ITC429 Exam 1 Review Questions

What four factors are contributing to increased use of BI?

-smart devices everywhere -data is big business -advanced BI and analytics -cloud enabled BI and analytics

What might limit the use of in-person brainstorming?

-travel expense if members are not together -schedules -time zones -available meeting space

What are the differences between data warehouses and data marts?

data marts- low cost scaled-down versions of data warehouse that can be implemented in a much shorter time

What is the "silo effect" and how does it affect business performance?

data silo- trapping info in stand alone data stores not accessible by other information systems

What devices do you have that take advantage of the IoT? Describe how they impact the way that you live and work.

cellphones, coffee makers, washing machines, lamps, and headphones all use the IoT

Why is Ransomware on the rise? How might companies guard against ransomware attacks?

centralization of data resources in an org; prevented by having offline or segregated backups of data

Describe the difference between centralized and distributed databases.

centralized- stores all data in a single central compute such as a mainframe or server distributed- stores portions of the database on multiple computers within a network

Define and give an example of an intentional and unintentional threat.

intentional- data theft, inappropriate use of data unintentional- human error, environmental hazards, and social unrest and computer system failure

Why are patches and service packs needed?

patches- software programs that users download and install to fix a vulnerability; released by the vendor or security org to repair new vulnerabilities discovered in the security system

Name the major categories of general controls.

physical controls, access controls, data security controls, communication network controls, and administrative controls

What are the six major objectives of a defense strategy?

prevention and deterrence, detection, contain the damage, recovery, correction, and awareness and compliance

What is Near Field Communication and how is it used in business?

provide consumers w/ content to complement their current activity, such as a recipe or idea videos when shopping at a super market

Explain the concepts of Intelligence Analysis and Anomaly Detection.

they take in audit trails from key systems and personnel records from HR and finance; data stored in data warehouse where they are analyzed to detect anomalous patterns

What does it mean to drill down into data, and why is it important?

to go from highly consolidated or summarized figures into the detail numbers from which they were derived

Why does an organization need to have a business continuity plan?

to keep the business running after a disaster occurs; plan covers business process, assets, HR, business partners in the event of natural disaster

Why do companies impose do-not-carry rules?

to prevent compromise; travelers can bring "clean" devices and are forbidden from connecting to the gov's network while abroad

Why do industry groups have their own standards for cybersecurity? Name one standard.

to protect their customers and their members' brand images and revenues; Payment Card Industry Data Security Standard (PCI DSS)

List ways in which virtual collaboration can be used in business?

to share info b/w retailers and their suppliers, lower transportation and inventory costs, adn reduce product development time

Why is it important to protect intellectual property?

trade secrets; could cause security risks or incur financial loss

What is the purpose of Rogue Application Monitoring?

type of defense to detect and destroy malicious apps in the wild

What is the purpose of an IP address?

unique identifying address

What are the business benefits of BI?

unites data, tech, analytics, and human knowledge to optimize business decision and ultimately drive an enterprise's success

Explain authentication and name two methods of authentication.

user identification; passwords, biometrics, key/token/card

What is the relationship between data quality and the value of analytics?

validating data and extracting insights that managers and workers can trust are key factors of successful analytics; data quality is the key to meaningful analytics

List and define three types of malware.

virus, worms, trojan horse, rookits, backdoors, and keyloggers

Why are data in database volatile?

volatile changes frequently

Explain how identity theft can occur.

when an individual's SSN and credit card numbers are stolen and used by thieves for financial gain

Give some examples of VoIP network.

wireless mobile, satellite, wireless sensor, and VoIP

Why do data need to be put into meaningful context?

wrong analysis or datasets are used, the output would be nonsense

What are two data-related challenges that must be resolved for BI to produce meaningful insight?

-data selection and quality -alignment with business strategy and BI strategy

Why is group work challenging?

-different locations of members -work for same or diff orgs -some of the needed data may be located in diff sources, could be external sources -not always successful

What are the consequences of not cleaning "dirty data"?

-lacks integrity/validation and reduces user trust -incomplete, out of context, outdates

What are the 5 principles of COBIT 5? Explain.

-meeting stakeholders needs -covering the enterprise end-to-end -applying a single integrated framework -enabling a holistic approach -separating governance from mgt

What is driving the rise of IoT?

-more widely available broadband internet -lower cost of connecting -development of more devices w/ wi-fi capabilities and embedded sensors -overwhelming popularity of the smartphone

Explain why connectivity is important in today's on-demand economy.

-needs to connect across multiple channels and platforms

What factors are contributing to mobility?

-new wireless tech -high speed networks -multitasking mobile devices -more robust mobile OS and their application -increased competitive pressure

What factors should be considered when evaluating a mobile network?

-simple -connected -intelligent -trusted

What is the purpose of internal controls?

