ITC429 Exam 1 Review Questions
What four factors are contributing to increased use of BI?
-smart devices everywhere -data is big business -advanced BI and analytics -cloud enabled BI and analytics
What might limit the use of in-person brainstorming?
-travel expense if members are not together -schedules -time zones -available meeting space
What are the differences between data warehouses and data marts?
data marts- low cost scaled-down versions of data warehouse that can be implemented in a much shorter time
What is the "silo effect" and how does it affect business performance?
data silo- trapping info in stand alone data stores not accessible by other information systems
What devices do you have that take advantage of the IoT? Describe how they impact the way that you live and work.
cellphones, coffee makers, washing machines, lamps, and headphones all use the IoT
Why is Ransomware on the rise? How might companies guard against ransomware attacks?
centralization of data resources in an org; prevented by having offline or segregated backups of data
Describe the difference between centralized and distributed databases.
centralized- stores all data in a single central compute such as a mainframe or server distributed- stores portions of the database on multiple computers within a network
Define and give an example of an intentional and unintentional threat.
intentional- data theft, inappropriate use of data unintentional- human error, environmental hazards, and social unrest and computer system failure
Why are patches and service packs needed?
patches- software programs that users download and install to fix a vulnerability; released by the vendor or security org to repair new vulnerabilities discovered in the security system
Name the major categories of general controls.
physical controls, access controls, data security controls, communication network controls, and administrative controls
What are the six major objectives of a defense strategy?
prevention and deterrence, detection, contain the damage, recovery, correction, and awareness and compliance
What is Near Field Communication and how is it used in business?
provide consumers w/ content to complement their current activity, such as a recipe or idea videos when shopping at a super market
Explain the concepts of Intelligence Analysis and Anomaly Detection.
they take in audit trails from key systems and personnel records from HR and finance; data stored in data warehouse where they are analyzed to detect anomalous patterns
What does it mean to drill down into data, and why is it important?
to go from highly consolidated or summarized figures into the detail numbers from which they were derived
Why does an organization need to have a business continuity plan?
to keep the business running after a disaster occurs; plan covers business process, assets, HR, business partners in the event of natural disaster
Why do companies impose do-not-carry rules?
to prevent compromise; travelers can bring "clean" devices and are forbidden from connecting to the gov's network while abroad
Why do industry groups have their own standards for cybersecurity? Name one standard.
to protect their customers and their members' brand images and revenues; Payment Card Industry Data Security Standard (PCI DSS)
List ways in which virtual collaboration can be used in business?
to share info b/w retailers and their suppliers, lower transportation and inventory costs, adn reduce product development time
Why is it important to protect intellectual property?
trade secrets; could cause security risks or incur financial loss
What is the purpose of Rogue Application Monitoring?
type of defense to detect and destroy malicious apps in the wild
What is the purpose of an IP address?
unique identifying address
What are the business benefits of BI?
unites data, tech, analytics, and human knowledge to optimize business decision and ultimately drive an enterprise's success
Explain authentication and name two methods of authentication.
user identification; passwords, biometrics, key/token/card
What is the relationship between data quality and the value of analytics?
validating data and extracting insights that managers and workers can trust are key factors of successful analytics; data quality is the key to meaningful analytics
List and define three types of malware.
virus, worms, trojan horse, rookits, backdoors, and keyloggers
Why are data in database volatile?
volatile changes frequently
Explain how identity theft can occur.
when an individual's SSN and credit card numbers are stolen and used by thieves for financial gain
Give some examples of VoIP network.
wireless mobile, satellite, wireless sensor, and VoIP
Why do data need to be put into meaningful context?
wrong analysis or datasets are used, the output would be nonsense
What are two data-related challenges that must be resolved for BI to produce meaningful insight?
-data selection and quality -alignment with business strategy and BI strategy
Why is group work challenging?
-different locations of members -work for same or diff orgs -some of the needed data may be located in diff sources, could be external sources -not always successful
What are the consequences of not cleaning "dirty data"?
-lacks integrity/validation and reduces user trust -incomplete, out of context, outdates
What are the 5 principles of COBIT 5? Explain.
-meeting stakeholders needs -covering the enterprise end-to-end -applying a single integrated framework -enabling a holistic approach -separating governance from mgt
What is driving the rise of IoT?
-more widely available broadband internet -lower cost of connecting -development of more devices w/ wi-fi capabilities and embedded sensors -overwhelming popularity of the smartphone
Explain why connectivity is important in today's on-demand economy.
-needs to connect across multiple channels and platforms
What factors are contributing to mobility?
-new wireless tech -high speed networks -multitasking mobile devices -more robust mobile OS and their application -increased competitive pressure
What factors should be considered when evaluating a mobile network?
-simple -connected -intelligent -trusted
What is the purpose of internal controls?
