isqs exam 2

The average cost of losing a single record is ________

$221

A single data breach in the U.S. costs an organization _________

$3.7 million

Technical Safeguards

(hardware and software) - identification and authorization - encryption - firewalls - malware protection - application design

Some Implications of IoT

- Automation of mundane tasks - Remote accessibility - Better control over maintenance of devices - LOTS of data - Security concerns - Privacy concerns

The downside of mobile tech

- Average person spends more than 4 hours per day interacting with his or her phone - Depression, compulsive behavior, technology addiction, alienation from others

According to the prep material, which of the following are the cyber self-defense tactics that will help you to avoid falling to a modern cyber attack? Select all that apply. - Don't click - Seriously...stop clicking - Use strong passwords - Don't reuse passwords - Stop using passwords - Patch yourself

- Don't click - Seriously...stop clicking - Use strong passwords - Don't reuse passwords - Stop using passwords - Patch yourself

According to the preparation materials, which of the following emerging technologies are redefining mobile technology? Select all that apply: - Facial recognition - Blockchain - Voice recognition - Immersive realities - Artificial intelligence

- Facial recognition - Voice recognition - Immersive realities - Artificial intelligence

Key factors in growth for IoT

- Inexpensive processors and sensors with low power requirements - Wireless data and broadband internet - RFID Tags - IPv6

how do you improve relationship with your phone?

- Reframe your thinking - 'spend more time on your life' - Create speed bumps to checking your phone - Practice trial separations - Use apps to monitor screen time

emerging technologies

- Voice control of mobile devices - Immersive realities - Facial recognition - Artificial intelligence

risks when companies dismiss software's importance

- Vulnerability to tech-based disruption - Subpar user experience and churn - Higher costs and lower margins

DevOps

- a natural extension of agile methodologies. It continues the integration of analysis, design, and development to incorporate the integrated continuous release of software. - integrates developers and operations teams - improves collaboration and productivity by automating infrastructure, automating workflows, and continuously measuring application performance - small chunks of code in hours > large blocks in weeks/months - new mindset + new tools + new skills

Scrum Master

- agile coach - responsible for maintaining a proper balance of power between the project owner, scrum team, and management - helps teams to easily break a project down into tangible goals - selects and splits up project requirements into "Sprints." - has to troubleshoot and solve the issues - doesn't have to have technical background, but it is vital that has excellent management and communication skills -non-traditional project manager

Business Analyst

- devise ways to get the organization from where it is to where it wants or needs to be - primarily work on project teams - gathers requirements - problem-solver - detail-oriented - can translate technical jargon & communicate well - needs to have an idea of how the technical systems work

Major challenges to system development

- difficulty in determining requirements - changes in requirements - difficulties in scheduling and budgeting - changing technology - diseconomies of scale

Computer Systems Analyst

- helps a company or other organization use computer technology effectively and efficiently - incorporates new technology into a company's current system after doing a cost-benefit analysis - three types: Systems designers or architects, Software quality assurance (QA) analysts, and Programmer analysts - can find technical solutions that match a company's or organization's long-term goals, test and diagnose problems in computer systems, or develop and write code for software that meets their employers' or clients' needs. - Research, evaluate and recommend new technologies for service delivery and improvement - Design, develop, program, install, implement, conduct research for, and maintain internal data processing computer systems and utilities for customers

Project Manager

- shoulder much of the burden for bringing these initiatives from paper and presentation to reality - Dealing With Uniqueness - Assembling a Team in a Hurry - Navigating Complex Customer and Stakeholder Needs - Helping the Team Move From Forming to Performing - Scheduling the Resources - Forming an Environment for Success - Managing the Money - Ensuring Quality and Delivery

The Industrial Internet of Things (IIoT)

- the fourth industrial revolution - Industry 4.0 - the use of IoT technology in a business setting - to use a combination of sensors, wireless networks, big data and analytics to measure and optimize industrial processes

Software Developer

- two types: systems and application - create software that makes computers and other devices run. This includes your computer's or device's operating system. - Applications developers design software programs like word processors, databases, spreadsheets, and games. These applications may be mass marketed or developed for businesses - Code and test software - Troubleshoot and resolve issues in existing software - responsible for maintenance and upgrades to existing software.

What are some of the things that will help to create a better relationship with your mobile device? Select all that apply.