-work atmosphere company sets for ee -reliability of financial reporting to protect investors -operational efficiency -compliance with laws, regulations, and policies -safeguarding of assets

How are the motives of hacktivists and APTs different?

APT-profit-motivated cybercriminals who operate in stealth mode hacktivists- carry out high profile attacks to gain recognition and notoriety

How is NFC different from RFID?

NFC- enables two devices w/in close proximity to establish a communication channel and transfer data through radio waves NFC is two-way communication tool, RFID is not

Describe the functions of a DBMS.

-organized way to store, access, and manage data -stores data in tables consisting of columns and rows

How can online brainstorming tools overcome those limits?

-accessed virtually w/ internet access -can post comments on your own time w/out scheduling a time

Why might management not treat cyberthreats as a top priority?

-current cybersecurity are not keeping up with the fast evolving threats -orgs need to acquire deeper knowledge of cyber attacks and combine it with business context. -applying this more accurate info will help manage and control cyber risk

What 4 components/steps comprise the IT Security Defense-in-Depth model?

1) gain senior mgt commitment and support 2) develop acceptable use policies and IT security training 3) create and enforce IT security procedures and enforcement 4) implement security tools: hardware and software

Name four U.S. Government Regulations that relate to cyber risk management.

5.8

What level of employee commits the most occupational fraud?

81% of orgs are victims of fraud; 36% were carried out by senior ot middle mgs; 45% carried out by junior ee

Explain how Hadoop implements MapReduce in two stages.

Apache Hadoop is a widely used processing platform which places no conditions on the structure of the data it can process

Explain CDC

Change Data Capture; processes which capture the changes made at data sources and then apply those changes throughout enterprise data stores to keep data synchronized

Describe the differences between distributed denial-of-service (DDoS), telephony denial-of-service (TDoS), and permanent denial-of-service (PDoS).

DDoS- crashes a network or website by bombarding it with traffic, denies service to those legitimately using it TDoS- floods a network w/ phone calls, keeps calls up for long time, overwhelms agents or circuits, prevents legitimate callers from using network PDoS- completely prevents the target's system or device from working, instead of collecting data, it completely prevents its target devices from functioning

What is the difference between IPv4 and IPv6?

IPv4- used for over three decades, limits to 32 bit address design IPv6- 128 bit address design

Why has IPv6 become increasingly important?

IPv6 can hold 340 trillion IP addresses, needed for the latest in videos, games, and e-commerce

Give examples of the three components of a business process.

Inputs- raw materials, data, knowledge, expertise Activities- work that transforms input and acts on data and knowledge Deliverables- products, services, plans, or actions

What are the two components of a wireless network infrastructure?

LANs and WiMAX

What federal law requires effective internal controls?

Sarbanes-Oxley Act requires companies to set up comprehensive internal controls

Describe the relationship in the SMAC model.

Social Mobile Analytics Cloud -model of the integration of cloud, mobile, and social tech. The cloud forms the core. Mobile devices are the endpoints. Social networks create the connection.

What is an SDDC?

Software Defined Data Center- facilitates the integration of the various infrastructure silos within orgs

Why might a company invest in a data mart?

The high cost of data warehouses can make them too expensive for a company to implement. Data marts are lower-cost, scaled-down versions that can be implemented in a much shorter time, for example, in less than 90 days. Data marts serve a specific department or function, such as finance, marketing, or operations. Since they store smaller amounts of data, they are faster, and easier to use and navigate.

Define TPS and give an example.

Transaction Processing Systems internal trans.- originate or occur within the org external trans.- originate outside the org

Why is social engineering a technique used by hackers to gain access to a network?

a.k.a. human hacking, tricks users into revealing their credentials and using that info to access their networks, when given their credentials, IT systems won't see them as hackers

Name the three essential cybersecurity defenses.

antivirus software, intrusion detection systems, and intrusion prevention systems

How do social network and cloud computing increase vulnerability?

by providing a single point of failure and attack for organized crime networks, putting critical, sensitive, and private info at risk

What is the difference between circuit switching and packet switching?

circuit- dedicated connection b/w source and destination, cannot be used by any other connection until the call has ended packet- transfers data in packets, packets are assembled once received by destination

List three types of critical infrastructures.

commercial facilities, industrial base, transportation systems, national monuments, banking and finance, ag and food

Explain why data on laptops and computers need to be encrypted.

encryption is part of a defense-in-depth approach to information security; w/out encryption, it is difficult to tell if there has been a data breach

What benefits will the upcoming 5G network standard offer businesses?

gain in speed and capacity over 4G networks, will create new jobs

Define botnet and explain why they are dangerous.

group of external hacking entities; infected computers(zombies) can be controlled and organized into a network on the command of a botmaster

What accounts for the increase in mobile traffic?

