ISC S2 Flashcards
Modems
-a device that bring the internet into a home or office ( receives analog signals from the internet provider and translates those signals into digital signals)
Routers
-manage network traffic by connecting devices to form a network
-act as a link between modem and switches ( computers)
-each router has public IP address
Switches
-similar with routers but does not has IP address, but does not have many advanced functions as router
-network switch can turn one network jack into several network jacks
Gateways
A gateway is a computer/device that acts as an intermediary between different networks.
Transforms data from One Protocol Into Another so that information can flow between networks.
A protocol is a rule, or set of rules, that governs the way in which information is transmitted.
edge-enable device
Allows computing, storage, and networking functions to be closer to the devices where the data or system request originates, rather than a distant central location.
The benefit is that distributed computing power is faster network response times.
Servers
Physical/Virtual machines that Coordinate computers, programs, and networks together.
Most networks use a client/server model in which the client sends a request to the server, and it provides a response or executes some action
Firewalls
-software applications or hardware devices that protect a person’s company’s network traffic by filtering it through security protocols with predefined rules
Network address translation firewalls
-Assign an internal network address to specific, approved external sources so that those sources are approved to be inside the firewall.
Topology
-Network infrastructure physical layout
-its a physical layout of equipment, or nodes in a network
Bus Topology
layout is either in a linear/tree form, with nodes connected to a single line/cable.
Data can be transmitted by any node on the system at the same time which can cause signal interference.信号干扰
To avoid, cables must be Terminated/Properly finished, at each end so signal is managed
Disadvantage of this is if the central line is compromised, the entire network is offline.
Mesh topology
-there are numerous connections between nodes
-While the number of pathways allows high levels of traffic and promotes network stability if a node is damaged, it can be costly to implement and maintain over the network’s lifespan
Ring Topology
-unidirectional ring path: move in one direction
-muti-directional paths that allow two way data transmission
-when data is transferred it must go through every other device between the source and the destination
-advantage: data transmission collision is minimized or eliminated
Star Topology
-There can be multiple hubs so that if one fails, only the nodes connected to that hub will stop functioning
-while the hub is a single point of failure, this structure makes it easy to identify damaged cables
The open system interconnection ( OSI) model - 7 layers
-explains how these protocols work, and how networking devices communicate with each other
- 7 layers ( from 7 to 1): application -> presentation-> session -> transport -> network -> data link-> physical
Layer 7 : application
-serves as the interface 界面between application that a person uses and the network protocol needed to transmit a message
-common protocols used in this layer: http, FTP, simple mail transfer protocol ( SMTP), electronic data interchange ( EDI)
Layer 6: presentation
- device using the OSI model can interpret such as standard format for video, images and web page
-Encryption 加密 occurs at this layer - ie: JPEG, MPEG, ASCII
Layer 5: Session ( think chat-room)
-sessions allow networking devices to have dialogue with each other
-ie: SQL, remote procedure call ( RPC), network file system ( NFS)
Layer 4: transport
-this layer supports and controls the communication connections between devices. it involves setting the rules for how devices are referenced, the amount of data can be transmitted, validating the data’s integrity, and determining whether data has been lost
-ie: TCP, UDP
Layer 3: Network
-adds routing and address headers/footers to the data, such as source and destination IP addresses so that the message reaches to correct devices
-it detects errors
-ie: IP, internet protocol security ( IPSec), Network address translation ( NAT), internet group management protocol ( IGMP)
Layer 2: data link
-data packets are formatted for transmissions. It is determined by the hardware and networking technology, which is Ethernet
-Media access control ( MAC) addresses
-Integrated Services Digital Network (ISDN), Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Address Resolution Protocol (ARP).
