90 DECK 1 - NINJA NOTES Flashcards
Advantage of SaaS
Users do not have to worry about the underlying infrastructure or the software itself because all maintenance is taken care of by the service
Advantages of a Network Firewall
-easy to set up and configure
-inexpensive
Advantages of Application Firewall
-provide more granular control of traffic; used to protect individual programs and data
-able to inspect contents of network traffic which allows them to detect and block attacks that network firewalls cannot
-provides additional user authentication procedures to protect the program and data making access more difficult for unauthorized users
-can be used to detect and block traffic that originates from within the network (helps to prevent insider threats)
An URL includes several parts. What are they?
protocol: HTTP or HTTPS
domain: www.ninjacpareview.com
path to the resource: /about or /image.jpg
Example: https://www.ninjacpareview.com/image
antivirus software
designed to prevent, detect, and remove malware from a computer or mobile device.
-scans files and software on the device for known patterns of malware
-can monitor network traffic for suspicious activity
-software typically updates its malware definitions regulary in order to protect against new and emerging threats
-may have additional features such as firewall and antiphishing protection
-keep up to date and run regular scans
Application Firewall
implements at the application level
-controls traffic that flows in and out of programs and applications
-provides additional layer of security
-allows for additional user authentication procedures to protect program and data
-makes it more difficult
-can block unauthorized traffic
Application Software
Performs special tasks such as word processing, spreadsheets, photos; productivity; graphics; multimedia; communication; games; heuristic.
bridge
a networking device that connects two separate LANs together, allowing them to communicate with each other as if they were a single network
Bus topology
all devices are connected to a central cable called a bus.
-inefficient
-prone to failure if central cable is damaged
advantage: simple and easy to set up.
client
clients are individual computers or workstations that are used by users to access the resources provided by the server
Client-server architecture
one server is responsible for providing specific service to other devices (the clients).
Commonly used for email, file sharing and web services.
It can be implemented on a LAN or over the internet.
Community Cloud
shared by a specific group of organizations managed by one or more of the organizations in the group or by a third-party.
-economies of scale
healthcare, financial services
Compilation
the process of converting the source code into machine code.
Compiler
a type of software that converts source code written in a programming language into machine code that can be executed by a computer.
CPU
Fetches instructions from memory and decodes them. It retrieves instructions and sends them to the arithmetic logic unit (ALU) for execution.
Customer Support and Service
Cloud service providers provide support and assistance: tech support, documentation, training, consulting services.
Disadvantages of an Application Firewall
-expensive
-difficult to set up
-hard to configure
-need more maintenance
-need to be updated to support new apps and protocols
-may require additional hardware resources to run which increase cost of ownership
-may create a bottleneck in the network slowing down performance
Disadvantages of Network Firewall
-do not provide protection against all types of attacks such as malware or phishing attacks
-does not protect against malicious traffic from within the network
-cannot inspect contents of encrypted traffic
-less sophisticated than application firewalls
- don’t provide the same level of protection against app-level threats
EDI, which stands for Electronic Data Interchange
a technology that allows the exchange of business documents and information in a standardized electronic format between organizations. It’s a key component in automated business processes, enabling faster, more efficient, and error-free transactions compared to traditional paper-based methods.
Examples of PaaS
Heroku, Salesforce App Cloud, Google App Engine, AWS Elastic Beanstalk, Azure App Service
Examples of SaaS
Examples: Office 365, Salesforce, Zoom, G-Suite, Adobe Creative Cloud, Slack
Extranet
private network that shares part of an organization’s information or operations with suppliers, vendors, partners, customers, etc.
- used for supply chain management, customer service, online collaboration
-protected by firewalls, virtual private networks (VPNs)
Firewall
a security system used to control incoming and outgoing network traffic by analyzing data packets and determining whether they should be allowed through or not.
-acts as a barrier between a private internal network and the public internet
-protects computer and information from insiders
gateway
a networking device that connects two different networks together allowing them to communicate with each other.
Hoax Virus
a message that is circulated through email or social media warning users of a virus that does not actually exist.
-scares users into taking action such as forwarding or deleting files
-causes unnecessary panic
How do VPNs work?
-creates a secure, encrypted tunnel between the user’s device and VPN seriver
-all data is encrypted and then the VPN server acts as a gateway to the internet routing the user’s internet traffic through the encrypted tunnel
-allows user to access the internet and internal network resources as if they were on the same physical network
HTML
Hypertext Markup Language
Hyper-Text Transfer Protocol (HTTP)
a protocol for transferring data over the internet.
