ITF + Exam Outline Flashcards

1
Q

Binary

A

Notational system with 2 values per digit. (0,1). Computers process code in binary because the transistors in its CPU and memory components also have two states (off and on)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Hexadecimal

A

Notational systems with 16 values per digit. Values above 9 are represented by the letters A, B, C, D, E, F. Hex is a compact way of referring to long byte values, such as MAC and IPv6 addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Decimal

A

Decimal system is based on the principle of expressing ten different numbers using a single digit in the range 0 to 9. Once you have a value or more than ten, then you require two digits of decimal to express it. Thus, when twelve is expressed numerically in decimal as 12 that means 110 plus 21

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ASCII

A

7-bit code page mapping binary values to character glyphs. Standard ASCII can represent 127 characters, though some values are reserved for non-printing control characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Unicode

A

Extensible system of code pages capable of representing millions of character glyphs, allowing for international alphabets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Char

A

Data type supporting storage of a single character

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Strings

A

Data type supporting storage of a variable length series of characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Integers

A

Data type supporting storage of whole numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Floats

A

Data type supporting storage of floating point numbers (decimal fractions)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Boolean

A

Data type support 1-bit storage, representing FALSE and TRUE. Boolean logic is a statement that resolves to a true or false, condition and underpins the branching and looping features of computer code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Input

A

the computer receives data entered by the user through peripheral devices, such as mice, keyboards, scanners, cameras, and microphones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Output

A

the processed data is shown or played to the user through an output device, such as monitor or loudspeaker system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Processing

A

the data is written to memory and manipulated by the CPU, acting on instructions from the operating system and applications software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Storage

A

the data may be written to different types of storage devices, such as hard disks or optical discs, because data stored in most types of system memory is only preserved while the computer is powered on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data and information as assets

A

For organizations, and even for individuals, computer data can be considered an asset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Importance of investing in security

A

A mechanism designed to protect an information asset or processing system is called a security control. There are many types of security controls, and they can be classed in different ways. Typically there are designed to prevent, deter, detect, and/or recover from attempts to view or modify data without authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Relationship of data to creating information

A

The process of using data in this way is usually called analytics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Trademarks

A

As copyright is not given to the selection of a name, if a company wants to promote its goods it will normally trademark its name and/or logo

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Copyright

A

is automatic legal protection granted to certain types of work indicating that the copyright holder owns the right to control the use of the work, including rights of publication, distribution, or sale

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Patents

A

is legal protection for some kind of invention. Unlike copyright, a patent can apply to an idea so long as the idea is original, useful, and distinctive or on-trivial

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Digital products

A

Is one that is sold or distributed as binary computer data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Data capture and collection

A

Data points can be collected from many different sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Data correlation

A

The information layer requires software to perform data correlation. This means analyzing the whole data set and finding connections and links between data points

