ITF + Exam Outline Flashcards

Question

Storage Unit

Answer 1

Bit-Basic unit of computer data is the binary digit, which can represent two values (zero or one) Byte-eight bits KB-1000 bytes MB-1,000,000 bytes GB-1,000,000,000 TB-1000 GB PB-1000 TB

Answer 2

BPS-when data is transferred between a components in the computer or between computers over a network, the throughput rate that a particular connection can sustain is measure in bps Kbps-1000 bits per second. Older computer peripheral interfaces (or buses) and slow network links Mbps-1,000,000 bits per second. Many internal computer interfaces have throughputs measured in Mbps. Wireless networks and residential internet links also typically have this sort of throughput. Gbps-1,000,000,000 bits per second-The latest PC bus standards and networks can support this higher level of throughput Tbps-1,000,000,000,000-This sort of capacity is found in major telecommunications links between data centers, cities, and countries

Answer 3

MHZ-1 million cycles per second. Older PC bus interfaces and many types of network interface work at this slower signaling speed GHZ-1000 million cycles per second. Modern CPUs and Bus types plus fiber optic network equipment work at these much faster speeds

Answer 4

1) Identify the problem 2) Research knowledge base/internet, if applicable 3) Establish a theory of probable cause 4) Test the theory to determine the cause 5) Establish a plan of action to resolve the problem and identify potential effects 6) Implement the solution or escalate as necessary 7) Verify full system functionality and, if applicable, implement preventive measures 8) Document findings/lessons learned, actions, and outcomes

Answer 5

Telephone Connector (RJ-11)-While local networking uses Ethernet technologies, some networking and communications functions depend on direct use of the telephone network Ethernet connector (RJ-45)-An ethernet network adapter used with twisted pair cable will have an RJ-45 port to connect the computer to the network, via another RJ-45 port in the network equipment.

Answer 6

Bluetooth-is used for so-called Personal Area Networks (PAN) to share data with a PC, connect to a printer, use a wireless headset, connect to a wireless mouse/keyboard, and so on NFC-is a peer-to-peer version of RFID; that is, an NFC device can work as both tag and reader to exchange information with other NFC devices. NFC normally works at up to two inches at data rates of 106, 212, and 424 kbps.

Answer 7

The Universal Serial Bus(USB) has become the standard means of connecting peripheral devices to a computer. USB devices are plug and play

Answer 8

bus was based on the IEEE 1394 standard and the Small Computer System Interface (SCSI) communications protocol. The firewire 400 standard used 6-pin alpha connectors and cabling. The maximum transfer rate is 400 Mbps

Answer 9

Can be used both as a display interface and as a general interface like USB or firewire

Answer 10

a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.

Answer 11

RFID-is a means of targeting and tracking objects using specially-encoded tags

Answer 12

Near field communications is a peer to peer version of RFID; that is, an NFC device an work as both tag and reader to exchange information with other NFC device

Answer 13

VGA HDMI DVI Display port Mini Display port

Answer 14

This means that when you connect a new device, windows identifies it and tries to install a device driver. The device driver makes the device work with the operating system

Answer 15

Some types of devices are not connected to the computer via a peripheral portbut accessed over a network

Answer 16

If you open up a PC or laptop, the main thing you will see is the motherboard (or system board). The motherboard is a printed circuit board (PCB) with some built-in processors (the chipset), sockets and slots for upgradable components (CPU, RAM, adapter cards, disk drives), and wires (buses) to connect them together

Answer 17

When a computer is powered on, it needs some standard means for the CPU to start processing instructions and initialize the other components. This is referred to as bootstrapping or more simply as booting. The bootstrapping process occurs before the operating system software is loaded and is enabled by a low-level operating system called firmware. The BIOS (Basic input/output system) is one example of PC firmware. It provides industry standard program code to get the essential components of the PC running and ensures that the design of each manufacturer's motherboard is PC compatible

Answer 18

When a program is started, its instructions are loaded into system memory. System memory uses a type of technology called Random Access Memory (RAM). Having more RAM allows the PC to open more programs simultaneously and work on large files more efficiently. As well as system memory size, the speed of the memory subsystem is also important. The CPU fetches instructions from system memory as it needs them. This means that the bus between the CPU and memory, often referred to as the FRONT SIDE BUS(FSB), must be as fast as possible.

Answer 19

is the device that "runs" software programs. Software is composed of many simple instructions. The CPU processes these instructions and directs other components to perform actions, such as displaying an image on the screen or printing a document

Answer 20

Mobile Phone Tablet

Answer 21

Laptop Workstation Server

Answer 22

Laptop Workstation Server

Answer 23

Hard drive-are based on magnetic disk technology SSD-Use a type of transistor based memory called flash memory and are much faster than HDDS

Answer 24

Displaying a high resolution image to the user requires a lot of processing power, especially if the image changes rapidly, as with video, or uses complicated 3D and texture effects, as with computer games.