grown 400 mil times over 15 years, major increase in machine-to-machine communications and the number of wearable tech devices

Explain why it is becoming more important for organizations to make cyber risk management a high priority?

growth of mobile technologies and the IoT threaten to provide attackers w/ new opportunities, making cyber risk mgt a high priority

What are the risks caused by data tampering?

may not be detected, often used by insiders

Why is a mobile kill switch or remote wipe capability an important part of managing cyber risk?

needed in the event of loss or theft of a device

What is the main concern that organizations have about the IoT?

network security and data privacy

Explain why frameworks, standards, and models are important parts of a cybersecurity program.

no matter the framework, standards and controls are used to assess, monitor, and control cyber risk; they provide a balanced approach to measuring direct costs and intangible impacts associated with cyberattacks; must be used to paint an accurate picture of the damage sustained and to guide the creation of increased security measures going forward.

Are measurements of direct costs sufficient to reflect total damage sustained by a cyberattack?

not sufficient to estimate the true damage by a cyberattack, effects can linger for years, intangible costs tied to damage reputation, disruption of operations, loss of intellectual property or other strategic assets

What defenses help prevent occupational fraud?

occupational fraud refers to the deliberate misuse of the assets of one's er for personal gain; make ee aware that fraud will be detected by IT monitoring systems and punished

Why is mobile global traffic increasing?

orgs are recognizing the strategic value of mobile tech; moving away from ad hoc to mobile capabilities

Who created the Enterprise Risk Management Framework (ERM)? What is its purpose?

risk-based approach to managing an enterprise developed by the Committee of Sponsoring Organizations of the Treadway Commission

What is a critical infrastructure?

systems and assets, whether physical or virtual, so vital to the US that the incapacity or destruction of systems would have a debilitating impact on security, national economic security, national public health or safety, or any combination

What is the purpose of business process management(BPM)?

used to map processes performed manually by computers, or to design new processes

Name different types of networks

-Local Area Network (LAN)- short distance connection -Wide Area Network (WAN)- spans large physical distance -Wireless LAN (WLAN)- LAN based on Wi-Fi technology

How can manufacturers and health care benefit from data analytics?

-analyzing can lead to optimizing cost savings and productivity gains -manuf can track the condition of operating machinery and predict the probability of failure

What are the benefits of using an API?

-channels to new customers and markets -promote innovation -better way to organize IT -create a path to lots of apps

What are the steps in a BI governance program?

-clearly articulate business strategies -deconstruct the business strategies into a set of specific goals and objectives -identify KPIs that will be used to measure progress toward each target -prioritize the list of KPIs -create a plan to achieve goals and objectives based on the priorities -estimate the costs needed to implement the BI plan -assess and update the priorities based on results and changes

What are the business benefits of information management?

-improves decision quality -improves the accuracy and reliability of mgt predictions -reduces the risk of noncompliance -reduces time and cost

What are the advantages of using an SDDC?

-optimizes the use of resources, balances workloads -maximizes operational efficiency by dynamically distributing workloads and provisioning networks

What impacts of the SMAC model having on business?

-powerful social influences impact ad and marketing -consumers devices go digital and offer new services

What is the difference between 4G and 5G?

5g will dramatically increase the speed that data is transferred across the network

What is a data center?

A facility used to house management information systems and associated components, such as telecommunications and storage systems

Define MIS and DSS and give an example of each.

Management Info Systems- general purpose reporting systems that provide reports to managers for tracking operations, monitoring, and control Decision Support System- interactive, knowledge-based applications that support decision making

Define competitive advantage.

a condition of circumstances that puts a company in a favorable position

What is the purpose of a modem?

a device that modulates/demodulates signal for transportation

What is the standard operating procedure(SOP)?

a set of written instruction on how to perform a function or activity

What are the characteristics of an agile organization?

ability to respond quickly

Why might a company have a legal duty to retain records? Give an example.

audit, federal investigation, lawsuit, or any legal action against them

What is creating backups an insufficient way to manage an organization's documents?

backups would not be organized and indexed to retrieve them accurately and easily

Why is ERM a strategic issue rather than simply an IT issue?

bc senior mgt must ensure their company complies with legal and regulatory duties, managing e-records is a strategic issue for organizations in both public and private sectors

What is text mining?

broad category involving interpreted words and concepts in context

What is meant by "bandwidth"?

communication capacity of a network; amount of data that passes through a network over time

Describe the basic functions of business networks.

communication, mobility, collaboration, relationships, and search

What is the difference between one premise data centers and cloud computing?

data centers have a physcial facility

Describe the differences between data, information, knowledge, and wisdom.

data- products, customers, events, activities, and transactions that are recorded, classified, and stored information- processed, organized, or put into context data with meaning and value to the recipient knowledge- applies understanding, experience, accumulated learning, and expertise to current problem wisdom- applies a moral code and prior experiences to form a judgement

Describe a database and database management system. DBMS

database- collection of data sets or records stored in a systematic way DBMS- software used to manage the additions, updates, and deletions of data as transactions occur, and support data queries and reporting

What are the differences between databases and data warehouses?

databases- designed and optimized to ensure that every transaction gets recorded and stored immediately data warehouses- pull together data from disparate sources and databases across an entire enterprise; designed and optimized for analysis and quick response to queries

What is the difference between business deliverables and objectives?

deliverables are outputs created through work toward a desired benefit or expected performance improvement.

