ITC 429 Test 1
Agility
ability to respond quickly
Latent-sensitivity
data such as real-time voice and high-quality video
Intrusion Prevention Systems (IPSs)
designed to take immediate action—such as blocking specific IP addresses—whenever a traffic-flow anomaly is detected (active defense)
IT Project Managers
develop requirements, budgets, and schedules for their firm's information technology projects. They coordinate such projects from development through implementation
Formal Processes or Standard Operating Procedures (SOP)
documented and have well-established steps
Reduce stage
recombines partial results
Data Mining
software that enables users to analyze data from various dimension or angles, categorize them, and find correlative patterns among fields in the data warehouse
IT Managers
play a vital role in the implementation and administration of digital technology. They plan, coordinate, and direct research on the computer-related activities of firms
Permanent Denial-of-Service (PDoS)
prevents the target's system or device from working. Instead of collecting data or providing some on-going perverse function, its objective is to completely prevent the target's device(s) from functioning
Extranets
private, company-owned networks that can be logged into remotely via the Internet
OLTP
processes each transaction as it occurs (real-time) •Batch processing costs less than OLTP, but may be inaccurate from update delays
MapReduce
provides a reliable, fault-tolerant software framework to write applications easily that process vast amounts of data (multi-terabyte datasets) in-parallel on large clusters (thousands of nodes) of commodity software
Data warehouses
pull together data from disparate sources and databases across an entire enterprise •primary source of cleansed data for analysis, reporting, and Business Intelligence (BI)
Virtual Private Networks (VPNs)
used where security of transmissions is a concern, because they encrypt the packets before they are transferred over the network
Intranets
used within a company for data access, sharing, and collaboration
Spyware
tracking software that is not designed to intentionally damage or disable a system but to monitor or track activities
WiMax
transmits voice, data, and video over high-frequency radio signals designed as alternative to cable and DSL
Sentiment Analysis
trying to understand consumer intent
Ransomware
type of malware that is designed to block access to a computer system until a sum of money has been paid
Informal Processes
typically undocumented, undefined, or are knowledge-intensive
three types of hackers
white hat black hat gray hat
M2M and IoT
widely used to automate businesses ranging from transportation to healthcare
zombies
A group of infected computers that can be controlled and organized into a network on the command of a remote botmaster (also called a bot herder)
Cloud Service Agreements
A negotiated agreement between a company and service provider that can be a legally binding contract or an informal contract
Internal Controls (IC)
A process to ensure that sensitive data are protected and accurate designed to achieve: Reliability of financial reporting, to protect investors Operational efficiency Compliance with laws, regulations, and policies Safeguarding of assets
Near-Field Communication (NFC)
Enables two devices within close proximity to establish a communication channel and transfer data using radio waves •More secure than other wireless technologies
Software as a Service (SaaS)
End-user apps, like SalesForce
Public Cloud
Multiple-tenant virtualized services utilizing the same pool of servers across a public network (distributed)
Machine-to-machine (M2M) Technology
Enables sensor-embedded products to share reliable real time data via radio signals
Modulation and Coding
Techniques used by modem to adapt the signal to the media
Four V's of Data Analytics
Variety Volume Velocity Veracity
Signal Frequency Spectrum
All the frequency components of a signal
Distributed Database Architecture
Allow both local and remote access Use client/server architecture to process requests
Hadoop
Apache processing platform that places no conditions on the processed data structure
Principle of 90/90 Data Use
As high as 90 percent, is seldom accessed after 90 days (except for auditing purposes) oRoughly 90 percent of data lose most of their value after 3 months
Centralized Database Architecture
Better control of data quality Better IT security
Signal
Binary information we want to send
Mobile Networks
Bluetooth Wi-Fi Wimax
White Hat
Computer security specialist who breaks into protected systems and network to test and assess their security
The three objectives of data and information systems security
Confidentiality Integrity Availability
Business Process Management (BPM)
Consists of methods, tools, and technology to support and continuously improve business processes
Business Process Reengineering (BPR)
Continuous examination to determine whether processes are still necessary or operating at peak efficiency by eliminating wasted steps
Enterprise-wide Data Governance
Crosses boundaries and used by people through the enterprise. Reduces legal risks associated with unmanaged or inconsistently managed information.