Answer 25

Heatsinks and thermal paste-A heatsink is a block of metal with fins. As the fins expose a larger surface area to the air around the component, a greater cooling effect by convection is achieved. The heat sick is "glued" to the surface of the chip using thermal paste, also referred to as thermal grease or compound, to ensure the best transfer of heat.

Answer 26

on a home network, the computer will be connected to an internet router via an Ethernet port. On a business network, the computer will be connected to the wider network via an Ethernet Switch. The Ethernet port in the computer is provided by a Network Interface Card (NIC). Wireless network-most homes networks support Wi-Fi radio networking so that computing devices do not have to be cabled to the internet router to access the network.

Answer 27

Almost all workstation computers come with a NIC on the motherboard (onboard card). Servers may have additional NICs supplied on expansion or (addon) cards. The connection to the router is made using a cable with RJ-45 connectors on each end

Answer 28

Fiber optic cables perform much better over long distances and are not affected by noise in the way that electrical signals over copper cable are.

Answer 29

Where FTTC is offered by providers with origins in the telephone network, a cable internet connection is usually provided as part of a Cable Access TV (CATV) service. These networks are often described as Hybrid Fiber Coax (HFC) as they combine a fiber optic core network with coax links to customer premises equipment

Answer 30

is one of the most popular SOHO internet service types. DSL works over an ordinary telephone line, providing the line is of sufficient quality. The DSL modem/router is connected to the telephone line using a cable with RJ-11 connectors between the WAN port on the router and the telephone point.

Answer 31

is a means of provisioning a wireless local network using Wi-Fi standard equipment. While this isn't a means of internet service position in itself, it is a means for a client to connect to a wireless router offering internet access

Answer 32

systems provide far bigger areas of coverage than can be achieved using other technologies. The microwave dishes are aligned to orbital satellites that can either relay signals between sites directly or via another satellite.

Answer 33

data connections use radio transmissions but at greater range than Wi-Fi. Cellular data is more closely associated with internet access for cell phones and smartphones than with computers.

Answer 34

Volatile means that data is only retained in the memory chips while there is a power source. Non-volatile where the data is preserved when the power is turned off

Answer 35

Random access memory

Answer 36

Data on an HDD is encoded magnetically on specially coated glass or plastic platters accessed by drive heads

Answer 37

are designed to replicate or supplement the function of the hard drive. Solid state storage uses of non-volatile memory technology called flash memory.

Answer 38

CDS, DVDs, Blu-rays are considered optical drives because a laser is used to read date from the discs

Answer 39

USB thumb drive

Answer 40

Appliance is one or more hard drives housed in an enclosure with basic server firmware, usually running some form of Linux. The NAS appliance provides access to its storage devices using various file sharing protocols.

Answer 41

All computers have at least one internal hard disk, or SSD, for storing the operating system and software applications plus user data.

Answer 42

both for home and business use. Some vendors offer users a certain amount of free cloud-based storage. There are also business oriented solutions, such as drop box and amazon.

Answer 43

Home appliances Home automation devices -Thermostats -Security systems -Modern cars -IP cameras -Streaming media devices -Medical devices

Answer 44

Network signals must be packaged in such a way that each host is able to understand them. Also, each host must have a means of recognizing the location of other hosts on the network. These functions are provided by a network protocol. A network protocol identifies each host on the network using a unique address. It also defines a packet structure. A packet is a wrapper for each data unit transmitted over the network. A packet generally consists of a header and a payload

Answer 45

is a hierarchical, client/server-based distributed database name management system. The purpose of the DNS database is to resolve resource names to IP addresses. In the DNS, the clients are called resolves and the servers are called name servers.

Answer 46

-LAN-A network in a single location is often described as a Local Area Network (LAN). This definition encompasses many different types and size of networks though. -WAN-Networks in different geographic locations but with shared links are called Wide Area Networks (WAN). A WAN is more likely to make use of a service provide network. Companies that operate national telephone networks are called Telecommunications company.

Answer 47

Is used to logically identify each device (host) on a given network

Answer 48

At the data link layer, each host is identified by the address of its network interface. This is called a hardware address or a media access control (MAC) address. The mac address is assigned to the network adapter at the factory. It is a 48-bit value expressed in hex notation.