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Meaningful reporting

A

To inform human decision making at the insights layer, the information identified by the analytics system must be presented in ways that humans can analyze and interpret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Storage Unit
Bit-Basic unit of computer data is the binary digit, which can represent two values (zero or one) Byte-eight bits KB-1000 bytes MB-1,000,000 bytes GB-1,000,000,000 TB-1000 GB PB-1000 TB
26
Throughput Unit
BPS-when data is transferred between a components in the computer or between computers over a network, the throughput rate that a particular connection can sustain is measure in bps Kbps-1000 bits per second. Older computer peripheral interfaces (or buses) and slow network links Mbps-1,000,000 bits per second. Many internal computer interfaces have throughputs measured in Mbps. Wireless networks and residential internet links also typically have this sort of throughput. Gbps-1,000,000,000 bits per second-The latest PC bus standards and networks can support this higher level of throughput Tbps-1,000,000,000,000-This sort of capacity is found in major telecommunications links between data centers, cities, and countries
27
Processing speed
MHZ-1 million cycles per second. Older PC bus interfaces and many types of network interface work at this slower signaling speed GHZ-1000 million cycles per second. Modern CPUs and Bus types plus fiber optic network equipment work at these much faster speeds
28
Troubleshooting methodology
1) Identify the problem 2) Research knowledge base/internet, if applicable 3) Establish a theory of probable cause 4) Test the theory to determine the cause 5) Establish a plan of action to resolve the problem and identify potential effects 6) Implement the solution or escalate as necessary 7) Verify full system functionality and, if applicable, implement preventive measures 8) Document findings/lessons learned, actions, and outcomes
29
Networking-Wired
Telephone Connector (RJ-11)-While local networking uses Ethernet technologies, some networking and communications functions depend on direct use of the telephone network Ethernet connector (RJ-45)-An ethernet network adapter used with twisted pair cable will have an RJ-45 port to connect the computer to the network, via another RJ-45 port in the network equipment.
30
Networkin-Wireless
Bluetooth-is used for so-called Personal Area Networks (PAN) to share data with a PC, connect to a printer, use a wireless headset, connect to a wireless mouse/keyboard, and so on NFC-is a peer-to-peer version of RFID; that is, an NFC device can work as both tag and reader to exchange information with other NFC devices. NFC normally works at up to two inches at data rates of 106, 212, and 424 kbps.
31
USB
The Universal Serial Bus(USB) has become the standard means of connecting peripheral devices to a computer. USB devices are plug and play
32
Firewire
bus was based on the IEEE 1394 standard and the Small Computer System Interface (SCSI) communications protocol. The firewire 400 standard used 6-pin alpha connectors and cabling. The maximum transfer rate is 400 Mbps
33
Thunderbolt
Can be used both as a display interface and as a general interface like USB or firewire
34
Bluetooth
a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.
35
RF
RFID-is a means of targeting and tracking objects using specially-encoded tags
36
NFC
Near field communications is a peer to peer version of RFID; that is, an NFC device an work as both tag and reader to exchange information with other NFC device
37
Graphic Device
VGA HDMI DVI Display port Mini Display port
38
Installation types-Plug and play vs. Driver installation
This means that when you connect a new device, windows identifies it and tries to install a device driver. The device driver makes the device work with the operating system
39
IP based peripherals
Some types of devices are not connected to the computer via a peripheral portbut accessed over a network
40
Motherboard/System board
If you open up a PC or laptop, the main thing you will see is the motherboard (or system board). The motherboard is a printed circuit board (PCB) with some built-in processors (the chipset), sockets and slots for upgradable components (CPU, RAM, adapter cards, disk drives), and wires (buses) to connect them together
41
Firmware/BIOS
When a computer is powered on, it needs some standard means for the CPU to start processing instructions and initialize the other components. This is referred to as bootstrapping or more simply as booting. The bootstrapping process occurs before the operating system software is loaded and is enabled by a low-level operating system called firmware. The BIOS (Basic input/output system) is one example of PC firmware. It provides industry standard program code to get the essential components of the PC running and ensures that the design of each manufacturer's motherboard is PC compatible
42
RAM
When a program is started, its instructions are loaded into system memory. System memory uses a type of technology called Random Access Memory (RAM). Having more RAM allows the PC to open more programs simultaneously and work on large files more efficiently. As well as system memory size, the speed of the memory subsystem is also important. The CPU fetches instructions from system memory as it needs them. This means that the bus between the CPU and memory, often referred to as the FRONT SIDE BUS(FSB), must be as fast as possible.
43
CPU
is the device that "runs" software programs. Software is composed of many simple instructions. The CPU processes these instructions and directs other components to perform actions, such as displaying an image on the screen or printing a document
44
ARM
Mobile Phone Tablet
45
32-bit
Laptop Workstation Server
46
64-bit
Laptop Workstation Server
47
Storage
Hard drive-are based on magnetic disk technology SSD-Use a type of transistor based memory called flash memory and are much faster than HDDS
48
GPU
Displaying a high resolution image to the user requires a lot of processing power, especially if the image changes rapidly, as with video, or uses complicated 3D and texture effects, as with computer games.