-work atmosphere company sets for ee -reliability of financial reporting to protect investors -operational efficiency -compliance with laws, regulations, and policies -safeguarding of assets
How are the motives of hacktivists and APTs different?
APT-profit-motivated cybercriminals who operate in stealth mode hacktivists- carry out high profile attacks to gain recognition and notoriety
How is NFC different from RFID?
NFC- enables two devices w/in close proximity to establish a communication channel and transfer data through radio waves NFC is two-way communication tool, RFID is not
Describe the functions of a DBMS.
-organized way to store, access, and manage data -stores data in tables consisting of columns and rows
How can online brainstorming tools overcome those limits?
-accessed virtually w/ internet access -can post comments on your own time w/out scheduling a time
Why might management not treat cyberthreats as a top priority?
-current cybersecurity are not keeping up with the fast evolving threats -orgs need to acquire deeper knowledge of cyber attacks and combine it with business context. -applying this more accurate info will help manage and control cyber risk
What 4 components/steps comprise the IT Security Defense-in-Depth model?
1) gain senior mgt commitment and support 2) develop acceptable use policies and IT security training 3) create and enforce IT security procedures and enforcement 4) implement security tools: hardware and software
Name four U.S. Government Regulations that relate to cyber risk management.
5.8
What level of employee commits the most occupational fraud?
81% of orgs are victims of fraud; 36% were carried out by senior ot middle mgs; 45% carried out by junior ee
Explain how Hadoop implements MapReduce in two stages.
Apache Hadoop is a widely used processing platform which places no conditions on the structure of the data it can process
Explain CDC
Change Data Capture; processes which capture the changes made at data sources and then apply those changes throughout enterprise data stores to keep data synchronized
Describe the differences between distributed denial-of-service (DDoS), telephony denial-of-service (TDoS), and permanent denial-of-service (PDoS).
DDoS- crashes a network or website by bombarding it with traffic, denies service to those legitimately using it TDoS- floods a network w/ phone calls, keeps calls up for long time, overwhelms agents or circuits, prevents legitimate callers from using network PDoS- completely prevents the target's system or device from working, instead of collecting data, it completely prevents its target devices from functioning
What is the difference between IPv4 and IPv6?
IPv4- used for over three decades, limits to 32 bit address design IPv6- 128 bit address design
Why has IPv6 become increasingly important?
IPv6 can hold 340 trillion IP addresses, needed for the latest in videos, games, and e-commerce
Give examples of the three components of a business process.
Inputs- raw materials, data, knowledge, expertise Activities- work that transforms input and acts on data and knowledge Deliverables- products, services, plans, or actions
What are the two components of a wireless network infrastructure?
LANs and WiMAX
What federal law requires effective internal controls?
Sarbanes-Oxley Act requires companies to set up comprehensive internal controls
Describe the relationship in the SMAC model.
Social Mobile Analytics Cloud -model of the integration of cloud, mobile, and social tech. The cloud forms the core. Mobile devices are the endpoints. Social networks create the connection.
What is an SDDC?
Software Defined Data Center- facilitates the integration of the various infrastructure silos within orgs
Why might a company invest in a data mart?
The high cost of data warehouses can make them too expensive for a company to implement. Data marts are lower-cost, scaled-down versions that can be implemented in a much shorter time, for example, in less than 90 days. Data marts serve a specific department or function, such as finance, marketing, or operations. Since they store smaller amounts of data, they are faster, and easier to use and navigate.
Define TPS and give an example.
Transaction Processing Systems internal trans.- originate or occur within the org external trans.- originate outside the org
Why is social engineering a technique used by hackers to gain access to a network?
a.k.a. human hacking, tricks users into revealing their credentials and using that info to access their networks, when given their credentials, IT systems won't see them as hackers
Name the three essential cybersecurity defenses.
antivirus software, intrusion detection systems, and intrusion prevention systems
How do social network and cloud computing increase vulnerability?
by providing a single point of failure and attack for organized crime networks, putting critical, sensitive, and private info at risk
What is the difference between circuit switching and packet switching?
circuit- dedicated connection b/w source and destination, cannot be used by any other connection until the call has ended packet- transfers data in packets, packets are assembled once received by destination
List three types of critical infrastructures.
commercial facilities, industrial base, transportation systems, national monuments, banking and finance, ag and food
Explain why data on laptops and computers need to be encrypted.
encryption is part of a defense-in-depth approach to information security; w/out encryption, it is difficult to tell if there has been a data breach
What benefits will the upcoming 5G network standard offer businesses?
gain in speed and capacity over 4G networks, will create new jobs
Define botnet and explain why they are dangerous.
group of external hacking entities; infected computers(zombies) can be controlled and organized into a network on the command of a botmaster
What accounts for the increase in mobile traffic?