Answer 49

HTTPS/S POP3-Post Office Protocol v3(POP3) IMAP-Internet Message Access Protocol(IMAP) SMTP-Simple transfer protocol

Answer 50

connects the wired and wireless network clients to the internet via a WAN link

Answer 51

connects the wired and wireless network clients to the internet via a WAN link

Answer 52

Connects four or eight computers together in an Ethernet LAN using RJ-45 network ports and twisted-pair cabling

Answer 53

creates a Wi-Fi wireless network (WLAN) between computers and mobile devices equipped with suitable adapters and also switches communications between the wired and wireless networks

Answer 54

a firewall restricts access to a computer or network to a defined list of hosts and applications. Basic packet filtering firewalls work on the basis of filtering network data packets as they try to pass into or out of the machine

Answer 55

802.11a/b/g/n/ac (802.11a)"1999" 54 mbps/5 GHz (802.11b)"1999" 11 mbps/2.4 GHz (802.11g)"2003" 54 Mbps/2.4 GHz (802.11n)"2009" 72.2 Mbps/stream(single channel) 2.4/5Ghz (802.11n)"2009" 150 Mbps/stream(bonded channels) 5 GHz (802.11ac)"2013" 1.7 Gbps 5 Ghz

Answer 56

Change SSID Change defualt password

Answer 57

-Encrypted-scrambles the messages being sent over the WLAN so that anyone intercepting them is not able to capture any valuable information. -Unencrypted-selecting open authentication means that the client is not required to authenticate.

Answer 58

When the client associates with the open hotspot and launces the browser, the client is redirected to a captive portal. This will allow the client to authenticate to the hotspot provider's network.

Answer 59

-this is an older standard. WEP is flawed and you would only select this if compatibility with legacy devices and software is imperative

Answer 60

this fixes most of the security problems with WEP. WPA uses the same weak RC4 (riveset cipher) cipher as WEP but adds a mechanism called the Temporal Key integrity protocol (TKIP)

Answer 61

this implements the 802.11i WLAN security standard. The main difference to WPA is the use of the AES(advanced encryption standard) cipher for encryption.

Answer 62

Another function of an OS is to "drive" the computer hardware. OS software is built from a kernel of core functions with additional driver software and system utility applications. Each hardware component requires a driver to work. The OS is responsible for identifying the components installed on the PC and loading drivers to enable the user to configure and use them.

Answer 63

format mass storage devices and manage partitions. Partitions allow a single disk to be divided into multiple different logical areas, each of which can be accessed via the OS as a separate drive.

Answer 64

-Kill process/end task-device manager

Answer 65

once the application has been installed, there are various ways to perform additional configuration and application management -Configuring application compatibility -Repairing and uninstalling software -Enabling and disabling windows features

Answer 66

When a process executes, it takes up space in system memory. If the system runs out of memory, then processes will be unable to start, and running processes may crash because they cannot load the data they need

Answer 67

Deivce manager

Answer 68

means that a computing device can only be used by an authorized person, such as its owner. Access control on workstation operating systems is usually enforced by the concept of user accounts. Each user of the device is allocated an account and uses a password to authenticate to that account.

Answer 69

-Mobile device OS-is one designed for handheld device, such as smartphones and tablets. -Workstation OS-is one that runs a traditional desktop PC or laptop. -Enterprise client-designed to work as a client in business networks -Network Operating System (NOS) or server OS-designed to run on servers in business networks -Home client-designed to work on standalone or workgroup PCs and laptops in a home or small office. This will also allow each client to run some basic peer-to-peer network services, such as file sharing -Server OS-such as Windows Server, Linux, or Unix, is often based on similar code to its workstation OS equivalent. -Embedded OS-is a computer or appliance designed for a very specific function. These systems can be as contained as a microcontroller in an intravenous drip-rate mater or as large and complex as an industrial control system managing a water treatment plant -Firmware-In an embedded system, the embedded OS acts as firmware. It provides all the functions for interacting with the new device hardware. -Hypervisor (type 1)-hypervisor is installed directly on the computer and interacts directly with its hardware

Answer 70

-NTFS-New technology file system- as a 64 bit addressing scheme, NTFS allows much larger partitions than FAT. NTFS also supports extended attributes, allowing for file-level security permissions, compression, and encryption -FAT32-File Allocation Table-this was used for older versions of windows and is preserved under Windows for compatibility -HFS-Hierarchical file system (HFS+), apple mac workstations and laptops use -Ext4-Linux-used to format partitions on mass storage devices

Answer 71

the file system can automatically reduce the amount of disk space taken up by a fille. The file system applies a non-lossy algorithm to the file to find ways to store the data in it more efficiently without discarding any information.