49
Cooling
Heatsinks and thermal paste-A heatsink is a block of metal with fins. As the fins expose a larger surface area to the air around the component, a greater cooling effect by convection is achieved. The heat sick is "glued" to the surface of the chip using thermal paste, also referred to as thermal grease or compound, to ensure the best transfer of heat.
50
NIC-Wired vs Wireless
on a home network, the computer will be connected to an internet router via an Ethernet port. On a business network, the computer will be connected to the wider network via an Ethernet Switch. The Ethernet port in the computer is provided by a Network Interface Card (NIC). Wireless network-most homes networks support Wi-Fi radio networking so that computing devices do not have to be cabled to the internet router to access the network.
51
NIC-On-board vs add-on card
Almost all workstation computers come with a NIC on the motherboard (onboard card). Servers may have additional NICs supplied on expansion or (addon) cards. The connection to the router is made using a cable with RJ-45 connectors on each end
52
Fiber optic
Fiber optic cables perform much better over long distances and are not affected by noise in the way that electrical signals over copper cable are.
53
Cable
Where FTTC is offered by providers with origins in the telephone network, a cable internet connection is usually provided as part of a Cable Access TV (CATV) service. These networks are often described as Hybrid Fiber Coax (HFC) as they combine a fiber optic core network with coax links to customer premises equipment
54
DSL
is one of the most popular SOHO internet service types. DSL works over an ordinary telephone line, providing the line is of sufficient quality. The DSL modem/router is connected to the telephone line using a cable with RJ-11 connectors between the WAN port on the router and the telephone point.
55
Wireless-Radio Frequency
is a means of provisioning a wireless local network using Wi-Fi standard equipment. While this isn't a means of internet service position in itself, it is a means for a client to connect to a wireless router offering internet access
56
Wireless-Satellite
systems provide far bigger areas of coverage than can be achieved using other technologies. The microwave dishes are aligned to orbital satellites that can either relay signals between sites directly or via another satellite.
57
Wireless-Cellular
data connections use radio transmissions but at greater range than Wi-Fi. Cellular data is more closely associated with internet access for cell phones and smartphones than with computers.
58
Volatile vs non-volatile
Volatile means that data is only retained in the memory chips while there is a power source. Non-volatile where the data is preserved when the power is turned off
59
RAM
Random access memory
60
Hard drive
Data on an HDD is encoded magnetically on specially coated glass or plastic platters accessed by drive heads
61
Solid state vs. spinning disk
are designed to replicate or supplement the function of the hard drive. Solid state storage uses of non-volatile memory technology called flash memory.
62
Optical
CDS, DVDs, Blu-rays are considered optical drives because a laser is used to read date from the discs
63
Flash drive
USB thumb drive
64
NAS
Appliance is one or more hard drives housed in an enclosure with basic server firmware, usually running some form of Linux. The NAS appliance provides access to its storage devices using various file sharing protocols.
65
File server
All computers have at least one internal hard disk, or SSD, for storing the operating system and software applications plus user data.
66
Cloud storage service
both for home and business use. Some vendors offer users a certain amount of free cloud-based storage. There are also business oriented solutions, such as drop box and amazon.
67
Internet of Things
Home appliances Home automation devices -Thermostats -Security systems -Modern cars -IP cameras -Streaming media devices -Medical devices
68
Basics of packet transmission
Network signals must be packaged in such a way that each host is able to understand them. Also, each host must have a means of recognizing the location of other hosts on the network. These functions are provided by a network protocol. A network protocol identifies each host on the network using a unique address. It also defines a packet structure. A packet is a wrapper for each data unit transmitted over the network. A packet generally consists of a header and a payload
69
DNS-The Domain Name System
is a hierarchical, client/server-based distributed database name management system. The purpose of the DNS database is to resolve resource names to IP addresses. In the DNS, the clients are called resolves and the servers are called name servers.
70
LAN vs WAN
-LAN-A network in a single location is often described as a Local Area Network (LAN). This definition encompasses many different types and size of networks though. -WAN-Networks in different geographic locations but with shared links are called Wide Area Networks (WAN). A WAN is more likely to make use of a service provide network. Companies that operate national telephone networks are called Telecommunications company.
71
Device address
Is used to logically identify each device (host) on a given network
72
MAC address
At the data link layer, each host is identified by the address of its network interface. This is called a hardware address or a media access control (MAC) address. The mac address is assigned to the network adapter at the factory. It is a 48-bit value expressed in hex notation.
73
Basic Protocols
HTTPS/S POP3-Post Office Protocol v3(POP3) IMAP-Internet Message Access Protocol(IMAP) SMTP-Simple transfer protocol
74
Modem
connects the wired and wireless network clients to the internet via a WAN link
75
Router
connects the wired and wireless network clients to the internet via a WAN link
76
Switch
Connects four or eight computers together in an Ethernet LAN using RJ-45 network ports and twisted-pair cabling
77
Access Point
creates a Wi-Fi wireless network (WLAN) between computers and mobile devices equipped with suitable adapters and also switches communications between the wired and wireless networks