Business Intelligence Challenges
Data selection and quality Alignment with business strategy and BI strategy
Hardware and software that power computing resources, like EC2 & S3 (Amazon Web Services)
Data shared among clouds, systems, apps, regardless the data source or storage location
•Online Transaction Processing (OLTP)
Designed to manage transaction data, which are volatile & break down complex information into simpler data tarbles and strike a balance between transaction-processing efficiency and query efficiency •Cannot be optimized for data mining
Business Records
Documentation of a business event, action, decision, or transaction
Management Information Systems (MIS)
General-purpose reporting systems that provide reports to managers for tracking operations, monitoring, and control
IT Architecture
Guides the process of planning, acquiring, building, modifying, interfacing and deploying IT resources in a single department within an organization
Infrastructure as a Service (IaaS)
Hardware and software that power computing resources, like EC2 & S3 (Amazon Web Services)
Social-Mobile-Analytics-Cloud (SMAC) Model
Huge data centers accessible via the Internet form the fore for the cloud by providing 24/7 access to storage, apps, and services. -Handheld and wearable devices and their users form the edge of the cloud. -Social channels connect the core and edge.
Responsiveness
IT capacity that can be easily scaled up or down as needed
Transaction Processing Systems (TPS)
Improve sales, customer satisfaction, and reduce many other types of data errors with financial impacts
Input-Processing-Output Model
Input-Processing-Output-Storage-Feedback
Data Warehouses
Integrate data from multiple databases and data silos, and organize them for complex analysis, knowledge discovery, and to support decision making
Decision Support Systems (DSS)
Interactive, knowledge-based applications that support decision making
IT Infrastructure
Inventory of the physical IT devices that an organization owns and operates
Media Bandwidth
Limit in range of frequency signals
Capacity Bandwidth
Maximum bits per second that can be transmitted
Circuit switching
Older technology that originated with telephone calls oInefficient for digital transmission
identity theft
One of the worst and most prevalent cyberthreats oMade worse by electronic sharing and databases oBusinesses reluctant to reveal incidents in which their customers' personal financial information may have been stolen, lost, or compromised
Black Hat
Person who attempts to find computer security vulnerabilities and exploit them for personal and/or financial gain, or other malicious reasons
Gray Hat
Person who may violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers
Social-Mobile-Analytics-Cloud (SMAC)
Powerful social influences impact advertising and marketing. Consumer devices go digital and offer new services.
Active Data Warehouse (ADW)
Real-time data warehousing and analytics Transform by standardizing formats, cleaning the data, integration
Data tampering
Refers to an attack during which someone enters false or fraudulent data into a computer, or changes/deletes existing data
Enterprise architecture (EA)
Reviews all the information systems across all departments in an organization to develop a strategy to organize and integrate the organization's IT Infrastructures
Four Important Factors When Choosing a Mobile Network
Simple Connected Intelligent Trusted
Declarative language
Simplifies data access by requiring that users only specify what data they want to access without defining how they will be achieved
Private Cloud
Single-tenant environments with stronger security and control (retained) for regulated industries and critical data
Data Marts
Small-scale data warehouses that support a single function or one department •Enterprises that cannot afford to invest in data warehousing may start with one or more data marts
Executive Information Systems (EIS)
Strategic-level information systems that help executives and senior managers analyze the environment in which the organization exists
Master Data & Management (MDM)
Synchronizes critical data from disparate systems into one master file
Principle of data in context
The capability to capture, process, format, and distribute data in near real time or faster requires a huge investment in data architecture
Veracity
Validating data and extracting insight that manager and workers can trust are key factors successful analytics. Trust in analytics. Trust analytics has grown more difficult with the explosion of data sources
Principle of Diminishing Data Value
The value of data diminishes as they age Blind spots (lack of data availability) of 30 days or longer inhibit peak performance Global financial services institutions rely on near-real-time data for peak performance
Platform as a Service (PaaS)
Tools and services making coding and deployment faster and more efficient, like Google App Engine
•Electronic Records Management (EMR)
Workflow software, authoring tools, scanners, and databases that manage and archive electronic documents and image paper documents oIndex and store documents according to company policy or legal compliance
Modem
a device that modulates/demodulates signal for transportation
Attack Vector
a path or means by which a hacker can gain access to a computer or network server in order to deliver a malicious outcome
Cyberthreat
a threat posed by means of the Internet (a.k.a. cyberspace) and the potential source of malicious attempts to damage or disrupt a computer network, system, or application
Intellectual Property
a work or invention that is the result of creativity that has commercial value •Includes copyrighted property such as a blueprint, manuscript or a design, and is protected by law from unauthorized use by others. can represent more than 80% of a company's value.