Answer 72

the file system can automatically encrypt data in a file when it is saved. This means that the file can only be opened when there is access to the encryption key.

Answer 73

The file system maintains an access control list (ACL) for each file or folder object. The ACL records which user accounts are allowed to read, write, or control the object

Answer 74

file system tracks changes or intended changes in a log. This means that if there is a sudden power cut and a particular write operation was interrupted, the journal may be used to recover the data or at least restore the file system to good working order

Answer 75

as noted in the table below, file systems have limits in terms of their maximum capacity and the size of individual files

Answer 76

very old file systems limited the size of a file name to eight characters plus a three-character extension

Answer 77

-Folders/directories -File types and extensions-Files follow a similar naming convention folders, except that the last part of the file name represents an extension, which describes what type of file it is and us used by Windows to associate the file with an application. -Permission

Answer 78

is a windows process that does not require any sort of user interaction and thus runs In the background. Services provide functionality for many parts of the Windows OS, such as allowing sign in, browsing the network, or indexing file details to optimize searches

Answer 79

A process is the main unit governing a program and managing the memory resources allocated to it by the OS.A process may contain one or more threads, which are parts of the program scheduled for execution by the CPU

Answer 80

-Task scheduling-sets tasks to run at a particular time. Tasks can be run once at a future date or time or according to a recurring schedule

Answer 81

-Console/Command line-A command line interface (CLI) shell represents an alternative means of configuring an OS or application. -GUI-As you have seen, most operating systems can be operated using a Graphical User Interface (GUI) controlled via a mouse, keyboard, and/or touchscreen, but a GUI is only one type of interface or Shell

Answer 82

-Word processing software-Microsoft Word -Spreadsheet software-Microsoft Excel -Presentation software-PowerPoint -Web browser-Edge, Chrome, Firefox -Visual diagramming software-software assists the creation of these by providing templates and shapes for different kinds of diagram

Answer 83

-Email client-software works in conjunction with an email server, which handles the business of actually transmitting the messages over the network -Conferencing software-allows users to configure virtual meeting rooms, with options for voice, video, and instant messaging. Other features often include screen sharing. -Instant messaging software-allows users to communicate in real time. -Online workspace-is one where a file is hosted on a network, and users can sign in to get access to it. Different users might be assigned different permissions over the document. -Document sharing

Answer 84

-Database software-packages enable the user to store, organize, and retrieve information. Databases can search through thousands of records very quickly and display data in a format specified by the user. -Project management software-involves breaking a project into a number of task and assigning responsibilities, resources, and timescales to ensure the completion of those tasks. -Business specific applications-A company may also commission custom-made software to implement specific Line of Business (LOB) functions. LOB applications would cover functions that cannot be performed by "off-the-shelf" software. This might include product design and manufacturing, fulfillment and inventory control, plus marketing and sales -Accounting software-There are many software applications designed to support financial and commercial functions, such as order processing, accountancy, and payroll.

Answer 85

-Locally installed -Network not required -Application exists locally -Files saved locally -Local network hosted -Network required -Internet access not required -Cloud Hosted -Internet access required -Service required -Files saved in the cloud

Answer 86

-One tier-If the application front-end and processing logic and the database engine are all hosted on the same computer -Two tier-client server application separates the database engine, or back-end or data layer, from the presentation layer and the application layer, or business logic. The application and presentation layers are part of the client application. The database engine will run on one server, while the presentation and application layers run on the client -Three tier-the presentation and application layers are also split. The presentation layer provides the client front-end and user interface and runs on the client machine. The application layer runs on a server or server cluster that the client connects to. -N-tier-application architecture can be used to mean either a two-tier or three-tier application, but another use is an application with a more complex architecture still

Answer 87

good practice to clear the browser cache before shutting down or logging off, and make sure you do not allow passwords to be cached

Answer 88

Most sites will use server-side scripting, meaning that code runs on the server to display the page you are looking at. There is no way to disable this. Many sites are depend on client-side scripting. This means that code is placed in the page itself and runs within the browser to change the way it looks or provide some other functionality. Deactivating client-side scripting tends to break most of the websites published.--Script blocker addon

Answer 89

-Add -Remove -Enable/disable

Answer 90

browser doesn't store cookies or temporary files and doesn't add pages to the history list

Answer 91

on an enterprise network firewall is likely to be deployed to monitor and control all traffic passing between the local network and the internet. On networks like this, clients might not be allowed to connect to the internet directly but forced to use a proxy server instead. The proxy server can be configured as a firewall and apply other types of content filtering rules

Answer 92

-Valid-a padlock ion is shown. If it is highly trust, the address bar is colored green. -Invalid-The address bar is colored maroon and the site is blocked by a warning message

