MODEL-databaseAplication
________ is the process of assigning pieces of application code to clients or servers.
Application partitioning
A transaction is considered isolated when:
any changes in the database are not revealed to the user until the transaction is complete.
In order for a transaction to be consistent:
any database constraints that must be true before the transaction must also be true after the transaction.
An API is a set of routines that a database server uses to access database objects.
false
The extent of the database resource that is included with each lock is called the level of:
lock granularity
A business transaction requires:
several actions against the database.
In some three-tier architectures, most application code is stored on the application server.
true
Java servlets execute from within another program and reside on the server.
true
Level of lock granularity is the extent of a database resource include with each lock.
true
Loss of confidentiality is a threat that involves outside parties using information to embarrass a company.
true
The LAMP stack consists of Apache, PHP and MySQL.
true
25) All of the following are well-accepted characteristics of transactions EXCEPT: A) Atomicity. B) Consistency. C) Persistence. D) Durability.
Persistence.
The W3C standard for Web privacy is called:
Platform for Privacy Preferences.
A common encryption method to secure data traveling between a client and a server is called:
Secure Sockets Layer (SSL).
A client PC that is responsible for processing presentation logic, extensive application and business rules logic, and many DBMS functions is called a(n):
fat client
What threats to data security must be addressed in a comprehensive data security plan?
A comprehensive data security plan must address the following threats: 1. Accidental losses, which could be caused by human error, software and hardware-caused breaches 2. Theft and fraud 3. Loss or privacy or confidentiality 4. Loss of data integrity 5. Loss of availability
The role that is responsible for developing overall policies and procedures for database security is:
Data Administration.
The role responsible for administering database security is:
Database Administration
What are the components of a Web application?
Four key components must be used together to create a Web application site: 1. A database server-hosts the storage logic for the application as well as the database 2. Web server-the Web server provides all of the functionality to receive and respond to requests from browser clients 3. Application server-provides building blocks for dynamic Web sites and Web-based applications. Some examples are the Java platform, .Net, and Coldfusion. 4. Web browser
One major disadvantage of JSP is:
HTML, Java cod,e and SQL code are mixed together.
The LAMP stack consists of all of the following EXCEPT: A) Apache. B) MySQL. C) PHP or Python. D) IIS.
IIS
A data-interchange format easily for humans to read and machines to parse and process is called:
JavaScript Object Notation (JSON).
Which of the following threats involves outside parties using information to embarrass a company?
Loss of confidentiality
________ is/are any of several classes of software that allow an application to interoperate with other software without requiring the user to understand all software involved.
Middleware
What is the difference between shared locks and exclusive locks?
Shared locks allow other transactions to read but not update a record or other resource. This is most useful when preventing another user from placing a lock on a record. An exclusive lock prevents another transaction from reading and writing a record until an update is done by the transaction that locked the record.
Discuss some of the key benefits of three-tier applications
Three-tier applications can lead to several benefits in organizations: 1. Scalability-three-tier architecture are more scalable than two-tier. One example would be to use the application server to reduce the load to the database server by using transaction processing monitors 2. Flexibility- in the three-tier architecture, it is easier to switch database engines. 3. Lower long-term costs 4. Improved customer service-multiple interfaces on different clients can access the same business processes 5. Competitive advantage
Discuss the differences between two-tier and three-tier architectures.
While a two-tier architecture only includes client and database server, a three-tier architecture includes another server in addition to the database server. This can either be an application server, which will contain much of the application logic or a web server. Three-tier architecture has been widely adopted because of increased performance, scalability, flexibility, and reusability.
A mechanism in a ResultSet object in Java that points to the current row of data is called a:
cursor
A(n) ________ prevents another transaction from reading and therefore updating a record until it is unlocked.
exclusive lock
Which of the following is a type of network security?
Authentication of the client workstation
Which of the following is a component of processing logic?
Business rules
Many Python web applications use:
Django.
Discuss some of the advantages to using model and view classes in Python.
You can change the type of database by changing the values in the settings file. Changes to the table structure require changes to the model but will not affect the view class. Programmers do not need to know the details of SQL because there are methods preprogrammed by the framework.
38) All of the following are additional methods of Web security EXCEPT: A) restrict the number of users on the Web server. B) restrict access to the Web server. C) remove unneeded programs. D) blacklist bad users.
blacklist bad users.
The actions that must be taken to ensure data integrity is maintained during multiple simultaneous transactions are called ________ actions.
concurrency control
A computer that provides database storage and access in a client/server environment is called a(n):
database server.
A database is a sequence of steps that constitute a well-defined business activity
false
A fat client does most of its processing on the server.
false
The architecture that most applications use that separates the business logic, presentation logic, and database logic is called:
model-view-controller.
Durability means that:
once a transaction is committed, no subsequent failure of the database can reverse the effect of the transaction.
All of the following are advantages of stored procedures EXCEPT: A) performance improves for compiled SQL statements. B) network traffic deceases. C) portability. D) thinner client.
portability.
