer devices including smartphones, tablets,and TVs
CPT-10: General defense controls:
are established to protect the system regardless of the specific application.
CPT-10: Application defense controls:
are safeguards that are intended to protect specific applications
CPT-10: Hostile malware- Trojan:
hides in a useful program to infect the victim's system. Trojans don't self-replicate but can be used to establish backdoors that are explored by attackers.
CPT-10: Hostile malware- Virus:
infects apps like Microsoft Word where it executes instructions once opened before transferring back control to the app.
CPT-11: ES applications typically have three components:
knowledge base, inference engine, and user interface
CPT-10: Privacy Protection Act of 1980:
makes it unlawful for a government officer or employee, in connection with the investigation or prosecution of a criminal offense, to search for or seize any work product materials possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of publication, in or affecting interstate or foreign commerce.
CPT-10: zero-day exploit is:
malicious software that exposes a vulnerability in software or hardware and can create complicated problems well before anyone detects it.
CPT-11: Biometric input devices:
measure the unique physical characteristics of a person, typically for use in security devices designed to only allow access to specific individuals. Examples of commonly used visual biometric inputs include recognition of fingerprint, retina, iris, and facial features.
CPT-11: NLP programs have two basic components:
natural language understanding (NLU) and natural language generation (NLG).
CPT-10: Mobile kill switch or remote wipe capability as well as encryption are:
needed in the event of loss or theft of a device
CPT-10: Man-in-the-middle (MitM) attacks:
occur when cyber criminals insert themselves between two-parties in a transaction with the intention of stealing data.
CPT-10: Driver's Privacy Protection Act (DPPA):
protects the personally identifiable information of licensed drivers from improper use or disclosure.
CPT-10: Health Insurance Portability and Accountability Act (HIPAA):
protects the privacy of medical records and other personally identifiable healthcare information unless it's to a person who needs the information because they are involved in the person's care, processing payment for care, or the information is necessary to facilitate health-care operations.
CPT-10: Malware:
refers to various levels of intrusive or malicious software that can run undetected in the background on an IS or personal computer.
CPT-10: Gramm-Leach-Bliley Act:
requires financial institutions that offer consumers financial products such as loans, financial or investment advice, or insurance to explain their information-sharing practices to their customers and to safeguard sensitive data.
CPT-10: Intrusive but not malicious softwares- Spamware is a:
software that enables attackers to search, sort, and compile a list of e-mail addresses, generate random addresses, insert fake headers into message, and use multiple mail servers simultaneously to broadcast unsolicited messages to unsuspecting recipients.
CPT-10: Mobile biometrics:
such as voice and fingerprint biometrics, can significantly improve the security of physical devices
CPT-10: IT resilience is:
the ability to protect data and apps from any planned or unplanned disruption to eliminate the risk of downtime to maintain a seamless customer experience
CPT-10: Hostile malware- Zero-Day is:
the most dangerous type of malware and the fastest growing cyber threat
CPT-10: Shadow IT is:
the use of IT-related hardware or software by an individual or a department without the knowledge of the IT department within the organization.
