cis unit 3 study guide

common comparison operators used in condition statements

== TRUE when the value on the left is equal to the value on the right, otherwise FALSE > TRUE when the value on the left is greater than the value on the right, otherwise FALSE < TRUE when the value on the left is less than the value on the right, otherwise FALSE >= <= !== NOT EQUAL TO

authentication

a method for confirming users identities. once a system determines the authentication of a user, it can then determine the access privileges (or authorization) for that user.

algorithm

a set of instructions (code) that complete a task mathematical formulas places in software that perform an analysis on a dataset.

password

a string of alphanumeric characters used to authenticate a user and provide access to a system.

BPMN: activity

a task in a business process. any work that is being performed in a process. an activity is represented by a rounded-corner rectangle in a business process model. (checking availability, picking up the customers, and confirming the booking)

bitcoin

a type of digital currency in which a record of transactions is maintained and new units of currency are generated by the computational solution of mathematical problems and which operates independently of central bank.

blockchain

a type of distributed ledger, consisting of blocks of data that maintain a permanent and tamper-proof record of transactional data.

distributed ledger

allows many different parties around the world to access and verify the same data

conditions (selections)

answers a true/false question based on data and calculation, then pursuing one set of actions if the answer is true or a different set of actions over and over until a condition becomes false.

BPMN: event

anything that happens during the course of a business process. represented by a circle in a business process model. (customer requests, time requests, end of the process)

structured query language (SQL)

asks users to write lines of code to answer questions against a database

rule-based access control

- allows system owners/admin to set rules and limitations on permissions as needed - might restrict access during certain times of day, require a user to be in a certain location, or limit access based on the device being used - good for enforcing accountability and controlling - permissions can be dynamic and customizable (countless configurations for any number of unique situations

role-based access control

- assigns permission based on the position or role a user holds within the organization - predefined role determines access - simple to set up and use - if a user needs permissions they dont have, the administrator needs to grant it to them, which may or may not be possible

business advantages of relational databases

- increased flexibility - increased scalability and performance - reduced data redundance - increased data integrity - increased data security

discretionary access control

- least restrictive - allows the owner/administrator complete control over who has access and permissions throughout the system - easy to configure and control - administrator can easily and quickly configure permissions, deciding who gets in, when and where - often gives too much authority to the administrator of the list.

mandatory access control

- most restrictive form - only gives access to owner/administrator - even the owner is restricted by the systems parameters, which are programmed as such and cannot be circumvented - military + government securities

differentiate physical view of data from logical view of data

- physical view: deals with the physical storage of data on a storage device - logical view: focuses on how individual users logically access data to meet their own particular business needs

record

collection of related data elements. each record in an entire occupies one row in its respective table

attributes

columns/fields. data elements associated with an entity

JOIN

combine rows from two or more tables, based on a related column between them

data dictionary

compiles all of the metadata about the data elements in the data model.

literal

constant values

real number

contains decimals or fractions. (pi) also could be called float

characteristics of a database management system (DBMS)

creates, reads, updates and deletes data in a database while controlling access and security.

digital fingerprint

digital identifier. important example uses for these are described for password files and blockchain. hash values serve as digital fingerprints that uniquely identify the message. change the original message in any way, even a single bit, and the altered message will have a different digital fingerprint and a different unique Transaction ID (diff hash value).

BPMN: flow

display the path in which the process flows. represented by arrows. (arrows show the path the customer rakes through the taxi can booking process).

DISTINCT

eliminates all duplicated entries

intrusion detection system/software

features full-time monitoring tools that search for patterns in network traffic to identify intruders.

comparison of pseudocode and flowcharts as a preliminary step to coding an algorithm

flowcharts shows a step by step process by using boxes and arrows. elongated circle (beginning or end of process), rectangle (instructions or actions), diamonds (decision needs to be made, conditional), parallelogram (inputs or outputs). pseudocode is a simple way of writing programming code in English. informal language

hashing

generates an encoded value that cannot be converted back into the original message. **one way encryption**

firewall

hardware and/or software that guards a private network by analyzing incoming and outgoing information for the correct markings.

transaction ID

hash value

tables

in a relational database, where data is organized and stored.

workflow

includes the tasks, activities, and responsibilities required to execute each step in a business process.

loops

instruct the computer to repeat a set of actions over and over again until a condition becomes false.

assignment

instruction that puts a new value into a variable (location of memory)

code (coding)

instructions for a computer. act of writing computer codes is coding.

boolean mathematics

involves combining test conditions using OR, AND, NOT (logical operators)

data models

logical data structures that detail the relationships among data elements by using graphics or pictures

database

maintains data about various types of objects (inventory), events (transactions), people (employees), and places (warehouses).