grown 400 mil times over 15 years, major increase in machine-to-machine communications and the number of wearable tech devices
Explain why it is becoming more important for organizations to make cyber risk management a high priority?
growth of mobile technologies and the IoT threaten to provide attackers w/ new opportunities, making cyber risk mgt a high priority
What are the risks caused by data tampering?
may not be detected, often used by insiders
Why is a mobile kill switch or remote wipe capability an important part of managing cyber risk?
needed in the event of loss or theft of a device
What is the main concern that organizations have about the IoT?
network security and data privacy
Explain why frameworks, standards, and models are important parts of a cybersecurity program.
no matter the framework, standards and controls are used to assess, monitor, and control cyber risk; they provide a balanced approach to measuring direct costs and intangible impacts associated with cyberattacks; must be used to paint an accurate picture of the damage sustained and to guide the creation of increased security measures going forward.
Are measurements of direct costs sufficient to reflect total damage sustained by a cyberattack?
not sufficient to estimate the true damage by a cyberattack, effects can linger for years, intangible costs tied to damage reputation, disruption of operations, loss of intellectual property or other strategic assets
What defenses help prevent occupational fraud?
occupational fraud refers to the deliberate misuse of the assets of one's er for personal gain; make ee aware that fraud will be detected by IT monitoring systems and punished
Why is mobile global traffic increasing?
orgs are recognizing the strategic value of mobile tech; moving away from ad hoc to mobile capabilities
Who created the Enterprise Risk Management Framework (ERM)? What is its purpose?
risk-based approach to managing an enterprise developed by the Committee of Sponsoring Organizations of the Treadway Commission
What is a critical infrastructure?
systems and assets, whether physical or virtual, so vital to the US that the incapacity or destruction of systems would have a debilitating impact on security, national economic security, national public health or safety, or any combination
What is the purpose of business process management(BPM)?
used to map processes performed manually by computers, or to design new processes
Name different types of networks
-Local Area Network (LAN)- short distance connection -Wide Area Network (WAN)- spans large physical distance -Wireless LAN (WLAN)- LAN based on Wi-Fi technology
How can manufacturers and health care benefit from data analytics?
-analyzing can lead to optimizing cost savings and productivity gains -manuf can track the condition of operating machinery and predict the probability of failure
What are the benefits of using an API?
-channels to new customers and markets -promote innovation -better way to organize IT -create a path to lots of apps
What are the steps in a BI governance program?
-clearly articulate business strategies -deconstruct the business strategies into a set of specific goals and objectives -identify KPIs that will be used to measure progress toward each target -prioritize the list of KPIs -create a plan to achieve goals and objectives based on the priorities -estimate the costs needed to implement the BI plan -assess and update the priorities based on results and changes
What are the business benefits of information management?
-improves decision quality -improves the accuracy and reliability of mgt predictions -reduces the risk of noncompliance -reduces time and cost
What are the advantages of using an SDDC?
-optimizes the use of resources, balances workloads -maximizes operational efficiency by dynamically distributing workloads and provisioning networks
What impacts of the SMAC model having on business?
-powerful social influences impact ad and marketing -consumers devices go digital and offer new services
What is the difference between 4G and 5G?
5g will dramatically increase the speed that data is transferred across the network
What is a data center?
A facility used to house management information systems and associated components, such as telecommunications and storage systems
Define MIS and DSS and give an example of each.
Management Info Systems- general purpose reporting systems that provide reports to managers for tracking operations, monitoring, and control Decision Support System- interactive, knowledge-based applications that support decision making
Define competitive advantage.
a condition of circumstances that puts a company in a favorable position
What is the purpose of a modem?
a device that modulates/demodulates signal for transportation
What is the standard operating procedure(SOP)?
a set of written instruction on how to perform a function or activity
What are the characteristics of an agile organization?
ability to respond quickly
Why might a company have a legal duty to retain records? Give an example.
audit, federal investigation, lawsuit, or any legal action against them
What is creating backups an insufficient way to manage an organization's documents?
backups would not be organized and indexed to retrieve them accurately and easily
Why is ERM a strategic issue rather than simply an IT issue?
bc senior mgt must ensure their company complies with legal and regulatory duties, managing e-records is a strategic issue for organizations in both public and private sectors
What is text mining?
broad category involving interpreted words and concepts in context
What is meant by "bandwidth"?
communication capacity of a network; amount of data that passes through a network over time
Describe the basic functions of business networks.
communication, mobility, collaboration, relationships, and search
What is the difference between one premise data centers and cloud computing?
data centers have a physcial facility
Describe the differences between data, information, knowledge, and wisdom.
data- products, customers, events, activities, and transactions that are recorded, classified, and stored information- processed, organized, or put into context data with meaning and value to the recipient knowledge- applies understanding, experience, accumulated learning, and expertise to current problem wisdom- applies a moral code and prior experiences to form a judgement
Describe a database and database management system. DBMS
database- collection of data sets or records stored in a systematic way DBMS- software used to manage the additions, updates, and deletions of data as transactions occur, and support data queries and reporting
What are the differences between databases and data warehouses?
databases- designed and optimized to ensure that every transaction gets recorded and stored immediately data warehouses- pull together data from disparate sources and databases across an entire enterprise; designed and optimized for analysis and quick response to queries
What is the difference between business deliverables and objectives?
deliverables are outputs created through work toward a desired benefit or expected performance improvement.
