ITF + Exam Outline Flashcards
Binary
Notational system with 2 values per digit. (0,1). Computers process code in binary because the transistors in its CPU and memory components also have two states (off and on)
Hexadecimal
Notational systems with 16 values per digit. Values above 9 are represented by the letters A, B, C, D, E, F. Hex is a compact way of referring to long byte values, such as MAC and IPv6 addresses
Decimal
Decimal system is based on the principle of expressing ten different numbers using a single digit in the range 0 to 9. Once you have a value or more than ten, then you require two digits of decimal to express it. Thus, when twelve is expressed numerically in decimal as 12 that means 110 plus 21
ASCII
7-bit code page mapping binary values to character glyphs. Standard ASCII can represent 127 characters, though some values are reserved for non-printing control characters
Unicode
Extensible system of code pages capable of representing millions of character glyphs, allowing for international alphabets
Char
Data type supporting storage of a single character
Strings
Data type supporting storage of a variable length series of characters
Integers
Data type supporting storage of whole numbers
Floats
Data type supporting storage of floating point numbers (decimal fractions)
Boolean
Data type support 1-bit storage, representing FALSE and TRUE. Boolean logic is a statement that resolves to a true or false, condition and underpins the branching and looping features of computer code
Input
the computer receives data entered by the user through peripheral devices, such as mice, keyboards, scanners, cameras, and microphones
Output
the processed data is shown or played to the user through an output device, such as monitor or loudspeaker system
Processing
the data is written to memory and manipulated by the CPU, acting on instructions from the operating system and applications software
Storage
the data may be written to different types of storage devices, such as hard disks or optical discs, because data stored in most types of system memory is only preserved while the computer is powered on
Data and information as assets
For organizations, and even for individuals, computer data can be considered an asset
Importance of investing in security
A mechanism designed to protect an information asset or processing system is called a security control. There are many types of security controls, and they can be classed in different ways. Typically there are designed to prevent, deter, detect, and/or recover from attempts to view or modify data without authorization.
Relationship of data to creating information
The process of using data in this way is usually called analytics.
Trademarks
As copyright is not given to the selection of a name, if a company wants to promote its goods it will normally trademark its name and/or logo
Copyright
is automatic legal protection granted to certain types of work indicating that the copyright holder owns the right to control the use of the work, including rights of publication, distribution, or sale
Patents
is legal protection for some kind of invention. Unlike copyright, a patent can apply to an idea so long as the idea is original, useful, and distinctive or on-trivial
Digital products
Is one that is sold or distributed as binary computer data
Data capture and collection
Data points can be collected from many different sources
Data correlation
The information layer requires software to perform data correlation. This means analyzing the whole data set and finding connections and links between data points
Meaningful reporting
To inform human decision making at the insights layer, the information identified by the analytics system must be presented in ways that humans can analyze and interpret
Storage Unit
Bit-Basic unit of computer data is the binary digit, which can represent two values (zero or one)
Byte-eight bits
KB-1000 bytes
MB-1,000,000 bytes
GB-1,000,000,000
TB-1000 GB
PB-1000 TB
Throughput Unit
BPS-when data is transferred between a components in the computer or between computers over a network, the throughput rate that a particular connection can sustain is measure in bps
Kbps-1000 bits per second. Older computer peripheral interfaces (or buses) and slow network links
Mbps-1,000,000 bits per second. Many internal computer interfaces have throughputs measured in Mbps. Wireless networks and residential internet links also typically have this sort of throughput.
Gbps-1,000,000,000 bits per second-The latest PC bus standards and networks can support this higher level of throughput
Tbps-1,000,000,000,000-This sort of capacity is found in major telecommunications links between data centers, cities, and countries
Processing speed
MHZ-1 million cycles per second. Older PC bus interfaces and many types of network interface work at this slower signaling speed
GHZ-1000 million cycles per second. Modern CPUs and Bus types plus fiber optic network equipment work at these much faster speeds
Troubleshooting methodology
1) Identify the problem
2) Research knowledge base/internet, if applicable
3) Establish a theory of probable cause
4) Test the theory to determine the cause
5) Establish a plan of action to resolve the problem and identify potential effects
6) Implement the solution or escalate as necessary
7) Verify full system functionality and, if applicable, implement preventive measures
8) Document findings/lessons learned, actions, and outcomes
Networking-Wired
Telephone Connector (RJ-11)-While local networking uses Ethernet technologies, some networking and communications functions depend on direct use of the telephone network
Ethernet connector (RJ-45)-An ethernet network adapter used with twisted pair cable will have an RJ-45 port to connect the computer to the network, via another RJ-45 port in the network equipment.
Networkin-Wireless
Bluetooth-is used for so-called Personal Area Networks (PAN) to share data with a PC, connect to a printer, use a wireless headset, connect to a wireless mouse/keyboard, and so on
NFC-is a peer-to-peer version of RFID; that is, an NFC device can work as both tag and reader to exchange information with other NFC devices. NFC normally works at up to two inches at data rates of 106, 212, and 424 kbps.