FROM

names one or more tables from which data values are retrieved by the query

intrusion prevention system

network security appliance that monitors network and system activities to detect possible intrusions. also prevent them by sending alarms, block malicious network messages and their responses so that they dont reach their destination and reset network connections. also log and report information about an instrusion

content filtering

occurs when organizations use software that filters content such as emails, to prevent the accidental or malicious transmission of unauthorized information.

primary concepts of the relational database model

1. attributes: columns or fields 2. records: each record in an entity occupies one row in its respective table. 3. primary keys: a field that uniquely identifies a given record in a table. 4. foreign key: primary key of one table that appears as an attribute in another table and acts to provide a logical relationship between the two tables 5. entity: also referred to as a table. stores data about a person placed thing or transaction

three advantages of blockchain: immutability, digital trust, IoT integration

1. immutability: the ability for a blockchain ledger to remain a permanent, indelible, and unalterable history of transactions 2. ledger is not stored in a single location nor managed by any particular company. 3. iot integration: iot devices linked wirelessly to a blockchain network are able to automatically update a distributed ledger of multiway transactions automatically and deliver data internally to other devices in the network or external to operators entitled to access the data by previous agreement or on demand.

4 access control models

1. mandatory access control 2. discretionary access control 3. role-based access control 4. rule-based access control

differentiate between the three areas of information security

1. people: authentication and authorization 2. data: prevention and resistance 3. attacks: detection and response

five components of a FOR loop: setup, sequence, item, work, after party

1. setup: preparing the data or information needed for a task 2. sequence: a string or list or some other data with multiple items 3. item: a variable that holds one element of sequence each time through the loop. when there are no more items, the loop stops. 4. work: the instructions you want repeated. in python these are indented 5. after party: instructions to finalize the task after the loop ends (optional)

common logical operators: AND, OR, and NOT

AND: a conjunction combines two distinct tests. uses AND operator to combine questions OR: disjunction companies two separate tests with the or statement. NOT: a negation that flips the answer from True to False.

common SQL commands

SELECT, WHERE

identify common calculation functions available in SQL including SUM, AVG, COUNT, MIN and MAX

SUM: adds together all the values AVG: averages the group of selected values COUNT: counts how many rows in a particular column MIN: returns the lowest value in a column MAX: returns the highest value in a column

condition statements

IF statements, the work performed is dependent on the condition being tested; the work is conditional.

comparison (logical) operators

OR, AND NOT

how is sorting done in SQL

ORDER BY clause

integer

whole number without decimal positions or fraction

identity management

a broad administrative area that deals with identifying individuals in a system (such as a country, network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.

record

a collection of fields that describe a single instance of the entity

nonrepudiation

a contractual stipulation to ensure that business participants do not deny (repudiate) their online actions.

FOR loop

a control instruction used for iteration and repetition

ethereum

a decentralized, open-source blockchain with smart contract functionality. native cryptocurrency of the platform, second largest by market capitalization, after bitcoin. **most actively used blockchain**

non fungible token

a digital signature backed by a blockchain technology that proves ownership of something

primary key

a field or group of fields that uniquely identifies a given record in a table

business process model

a graphic description of a process, showing the sequence of process tasks, which is developed for a specific purpose and from a selected viewpoint.

business process model and notation (BPMN)

a graphical notation that depicts the steps in a business process.

hash value

only uniquely encoded value, also known as Transaction ID

types of business change

operational (automation), managerial (streamlining), strategic (reengineering)

repetition

performs an operation more than once

iteration

performs same operation on different items, one item at a time

distributed computing

processes and manages algorithms across many machines in a computing environment

metadata

provides details about data

as-is process model

represent the current state of the operation that has been mapped, without any specific improvements or changes to existing processes.

SELECT

returns a result set of records, from one or more tables

integrity constraints

rules that help ensure the quality of data

encryption

scrambles information into an alternative form that requires a key or password to decrypt.

codeblock

set of programming statements that are put together in a syntactic way

three components of IF conditions: setup, condition, work

setup: preparing the data or information needed for a task. for a loop, this establishes the initial values of variables for the condition and loop work. condition: a test that determines tru or false work: the instructions you want to run

to-be process model

shows the results of applying change improvement opportunities to the current (as-is) process model.

tokens

small electronic devices that change users passwords automatically. the user enters his or her user ID and token-displayed password to gain access to the network.

fields

specific categories that provide additional organization by placing like data in a single column.

SQL

structured query language

attributes

the data elements associated with an entity.

data redundancy

the duplication of data, or the storage of the same data in multiple places

biometrics

the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice or handwriting.

automation

the process of computerizing manual tasks, making them more efficient and effective, and dramatically lowering operational costs.

authorization

the process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocates storage space.

normalizing

the process of separating entities and removing redundant data to as few copies as possible

IF condition/ Condition statement

the program chooses between two alternate sets of programming instructions (one set of instructions when the condition is true or a different set when the condition is false).

data element

the smallest or basic unit of data

data latency

the time it takes for data to be stored or retrieved

boolean

true or false values

qualities that make cryptographic hash functions useful

unique, quick, secure

LIKE

used in a WHERE clause to search for a specified pattern in a column

BPMN: gateway

used to control the flow of a process. handle the forking, merging, and joining of paths within a process. represented by a diamond shape in a business model. (determining availability status or accepting/declining the request)

cardinality

used to describe the type of relationships that are possible between entities (data tables)

ORDER BY

used to sort result set from ascending or descending order.

public key encryption (PKE)

uses two keys: a public key that everyone can have and a private key for only the recipient.

how is filtering done in SQL

using the WHERE clause

constant

value that does not change

strings

values that contain letters and symbols

differentiate assignments, constants, expressions, equations, & variables.

variable: a data characteristic that stands for a value that changes or varies over time