78
Firewall
a firewall restricts access to a computer or network to a defined list of hosts and applications. Basic packet filtering firewalls work on the basis of filtering network data packets as they try to pass into or out of the machine
79
Standards of Wifi
802.11a/b/g/n/ac (802.11a)"1999" 54 mbps/5 GHz (802.11b)"1999" 11 mbps/2.4 GHz (802.11g)"2003" 54 Mbps/2.4 GHz (802.11n)"2009" 72.2 Mbps/stream(single channel) 2.4/5Ghz (802.11n)"2009" 150 Mbps/stream(bonded channels) 5 GHz (802.11ac)"2013" 1.7 Gbps 5 Ghz
80
WiFi Best Practices
Change SSID Change defualt password
81
Encrypted vs. Unencrpted
-Encrypted-scrambles the messages being sent over the WLAN so that anyone intercepting them is not able to capture any valuable information. -Unencrypted-selecting open authentication means that the client is not required to authenticate.
82
Captive Portal
When the client associates with the open hotspot and launces the browser, the client is redirected to a captive portal. This will allow the client to authenticate to the hotspot provider's network.
83
WEP-Wired Equivalent Privacy
-this is an older standard. WEP is flawed and you would only select this if compatibility with legacy devices and software is imperative
84
WPA-WiFI Protected Access
this fixes most of the security problems with WEP. WPA uses the same weak RC4 (riveset cipher) cipher as WEP but adds a mechanism called the Temporal Key integrity protocol (TKIP)
85
WPA2
this implements the 802.11i WLAN security standard. The main difference to WPA is the use of the AES(advanced encryption standard) cipher for encryption.
86
Interface between applications and hardware
Another function of an OS is to "drive" the computer hardware. OS software is built from a kernel of core functions with additional driver software and system utility applications. Each hardware component requires a driver to work. The OS is responsible for identifying the components installed on the PC and loading drivers to enable the user to configure and use them.
87
Disk management
format mass storage devices and manage partitions. Partitions allow a single disk to be divided into multiple different logical areas, each of which can be accessed via the OS as a separate drive.
88
Process management/scheduling
-Kill process/end task-device manager
89
Application management
once the application has been installed, there are various ways to perform additional configuration and application management -Configuring application compatibility -Repairing and uninstalling software -Enabling and disabling windows features
90
Memory Management
When a process executes, it takes up space in system memory. If the system runs out of memory, then processes will be unable to start, and running processes may crash because they cannot load the data they need
91
Device management
Deivce manager
92
Access control/protection
means that a computing device can only be used by an authorized person, such as its owner. Access control on workstation operating systems is usually enforced by the concept of user accounts. Each user of the device is allocated an account and uses a password to authenticate to that account.
93
Types of OS
-Mobile device OS-is one designed for handheld device, such as smartphones and tablets. -Workstation OS-is one that runs a traditional desktop PC or laptop. -Enterprise client-designed to work as a client in business networks -Network Operating System (NOS) or server OS-designed to run on servers in business networks -Home client-designed to work on standalone or workgroup PCs and laptops in a home or small office. This will also allow each client to run some basic peer-to-peer network services, such as file sharing -Server OS-such as Windows Server, Linux, or Unix, is often based on similar code to its workstation OS equivalent. -Embedded OS-is a computer or appliance designed for a very specific function. These systems can be as contained as a microcontroller in an intravenous drip-rate mater or as large and complex as an industrial control system managing a water treatment plant -Firmware-In an embedded system, the embedded OS acts as firmware. It provides all the functions for interacting with the new device hardware. -Hypervisor (type 1)-hypervisor is installed directly on the computer and interacts directly with its hardware
94
File Systems
-NTFS-New technology file system- as a 64 bit addressing scheme, NTFS allows much larger partitions than FAT. NTFS also supports extended attributes, allowing for file-level security permissions, compression, and encryption -FAT32-File Allocation Table-this was used for older versions of windows and is preserved under Windows for compatibility -HFS-Hierarchical file system (HFS+), apple mac workstations and laptops use -Ext4-Linux-used to format partitions on mass storage devices
95
Compression
the file system can automatically reduce the amount of disk space taken up by a fille. The file system applies a non-lossy algorithm to the file to find ways to store the data in it more efficiently without discarding any information.
96
Encryption
the file system can automatically encrypt data in a file when it is saved. This means that the file can only be opened when there is access to the encryption key.
97
Permissions
The file system maintains an access control list (ACL) for each file or folder object. The ACL records which user accounts are allowed to read, write, or control the object
98
Journaling
file system tracks changes or intended changes in a log. This means that if there is a sudden power cut and a particular write operation was interrupted, the journal may be used to recover the data or at least restore the file system to good working order
99
Limitations
as noted in the table below, file systems have limits in terms of their maximum capacity and the size of individual files
100
Naming rules
very old file systems limited the size of a file name to eight characters plus a three-character extension
101
File management