Answer 93

provide more control over which websites are allowed to run scripts

Answer 94

some applications require multiple browsers to run. Not ideal for security terms since you want to have as little applications as possible

Answer 95

Designed to work on only one operating system

Answer 96

-Compatibility concerns-difficulties operating an application from being incompatible

Answer 97

-Single use-may only be installed on one computer -Group use/site license-which means that the company can install the software on an agreed number of computers for an unlimited number of employees to use at the same time -Concurrent license-that the company can allow only a set number of users access to it at any one time -Open source vs. proprietary- -Subscription vs. one-time purchase -Product keys and serial numbers-a long string of characters and numbers printed on the box or disk case. The product key will generate a different product ID and serial number, which is often used to obtain technical support

Answer 98

-Reading instructions -reading agreements -Advanced options-most software installer packages offer a choice between a default installation and a custom installation. A custom installation allows you to choose specific settings, such as where to install the software and what icons or startup/autorun options to configure.

Answer 99

-Scripting languages-is used to manipulate, customize, and automate the facilities of an existing system. Java, Python, JavaScript, C++, C#, PHP, Perl, Ruby -Scripted languages -Markup Languages-is not a programming language but a means of making data in a document accessible to a program. A markup language, such as the Hypertext Markup Language (HTML) or Extensible Markup Language (XML), defines a series of nested tags that describe the structure and/or meaning of the tag contents

Answer 100

when you write a program using a compiled programming language, you must transform the code to an executable binary before it can run. Compiling converts the source code that you wrote to machine code. C++, C#, COBOL, PASCAL

Answer 101

SQL, is deisgned to retrieve specific records from a dataset

Answer 102

represents machine code in human-readable text. An assembly language is typically specific to a particular hardware architecture

Answer 103

-Pseudocode concepts-writing out a program sequence using code blocks but without using the specific syntax of a particular programming language -Flow-chart concepts-As the process gets complex, you can use a graphical flow chart to help understand the process -sequence-A program is just a sequence of instructions for your computer to perform.

Answer 104

-Branching-Your program runs from the start to the end unless you instruct it to deviate from this path. One way of doing so is to create a branch; this is an instruction to your computer to execute a different sequence of instructions. -Looping-When a subroutine completes, it can return to the point in the main routine from where it was called, and the main routine continues execution. Note that when we use structures such as this, we have to be very careful not to create infinite loops in the code by mistake

Answer 105

is used in a program to access a program element, such as a stored value, class, method, or interface -Variables-contains a value that can change during the execution of the program. This value might be a text string, a number, or any other data type -Constants-is a specific identified that contains a value that cannot be changed within the program.

Answer 106

can be used as a term for a special type of identifier that can reference multiple values

Answer 107

One example of a container construct is a simple array

Answer 108

Identifier for a group of variables of the same type

Answer 109

-Elements in the array are counted from zero so the Logons(9) array contains up to 10 elements

Answer 110

-Two dimensional array

Answer 111

enable you to create segments of code that you will reuse. They key difference, in programming terms, between a procedure and a function is that the latter can return a value to whatever called it, whereas procedure cannot.

Answer 112

-Properties-represent an alternative way of accessing a field publicly. Using a method might be regarded as quite a "heavyweight" means of doing this, so properties allow external code to ask the object to show or change the value of one of its fields -Attributes-are values and data types that define the object. The attributes are stored within the object as fields or private variables. -Methods-define what you can do to an object

Answer 113

Looping and branching structures depend on logical tests to determine whether to continue the loop or the branch to follow. A logical test is one that resolves to a True or False value. == is equal to (returns TRUE if both conditions are the same != is not equal to < less than >Greater than <= and >= less than or equal to and greater than or equal to AND-if both conditions are TRUE, then the whole statements is TRUE OR-if either condition is TRUE, then the whole statements is TRUE XOR-if either condition is TRUE but not both, then the whole statement is true

Answer 114

The information is stored in a structured manner for easier access. Typically, a database consists of tables of information, organized into columns and rows. Each row represents a separate record in the database, while each column represents a single field within a record

Answer 115

-Create-this step involves defining what information the database will store, where it will be hosted, and how it will be accessed by clients -Import/input-Once the database has been created, it must be populated with data records. Records can either be input and updated manually, usually using some type of form, or data might be imported from another source, or both -Query-It is possible in theory to read the information in each table manually, but in order to view information efficiently, a query is used to extract it. A query allows the user to specify criteria to match values in one or more fields and choose which fields to display in the results so that only information of interest is selected -Reports-A query might return a large number of rows and be just as difficult to read as a table. A report is a means of formatting and summarizing the records returned by a query so that the information is easy to read and interpret

Answer 116

A flat file system might be useful for tasks such as simple order or sales databases used by a single person or small workgroup. A flat file is also a good way of exporting and importing information between systems.