Layer 1: physical
-converts the message sent form the data link layer into bits
-ie: high speed serial interface ( HSSI), synchronous optical networking
Local -Area Network ( LAN)
-provide access to a limited geographic area such as home or single location office
Wide-area network ( WAN)
-hardware- based
- good example is internet
-provide access to a larger geographic area such as cities, regions, or countries
Software-defined WAN ( SD-WAN)
-software-defined, dynamic
-in WAN the control and management of the network is integrated into hardware, but in SD-WAN control and management are separated from the hardware and included in software
Virtual private network ( VPN)
-virtual connections through a secure channel that provide remote and access to an existing network
firmware 固件
-software that is locally embedded in hardware that instructs the hardware how to operate
-operates like software but exists locally on the machine directing the function of physical components.
-motherboard, microprocessor 微处理器
-not updated frequently or not at all
three primary Cloud computing models
-IaaS: company is responsible for environment runtime, virtual management. CSP is responsible for use operating system & firewalls but not update or maintain them
-PaaS: CSP is responsible for environment runtime, virtual management, and firewalls and cybersecurity. keeping the application’s uptime
-Saas: CSP offers access to application via the internet and is responsible for recurring upgrades, security enhancements, and other support functions
COSO enterprise risk management
-COSO -committee of sponsoring organization
-created by the treadway commission
-develop guidance for internal control, enterprise risk management, governance, fraud deterrence
COSO enterprise risk management 5 components
-governance and culture
-strategy and objective -setting
-performance
-review and revision
-information, communication and reporting
AIS is made up of three main subsystem ( or modules)
-Transaction processing system ( TPS) : sales cycle, conversion cycle, and expenditure cycle
-Financial reporting system ( FRS): aggregates with transaction processing system for infrequent events such as merges, lawsuit settlements or natural disasters
-management reporting system ( MRS): solve daily business problems ( budgeting, variance analysis )
five objective of AIS
-record valid transaction
-properly classify those transactions
-record transactions at their correct values
-record the transactions in the correct accounting period
-properly present the transactions and related information in the F/S
Process improvement driven by IT systems
objective: fewer errors, more efficient accounting, enhanced reporting
-automation
-shared services
-outsourcing
-offshore operations
detecting design deficiencies in processing integrity
-processing integrity =confidentiality and privacy
-design deficiencies= necessary controls that are missing or existing controls that are not designed properly
-method 1: 5 trust service criteria
-method 2: AICPA’s “Description Criteria for a Description of a Service Organization’s System in a SOC 2®” Report
Deviation in operations of controls
-does not operate as designed or performed by a person who lacks authority or competence ( controls is designed)
-method: performing test of control, if deficiencies are already identified, test the effectives of those control is not required
Blockchain
-control system originally designed to govern the creation and distribution of Bitcoin
in the event of a disaster, an organization has 3 option for how to maintain IT operation
-Cold site
-Hot site
-Warn site
Cold site
-off site location with electric connections and physical infrastructure for data processing but lacks the actual equipment
-need one to three days
-rely on hardware that can be quickly sourced from vendors
-cheapest
Hot site
-off site location fully equipped with necessary hardware, office management, and pre-wired for immediate use
-backup copies are kept at the hot site or nearby facility
-more expensive
warn site
-facility with hardware installed but lacking the full processing capabilities of a hot site due to incomplete equipment
Business impact analysis ( BIA)
-establish the BIA approach
-identify critical resources
-define disruption impact
-estimate losses
-establish recovery priorities
-create the BIA report
-implement BIA recommendations
business resiliency include
-business continuity : focuses on non-IT functions
-system availability controls
-crisis management : focuses on large-scale incidents that are considered a crisis
-disaster recovery : focuses on IT functions
System availability control ( method to prevent system disruption and loss of information)
-physical control: physical access controls, fire alarms and sprinklers
-IT infrastructure controls: anti-malware software, periodic reviews, network security controls, access and authorization logical control
-uninterrupted power supply
-redundancy: have redundant hardware, software, and storage as a normal part of their operations
System backup 3 type
-Full : exact copy of the entire database ( time-consuming to create but lease time to restore)
-incremental: copy only data that have changed sine last time have changed, recovery is the slowest. recovery first load last full backup + install each subsequent incremental backup in the proper sequence
-differential: copy all changes made since the last full backup : for restoration: the most recent full backup + the single differential backup, daily backup need more time than incremental but restoration is simple than incremental