-Folders/directories -File types and extensions-Files follow a similar naming convention folders, except that the last part of the file name represents an extension, which describes what type of file it is and us used by Windows to associate the file with an application. -Permission
102
Services
is a windows process that does not require any sort of user interaction and thus runs In the background. Services provide functionality for many parts of the Windows OS, such as allowing sign in, browsing the network, or indexing file details to optimize searches
103
Processes
A process is the main unit governing a program and managing the memory resources allocated to it by the OS.A process may contain one or more threads, which are parts of the program scheduled for execution by the CPU
104
Utilities
-Task scheduling-sets tasks to run at a particular time. Tasks can be run once at a future date or time or according to a recurring schedule
105
Interfaces
-Console/Command line-A command line interface (CLI) shell represents an alternative means of configuring an OS or application. -GUI-As you have seen, most operating systems can be operated using a Graphical User Interface (GUI) controlled via a mouse, keyboard, and/or touchscreen, but a GUI is only one type of interface or Shell
106
Productivity software
-Word processing software-Microsoft Word -Spreadsheet software-Microsoft Excel -Presentation software-PowerPoint -Web browser-Edge, Chrome, Firefox -Visual diagramming software-software assists the creation of these by providing templates and shapes for different kinds of diagram
107
Collaboration software
-Email client-software works in conjunction with an email server, which handles the business of actually transmitting the messages over the network -Conferencing software-allows users to configure virtual meeting rooms, with options for voice, video, and instant messaging. Other features often include screen sharing. -Instant messaging software-allows users to communicate in real time. -Online workspace-is one where a file is hosted on a network, and users can sign in to get access to it. Different users might be assigned different permissions over the document. -Document sharing
108
Business software
-Database software-packages enable the user to store, organize, and retrieve information. Databases can search through thousands of records very quickly and display data in a format specified by the user. -Project management software-involves breaking a project into a number of task and assigning responsibilities, resources, and timescales to ensure the completion of those tasks. -Business specific applications-A company may also commission custom-made software to implement specific Line of Business (LOB) functions. LOB applications would cover functions that cannot be performed by "off-the-shelf" software. This might include product design and manufacturing, fulfillment and inventory control, plus marketing and sales -Accounting software-There are many software applications designed to support financial and commercial functions, such as order processing, accountancy, and payroll.
109
Application delivery methods
-Locally installed -Network not required -Application exists locally -Files saved locally -Local network hosted -Network required -Internet access not required -Cloud Hosted -Internet access required -Service required -Files saved in the cloud
110
Application architecture models
-One tier-If the application front-end and processing logic and the database engine are all hosted on the same computer -Two tier-client server application separates the database engine, or back-end or data layer, from the presentation layer and the application layer, or business logic. The application and presentation layers are part of the client application. The database engine will run on one server, while the presentation and application layers run on the client -Three tier-the presentation and application layers are also split. The presentation layer provides the client front-end and user interface and runs on the client machine. The application layer runs on a server or server cluster that the client connects to. -N-tier-application architecture can be used to mean either a two-tier or three-tier application, but another use is an application with a more complex architecture still
111
Catching/Clearing cache
good practice to clear the browser cache before shutting down or logging off, and make sure you do not allow passwords to be cached
112
Deactivate client side-scripting
Most sites will use server-side scripting, meaning that code runs on the server to display the page you are looking at. There is no way to disable this. Many sites are depend on client-side scripting. This means that code is placed in the page itself and runs within the browser to change the way it looks or provide some other functionality. Deactivating client-side scripting tends to break most of the websites published.--Script blocker addon
113
Browser add-ons/extensions
-Add -Remove -Enable/disable
114
Private browsing
browser doesn't store cookies or temporary files and doesn't add pages to the history list
115
Proxy settings
on an enterprise network firewall is likely to be deployed to monitor and control all traffic passing between the local network and the internet. On networks like this, clients might not be allowed to connect to the internet directly but forced to use a proxy server instead. The proxy server can be configured as a firewall and apply other types of content filtering rules
116
Certificates
-Valid-a padlock ion is shown. If it is highly trust, the address bar is colored green. -Invalid-The address bar is colored maroon and the site is blocked by a warning message
117
Script blockers
provide more control over which websites are allowed to run scripts
118
Compatible browsers for application
some applications require multiple browsers to run. Not ideal for security terms since you want to have as little applications as possible
119
Single platform software
Designed to work on only one operating system
120
Cross-platform software
-Compatibility concerns-difficulties operating an application from being incompatible
121
Licensing