What is the purpose of the IT infrastructure?
describes the org's entire collection of hardware, software, networks, data centers, facilities, and related equipment
What is machine-to-machine technology? Give an example of a business process that could be automated using M2M.
enables sensor-embedded products to share reliable real time data via radio signals
Why has interest in data governance and MDM increased?
enterprise-wide data governance crosses boundaries and used by people through the enterprise
What level of personnel typically use an EIS?
executives and senior managers
What are the basic steps involved in analytics?
exploration, preprocessing, and categorizing and modeling
Explain ETL
extract, transform, and load; used in moving data from databases to a data warehouse
How can manufactures and health care benefit from data analytics?
fed health reform efforts have pushed health-care organizations toward big data and analytics
Explain the difference between formal and informal processes.
formal-standard operating procedures informal- undocumented, undefined, or are knowledge-intensive
What are the business benefits of EA?
helps meet the current and future goals of the enterprise and maximize the value of the technology to the org
When are private clouds used instead of public clouds?
higher security
Explain why TPSs need to process incoming data before they are stored.
improve sales, customer satisfaction, and reduce many other types of data errors with financial impacts
How is the IT infrastructure different from the IT architecture?
inf- how the physical devices and components are connected arc- one dept in an org that guides the planning process for IT resources
What is the difference between an intranet and extranet?
intranet- used w/in a company for data access, sharing, and collaboration extranet- private, company-owned networks that can be logged into remotely via the internet
Describe the purpose and benefits of data management.
main benefits of data mgt are greater compliance, higher security, less legal liability, improved sales and mkt strategies, better product classifications, and improved data governance to reduce risk
Explain what an online transaction-processing system does. OLTP
manage transaction data
Explain KPIs and give an example?
measures that demonstrate the effectiveness of a business process at achieving organizational goals; present data in easy to comprehend and comparison ready formats; current ration, AP, turnover, NPM, new followers per week
Describe the data life cycle.
model that illustrates the way data travel through an org; storage in database, loaded into a data warehouse for analysis, then reported to knowledge workers or used in business apps
Why are human expertise and judgement important to data analytics? Give an example.
needed to interpret the output of analytics because it takes expertise to properly prepare the data for analysis
Name the two tiers of traffic to which the quality-of-service is applied.
prioritized traffic- data and apps that are time-delay-sensitive or latency-sensitive apps throttle traffic- gives latency-sensitive apps priority, other types of traffic need to be held back
What factors should be considered when selecting a cloud vendor or provider?
private cloud- single tenant env with stronger security public cloud- multi tenant virtualized services utilizing the same pool of servers across a public network
Discuss how data ownership and organizational politics affect the quality of an organization's data.
problems exist when there are no policies defining responsibility and accountability for managing data
What is the function of master data management? MDM
process to integrate data from various sources to provide a more complete or unified view of an entity
What is a relational database management system?
provides access to data using a declarative language
What is an advantage of an active data warehouse? ADW
provides real-time data warehousing and analytics, not for executive strategic decision making, but rather to support operations -interacting with a customer to provide a superior customer service -respond to business events in near real time -sharing up to date status among merchant
What is the purpose of an enterprise architecture?
reviews all the info systems across all dept in an org to develop a strategy to organize and integrate the org's IT infrastructure
What is the business process?
series of steps by which an organization coordinates and organizes tasks to get work done
Explain why it is important to develop an effective data governance program.
slide 29?
Explain IT consumerization.
the migration of consumer technology into enterprise IT environments; caused by personally owned IT becoming a capable and cost-effective solution for expensive enterprise equivalents
Explain the purposes of master data management.
synchronizes critical data from disparate systems into one master file, creates high-quality trustworthy data, requires strong data governance to manage availability, usability, integrity, and security
What are the benefits of cloud computing?
the practice of using a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer
What is information management?
the use of IT tools and methods to collect, process, consolidate, store, and secure data from sources that are often fragmented and inconsistent
How do investments in network infrastructure impact an organization?
their impact on productivity, security, user experiences, and customer services
How does data mining provide value? Give an example.
used to discover knowledge that you did not know existed in the databases
How does a virtual private network (VPN) provide security?
they encrypt the packets before they are transferred over the network