-Use the sight of other people on their phones as a reminder of your own intentions -Create speed bumps (or small obstacles that force you to slow down and make sure that when you do check your phone, it's the result of a conscious choice) -Pay attention to your body -Ask yourself what you want to pay attention to

According to the prep material, which of the following are social engineering attacks that hackers use? Select all that apply.

-phone phishing -phishing -credential harvesting

SDLC steps

1. Identify current problems 2. Plan 3. Design 4. Build 5. Test 6. Deploy 7. Maintain

Systems Development Life Cycle (SDLC)

1. Systems planning and selection 2. Systems analysis 3. Systems design 4. Systems implementation and operation

Experts predict that this basic functionality could one day cost as little as ______

10 cents

It is estimated by Gartner that by 2020, ____________ IoT devices will be in use.

20.4 Billion

According to the prep material, the estimated cost of the average data breach rose to _________ in 2015.

3.79 million

____% of all cyberattacks are successful

50

According to the prep materials, almost ____ of cyber attacks are caused by human error or behavior

90%

What was one of the first IoT applications?

Adding RFID tags to expensive pieces of equipment to help track their location

Agile Methodology

Aims for customer satisfaction through early and continuous delivery of useful software components developed by an iterative process using the bare minimum requirements; a method that helps teams respond to unpredictability through incremental work sequence and close, regular interaction

Which of the following are not security best practices? - Lock your device before you leave your desk - Store documents in a locked cabinet -Properly discard information - All of the above are security best practices

All of the above are security best practices

V-Shaped Model

An extension of the waterfall model, this SDLC methodology tests at each stage of development. As with waterfall, this process can run into roadblocks

he Internet of Things is a significant driver of ________________ projects because it allows companies to _____________________________ .

Big data analytics; Create vast data sets & analyze them

According to the preparation material, which of the following are business benefits of the Internet of Things? Select the best answer.

Businesses have access to more data about their own products and their own internal systems, and a greater ability to make changes as a result.

According to the preparation material, which of the following are business benefits of the Internet of Things? Select the best answer: - Businesses have access to more data about their own products and their own internal systems, and a greater ability to make changes as a result. - Businesses are able to use facial recognition such that the boundaries between the physical and virtual world collide. - Businesses are able to rely on immersive realities to measure the effectiveness of content and other marketing material. - All of the above are business benefits of IoT listed in the readings.

Businesses have access to more data about their own products and their own internal systems, and a greater ability to make changes as a result.

Systems Implementation and Operation of SDLC

Convert design into a working system • Software programming and software testing • System conversion, documentation, training, and support

Systems Design of SDLC

Creating detailed technical specifications of the system that will satisfy the specified requirements

A personal computer (PC) or a smartphone are generally considered to be IoT devices. T/F?

False

Password complexity is superior to password length when it comes to strong passwords. T/F

False

Relying on tools alone (e.g., firewalls, anti-virus software) is sufficient to protect from the modern cyber attack. T/F

False

While the Internet of Things business model involves data, data privacy is not an issue. T/F

False

Who coined the phrase 'Internet of Things'?

Kevin Ashton in 1999

Encryption

Process of converting readable data into unreadable characters to prevent unauthorized access.

- test and diagnose problems in computer systems - last line of defense before a product hits the market - area of the technological Venn diagram where the vital areas of software engineering, product management, and customer support overlap - comb through thousands of lines of code or explore every aspect of the user experience - detail-oriented

Quality assurance (QA) analysts

waterfall methodology

SDLC method where you finish one phase and then start the next. Each phase has its own mini-plan and each phase "waterfalls" into the next

__________ is one the biggest issues with the Internet of Things.

Security

Spiral Model

The most flexible model; similar to the iterative model in its emphasis on repetition; goes through the planning, design, build and test phases over and over, with gradual improvements at each pass

software development

The multistep process of designing, writing, and testing computer programs.

Big Bang Model

This high-risk SDLC model throws most of its resources at development and works best for small projects. It lacks the thorough requirements definition stage of the other methods

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. T/F

True

In creating a strong password, it is better to use a strong pass-phrase than to use a complicated, hard-to-remember password. T/F?

True

Pretty much any physical object can be transformed into an IoT device if it can be connected to the Internet and controlled that way. T/F

True

The reason phishing and other social engineering attacks are so successful is because they're disguised to look like they come from credible, trustworthy sources—forcing a sense of falsified trust. T/F?

True

When a device is connected to the Internet, that means that it can send information or receive information, or both. T/F?