-the foundation for the World Wide Web
-used to transmit data between a server and a client
Hypertext Markup Language (HTML)
a markup language used to create the structure and layout of a webpage
-consists of series of elements each represented by a tag which describes the content and structure of the page
-it is the standard markup language for creating web pages that can be displayed in a web browser.
Infrastructure as a Service (IaaS)
virtualized computing services such as servers, storage and networking over the internet.
- users can provision and manage resources on demand and only pay for what they use
Scaling up or down for IT resources as needed
Examples are Amazon Web Services and Google Cloud Platform
Infrastructure management
cloud service providers are responsible for setting up, maintaining, and managing the physical infrastructure required to deliver cloud services
-data centers, servers, storage devices, networking equipment
Innovation and Scalability
cloud service providers must continuously innovate and improve their services to stay competitive
internet
a network that connects millions of devices
Internet Service Provider (ISP)
a company that provides customers with access to the internet
-dial-up
-DSL (over phone lines with DSL technology)
-Cable
-Fiber
Intranet
a private network used by an organization to share information and resources among its employees, members or departments
IP
responsible for routing data packets to their destination
ISP
Internet Service Provider
Key features of EDI transactions include:
Standardization: EDI documents adhere to strict formats, ensuring compatibility and understandability across different systems and organizations. Common standards include ANSI X12 (widely used in North America) and EDIFACT (predominant in international trade).
Types of Documents: EDI can handle a variety of documents such as purchase orders, invoices, shipping notices, and payment documents.
Automation: EDI facilitates automated processing of business transactions, reducing the need for manual data entry and minimizing errors.
Efficiency and Speed: Transactions can be completed in minutes or seconds, rather than days, improving the speed of business cycles.
Security: EDI transmissions are often encrypted and follow security protocols, ensuring data integrity and confidentiality.
Integration: EDI systems are often integrated with internal enterprise resource planning (ERP) systems, streamlining internal and external business processes.
EDI is widely used in various industries such as retail, manufacturing, healthcare, and logistics, helping these sectors to improve the speed, accuracy, and efficiency of their business communications.
Killer Application (killer app)
a software program that is so useful and in-demand that it drives the sales of a particular hardware platform or operating system.
-software app is so compelling people buy new hardware or software just to use it
LAN
Local Area Network: connects devices in a limited geographic area such as a home or school or office. LANS are used to share printers and servers.
Billing and Cost Management
cloud service providers offer flexible, pay as you go pricing models which requires them to track and monitor cutomer’s resource usage correctly
-transparent billing
-detailed usage reports
-cost management tools
Machine Language is also known as
machine code or assembly language
Mesh topology
each device is connected to every other device on the network
adv: it provides redundant connections so network is highly resilient.
adv: If one connection fails there are alternative paths for data to be transmitted.
disadv: It can be complex and costly because it requires a large number of connections.
Network
allows devices to connect and communicate with each other enabling the exchange of data and information.
Network Firewall
implemented at the network level so it controls all traffic that flows in and out of the network
-uses security algorithms and router communications protocols to prevent outsiders from accessing the corporate database and email systems.
-blocks unauthorized traffic such as incoming traffic from known malicious IP addresses
PAN
Personal Area Network: Use of bluetooth for smartphones, tablets, laptops in close range
Phishing
a type of social engineering attack that is used to trick users into providing sensitive information such as passwords, credit card numbers, or personal details.
-carried out through email, text messages, phone calls
-appears to be from a reputable source such as a bank, gov’t agency or well-known company
- message will ask recipient to click on a link or open an attachment which takes them to a fake website or login page that is designed to look legitimate
-user is prompted to enter personal information which is then collected by the attacker
Platform and Software Management
cloud service providers manage the underlying platforms and software applications - maintaining, updating, patching software
Platform as a Service (PaaS)
a type of cloud computing service model that provides a platform for developing, running and managing applications without the need for users to worry about the underlying structure.
- offers a development environment for building, testing, and deploying applications
Private Cloud
dedicated to a single organization managed by the organization or a third-party provider implemented on -premises, in a data center, or off-site
Private networks can be either local area networks (LANs) or wide area networks (WANs). What about public networks?
They can be either LANS or WANS
Programming Language
A set of instructions, rules and conventions used to create and execute software programs. There are many types based on use, level of abstraction, etc. Each has its own syntax, semantics and rules for constructing programs.
Programs are written in Source Language (High-Level Programming Languages or Fourth Generation Programming Languages (4GL) and then converted to Machine Language using a compiler.