USB
The Universal Serial Bus(USB) has become the standard means of connecting peripheral devices to a computer. USB devices are plug and play
Firewire
bus was based on the IEEE 1394 standard and the Small Computer System Interface (SCSI) communications protocol.
The firewire 400 standard used 6-pin alpha connectors and cabling. The maximum transfer rate is 400 Mbps
Thunderbolt
Can be used both as a display interface and as a general interface like USB or firewire
Bluetooth
a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.
RF
RFID-is a means of targeting and tracking objects using specially-encoded tags
NFC
Near field communications is a peer to peer version of RFID; that is, an NFC device an work as both tag and reader to exchange information with other NFC device
Graphic Device
VGA
HDMI
DVI
Display port
Mini Display port
Installation types-Plug and play vs. Driver installation
This means that when you connect a new device, windows identifies it and tries to install a device driver. The device driver makes the device work with the operating system
IP based peripherals
Some types of devices are not connected to the computer via a peripheral portbut accessed over a network
Motherboard/System board
If you open up a PC or laptop, the main thing you will see is the motherboard (or system board). The motherboard is a printed circuit board (PCB) with some built-in processors (the chipset), sockets and slots for upgradable components (CPU, RAM, adapter cards, disk drives), and wires (buses) to connect them together
Firmware/BIOS
When a computer is powered on, it needs some standard means for the CPU to start processing instructions and initialize the other components. This is referred to as bootstrapping or more simply as booting. The bootstrapping process occurs before the operating system software is loaded and is enabled by a low-level operating system called firmware.
The BIOS (Basic input/output system) is one example of PC firmware. It provides industry standard program code to get the essential components of the PC running and ensures that the design of each manufacturer’s motherboard is PC compatible
RAM
When a program is started, its instructions are loaded into system memory. System memory uses a type of technology called Random Access Memory (RAM). Having more RAM allows the PC to open more programs simultaneously and work on large files more efficiently. As well as system memory size, the speed of the memory subsystem is also important. The CPU fetches instructions from system memory as it needs them. This means that the bus between the CPU and memory, often referred to as the FRONT SIDE BUS(FSB), must be as fast as possible.
CPU
is the device that “runs” software programs. Software is composed of many simple instructions. The CPU processes these instructions and directs other components to perform actions, such as displaying an image on the screen or printing a document
ARM
Mobile Phone
Tablet
32-bit
Laptop
Workstation
Server
64-bit
Laptop
Workstation
Server
Storage
Hard drive-are based on magnetic disk technology
SSD-Use a type of transistor based memory called flash memory and are much faster than HDDS
GPU
Displaying a high resolution image to the user requires a lot of processing power, especially if the image changes rapidly, as with video, or uses complicated 3D and texture effects, as with computer games.
Cooling
Heatsinks and thermal paste-A heatsink is a block of metal with fins. As the fins expose a larger surface area to the air around the component, a greater cooling effect by convection is achieved. The heat sick is “glued” to the surface of the chip using thermal paste, also referred to as thermal grease or compound, to ensure the best transfer of heat.
NIC-Wired vs Wireless
on a home network, the computer will be connected to an internet router via an Ethernet port. On a business network, the computer will be connected to the wider network via an Ethernet Switch. The Ethernet port in the computer is provided by a Network Interface Card (NIC). Wireless network-most homes networks support Wi-Fi radio networking so that computing devices do not have to be cabled to the internet router to access the network.
NIC-On-board vs add-on card
Almost all workstation computers come with a NIC on the motherboard (onboard card). Servers may have additional NICs supplied on expansion or (addon) cards. The connection to the router is made using a cable with RJ-45 connectors on each end
Fiber optic
Fiber optic cables perform much better over long distances and are not affected by noise in the way that electrical signals over copper cable are.
Cable
Where FTTC is offered by providers with origins in the telephone network, a cable internet connection is usually provided as part of a Cable Access TV (CATV) service. These networks are often described as Hybrid Fiber Coax (HFC) as they combine a fiber optic core network with coax links to customer premises equipment
DSL
is one of the most popular SOHO internet service types. DSL works over an ordinary telephone line, providing the line is of sufficient quality. The DSL modem/router is connected to the telephone line using a cable with RJ-11 connectors between the WAN port on the router and the telephone point.
Wireless-Radio Frequency
is a means of provisioning a wireless local network using Wi-Fi standard equipment. While this isn’t a means of internet service position in itself, it is a means for a client to connect to a wireless router offering internet access
Wireless-Satellite
systems provide far bigger areas of coverage than can be achieved using other technologies. The microwave dishes are aligned to orbital satellites that can either relay signals between sites directly or via another satellite.
Wireless-Cellular
data connections use radio transmissions but at greater range than Wi-Fi. Cellular data is more closely associated with internet access for cell phones and smartphones than with computers.
Volatile vs non-volatile
Volatile means that data is only retained in the memory chips while there is a power source. Non-volatile where the data is preserved when the power is turned off
RAM
Random access memory
Hard drive
Data on an HDD is encoded magnetically on specially coated glass or plastic platters accessed by drive heads
Solid state vs. spinning disk
are designed to replicate or supplement the function of the hard drive. Solid state storage uses of non-volatile memory technology called flash memory.