Answer 117

-Multiple concurrent users-Databases can support an large number of concurrent users. A single-file based data storage solution does not offer high enough speed for the volumes of transactions on enterprise level systems -Scalability-are also more scalable. Database architecture means that extra capacity can be added later with much less investment -Speed-provide access controls to protect information from unauthorized disclosure and backup/replication tools to ensure that data can be recovered within seconds of it being committed -Variety of data-can enforce data types for each column and validate information entered as fields and records. Spreadsheets can mimic some of this functionality but not as robustly. Databases consequently support a wider variety of data formats

Answer 118

Each row represents a separate records in the database, while each column represents a single field within a record

Answer 119

databases are often used with applications. While an application processes are variables and other temporary data internally, this information is lost when the application is terminated. A database represents a way for an application to store data persistently and securely

Answer 120

--Structured-When you store your information in a relational database, it is stored in a structured way. This structure enables you to more easily access the stored information and gives you flexibility over exactly what you access --Unstructured-data, on the other hand, provides no rigid formatting of the data. Images and text files, word documents and PowerPoint presentations are examples of unstructured data. --Semi-structured-Strictly speaking, the data lacks the structure of formal database architecture. But in addition to the raw unstructured data, there is associated information called metadata that helps identify the data

Answer 121

is highly structured type of database. Information is organized in tables(known as relations). A table is defined with a number of fields, represented by the table columns. Each field can be a particular data type. Each row entered into the table represents a data record Typically, Relational Database Management Systems (RDBMS) use Structured Query Language (SQL) to maintain and query data in the database. Examples of RDBMS include: -Microsoft SQL server -Oracle database -MySQL -Microsoft office access

Answer 122

-Schema-The structure of the database in terms of the fields defined in each table and the relations between primary and foreign keys is referred to as the schema -Tables -Rows/records -Fields/columns -Primary key-Each row in the table must have a unique value in the primary key field. -Foreign key-When a primary key in one table is referenced in another table, then in the secondary table, that column is referred to as a foreign key -Constraints-When defining properties of each field, as well as enforcing a data type, you can impose certain constraints on the values that can be input into each field. A primary key is an example of a constraint. The value entered or changed in a primary key field in any given record must not be the same as any other existing record

Answer 123

-Key/value databases-is a means of soring the properties of objects without predetermining the fields used to define an object. -Document databases-is an example of a semi-structured database. Rather than define tables and fields, the database grows by adding documents to it. The documents can use the same structure or be of different types. The database's query engine must be designed to parse each document type and extra information from it

Answer 124

Commands allow you to insert or update records and extract information from records for viewing (a query) -Select-enables you to define a query to retrieve data from a database -Insert-adds a new row in a table in the database -Delete-deletes records from the table. As with UPDATE, this will delete all records unless a WHERE statement is specified -Update-changes the value of one or more table columns. This can be used with a WHERE statement to filter the records that will be updated. If no WHERE statement is specified, the command applies to all the records in the table

Answer 125

Command refer to SQL commands that add to or modify the structure of the database -Create-this command can be used to add a new database on the RDBMS server (create database) or to add a new table within an existing database (create table). The primary key and foreign key can be specified as part of the table definition -Alter-this allows you to add, remove (drop), and modify table columns (fields), change a primary key and/or foreign key, and configure other constraints. There is also an ALTER DATABASE command, used for modifying properties of the whole database, such as its character set -Drop-this is the command used to delete a table (DROP TABLE) or database (DROP DATABASE). Obviously, this also deletes any records and data stored in the object -Permissions-SQL supports a secure access control system where specific user accounts can be granted rights over different objects in the database (tables, columns, and views for instance) and the database itself. When an account creates an object, it becomes the owner of that object, with complete control over it. The owner cannot be denied permission over the object. The owner can be changed however, using the ALTER AUTHORIZATION statement.