-Single use-may only be installed on one computer -Group use/site license-which means that the company can install the software on an agreed number of computers for an unlimited number of employees to use at the same time -Concurrent license-that the company can allow only a set number of users access to it at any one time -Open source vs. proprietary- -Subscription vs. one-time purchase -Product keys and serial numbers-a long string of characters and numbers printed on the box or disk case. The product key will generate a different product ID and serial number, which is often used to obtain technical support
122
Software installation best practices
-Reading instructions -reading agreements -Advanced options-most software installer packages offer a choice between a default installation and a custom installation. A custom installation allows you to choose specific settings, such as where to install the software and what icons or startup/autorun options to configure.
123
Interpreted
-Scripting languages-is used to manipulate, customize, and automate the facilities of an existing system. Java, Python, JavaScript, C++, C#, PHP, Perl, Ruby -Scripted languages -Markup Languages-is not a programming language but a means of making data in a document accessible to a program. A markup language, such as the Hypertext Markup Language (HTML) or Extensible Markup Language (XML), defines a series of nested tags that describe the structure and/or meaning of the tag contents
124
Compiled Programming Languages
when you write a program using a compiled programming language, you must transform the code to an executable binary before it can run. Compiling converts the source code that you wrote to machine code. C++, C#, COBOL, PASCAL
125
Query Languages
SQL, is deisgned to retrieve specific records from a dataset
126
Assembly language
represents machine code in human-readable text. An assembly language is typically specific to a particular hardware architecture
127
Organizational techniques
-Pseudocode concepts-writing out a program sequence using code blocks but without using the specific syntax of a particular programming language -Flow-chart concepts-As the process gets complex, you can use a graphical flow chart to help understand the process -sequence-A program is just a sequence of instructions for your computer to perform.
128
Logic components
-Branching-Your program runs from the start to the end unless you instruct it to deviate from this path. One way of doing so is to create a branch; this is an instruction to your computer to execute a different sequence of instructions. -Looping-When a subroutine completes, it can return to the point in the main routine from where it was called, and the main routine continues execution. Note that when we use structures such as this, we have to be very careful not to create infinite loops in the code by mistake
129
Identifiers
is used in a program to access a program element, such as a stored value, class, method, or interface -Variables-contains a value that can change during the execution of the program. This value might be a text string, a number, or any other data type -Constants-is a specific identified that contains a value that cannot be changed within the program.
130
Containers
can be used as a term for a special type of identifier that can reference multiple values
131
Arrays
One example of a container construct is a simple array
132
Vectors
Identifier for a group of variables of the same type
133
Declare Logons(9) as string
-Elements in the array are counted from zero so the Logons(9) array contains up to 10 elements
134
Declare Logons (9,1) as string
-Two dimensional array
135
Functions
enable you to create segments of code that you will reuse. They key difference, in programming terms, between a procedure and a function is that the latter can return a value to whatever called it, whereas procedure cannot.
136
Objects
-Properties-represent an alternative way of accessing a field publicly. Using a method might be regarded as quite a "heavyweight" means of doing this, so properties allow external code to ask the object to show or change the value of one of its fields -Attributes-are values and data types that define the object. The attributes are stored within the object as fields or private variables. -Methods-define what you can do to an object
137
Operators
Looping and branching structures depend on logical tests to determine whether to continue the loop or the branch to follow. A logical test is one that resolves to a True or False value. == is equal to (returns TRUE if both conditions are the same != is not equal to < less than >Greater than <= and >= less than or equal to and greater than or equal to AND-if both conditions are TRUE, then the whole statements is TRUE OR-if either condition is TRUE, then the whole statements is TRUE XOR-if either condition is TRUE but not both, then the whole statement is true
138
Usage of database
The information is stored in a structured manner for easier access. Typically, a database consists of tables of information, organized into columns and rows. Each row represents a separate record in the database, while each column represents a single field within a record
139
Database commands and executables
-Create-this step involves defining what information the database will store, where it will be hosted, and how it will be accessed by clients -Import/input-Once the database has been created, it must be populated with data records. Records can either be input and updated manually, usually using some type of form, or data might be imported from another source, or both -Query-It is possible in theory to read the information in each table manually, but in order to view information efficiently, a query is used to extract it. A query allows the user to specify criteria to match values in one or more fields and choose which fields to display in the results so that only information of interest is selected -Reports-A query might return a large number of rows and be just as difficult to read as a table. A report is a means of formatting and summarizing the records returned by a query so that the information is easy to read and interpret
140
Flat file vs. Database