Optical
CDS, DVDs, Blu-rays are considered optical drives because a laser is used to read date from the discs
Flash drive
USB thumb drive
NAS
Appliance is one or more hard drives housed in an enclosure with basic server firmware, usually running some form of Linux. The NAS appliance provides access to its storage devices using various file sharing protocols.
File server
All computers have at least one internal hard disk, or SSD, for storing the operating system and software applications plus user data.
Cloud storage service
both for home and business use. Some vendors offer users a certain amount of free cloud-based storage. There are also business oriented solutions, such as drop box and amazon.
Internet of Things
Home appliances
Home automation devices
-Thermostats
-Security systems
-Modern cars
-IP cameras
-Streaming media devices
-Medical devices
Basics of packet transmission
Network signals must be packaged in such a way that each host is able to understand them. Also, each host must have a means of recognizing the location of other hosts on the network. These functions are provided by a network protocol. A network protocol identifies each host on the network using a unique address. It also defines a packet structure. A packet is a wrapper for each data unit transmitted over the network. A packet generally consists of a header and a payload
DNS-The Domain Name System
is a hierarchical, client/server-based distributed database name management system. The purpose of the DNS database is to resolve resource names to IP addresses. In the DNS, the clients are called resolves and the servers are called name servers.
LAN vs WAN
-LAN-A network in a single location is often described as a Local Area Network (LAN). This definition encompasses many different types and size of networks though.
-WAN-Networks in different geographic locations but with shared links are called Wide Area Networks (WAN). A WAN is more likely to make use of a service provide network. Companies that operate national telephone networks are called Telecommunications company.
Device address
Is used to logically identify each device (host) on a given network
MAC address
At the data link layer, each host is identified by the address of its network interface. This is called a hardware address or a media access control (MAC) address. The mac address is assigned to the network adapter at the factory. It is a 48-bit value expressed in hex notation.
Basic Protocols
HTTPS/S
POP3-Post Office Protocol v3(POP3)
IMAP-Internet Message Access Protocol(IMAP)
SMTP-Simple transfer protocol
Modem
connects the wired and wireless network clients to the internet via a WAN link
Router
connects the wired and wireless network clients to the internet via a WAN link
Switch
Connects four or eight computers together in an Ethernet LAN using RJ-45 network ports and twisted-pair cabling
Access Point
creates a Wi-Fi wireless network (WLAN) between computers and mobile devices equipped with suitable adapters and also switches communications between the wired and wireless networks
Firewall
a firewall restricts access to a computer or network to a defined list of hosts and applications. Basic packet filtering firewalls work on the basis of filtering network data packets as they try to pass into or out of the machine
Standards of Wifi
802.11a/b/g/n/ac
(802.11a)”1999” 54 mbps/5 GHz
(802.11b)”1999” 11 mbps/2.4 GHz
(802.11g)”2003” 54 Mbps/2.4 GHz
(802.11n)”2009” 72.2 Mbps/stream(single channel) 2.4/5Ghz
(802.11n)”2009” 150 Mbps/stream(bonded channels) 5 GHz
(802.11ac)”2013” 1.7 Gbps 5 Ghz
WiFi Best Practices
Change SSID
Change defualt password
Encrypted vs. Unencrpted
-Encrypted-scrambles the messages being sent over the WLAN so that anyone intercepting them is not able to capture any valuable information.
-Unencrypted-selecting open authentication means that the client is not required to authenticate.
Captive Portal
When the client associates with the open hotspot and launces the browser, the client is redirected to a captive portal. This will allow the client to authenticate to the hotspot provider’s network.
WEP-Wired Equivalent Privacy
-this is an older standard. WEP is flawed and you would only select this if compatibility with legacy devices and software is imperative
WPA-WiFI Protected Access
this fixes most of the security problems with WEP. WPA uses the same weak RC4 (riveset cipher) cipher as WEP but adds a mechanism called the Temporal Key integrity protocol (TKIP)
WPA2
this implements the 802.11i WLAN security standard. The main difference to WPA is the use of the AES(advanced encryption standard) cipher for encryption.
Interface between applications and hardware
Another function of an OS is to “drive” the computer hardware. OS software is built from a kernel of core functions with additional driver software and system utility applications. Each hardware component requires a driver to work. The OS is responsible for identifying the components installed on the PC and loading drivers to enable the user to configure and use them.
Disk management
format mass storage devices and manage partitions. Partitions allow a single disk to be divided into multiple different logical areas, each of which can be accessed via the OS as a separate drive.
Process management/scheduling
-Kill process/end task-device manager
Application management
once the application has been installed, there are various ways to perform additional configuration and application management
-Configuring application compatibility
-Repairing and uninstalling software
-Enabling and disabling windows features
Memory Management
When a process executes, it takes up space in system memory. If the system runs out of memory, then processes will be unable to start, and running processes may crash because they cannot load the data they need
Device management
Deivce manager
Access control/protection
means that a computing device can only be used by an authorized person, such as its owner. Access control on workstation operating systems is usually enforced by the concept of user accounts. Each user of the device is allocated an account and uses a password to authenticate to that account.