Answer 126

-Direct/manual access-Administrators might use an administrative tool, such as phpMyAdmin, to connect and sign in to an RDBMS database. Once they have connected, they can run SQL commands to create new databases on the system and interact with stored data. This can be described as direct or manual access. -Programmatic access-A software application can interact with the database using SQL commands or using SQL commands stored as procedures in the database. Most programming languages include libraries to provide default code for connecting to a database and executing queries -User interface/utility access-An application might use a database in the background without the user really being aware of its presence. Alternatively, the application might provide a specific Graphical User Interface (GUI) or form to allow ordinary users to add and search records -Query/report builders-There are many users who may need to interact closely with the database but do not want to learn SQL syntax. A query or report builder provides a GUI for users to select actions to perform on the database and converts those selections to the SQL statements that will be executed

Answer 127

-Database dump--It may also be necessary to export data from the database for use in another database or in another type of program, such as a spreadsheet. A dump is a copy of the database or table schema along with the records expressed as SQL statements. -Backup-Most RDBMS provide stored procedures that invoke the BACKUP and RESTORE commands at a database or table level

Answer 128

Confidentiality, Integrity, and Availability

Answer 129

-Snooping-this is any attempt to get access to information on a host or storage device (data at rest) that you are not authorized to view. An attacker might steal a password or find an unlocked workstation with a logged-on user account, or they might install some sort of spyware on the host -Eavesdropping/wiretapping-this is snooping on data or telephone conversations as they pass over the network. Snooping on traffic passing over a network is also often called sniffing. It can be relatively easy for an attacker to "tap" a wired network or intercept unencrypted wireless transmissions. Networks can use segmentation and encryption to protect data-in-transit -Social engineering/dumpster diving-this means getting users to reveal information or finding printed information. We'll discuss this topic in more detail later in this unit

Answer 130

-Man-in-the-middle-where a host sits between two communicating nodes, and transparently monitors, captures, and relays all communications between them. A MitM may be able to change the messages exchanged between a sender and receiver without them realizing. To protect against this, senders and receivers must authenticate themselves and use encryption to validate messages -Replay attack-where a host captures another host's response to some server and replays that response in an effort to gain unauthorized access token generated by an application. The application needs to use encryption and time-stamping to ensure that the tokens cannot be misused -Impersonation-a common attack is where a person will attempt to figure out a password or other credentials to gain access to a host. The attacker can then hijack the authorizations allocated to the account and generally masquerade as that user. -Unauthorized information alteration

Answer 131

-Denial of service-This is any situation where an attacker targets the availability of a service. A DoS attack might tamper with a system or try to overload it in some way. -Power outage-If you lose power, then clearly your computers cannot run. Using standby power can help mitigate this issue. It's also common for data corruption to occur when a computer is turned off rather than being shut down. Using an uninterruptible Power Supply (UPS) can provide a means to safely close down a server if building power is interrupted -Hardware failure-IF a component in a server fails, then the server often fails. A hard disk contains moving parts and will eventually fail. If a disk fails, you will likely lose access to the data on the failed disk and quite possibly lose the data. You can compensate against hardware failure by provisioning redundant components and servers. The service is then configured to failover to a working component or server without interruption -Destruction-The loss of a service or data through destruction can occur for a number of reasons. -Service outage-Any of the situations above can lead to service unavailability.

Answer 132

-Antivirus/anti-malware-malware is software that aims to dame a computer or steal information from it. Anti-malware software can detect the presence of malware and prevent it from running. This is discussed in more detail alter in this unit -Host firewall-software based firewall installed on a server to monitor and control its incoming and outgoing network traffic -Changing default passwords-network devices such as wireless access points, switches, and routers ship with a default management password, such as "password," "admin," or the device vendor's name. These should be changed on installation. These should be changed on installation -Enabling passwords-most operating systems allow the use of an account without a password, PIN, or screen lock, but this does not mean it is a good idea to do so. It makes the device highly exploitable in the event of theft. -Safe browsing practices -Patching/updates-OS files, driver software, and firmware may be exploitable by malware in the same way as applications software. It is important to keep computers and other devices configured with up-to-date patches and firmware

Answer 133

-Software sources -Validating legitimate sources -Researching legitimate sources -OEM websites vs third-party websites -Removal of unwanted/unnecessary software-new computers ship with a large amount of pre-installed software, often referred to as bloatware. These applications should be removed if they are not going to be sued. Similarly, if an application has been installed in the past but is no longer necessary, it should be removed too -Removal of malicious software

Answer 134

-Single factor-One form of authentication -Multifactor-Multiple forms of authentication -Examples of factors -Password-Something you know -Pin-Something you know -One-time password-Something you have -Software token-Something you have -Hardware token-Something you have -Biometrics-Something you are -Specific location-Somewhere you are -Security questions -Single sign-on-Means that a user only has to authenticate to a system once to gain access to all its resources-that is, all the resources to which the user has been granted rights.