A flat file system might be useful for tasks such as simple order or sales databases used by a single person or small workgroup. A flat file is also a good way of exporting and importing information between systems.
141
Benefits of a database
-Multiple concurrent users-Databases can support an large number of concurrent users. A single-file based data storage solution does not offer high enough speed for the volumes of transactions on enterprise level systems -Scalability-are also more scalable. Database architecture means that extra capacity can be added later with much less investment -Speed-provide access controls to protect information from unauthorized disclosure and backup/replication tools to ensure that data can be recovered within seconds of it being committed -Variety of data-can enforce data types for each column and validate information entered as fields and records. Spreadsheets can mimic some of this functionality but not as robustly. Databases consequently support a wider variety of data formats
142
Records
Each row represents a separate records in the database, while each column represents a single field within a record
143
Data persistence
databases are often used with applications. While an application processes are variables and other temporary data internally, this information is lost when the application is terminated. A database represents a way for an application to store data persistently and securely
144
Structured vs. Semi-structured vs. Non-structured
--Structured-When you store your information in a relational database, it is stored in a structured way. This structure enables you to more easily access the stored information and gives you flexibility over exactly what you access --Unstructured-data, on the other hand, provides no rigid formatting of the data. Images and text files, word documents and PowerPoint presentations are examples of unstructured data. --Semi-structured-Strictly speaking, the data lacks the structure of formal database architecture. But in addition to the raw unstructured data, there is associated information called metadata that helps identify the data
145
Relational database
is highly structured type of database. Information is organized in tables(known as relations). A table is defined with a number of fields, represented by the table columns. Each field can be a particular data type. Each row entered into the table represents a data record Typically, Relational Database Management Systems (RDBMS) use Structured Query Language (SQL) to maintain and query data in the database. Examples of RDBMS include: -Microsoft SQL server -Oracle database -MySQL -Microsoft office access
146
Database information
-Schema-The structure of the database in terms of the fields defined in each table and the relations between primary and foreign keys is referred to as the schema -Tables -Rows/records -Fields/columns -Primary key-Each row in the table must have a unique value in the primary key field. -Foreign key-When a primary key in one table is referenced in another table, then in the secondary table, that column is referred to as a foreign key -Constraints-When defining properties of each field, as well as enforcing a data type, you can impose certain constraints on the values that can be input into each field. A primary key is an example of a constraint. The value entered or changed in a primary key field in any given record must not be the same as any other existing record
147
Non-relational databases
-Key/value databases-is a means of soring the properties of objects without predetermining the fields used to define an object. -Document databases-is an example of a semi-structured database. Rather than define tables and fields, the database grows by adding documents to it. The documents can use the same structure or be of different types. The database's query engine must be designed to parse each document type and extra information from it
148
Relational methods-Data manipulation
Commands allow you to insert or update records and extract information from records for viewing (a query) -Select-enables you to define a query to retrieve data from a database -Insert-adds a new row in a table in the database -Delete-deletes records from the table. As with UPDATE, this will delete all records unless a WHERE statement is specified -Update-changes the value of one or more table columns. This can be used with a WHERE statement to filter the records that will be updated. If no WHERE statement is specified, the command applies to all the records in the table
149
Relational methods-Data definition
Command refer to SQL commands that add to or modify the structure of the database -Create-this command can be used to add a new database on the RDBMS server (create database) or to add a new table within an existing database (create table). The primary key and foreign key can be specified as part of the table definition -Alter-this allows you to add, remove (drop), and modify table columns (fields), change a primary key and/or foreign key, and configure other constraints. There is also an ALTER DATABASE command, used for modifying properties of the whole database, such as its character set -Drop-this is the command used to delete a table (DROP TABLE) or database (DROP DATABASE). Obviously, this also deletes any records and data stored in the object -Permissions-SQL supports a secure access control system where specific user accounts can be granted rights over different objects in the database (tables, columns, and views for instance) and the database itself. When an account creates an object, it becomes the owner of that object, with complete control over it. The owner cannot be denied permission over the object. The owner can be changed however, using the ALTER AUTHORIZATION statement.
150
Relation methods-Database access methods