Types of OS
-Mobile device OS-is one designed for handheld device, such as smartphones and tablets.
-Workstation OS-is one that runs a traditional desktop PC or laptop.
-Enterprise client-designed to work as a client in business networks
-Network Operating System (NOS) or server OS-designed to run on servers in business networks
-Home client-designed to work on standalone or workgroup PCs and laptops in a home or small office. This will also allow each client to run some basic peer-to-peer network services, such as file sharing
-Server OS-such as Windows Server, Linux, or Unix, is often based on similar code to its workstation OS equivalent.
-Embedded OS-is a computer or appliance designed for a very specific function. These systems can be as contained as a microcontroller in an intravenous drip-rate mater or as large and complex as an industrial control system managing a water treatment plant
-Firmware-In an embedded system, the embedded OS acts as firmware. It provides all the functions for interacting with the new device hardware.
-Hypervisor (type 1)-hypervisor is installed directly on the computer and interacts directly with its hardware
File Systems
-NTFS-New technology file system- as a 64 bit addressing scheme, NTFS allows much larger partitions than FAT. NTFS also supports extended attributes, allowing for file-level security permissions, compression, and encryption
-FAT32-File Allocation Table-this was used for older versions of windows and is preserved under Windows for compatibility
-HFS-Hierarchical file system (HFS+), apple mac workstations and laptops use
-Ext4-Linux-used to format partitions on mass storage devices
Compression
the file system can automatically reduce the amount of disk space taken up by a fille. The file system applies a non-lossy algorithm to the file to find ways to store the data in it more efficiently without discarding any information.
Encryption
the file system can automatically encrypt data in a file when it is saved. This means that the file can only be opened when there is access to the encryption key.
Permissions
The file system maintains an access control list (ACL) for each file or folder object. The ACL records which user accounts are allowed to read, write, or control the object
Journaling
file system tracks changes or intended changes in a log. This means that if there is a sudden power cut and a particular write operation was interrupted, the journal may be used to recover the data or at least restore the file system to good working order
Limitations
as noted in the table below, file systems have limits in terms of their maximum capacity and the size of individual files
Naming rules
very old file systems limited the size of a file name to eight characters plus a three-character extension
File management
-Folders/directories
-File types and extensions-Files follow a similar naming convention folders, except that the last part of the file name represents an extension, which describes what type of file it is and us used by Windows to associate the file with an application.
-Permission
Services
is a windows process that does not require any sort of user interaction and thus runs In the background. Services provide functionality for many parts of the Windows OS, such as allowing sign in, browsing the network, or indexing file details to optimize searches
Processes
A process is the main unit governing a program and managing the memory resources allocated to it by the OS.A process may contain one or more threads, which are parts of the program scheduled for execution by the CPU
Utilities
-Task scheduling-sets tasks to run at a particular time. Tasks can be run once at a future date or time or according to a recurring schedule
Interfaces
-Console/Command line-A command line interface (CLI) shell represents an alternative means of configuring an OS or application.
-GUI-As you have seen, most operating systems can be operated using a Graphical User Interface (GUI) controlled via a mouse, keyboard, and/or touchscreen, but a GUI is only one type of interface or Shell
Productivity software
-Word processing software-Microsoft Word
-Spreadsheet software-Microsoft Excel
-Presentation software-PowerPoint
-Web browser-Edge, Chrome, Firefox
-Visual diagramming software-software assists the creation of these by providing templates and shapes for different kinds of diagram
Collaboration software
-Email client-software works in conjunction with an email server, which handles the business of actually transmitting the messages over the network
-Conferencing software-allows users to configure virtual meeting rooms, with options for voice, video, and instant messaging. Other features often include screen sharing.
-Instant messaging software-allows users to communicate in real time.
-Online workspace-is one where a file is hosted on a network, and users can sign in to get access to it. Different users might be assigned different permissions over the document.
-Document sharing
Business software
-Database software-packages enable the user to store, organize, and retrieve information. Databases can search through thousands of records very quickly and display data in a format specified by the user.
-Project management software-involves breaking a project into a number of task and assigning responsibilities, resources, and timescales to ensure the completion of those tasks.
-Business specific applications-A company may also commission custom-made software to implement specific Line of Business (LOB) functions. LOB applications would cover functions that cannot be performed by “off-the-shelf” software. This might include product design and manufacturing, fulfillment and inventory control, plus marketing and sales
-Accounting software-There are many software applications designed to support financial and commercial functions, such as order processing, accountancy, and payroll.
Application delivery methods
-Locally installed
-Network not required
-Application exists locally
-Files saved locally
-Local network hosted
-Network required
-Internet access not required
-Cloud Hosted
-Internet access required
-Service required
-Files saved in the cloud
Application architecture models
-One tier-If the application front-end and processing logic and the database engine are all hosted on the same computer
-Two tier-client server application separates the database engine, or back-end or data layer, from the presentation layer and the application layer, or business logic. The application and presentation layers are part of the client application. The database engine will run on one server, while the presentation and application layers run on the client
-Three tier-the presentation and application layers are also split. The presentation layer provides the client front-end and user interface and runs on the client machine. The application layer runs on a server or server cluster that the client connects to.