Answer 135

-Permissions -Least privilege model-The more privileges and permissions that you allocate to more users, the more you increase the risk that a privilege will be misused. Authorization policies help to reduce risk by limiting the allocation of privileges as far as possible. -Role-based access-adds an extra degree of administrative control to the DAC model. Under RBAC, a set of organizational roles are defined and users allocated to those roles. -User account types-Administrator, Guest, User account -Rule-based access-a term that can refer to any sort of access control model where access control policies are determined by system-enforced rules rather than system users. -Mandatory access controls-is based on the idea of security clearance levels. Rather than defining access control lists on resources, each object and each subject is granted a clearance level, referred to as a label. -Discretionary access controls-stresses the importance of the owner. The owner is originally the creator of the resource, though ownership can be assigned to another user. The owner is granted full control over the resource, meaning that he or she can modify its ACL to grant rights to others

Answer 136

-Logs-logging events. Computer systems support logging of pretty much any kind of event. -Tracking-Tracking what users are doing within the system. -Web browser history

Answer 137

-Video-Surveillance cameras can record who goes in or out of a particular area -Biometrics-strong authentication can prove that a person was genuinely operating their user account and that an intruder had not hijacked the account -Signature-similarly, a physical or digital signature can prove that the user was an author of a document -Receipt-issuing a token or receipt with respect to some product or service is proof that a user requested that product and that it was delivered in a timely manner

Answer 138

Password length-Around 9-12 character is suitable for an ordinary user account. Administrative accounts should have longer passwords (14 or more characters) Password complexity-No single words/No obvious phrases in a simple form/Mix upper and lowercase Password History-Some systems keep a history of previously used passwords and prevent the user from choosing the same one again Password expiration-change the password periodically. Many systems can automatically enforce password expiration, meaning users have to choose a new password. Password reuse across sites-Don't re use work passwords for web accounts. Ideally a unique pass word for each account Password managers-A password policy should balance ensuring that users select strong passwords, which cannot be cracked by password-guessing software, and ensuring that they select memorable passwords and do not resort to reusing them across sites or writing them down Password reset process-Allows a user who has forgotten a password to self-select a new one

Answer 139

if you can make sense of what is written, then it is plaintext. Cipher text, or encrypted text, is a series of randomized letters and numbers which humans cannot make any sense of. Ex, an encryption algorithm takes in a plaintext message, runs the algorithm on the plaintext, and produces a ciphertext.

Answer 140

This state means the data is in some sort of persistent storage media -File level-folder level encryption -Disk level-whole disk encryption -Mobile device-mobile device encryption

Answer 141

Data in motion-this is the state when data is transmitted over a network -Email -HTTPS -VPN -Mobile application

Answer 142

Fault tolerant systems are those that contain additional components to help avoid single points of failure

Answer 143

is the process of synchronizing data between servers and potentially between sites. This replication might be real-time or bundled into batches for periodic synchronization

Answer 144

-Data-Combining hard disks into an array of disks can help to avoid service unavailability due to one or more disks failing. The redundant array of independent disks(RAID) standard has evolved to offer a variety of fault tolerant solutions. -Network-Without a network connection, a server is not of much use. As network cards are cheap, it is commonplace for a server to have multiple cards…Network cabling should be designed to allow or multiple paths between the various servers, so that during a failure of one part of the network, the rest remains operational. -Power-means deploying systems to ensure that equipment is protected against these events and that network operations can either continue uninterrupted or be recovered quickly

Answer 145

Data -File backups-is an ordinary backup job -Critical data-may include proprietary, confidential, and/or personal information -Database-one of the ways of backing up a database is called replication. A replica is a copy (or mirror) of the database hosted on a separate server. -OS backups-makes a copy of the OS and installed applications so that a workstation or server can be recovered without having to manually reinstall software and reconfigure settings.

Answer 146

-Stored locally-use hard disks or flash drives attached to the local PC or server -Cloud storage-Cloud based storage solutions are very popular, both for home and business use. -On-site vs off-site-Backup stored in the same location as the original data is called on-site, while one kept in a different location is called off-site

Answer 147

These vulnerabilities can be mitigated by creating contingency plans and resources that allow the system to be resilient to failures and unexpected outages

Answer 148

If a system goes down, there may be data loss. Data can either be restored from backup or by switching over to another system to which data has been replicate. It is vital that the integrity of the data be checked before user access is re-enabled. If the data is corrupt or the database system is not working properly, trying to add more data to it could result in even more severe problems

Answer 149

-In a large-scale disaster, numerous systems that the company depends upon could fail. After a disaster, resources are likely to be scarce and time pressures severe. Consequently, disaster recovery plans should identify priorities for restoring particular systems first.

Answer 150

Once the integrity of the failover or restored system has been verified, you can re-enable user access and start processing transactions again. You might try to restrict user numbers initially, so that the system can be monitored and verified as working normally