Domain III – Information Technology – Section A: Application and System Software Flashcards
The Systems Development Life Cycle (SDLC)
is a theoretical description of the phases through which an information system is developed. Generally, there are five phases in a SDLC:
Phase 1: Systems Planning and Investigation Phase
Phase 2: Systems Analysis
Phase 3: Systems Design and Development
Phase 4: System Implementation
Phase 5: Systems Operations and Maintenance
Parallel Conversion
the new system operates concurrently with the old system for a period of time.
Phased Conversion
implementation would start in selected units and operations of the new systemare closely monitored and evaluated. Once management is satisfied with the newsystem, it would gradually replace the old system in all the other units.
Pilot Conversion
the system would be initially tested at a pilot site while users are still using the old system. Once the new system is operating satisfactorily in the pilot site, it is introduced to the whole organization.
Direct Conversion
occurs when the new system immediately replaces the old system.
IT change management can be defined
as the set of processes executed within
the organization’s IT department designed to manage the enhancements, updates, incremental fixes, and patches to production systems, which include:
1. Application code revisions.
2. System upgrades (e.g., applications, operating systems, and databases).
3. Infrastructure changes (e.g., servers, cabling, routers, and firewalls).
Program
is a set of instructions that tells the computer what to do. The computer is a dumb machine, it does nothing on its own until instructed to do so.
Code Generators
are tools that generate program code based on parameters defined by the systems analyst. They are usually used in association with CASE products.
Test Data Generators
are tools used to systematically generate random data that can be used to test programs.
Computer Aided Software Engineering (CASE)
is the use of automated software packages that aid in the development of all phases of an information system
(requirements definition, analysis, design, code production, testing, document generation).
Fourth Generation Languages
are user‐friendly computer languages used in computer programming. They are nonprocedural problem‐oriented programming languages that
simplify the programming process.
Object‐oriented techniques
are system development techniques that combine
both data and procedures in what is called an object as contrasted with the traditional structure which considers data separately from the procedures that act
on them.
User‐developed applications (UDAs)
are applications that are developed by end users,
usually in a non‐controlled IT environment (sometimes it is called end‐user computing).
=> UDAs typically consist of spreadsheets and databases created and used by end users to extract, sort, calculate, and compile organizational data.
Rapid Application Development (RAD)
is an application development methodology that
allows for the development of strategically significant systems quickly. RAD allows for a reduction in time, costs, and maintaining quality of developed systems.
Database
is a structured collection of data intended to be accessible and used by multiple users in various ways.
Data
is any sequence of symbols given meaning by specific actions of interpretations.
=> Data can be stored, processed, and transmitted in the form of electrical signals. Data requires interpretation to become information.
A field
is a space that contains one data value. Fields are the smallest units of information in database systems. In spreadsheets, fields are called cells.
=> Examples of fields in a customer’s database include the name of the customer, the address, the telephone number, or the account number.
A record
is a basic data structure. Records in a database are usually called rows. Each row consists of several column fields. Every row in a table has the same set of columns.
=> In a customer’s database, each record would be dedicated to a particular customer and include all information related to that customer such as name, address, telephone number, and account number.
An object
can be a table, a form, or an association between data and a database entity.
=> For example, in Microsoft Access, an object could be a table, a query, a form, or a report.
A database schema
is the structure of the database that defines the objects and relations in the database.
=> It defines how the data is organized and how the relations among them are associated.
A query
is a request of information from a database.
Database Management System (DBMS)
is a software package that controls the development, use, and maintenance of the organizational databases.
=> This includes more control over the organization, storage and retrieval of data, in addition to more security and integrity of the database.
Hierarchal (database Structure)
organizes data in a parent‐child relationship. Each child has only one
parent, however, parents may have many children.
Difficult to apply when children need to relate to more than one parent.
Network (database structure)
organizes data in a parent‐child relationship, however, in addition to each parent having more than one child, each child may also have more than one parent.
Due to the complexity of the structures, they may be difficult to comprehend, modify, or reconstruct in case of failure.
Relational (database structure)
organizes data independent from the physical implementation of the data structure and establishes relationships amongst the data.
Relational database technology separates data from the application.
Data definition language
is used to define (that is, determine) the database. It is used by the database administrators to establish the structure of database tables.
Data control language
is used to specify privileges and security rules.
Data manipulation language
provides programmers with a facility to update the database.
Data query language
is used for ad‐hoc queries.
Network analysis (passive attack)
describes the practice to obtain a complete profile of an organization’s network security infrastructure.
Eavesdropping (passive attack)
describes the practice of intercepting communication lines to obtain copies of communications and messages flowing into and out of the organization’s network systems.
Traffic analysis (passive attack)
describes the practice of determining the nature of flow between the organization and third parties.
Brute‐force attack (active attack)
involves the use of password cracking software to gain unauthorized access to restricted systems.
Masquerading (active attack)
is the use of an identity other than the user’s to gain unauthorized access.
E‐mail bombing (active attack)
involves sending an identical message to an e‐mail address repeatedly.
E‐mail spamming (active attack)
involves sending a message to a significant amount of users.
E‐mail spoofing (active attack)
involves receiving an e‐mail that appears to be from a source while in actuality it is from a different source.
Management information system (MIS)
provide middle management with reports that summarize and categorize information derived from all the company databases.
Transaction processing system (TPS)
is an information system supporting day‐to‐day business operating activities or transactions, usually the first and most important objective of an information system.
Decision support system (DSS)
is a computer‐based information system for assisting managers in planning and decision‐making.
Enterprise‐wide Resource Planning (ERP) System
is a software that allows the integration and automation of the significant business processes in a company. It is considered the backbone of e‐businesses as it generally integrates the manufacturing, distribution, sales, accounting, finance, human resources processes (amongst others).
=> Amongst the larger ERP software manufacturers are the SAP®, Peoplesoft® and Oracle®.
Governance, Risk management and Compliance GRC System
GRC system is software a that allows organizations to pursue a systematic approach to develop and implement GRC strategy including managing regulations, compliance, and risks in the organization’s key operations. GRC software provide a single centralized platform to control the various functions and procedures related to GRC.
Customer Relationship Management (CRM) System
CRM system is a software that allows organizations to manage their relationships and interactions with current and potential customers. CRM systems compile data from different channels, including an organization’s email, website, telephone, chat, sales
records, customer service, marketing materials, and social media. Compiling customer data in one place provides for a better customer relationship management.
Distributed Databases
the use of distributed databases that are continuously updated facilitates the filing, processing, and retrieval of data from an organizational system that
has widely dispersed operations. Using distributed databases allows for minimizing total interruption of processing throughout a distributed information technology system as there is a capability to continue processing at all sites except a nonfunctioning one (usually referred to as fail‐soft protection).