-N-tier-application architecture can be used to mean either a two-tier or three-tier application, but another use is an application with a more complex architecture still
Catching/Clearing cache
good practice to clear the browser cache before shutting down or logging off, and make sure you do not allow passwords to be cached
Deactivate client side-scripting
Most sites will use server-side scripting, meaning that code runs on the server to display the page you are looking at. There is no way to disable this. Many sites are depend on client-side scripting. This means that code is placed in the page itself and runs within the browser to change the way it looks or provide some other functionality. Deactivating client-side scripting tends to break most of the websites published.–Script blocker addon
Browser add-ons/extensions
-Add
-Remove
-Enable/disable
Private browsing
browser doesn’t store cookies or temporary files and doesn’t add pages to the history list
Proxy settings
on an enterprise network firewall is likely to be deployed to monitor and control all traffic passing between the local network and the internet. On networks like this, clients might not be allowed to connect to the internet directly but forced to use a proxy server instead. The proxy server can be configured as a firewall and apply other types of content filtering rules
Certificates
-Valid-a padlock ion is shown. If it is highly trust, the address bar is colored green.
-Invalid-The address bar is colored maroon and the site is blocked by a warning message
Script blockers
provide more control over which websites are allowed to run scripts
Compatible browsers for application
some applications require multiple browsers to run. Not ideal for security terms since you want to have as little applications as possible
Single platform software
Designed to work on only one operating system
Cross-platform software
-Compatibility concerns-difficulties operating an application from being incompatible
Licensing
-Single use-may only be installed on one computer
-Group use/site license-which means that the company can install the software on an agreed number of computers for an unlimited number of employees to use at the same time
-Concurrent license-that the company can allow only a set number of users access to it at any one time
-Open source vs. proprietary-
-Subscription vs. one-time purchase
-Product keys and serial numbers-a long string of characters and numbers printed on the box or disk case. The product key will generate a different product ID and serial number, which is often used to obtain technical support
Software installation best practices
-Reading instructions
-reading agreements
-Advanced options-most software installer packages offer a choice between a default installation and a custom installation. A custom installation allows you to choose specific settings, such as where to install the software and what icons or startup/autorun options to configure.
Interpreted
-Scripting languages-is used to manipulate, customize, and automate the facilities of an existing system. Java, Python, JavaScript, C++, C#, PHP, Perl, Ruby
-Scripted languages
-Markup Languages-is not a programming language but a means of making data in a document accessible to a program. A markup language, such as the Hypertext Markup Language (HTML) or Extensible Markup Language (XML), defines a series of nested tags that describe the structure and/or meaning of the tag contents
Compiled Programming Languages
when you write a program using a compiled programming language, you must transform the code to an executable binary before it can run. Compiling converts the source code that you wrote to machine code. C++, C#, COBOL, PASCAL
Query Languages
SQL, is deisgned to retrieve specific records from a dataset
Assembly language
represents machine code in human-readable text. An assembly language is typically specific to a particular hardware architecture
Organizational techniques
-Pseudocode concepts-writing out a program sequence using code blocks but without using the specific syntax of a particular programming language
-Flow-chart concepts-As the process gets complex, you can use a graphical flow chart to help understand the process
-sequence-A program is just a sequence of instructions for your computer to perform.
Logic components
-Branching-Your program runs from the start to the end unless you instruct it to deviate from this path. One way of doing so is to create a branch; this is an instruction to your computer to execute a different sequence of instructions.
-Looping-When a subroutine completes, it can return to the point in the main routine from where it was called, and the main routine continues execution. Note that when we use structures such as this, we have to be very careful not to create infinite loops in the code by mistake
Identifiers
is used in a program to access a program element, such as a stored value, class, method, or interface
-Variables-contains a value that can change during the execution of the program. This value might be a text string, a number, or any other data type
-Constants-is a specific identified that contains a value that cannot be changed within the program.
Containers
can be used as a term for a special type of identifier that can reference multiple values
Arrays
One example of a container construct is a simple array
Vectors
Identifier for a group of variables of the same type
Declare Logons(9) as string
-Elements in the array are counted from zero so the Logons(9) array contains up to 10 elements
Declare Logons (9,1) as string
-Two dimensional array
Functions
enable you to create segments of code that you will reuse. They key difference, in programming terms, between a procedure and a function is that the latter can return a value to whatever called it, whereas procedure cannot.
Objects
-Properties-represent an alternative way of accessing a field publicly. Using a method might be regarded as quite a “heavyweight” means of doing this, so properties allow external code to ask the object to show or change the value of one of its fields
-Attributes-are values and data types that define the object. The attributes are stored within the object as fields or private variables.
-Methods-define what you can do to an object
Operators
Looping and branching structures depend on logical tests to determine whether to continue the loop or the branch to follow. A logical test is one that resolves to a True or False value.