Flexibility
ability to quickly integrate new business functions or to easily reconfigure software or applications
Biometric Control
an automated method of verifying the identity of a person, based on physical or behavioral characteristics The most common biometrics are a thumbprint or fingerprint, voice print, retinal scan, and signature
Cloud Services
any computing resource provided over the Internet on demand, rather than run applications from software stored on company-owned server or computer
Incident
attempted or successful unauthorized access to a network, system, or application; unwanted disruption or denial of service; unauthorized use of a system for processing or storage of data; changes to a system without the owner's knowledge, instruction, or consent
Internet Protocol (IP)
basic technology that makes global communication possible. Each devise attached to a network has a unique IP address that enables it to send and receive files made up of packets
Map stage
breaks up huge data into subsets
Text Mining
broad category involving interpreted words and concepts in context
Hacking
broadly defined as intentionally accessing a computer without authorization or exceeding authorized access. There are three types of hackers
Customer Experience (CX)
building the digital infrastructure that allows customers to do whatever they want to do, through whatever channel they choose to do it.
Batch Processing
collects all transactions for a time period, then processes the data and updates the data store
Globalization
companies can outsource most of their non-core functions, such as HR and finance, to offshore companies and use ICT to stay in contact with its global employees, customers and suppliers 24/7
Process
comprised of the activities that convert inputs into outputs by doing work
Application Program Interface (API)
consists of a set of functions, commands, and protocols used by programmers for OS-interactivity without having to write a program from scratch
Distributed Denial-of-Service (DDoS)
crashes a network or website by bombarding it with traffic (i.e., requests for service) and effectively denies service to all those legitimately using it, leaving it vulnerable to other threats
Targets for cyberattacks
critical infrastructure, theft of intellectual property, identity theft, BYOD, and social media
Prioritized Traffic
data and apps that are time-delay-sensitive or latency-sensitive apps
SDDC Goals
decrease costs and increase agility, policy compliance and security by deploying, operating, managing and maintaining applications.
Digital Business Model
defined by how a business makes money via digital technology
Master Data
describes the enterprises's busniess entities
Antivirus Software
designed to detect malicious codes and prevent users from downloading them
Bring Your Own Device (BYOD)
employees providing their own (mobile) devices for business purposes to reduce expenses through cut purchase and maintenance costs. •Roughly 74% of U.S. organizations are using or planning to use BYOD •Cuts business costs by not having to purchase and maintain employees' mobile devices
Chief Technology Officers (CTOs)
evaluate the newest and most innovative technologies and determine how they can be applied for competitive advantage
Big data
extremely large data set that is too large or complex to be analyzed using traditional data processing techniques
Software-Defined Data Center (SDDC)
facilitates the integration of the various infrastructure silos within organizations
Telephony Denial-of-Service (TDoS)
floods a network with phone calls and keeps the calls up for long durations to overwhelm an agent or circuit and prevent legitimate callers, such as customers, partners, and suppliers, from using network resources
Mega Trends
forces that shape or create the future of business, the economy, and society
"The Cloud"
general term for infrastructure that uses the Internet and private networks to access, share, and deliver computing resources
Exception
generated only when something is outside designated parameters
Throttle Traffic
gives latency-sensitive apps priority, other types of traffic need to be held back (throttled)
botnet
group of external attacking entities and is a totally different attack method/vector from malware, which is internal to the system
Data Scientists
manage and analyze massive sets of data for purposes such as target marketing, trend analysis, and the creation of individually tailored products and services
Key Performance Indicators (KPIs)
measures that demonstrate the effectiveness of a business process at achieving organizational goals. They present data in easy-to-comprehend and comparison-ready format .measures that demonstrate the effectiveness of a business process at achieving organizational goals. They present data in easy-to-comprehend and comparison-ready format Examples: current ration; accounts payable turnover; net profit margin; new followers per week; cost per lead; order status.