True

What is the cyber self-defense golden rule?

Trust, but verify

People in cybersecurity

Users must understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data

______ will have the largest impact on mobile design

Voice

IoT data privacy

With all those sensors collecting data on everything you do, the IoT is a potentially vast privacy headache; Consumers need to understand the exchange they are making and whether they are happy with that.

while loop

a programming construct used to repeat a set of commands while a condition is true.

The Internet of Things is a significant driver of ________________ projects because it allows companies to ________________

big data analytics; create vast data sets and analyze them

Machine language

binary codes unique to specific platforms

how is the cyber landscape changing?

brute force hacking is not longer prevalent, the most common attack is now on humans

Iterative Model

emphasizes repetition. Developers create a version very quickly and for relatively little cost, then test and improve it through rapid and successive versions. One big disadvantage here is that it can eat up resources fast if left unchecked

What are the benefits of the Internet of Things for business?

enterprises should have access to more data about their own products and their own internal systems, and a greater ability to make changes as a result

IoT data analytics

generates vast amounts of data which means the IoT is a significant driver of big data analytics projects because it allows companies to create vast data sets and analyze them; can help businesses to make improvements much more rapidly

Firewalls

hardware, software, or both designed to prevent unauthorized persons from accessing electronic information

IoT

mainly used for devices that wouldn't usually be generally expected to have an internet connection, and that can communicate with the network independently of human action

cybersecurity

multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe

It's likely that __________ lost their records at least once in 2016

nearly everyone

Programmer

person who can design, create, and test computer programs; software developer

the CEO of the product is the _____

product manager

Most important element in any project is its __________

results

IoT security

sensors are collecting in many cases extremely sensitive data; security track record has been extremely poor; IoT devices give little thought to basics of security, like encrypting data in transit and at rest.

Program

set of instructions that a computer follows to perform a task; software

what isnt an IoT device?

smart phone or PC

Example of IoT device

smart watch, light bulbs, thermostat, self driving car

Out of hardware, software, data, procedures, and people, which does systems development deal with?

software and some data

systems development

the process of creating and maintaining information systems

SDLC goal

to lower cost and improve quality of software development

Assembly language

uses short words (mnemonics) for instructions instead of binary numbers

data breach

when an unauthorized person views, alters, or steals secured data

Data Safeguards

· Define data policies · Data rights and responsibilities · Rights enforced by user accounts authenticated by passwords · Data encryption · Backup and recovery procedures · Physical security

Human Safeguards

· Hiring · Training and education · Procedural design · Account administration · Assessment and compliance · Accountability

Personal safeguards

· Take security seriously · Create strong passwords · Use multiple passwords · Send no valuable data via email or IM · Use https at trusted, reputable vendors · Remove high value data from computers · Clear browsing history, temporary files, cookies · Update antivirus software · Demonstrate security concern to fellow coworkers

Why do data breaches happen?

• 67% are hackers trying to make money from personally identifiable information • Rogue internal employees • Credit card fraud, identity theft, extortion, industrial espionage

Malware Protection

• Antivirus and antispyware programs. • Scan frequently. • Update malware definitions. • Open email attachments only from known sources. • Install software updates. • Browse only reputable Internet neighborhoods.

How a program works

• CPU designed to perform simple operations on pieces of data (reading data, adding, subtracting, multiplying, and dividing numbers) • Understands instructions written in machine language and included in its instruction set • Each brand of CPU has its own instruction set • To carry out meaningful calculation, CPU must perform many operations

Systems Analysis of SDLC

• Gathering information from stakeholders • Developing system requirements

Major risks to system development

• Many projects never finish • Often 200-300% over budget • Some don't accomplish goals • Some are completed months or years behind schedule • High risk of failure

Systems Planning and Selection of SDLC

• Understanding the business problem • Making business case for potential projects • Selecting which projects to pursue

Malware Types

• Viruses • Trojan horses • Worms • Spyware • Adware • Ransomware • Payload

High-Level language

• allows simple creation of powerful and complex programs • No need to know how CPU works or write large number of instructions • More intuitive to understand

Iteration

• loops allow a set of statements to be repeated • allows for more compact, efficient source code

Sequence

• programming statements are executed sequentially • programmer must determine the logical sequence necessary to solve the problem

Selection

• selection statements allow branching logic in programs • choice of which path to follow is based on a specified condition