== is equal to (returns TRUE if both conditions are the same
!= is not equal to
< less than
>Greater than
<= and >= less than or equal to and greater than or equal to
AND-if both conditions are TRUE, then the whole statements is TRUE
OR-if either condition is TRUE, then the whole statements is TRUE
XOR-if either condition is TRUE but not both, then the whole statement is true
Usage of database
The information is stored in a structured manner for easier access. Typically, a database consists of tables of information, organized into columns and rows. Each row represents a separate record in the database, while each column represents a single field within a record
Database commands and executables
-Create-this step involves defining what information the database will store, where it will be hosted, and how it will be accessed by clients
-Import/input-Once the database has been created, it must be populated with data records. Records can either be input and updated manually, usually using some type of form, or data might be imported from another source, or both
-Query-It is possible in theory to read the information in each table manually, but in order to view information efficiently, a query is used to extract it. A query allows the user to specify criteria to match values in one or more fields and choose which fields to display in the results so that only information of interest is selected
-Reports-A query might return a large number of rows and be just as difficult to read as a table. A report is a means of formatting and summarizing the records returned by a query so that the information is easy to read and interpret
Flat file vs. Database
A flat file system might be useful for tasks such as simple order or sales databases used by a single person or small workgroup. A flat file is also a good way of exporting and importing information between systems.
Benefits of a database
-Multiple concurrent users-Databases can support an large number of concurrent users. A single-file based data storage solution does not offer high enough speed for the volumes of transactions on enterprise level systems
-Scalability-are also more scalable. Database architecture means that extra capacity can be added later with much less investment
-Speed-provide access controls to protect information from unauthorized disclosure and backup/replication tools to ensure that data can be recovered within seconds of it being committed
-Variety of data-can enforce data types for each column and validate information entered as fields and records. Spreadsheets can mimic some of this functionality but not as robustly. Databases consequently support a wider variety of data formats
Records
Each row represents a separate records in the database, while each column represents a single field within a record
Data persistence
databases are often used with applications. While an application processes are variables and other temporary data internally, this information is lost when the application is terminated. A database represents a way for an application to store data persistently and securely
Structured vs. Semi-structured vs. Non-structured
–Structured-When you store your information in a relational database, it is stored in a structured way. This structure enables you to more easily access the stored information and gives you flexibility over exactly what you access
–Unstructured-data, on the other hand, provides no rigid formatting of the data. Images and text files, word documents and PowerPoint presentations are examples of unstructured data.
–Semi-structured-Strictly speaking, the data lacks the structure of formal database architecture. But in addition to the raw unstructured data, there is associated information called metadata that helps identify the data
Relational database
is highly structured type of database. Information is organized in tables(known as relations). A table is defined with a number of fields, represented by the table columns. Each field can be a particular data type. Each row entered into the table represents a data record
Typically, Relational Database Management Systems (RDBMS) use Structured Query Language (SQL) to maintain and query data in the database. Examples of RDBMS include:
-Microsoft SQL server
-Oracle database
-MySQL
-Microsoft office access
Database information
-Schema-The structure of the database in terms of the fields defined in each table and the relations between primary and foreign keys is referred to as the schema
-Tables
-Rows/records
-Fields/columns
-Primary key-Each row in the table must have a unique value in the primary key field.
-Foreign key-When a primary key in one table is referenced in another table, then in the secondary table, that column is referred to as a foreign key
-Constraints-When defining properties of each field, as well as enforcing a data type, you can impose certain constraints on the values that can be input into each field. A primary key is an example of a constraint. The value entered or changed in a primary key field in any given record must not be the same as any other existing record
Non-relational databases
-Key/value databases-is a means of soring the properties of objects without predetermining the fields used to define an object.
-Document databases-is an example of a semi-structured database. Rather than define tables and fields, the database grows by adding documents to it. The documents can use the same structure or be of different types. The database’s query engine must be designed to parse each document type and extra information from it
Relational methods-Data manipulation
Commands allow you to insert or update records and extract information from records for viewing (a query)
-Select-enables you to define a query to retrieve data from a database
-Insert-adds a new row in a table in the database
-Delete-deletes records from the table. As with UPDATE, this will delete all records unless a WHERE statement is specified
-Update-changes the value of one or more table columns. This can be used with a WHERE statement to filter the records that will be updated. If no WHERE statement is specified, the command applies to all the records in the table
Relational methods-Data definition
Command refer to SQL commands that add to or modify the structure of the database
-Create-this command can be used to add a new database on the RDBMS server (create database) or to add a new table within an existing database (create table). The primary key and foreign key can be specified as part of the table definition
-Alter-this allows you to add, remove (drop), and modify table columns (fields), change a primary key and/or foreign key, and configure other constraints. There is also an ALTER DATABASE command, used for modifying properties of the whole database, such as its character set
-Drop-this is the command used to delete a table (DROP TABLE) or database (DROP DATABASE). Obviously, this also deletes any records and data stored in the object
-Permissions-SQL supports a secure access control system where specific user accounts can be granted rights over different objects in the database (tables, columns, and views for instance) and the database itself. When an account creates an object, it becomes the owner of that object, with complete control over it. The owner cannot be denied permission over the object. The owner can be changed however, using the ALTER AUTHORIZATION statement.