System conversion method
-direct : stop the old and start the new one immediately. it has risk for if new system doesn’t work
-parallel: new system is implemented while old system is still in use for an extended period of time. It need more personnel
-pilot ( smaller than parallel): performs a conversion on a small scale within a test environment while continue the older system
-phased ( gradual ): gradually adds volume to the new system while still opening the old. It is useful for business with distributed locations
- hybrid: combination of each approach
data life cycle
-definition: first step, is define what data business need
-capture/creation: obtain data
-preparation: determine if the data is complete, clean, current, encrypted and user-friendly. Enhancing completeness and integrity of data
-synthesis 合成 :between preparation and usage, not always a necessary stage
-Analytics and usage : this stage data focus on the use in the internal company
-Publication : share with external users, once data is considered published and the internal company no longer has sole control of how that data will be used
-Archival 档案的: data moved from active system to passive system for archiving to free up storage resource for the active system; enhance active system performance & reduce security risks
–Purging: data is completely removed from the company’s storage system
Type of data collection
-Extract, transform and load ( ETL): similar to capture, preparation and synthesis but ETL is more specific method for collecting existing data in order to answer a specific data analysis question
-active data collection : this can occur from survey or interview results, for getting personal information such as user’s email, phone numbers
-passive data collection: gather information without direct permission through tracking web usage via gookies
Type of data storage
-operational data store ( ODS): it is a repository 存储库 of transactional data from multiple sources and it is a interim area between data source and data warehouse
-Data lake: similar with data warehouse but it does not have predefined data structure or schema. it contains both structured and unstructured data, whit data most being in its nature or raw format
-Data warehouse: very large data repositories that are centralized and used for reporting and analysis rather than for transactional purpose
-Data mart: it is much like data warehouse but is more focused on a specific purpose such as marketing or logistics. and it is often a subset of a data warehouse
Relational databases
-most common method for storing structured data
-data warehouse and operational data store ( ODS) build according database design
-benefits: a. completeness
b. no redundancy avoid unnecessary resources, unnecessary processing to run reports to check multiple version of truth . Only require one version of the truth and for each element of data to be stored in only one place
c. help for placement and enforcement of internal controls and business rules
d. improve communication and integration of business process
Elements in relational database
-row ( records)
-column ( attributes): primary key( identify a specific record) , foreign key ( points to another primary key) , and descriptive attribute ( record but not have unique identifying role)
-tables: relational databases are made up of a least two tables, and it has table is the major difference with flat files
-fields: a intersection of a column and row
Normalization
- it is a database technique that reduces data redundancy and eliminates undesirable characteristics like insertion and update anomalies
-divide larger tables into smaller tables and link, purpose is to eliminate redundant ( repetitive) data
First normal from ( 1NF)
-first normal form ( 1NF): a. each cell in a table must has one piece of information, b. each record in every table must be uniquely identified , primary key
Second Normal Form ( 2NF)
-requires all non-key attributes in a table to depend on the entire primary key ( composite primary key)
third Normal Form ( 3NF)
-none of the non-key attributes depend on other non-key attributes
Database model
-high level design of the data structures in an information system
database schema
-actual implementation and execution of that design in a specific relational databases
Database model type
-conceptual : high level, big picture, is an excellent place for discussion to begin with stockholders and potential system users to determine that what needs to be stored in the system . ( cover table name, table relationship )
-logical : more detailed representation of the data structures in an information system at the level of the data itself . It will identify the primary and foreign keys in each entity , adjust any entity relationship related to first /second normal form ( cover table name, table relationship, primary keys, foreign keys)
-physical: most detailed , detail enough to specify how the data stored in the database (cover table name, table relationship, primary keys, foreign keys, column data types)
Database Schemas
图式
-star schema : most common schema for dimension modeling
-snowflakes schema : similar to a star schema but with dimension tables further normalized. more complex as it requires more tables and more foreign keys to link together. it is more flexible as it allows for more detailed information to be stored about the dimensions