Security risk for BYOD
mobile devices rarely have strong authentication, access controls, and encryption even though they connect to mission-critical data and cloud services. Could also be lost or stolen
Unstructured data
no predictable format
Factors leading to an increased risk of cyberattack
oInterconnected, interdependent, wirelessly networked business environment oSmaller, faster, cheaper computers and storage devices oDecreasing skills necessary to be computer hacker oInternational organized crime taking over cybercrime oLack of management support
Advanced Persistent Threats (APT)
oLaunched by attacker through phishing to again access to enterprise's network oDesigned for long-term espionage oProfit-motivated cybercriminals often operate in stealth mode to continue long-term activities
Packet Switching
oTransfers data or voice oFiles are broken into packets, numbered sequentially, routed individually to their destinations oWhen received at the destination, the packets are reassembled into their proper sequences
Internal transactions
originate or occur within the organization (payroll, purchases, etc.)
External transactions
originate outside the organization (customers, suppliers, etc.)
Deliverables
outputs created through work toward a desired benefit or expected performance improvement
Adware
software that embeds advertisement in the application
Malware
refers to hostile or intrusive software, including computer viruses, rootkits, worms, Trojan horses, ransomware, and other malicious programs used to disrupt computer or mobile operations, gather sensitive information, gain access to private computer systems
Business continuity
refers to maintaining business functions or restoring them quickly when there is a major disruption
Periodic
reports created or run according to a pre-set schedule
Intrusion Detection Systems (IDSs)
scans for unusual or suspicious traffic (passive defense)
Business Process
series of steps by which an organization coordinates and organizes tasks to get work done
Hacktivist
short for hacker-activist, or someone who performs hacking to promote awareness, or otherwise support a social, political, economic, or other cause
virtual machine
software-created computer
Wi-Fi
standard way to wirelessly connect computing devices through routers commonly connected to the Internet
Transactional Data
supports the applications
Critical infrastructure
systems and assets so vital to the country that their incapacity or destruction would have a debilitating effect
Data Analytics
technique of qualitatively or quantitatively analyzing a data set to reveal pattersn, trends, and associations that often relate to human behavior and interaction, to enhance productivity and business gain
Traffic Shaping
the ability to prioritize and throttle network traffic prioritizes the flow of traffic by delaying the flow of less important network traffic
Data governance
the control of enterprise data through formal policies and procedures to help ensure data can be trusted and are accessible.
Occupational fraud
the deliberate misuse of the assets of one's employer for personal gain
On-demand Economy
the economic activity created by technology companies that fulfill consumer demand through the immediate provisioning of products and services.
IT Consumerization
the migration of consumer technology into enterprise IT environments. It's caused by personally owned IT becoming a capable and cost-effective solution for expensive enterprise equivalents
Internet of Things (IoT)
the network of physical objects or "things" embedded with electronics, software, sensors, and network connectivity, that enables these objects to collect and exchange data
Net neutrality
the principle that Internet Service Providers (ISPs) and their regulators treat all Internet traffic the same way
Risk
the probability of a threat successfully exploiting a vulnerability and the estimated cost of the loss or damage
Digitization
the process of transforming any kind of activity or information into a digital format that can be collected, stored, searched, and analyzed electronically—and efficiently
•Online Analytics Processing (OLAP)
•A means of organizing large business databases •Divided into one or more cubes that fit the way business is conducted
Business Intelligence
•Across industries in all size enterprises •Used in operational management, business process, and decision making •Provides moment of value to decision makers •Unites data, technology, analytics, & human knowledge to optimize decisions •BI "unites data, technology, analytics, and human knowledge to optimize business decision and ultimately drive an enterprise's success" (The Data Warehousing Institute)
Dirty Data
•Lacks integrity/validation and reduces user trust •Incomplete, out of context, outdated, inaccurate, inaccessible, or overwhelming
Enterprise Risk Management Framework (ERM)
•Risk-based approach to managing an enterprise •Developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) ERM •Integrates internal control, the Sarbanes-Oxley Act mandates, and strategic planning Consists of eight components
Spear Phishing
•select groups of people with something in common •Trick user into opening an infected email •Emails sent that look like the real thing •Confidential information extracted through seemingly legitimate website requests for passwords, user IDs, PINs, account numbers, and so on.