Relation methods-Database access methods
-Direct/manual access-Administrators might use an administrative tool, such as phpMyAdmin, to connect and sign in to an RDBMS database. Once they have connected, they can run SQL commands to create new databases on the system and interact with stored data. This can be described as direct or manual access.
-Programmatic access-A software application can interact with the database using SQL commands or using SQL commands stored as procedures in the database. Most programming languages include libraries to provide default code for connecting to a database and executing queries
-User interface/utility access-An application might use a database in the background without the user really being aware of its presence. Alternatively, the application might provide a specific Graphical User Interface (GUI) or form to allow ordinary users to add and search records
-Query/report builders-There are many users who may need to interact closely with the database but do not want to learn SQL syntax. A query or report builder provides a GUI for users to select actions to perform on the database and converts those selections to the SQL statements that will be executed
Export/Import
-Database dump–It may also be necessary to export data from the database for use in another database or in another type of program, such as a spreadsheet. A dump is a copy of the database or table schema along with the records expressed as SQL statements.
-Backup-Most RDBMS provide stored procedures that invoke the BACKUP and RESTORE commands at a database or table level
CIA
Confidentiality, Integrity, and Availability
Confidentiality concerns
-Snooping-this is any attempt to get access to information on a host or storage device (data at rest) that you are not authorized to view. An attacker might steal a password or find an unlocked workstation with a logged-on user account, or they might install some sort of spyware on the host
-Eavesdropping/wiretapping-this is snooping on data or telephone conversations as they pass over the network. Snooping on traffic passing over a network is also often called sniffing. It can be relatively easy for an attacker to “tap” a wired network or intercept unencrypted wireless transmissions. Networks can use segmentation and encryption to protect data-in-transit
-Social engineering/dumpster diving-this means getting users to reveal information or finding printed information. We’ll discuss this topic in more detail later in this unit
Integrity concerns
-Man-in-the-middle-where a host sits between two communicating nodes, and transparently monitors, captures, and relays all communications between them. A MitM may be able to change the messages exchanged between a sender and receiver without them realizing. To protect against this, senders and receivers must authenticate themselves and use encryption to validate messages
-Replay attack-where a host captures another host’s response to some server and replays that response in an effort to gain unauthorized access token generated by an application. The application needs to use encryption and time-stamping to ensure that the tokens cannot be misused
-Impersonation-a common attack is where a person will attempt to figure out a password or other credentials to gain access to a host. The attacker can then hijack the authorizations allocated to the account and generally masquerade as that user.
-Unauthorized information alteration
Availability concerns
-Denial of service-This is any situation where an attacker targets the availability of a service. A DoS attack might tamper with a system or try to overload it in some way.
-Power outage-If you lose power, then clearly your computers cannot run. Using standby power can help mitigate this issue. It’s also common for data corruption to occur when a computer is turned off rather than being shut down. Using an uninterruptible Power Supply (UPS) can provide a means to safely close down a server if building power is interrupted
-Hardware failure-IF a component in a server fails, then the server often fails. A hard disk contains moving parts and will eventually fail. If a disk fails, you will likely lose access to the data on the failed disk and quite possibly lose the data. You can compensate against hardware failure by provisioning redundant components and servers. The service is then configured to failover to a working component or server without interruption
-Destruction-The loss of a service or data through destruction can occur for a number of reasons.
-Service outage-Any of the situations above can lead to service unavailability.
Securing devices (mobile/workstation)
-Antivirus/anti-malware-malware is software that aims to dame a computer or steal information from it. Anti-malware software can detect the presence of malware and prevent it from running. This is discussed in more detail alter in this unit
-Host firewall-software based firewall installed on a server to monitor and control its incoming and outgoing network traffic
-Changing default passwords-network devices such as wireless access points, switches, and routers ship with a default management password, such as “password,” “admin,” or the device vendor’s name. These should be changed on installation. These should be changed on installation
-Enabling passwords-most operating systems allow the use of an account without a password, PIN, or screen lock, but this does not mean it is a good idea to do so. It makes the device highly exploitable in the event of theft.
-Safe browsing practices
-Patching/updates-OS files, driver software, and firmware may be exploitable by malware in the same way as applications software. It is important to keep computers and other devices configured with up-to-date patches and firmware
Device use best practices
-Software sources
-Validating legitimate sources
-Researching legitimate sources
-OEM websites vs third-party websites
-Removal of unwanted/unnecessary software-new computers ship with a large amount of pre-installed software, often referred to as bloatware. These applications should be removed if they are not going to be sued. Similarly, if an application has been installed in the past but is no longer necessary, it should be removed too
-Removal of malicious software
Authentication
-Single factor-One form of authentication
-Multifactor-Multiple forms of authentication
-Examples of factors
-Password-Something you know
-Pin-Something you know
-One-time password-Something you have
-Software token-Something you have
-Hardware token-Something you have
-Biometrics-Something you are
-Specific location-Somewhere you are
-Security questions
-Single sign-on-Means that a user only has to authenticate to a system once to gain access to all its resources-that is, all the resources to which the user has been granted rights.