) All of the following are key components of a web application EXCEPT: A) database server. B) web server. C) processing-logic server. D) web browser.
processing-logic server.
Which of the following is NOT a common distribution logic for two-tiered server environments? A) Fat client B) Tall client C) Thin client D) Distributed
tall client
Security measures for dynamic Web pages are different from static HTML pages because:
the connection requires full access to the database for dynamic pages.
How the database results are read into memory is determined by
the database driver.
A PC configured to handle user interfaces with limited local storage is called a(n):
thin client.
Application partitioning gives developers the opportunity to write application code that can later be placed on either a client workstation or a server, depending upon which location will give the best performance.
true
Client/server describes a networked computing model that distributes processes between computers that request services and computers that provide services.
true
Database administrators are responsible for administering database security.
true
An optimistic approach to concurrency control is called:
versioning
What are the most important security features for data management software?
1. Views or subschemas. These restrict user views of the database. 2. Integrity controls such as domains, assertions, checks, etc. 3. Authorization rules which identify users and restrict the actions they may take against a database 4. User-defined procedures which define additional constraints 5. Encryption procedures which encode data in an unrecognizable form 6. Authentication schemas-positively identify individuals trying to gain access to the database
A(n) ________ is a set of application routines that programs use to direct the performance of procedures by the computer's operating system.
API
The client/server architectures that have evolved can be distinguished by the distribution of ________ across clients and servers.
application logic components
A shared lock prevents another transaction from reading a record.
false
A transaction is consistent if it always runs with the same amount of memory.
false
A transaction is durable if it can resist failure.
false
Which Java method retrieves the next row of a cursor?
next()
An application server
provides the building blocks for creating dynamic web sites and web-based applications.
All transactions must have the ACID characteristics.
true
Since dynamic Web pages require full access to the database, security is different from static HTML pages
true
The presentation logic component of a client/server system is responsible for formatting and presenting data on the user's screen.
true
Discuss the distribution of application logic components across clients and servers in the client/server environment
: The first component is the presentation logic or I/O component, which is responsible for formatting and presenting data on the user's screen. The second is the processing component, which handles data processing logic, business rules, and data management logic. The third component is storage, which is responsible for data storage and retrieval.
Explain how middleware is used in a two-tier application.
Middleware is any class of software that allows an application to interoperate with other software without requiring the user to understand and code the low-level operations required for the interoperability. Database-related middleware consists of an application programmer interface (API) which allows a programmer to connect to an instance of a database. Some examples of these are ODBC, ADO.net, and JDBC. The second type of database middleware is a database driver, which is specific to the database that is being accessed. When middleware is used, there are six basic steps to access a database from within an application: 1. Identify and register a database driver 2. Open a connection to the database 3. Execute a query against the database 4. Process the results of the query 5. Repeats steps 3-4 as needed 6. Close the database connection
ABET is a common encryption method used to secure data traveling between a client and a server.
false
An application server provides basic functionality for receiving and responding to requests from browsers.
false
Business rules logic includes such activities as data validation and identification of processing errors.
false
Database administrators are responsible for developing overall policies and procedures for database security.
false
During multiple simultaneous transactions data integrity is maintained by logging.
false
Geolocation logic is the application logic component responsible for data storage and retrieval.
false
Loss of data integrity means that someone has stolen data from the database server.
false
Random password guessing is a type of network security.
false
Storage logic is provided by an application server.
false
The Magna Carta is the W3C standard for Web privacy
false
The process of assigning parts of an application to a client or server is called application partitioning
false
Three-tier architectures generally result in higher long-term costs.
false
Two-tier architectures are much more scalable than three-tier architectures.
false
Versioning is a pessimistic approach to concurrency control.
false
When developing an application, one must decide where it will be placed when it is developed
false
A client PC that is responsible for processing presentation logic, extensive application and business rules logic, as well as many DBMS functions is called a:
fat client
Which of the following is not a basic step to accessing a database from an application:
query the database.
A sequence of steps that constitute a well-defined business activity is called a:
transaction.
A business transaction requires several actions against a database.
true
A client PC that is responsible for presentation logic, application logic, and many DBMS functions is called a fat client.
true
A client/server configuration that has three layers (one client and two servers) has a three-tier architecture.
true
A web server is a key component of web applications.
true
All .html files can be processed by the web server itself.
true
ODBC is an application programming interface that provides a common language for application programs to access and process an SQL database independent of the particular RDBMS that is accessed.
true
Open Database Connectivity is an application programming interface that provides a common language for application programs to access and process SQL databases independent of the particular RDBMS that is accessed.
true
Restricting access to the Web server is one method of Web security.
true
The storage component of a client/server architecture is responsible for data storage and retrieval from the physical storage devices associated with the application.
true
Two-phase locking is a procedure for acquiring locks for a transaction before any are released.
true
When changes to the database that a transaction imposes are not revealed to the user until the transaction is completed then it is considered isolated.
true
A(n) ________ is a procedure for acquiring the necessary locks for a transaction where all necessary locks are acquired before any are released.
two-phase lock