Proxy server
a server that acts as an intermediary between a client and a server in a network
-forwards requests from clients and returns responses back to clients
- allows security, privacy, content filtering
-allows filtering of unwanted traffic, hide a client’s IP address, cache frequently requested content
Public Cloud
resources such as servers, storage and applications are made available to the general public over the internet such as Amazon Web Services, Google Cloud Platform
They are pay as you go model.
RAM
Stores data temporarily while a computer is running. It is used to store instructions and data the CPU needs to access quickly while running an application.
Resource provisioning
cloud service provides on-demand computing resources such as processing power, memory, storage, and networking
Ring topology
devices are connected in a circular configuration and data is transmitted in one direction around the ring.
adv: efficient because no central hub is needed.
disadv: if a device fails, all are affected
ROM
Types of memory that are permanently or semi-permanently written with data and cannot be easily rewritten or modified by a computer’s user or CPU. It is used to store data that needs to be retained when the power is off. ROM stores instructions required to start a computer.
Router
a connection point between a home or office network and the internet
Secondary Storage
Hard drive, Solid State Drive, Optical Drive, USB Drive - all known as external memory.
Security and compliance
cloud service providers implement security to protect data and apps through encryption, access controls, firewalls, intrusion detection, prevention systems
- ensure compliance with GDPR, HIPAA and PCI-DSS
server
high-capacity computer that contains software and hardware to provide a variety of services to clients.
filesharing
database management
access to printers and scanners
- manages user authentication and authorization
- manages and stores data
-processes requests from clients to add, edit, or delete data.
Service reliability and availability
cloud service providers ensure their services are reliable and available to their customers
-implements redundancy, failover, and backup systems to minimize downtime and prevent data loss
Service-Level Agreements (SLAs)
Cloud service providers establish SLA with their customers outlining the performance, availability, and support standards they commit to
-responsible for adhering to the SLA terms
-provide compensation or credits in case of failure to meet agreed-upon standards
Software as a Service (SaaS)
a type of cloud computing service model that provides software applications over the internet and accessed on demand
- a delivery model where software vendors host and maintain software apps and make them available to customers over the internet
Source Program
a set of instructions written in a programming language that is compiled by a computer. It is written by a programmer to create a software program.
Star topology
all devices are connected to a central hub
adv: reliable because each device has its own dedicated connection to the hub
If the central hub fails, all connected devices are affected.
switch
a networking device that connects multiple devices together on a computer network and forwards data packets between them.
-more advanced than bridges
-they create multiple LANs on a single physical interface
-also provide more security and traffic management capabilities
System Software
Operating system: Microsoft Windows, MacOS, Linux.
Utility programs: antivirus, disk defragmenter, backup software, disk cleanup
taxonomies (standardized set of tags) are used by what language?
XBRL allows companies to tag financial data in their reports using a standardized set of tags, called taxonomies
-allows financial software and other apps to automatically extract and analyze data
-reduces the need for manual data entry
-increases the accuracy of analysis
TCP
responsible for ensuring that data is transmitted reliably and in correct order
TCP/IP
Transmission Control Protocol/Internet Protocol
the US SEC starting in 2009, mandated that all public companies file their financial statements with what type of language?
XBRL
goal: to make it easier for investors and analysts to access and analyze financial information allowing more informed investment decisions
There are two types of networks based on ownership. What are they?
Private networks
Public networks
tree topology
a central device called the root is connected to multiple devices which are connected to additional devices in a hierarchy.
Used for large networks (schools or businesses)
Devices on the same branch can connect to each other without going through the root.
Trojan Horse
a type of malware that disguises itself as a legitimate program or file but once executed can cause damage and steal information
-does not replicate
-can give attackers remote access to the infected computer
-spread by email attachments, infected software and file downloads
Uniform Resource Locator (URL)
a unique string of characters that identifies a specific webpage or resource on the internet
-often called a web address
-used to locate and retrieve a specific resource such as a webpage, image or video.
URL
Uniform Resource Locator
VAN
Value-added network - provides value-added services such as data storage and secure transmission to businesses and organizations to facilitate electronic data interchange (EDI) between trading partners.
Virus
a type of malware (malicious software) that attaches itself to a legitimate program or file and is designed to replicate and spread itself to other computers
-slows down computers
-corrupts or deletes files
-steals personal information
VPN
Virtual Private Network
VPN
a technology that allows users to securely connect to a private network over the internet
-used to provide remote access to a company’s internal network
-can be used to provide a secure internet connection for individuals
WAN
Wide Area Network - connects devices over a large geographic area such as a city or country. The internet is the largest WAN. They can be private or public and can use satellites, telephone lines and fiber optic cables.