Auhroization
-Permissions
-Least privilege model-The more privileges and permissions that you allocate to more users, the more you increase the risk that a privilege will be misused. Authorization policies help to reduce risk by limiting the allocation of privileges as far as possible.
-Role-based access-adds an extra degree of administrative control to the DAC model. Under RBAC, a set of organizational roles are defined and users allocated to those roles.
-User account types-Administrator, Guest, User account
-Rule-based access-a term that can refer to any sort of access control model where access control policies are determined by system-enforced rules rather than system users.
-Mandatory access controls-is based on the idea of security clearance levels. Rather than defining access control lists on resources, each object and each subject is granted a clearance level, referred to as a label.
-Discretionary access controls-stresses the importance of the owner. The owner is originally the creator of the resource, though ownership can be assigned to another user. The owner is granted full control over the resource, meaning that he or she can modify its ACL to grant rights to others
Accounting
-Logs-logging events. Computer systems support logging of pretty much any kind of event.
-Tracking-Tracking what users are doing within the system.
-Web browser history
Non-repudiation
-Video-Surveillance cameras can record who goes in or out of a particular area
-Biometrics-strong authentication can prove that a person was genuinely operating their user account and that an intruder had not hijacked the account
-Signature-similarly, a physical or digital signature can prove that the user was an author of a document
-Receipt-issuing a token or receipt with respect to some product or service is proof that a user requested that product and that it was delivered in a timely manner
Password Best Practices
Password length-Around 9-12 character is suitable for an ordinary user account. Administrative accounts should have longer passwords (14 or more characters)
Password complexity-No single words/No obvious phrases in a simple form/Mix upper and lowercase
Password History-Some systems keep a history of previously used passwords and prevent the user from choosing the same one again
Password expiration-change the password periodically. Many systems can automatically enforce password expiration, meaning users have to choose a new password.
Password reuse across sites-Don’t re use work passwords for web accounts. Ideally a unique pass word for each account
Password managers-A password policy should balance ensuring that users select strong passwords, which cannot be cracked by password-guessing software, and ensuring that they select memorable passwords and do not resort to reusing them across sites or writing them down
Password reset process-Allows a user who has forgotten a password to self-select a new one
Plaint text vs. Cipher text
if you can make sense of what is written, then it is plaintext. Cipher text, or encrypted text, is a series of randomized letters and numbers which humans cannot make any sense of. Ex, an encryption algorithm takes in a plaintext message, runs the algorithm on the plaintext, and produces a ciphertext.
Data at rest
This state means the data is in some sort of persistent storage media
-File level-folder level encryption
-Disk level-whole disk encryption
-Mobile device-mobile device encryption
Data in transit
Data in motion-this is the state when data is transmitted over a network
-Email
-HTTPS
-VPN
-Mobile application
Fault tolerance
Fault tolerant systems are those that contain additional components to help avoid single points of failure
Replication
is the process of synchronizing data between servers and potentially between sites. This replication might be real-time or bundled into batches for periodic synchronization
Redundancy
-Data-Combining hard disks into an array of disks can help to avoid service unavailability due to one or more disks failing. The redundant array of independent disks(RAID) standard has evolved to offer a variety of fault tolerant solutions.
-Network-Without a network connection, a server is not of much use. As network cards are cheap, it is commonplace for a server to have multiple cards…Network cabling should be designed to allow or multiple paths between the various servers, so that during a failure of one part of the network, the rest remains operational.
-Power-means deploying systems to ensure that equipment is protected against these events and that network operations can either continue uninterrupted or be recovered quickly
Backup considerations-data
Data
-File backups-is an ordinary backup job
-Critical data-may include proprietary, confidential, and/or personal information
-Database-one of the ways of backing up a database is called replication. A replica is a copy (or mirror) of the database hosted on a separate server.
-OS backups-makes a copy of the OS and installed applications so that a workstation or server can be recovered without having to manually reinstall software and reconfigure settings.
Backup considerations-Location
-Stored locally-use hard disks or flash drives attached to the local PC or server
-Cloud storage-Cloud based storage solutions are very popular, both for home and business use.
-On-site vs off-site-Backup stored in the same location as the original data is called on-site, while one kept in a different location is called off-site
Contingency Plan
These vulnerabilities can be mitigated by creating contingency plans and resources that allow the system to be resilient to failures and unexpected outages
Data restoration
If a system goes down, there may be data loss. Data can either be restored from backup or by switching over to another system to which data has been replicate. It is vital that the integrity of the data be checked before user access is re-enabled. If the data is corrupt or the database system is not working properly, trying to add more data to it could result in even more severe problems
Prioritization
-In a large-scale disaster, numerous systems that the company depends upon could fail. After a disaster, resources are likely to be scarce and time pressures severe. Consequently, disaster recovery plans should identify priorities for restoring particular systems first.
Restoring access
Once the integrity of the failover or restored system has been verified, you can re-enable user access and start processing transactions again. You might try to restrict user numbers initially, so that the system can be monitored and verified as working normally