What is the purpose of the IT infrastructure?

describes the org's entire collection of hardware, software, networks, data centers, facilities, and related equipment

What is machine-to-machine technology? Give an example of a business process that could be automated using M2M.

enables sensor-embedded products to share reliable real time data via radio signals

Why has interest in data governance and MDM increased?

enterprise-wide data governance crosses boundaries and used by people through the enterprise

What level of personnel typically use an EIS?

executives and senior managers

What are the basic steps involved in analytics?

exploration, preprocessing, and categorizing and modeling

Explain ETL

extract, transform, and load; used in moving data from databases to a data warehouse

How can manufactures and health care benefit from data analytics?

fed health reform efforts have pushed health-care organizations toward big data and analytics

Explain the difference between formal and informal processes.

formal-standard operating procedures informal- undocumented, undefined, or are knowledge-intensive

What are the business benefits of EA?

helps meet the current and future goals of the enterprise and maximize the value of the technology to the org

When are private clouds used instead of public clouds?

higher security

Explain why TPSs need to process incoming data before they are stored.

improve sales, customer satisfaction, and reduce many other types of data errors with financial impacts

How is the IT infrastructure different from the IT architecture?

inf- how the physical devices and components are connected arc- one dept in an org that guides the planning process for IT resources

What is the difference between an intranet and extranet?

intranet- used w/in a company for data access, sharing, and collaboration extranet- private, company-owned networks that can be logged into remotely via the internet

Describe the purpose and benefits of data management.

main benefits of data mgt are greater compliance, higher security, less legal liability, improved sales and mkt strategies, better product classifications, and improved data governance to reduce risk

Explain what an online transaction-processing system does. OLTP

manage transaction data

Explain KPIs and give an example?

measures that demonstrate the effectiveness of a business process at achieving organizational goals; present data in easy to comprehend and comparison ready formats; current ration, AP, turnover, NPM, new followers per week

Describe the data life cycle.

model that illustrates the way data travel through an org; storage in database, loaded into a data warehouse for analysis, then reported to knowledge workers or used in business apps

Why are human expertise and judgement important to data analytics? Give an example.

needed to interpret the output of analytics because it takes expertise to properly prepare the data for analysis

Name the two tiers of traffic to which the quality-of-service is applied.

prioritized traffic- data and apps that are time-delay-sensitive or latency-sensitive apps throttle traffic- gives latency-sensitive apps priority, other types of traffic need to be held back

What factors should be considered when selecting a cloud vendor or provider?

private cloud- single tenant env with stronger security public cloud- multi tenant virtualized services utilizing the same pool of servers across a public network

Discuss how data ownership and organizational politics affect the quality of an organization's data.

problems exist when there are no policies defining responsibility and accountability for managing data

What is the function of master data management? MDM

process to integrate data from various sources to provide a more complete or unified view of an entity

What is a relational database management system?

provides access to data using a declarative language

What is an advantage of an active data warehouse? ADW

provides real-time data warehousing and analytics, not for executive strategic decision making, but rather to support operations -interacting with a customer to provide a superior customer service -respond to business events in near real time -sharing up to date status among merchant

What is the purpose of an enterprise architecture?

reviews all the info systems across all dept in an org to develop a strategy to organize and integrate the org's IT infrastructure

What is the business process?

series of steps by which an organization coordinates and organizes tasks to get work done

Explain why it is important to develop an effective data governance program.

slide 29?

Explain IT consumerization.

the migration of consumer technology into enterprise IT environments; caused by personally owned IT becoming a capable and cost-effective solution for expensive enterprise equivalents

Explain the purposes of master data management.

synchronizes critical data from disparate systems into one master file, creates high-quality trustworthy data, requires strong data governance to manage availability, usability, integrity, and security

What are the benefits of cloud computing?

the practice of using a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer

What is information management?

the use of IT tools and methods to collect, process, consolidate, store, and secure data from sources that are often fragmented and inconsistent

How do investments in network infrastructure impact an organization?

their impact on productivity, security, user experiences, and customer services

How does data mining provide value? Give an example.

used to discover knowledge that you did not know existed in the databases

How does a virtual private network (VPN) provide security?

they encrypt the packets before they are transferred over the network