Web Browser
a software application that allows users to access and navigate the World Wide Web.
Examples: Google Chrome, Mozilla Firefox, Apple Safaria, Microsoft Edge, Opera
Web Server
specialized computers that store and manage webpages, images, videos, other data on the internet
-connected to the internet
-handle requests from web browsers
What are advantages of private networks?
increased security
flexibility
better performance
What are disadvantages of private networks?
cost
limited access
limited scalability
What are some examples of high-level programming languages?
C
C++
Java
Python
JavaScript
What are the advantages of public networks?
lower cost
wider availability
scalability
What are the disadvantages of public networks?
-lower security because they are accessible to the public
-lower performance (used by many which leads to congestion)
-limited control since they are owned by third-party companies
What does machine language consist of?
a series of binary digits (ones and zeros) that represent instructions and data that the computer is to process.
What is machine language?
a set of instructions that are written in a form that can be directly executed by a computer’s CPU. It is the lowest-level programming language and is specific to a type of computer.
What is the only language a computer can understand and execute directly?
machine language
All other programming languages must be compiled or interpreted into machine language before they can be executed by a computer.
What is used to create low-level software such as drivers and firmware?
machine language
What is used to create the operating system of a computer?
machine language.
What language are source programs written with
High-Level Programming Languages or Fourth Generation Programming Languages (4GL)
What makes compilers so useful?
They allow programmers to write code in a high-level programming language that is easier to read and understand, and then compile it into a machine that can be executed by the computer.
What type of high-level programming language is designed to be more user-friendly and easier to use than traditional programming languages?
4GLs - Fourth-generation programming languages.
Which applications is XBRL used in?
financial reporting
business intelligence
regulatory compliance
Which network allows users to bypass censorship and geo-restrictions?
VPNs
Users are able to access content that may be blocked in their location
Which programming language uses English-like statements and commands.
4GL
Which type of code can by directly executed by the computer’s CPU?
machine code
Which type of language is more readable by humans?
High-level programming languages. They are closer to natural human language and are less detailed and less abstract than machine language.
Which type of programming language is used for database management programs?
4GL
Who often uses VPNs?
remote workers
businesses with multiple locations
individuals who want to protect their internet connection while using public Wi-Fi
WLAN
Wireless Local Area Network - a type of LAN that uses wireless technology to connect devices.
World Wide Web
a vast network of interconnected documents and other resources linked by hyperlinks and URLs. It is the primary platform for information-sharing on the internet and is used by billions of people every day to access information, communicate, and conduct business.
Worm
a type of malware similar to a virus that replicates itself and can spread to other computers but does not attach itself to a legitimate program or file
-spreads by exploiting vulnerabilities in software or operating systems
-uses social engineering techniques to trick users into executing them
XBRL
eXtensible Business Reporting Language
XBRL (eXtensible Business Reporting Language)
a standard for electronic communication of business and financial data based on XML
-provides a common format for financial statements
-makes it easier for software programs to process and analyze data
XML
eXtensible Markup Language
XML (eXtensible Markup Language)
a markup language used to store and transport data
-designed to be platform-independent and self-describing, meaning that structure of the data is included in the document itself
-well suited for a wide range of applications such as data exchange between different systems, data storage, and data processing
What is the difference between a gateway and a firewall?
To simplify the analogy, imagine a city:
Gateway: Like a bridge or tunnel connecting two cities, allowing people and goods to flow between them.
Firewall: Like the city walls and security checkpoints, controlling who and what enters and leaves the city.
Gateways enable communication and flow, while firewalls prioritize security and control. Both are essential for building a secure and efficient network infrastructure.
While both gateways and firewalls play crucial roles in network security and connectivity, they have distinct functions and purposes:
Gateway:
Focus: Connection and routing
Main Function: Acts as a bridge between two different networks, allowing devices to communicate across them.
Key Capabilities:
Routes data packets to their intended destination across different networks.
Translates data formats or protocols between networks.
Manages traffic flow between network segments.
Can offer a basic level of security by filtering malicious traffic.
Firewall:
Focus: Security and access control
Main Function: Acts as a shield, protecting a network from unauthorized access and malicious activity.
Key Capabilities:
Filters incoming and outgoing traffic based on predefined rules.
Blocks suspicious or unauthorized traffic attempts.
Monitors network activity for potential threats.
Can be implemented as hardware, software, or a combination of both.