-Direct/manual access-Administrators might use an administrative tool, such as phpMyAdmin, to connect and sign in to an RDBMS database. Once they have connected, they can run SQL commands to create new databases on the system and interact with stored data. This can be described as direct or manual access. -Programmatic access-A software application can interact with the database using SQL commands or using SQL commands stored as procedures in the database. Most programming languages include libraries to provide default code for connecting to a database and executing queries -User interface/utility access-An application might use a database in the background without the user really being aware of its presence. Alternatively, the application might provide a specific Graphical User Interface (GUI) or form to allow ordinary users to add and search records -Query/report builders-There are many users who may need to interact closely with the database but do not want to learn SQL syntax. A query or report builder provides a GUI for users to select actions to perform on the database and converts those selections to the SQL statements that will be executed
151
Export/Import
-Database dump--It may also be necessary to export data from the database for use in another database or in another type of program, such as a spreadsheet. A dump is a copy of the database or table schema along with the records expressed as SQL statements. -Backup-Most RDBMS provide stored procedures that invoke the BACKUP and RESTORE commands at a database or table level
152
CIA
Confidentiality, Integrity, and Availability
153
Confidentiality concerns
-Snooping-this is any attempt to get access to information on a host or storage device (data at rest) that you are not authorized to view. An attacker might steal a password or find an unlocked workstation with a logged-on user account, or they might install some sort of spyware on the host -Eavesdropping/wiretapping-this is snooping on data or telephone conversations as they pass over the network. Snooping on traffic passing over a network is also often called sniffing. It can be relatively easy for an attacker to "tap" a wired network or intercept unencrypted wireless transmissions. Networks can use segmentation and encryption to protect data-in-transit -Social engineering/dumpster diving-this means getting users to reveal information or finding printed information. We'll discuss this topic in more detail later in this unit
154
Integrity concerns
-Man-in-the-middle-where a host sits between two communicating nodes, and transparently monitors, captures, and relays all communications between them. A MitM may be able to change the messages exchanged between a sender and receiver without them realizing. To protect against this, senders and receivers must authenticate themselves and use encryption to validate messages -Replay attack-where a host captures another host's response to some server and replays that response in an effort to gain unauthorized access token generated by an application. The application needs to use encryption and time-stamping to ensure that the tokens cannot be misused -Impersonation-a common attack is where a person will attempt to figure out a password or other credentials to gain access to a host. The attacker can then hijack the authorizations allocated to the account and generally masquerade as that user. -Unauthorized information alteration
155
Availability concerns
-Denial of service-This is any situation where an attacker targets the availability of a service. A DoS attack might tamper with a system or try to overload it in some way. -Power outage-If you lose power, then clearly your computers cannot run. Using standby power can help mitigate this issue. It's also common for data corruption to occur when a computer is turned off rather than being shut down. Using an uninterruptible Power Supply (UPS) can provide a means to safely close down a server if building power is interrupted -Hardware failure-IF a component in a server fails, then the server often fails. A hard disk contains moving parts and will eventually fail. If a disk fails, you will likely lose access to the data on the failed disk and quite possibly lose the data. You can compensate against hardware failure by provisioning redundant components and servers. The service is then configured to failover to a working component or server without interruption -Destruction-The loss of a service or data through destruction can occur for a number of reasons. -Service outage-Any of the situations above can lead to service unavailability.
156
Securing devices (mobile/workstation)
-Antivirus/anti-malware-malware is software that aims to dame a computer or steal information from it. Anti-malware software can detect the presence of malware and prevent it from running. This is discussed in more detail alter in this unit -Host firewall-software based firewall installed on a server to monitor and control its incoming and outgoing network traffic -Changing default passwords-network devices such as wireless access points, switches, and routers ship with a default management password, such as "password," "admin," or the device vendor's name. These should be changed on installation. These should be changed on installation -Enabling passwords-most operating systems allow the use of an account without a password, PIN, or screen lock, but this does not mean it is a good idea to do so. It makes the device highly exploitable in the event of theft. -Safe browsing practices -Patching/updates-OS files, driver software, and firmware may be exploitable by malware in the same way as applications software. It is important to keep computers and other devices configured with up-to-date patches and firmware
157
Device use best practices
-Software sources -Validating legitimate sources -Researching legitimate sources -OEM websites vs third-party websites -Removal of unwanted/unnecessary software-new computers ship with a large amount of pre-installed software, often referred to as bloatware. These applications should be removed if they are not going to be sued. Similarly, if an application has been installed in the past but is no longer necessary, it should be removed too -Removal of malicious software
158
Authentication
-Single factor-One form of authentication -Multifactor-Multiple forms of authentication -Examples of factors -Password-Something you know -Pin-Something you know -One-time password-Something you have -Software token-Something you have -Hardware token-Something you have -Biometrics-Something you are -Specific location-Somewhere you are -Security questions -Single sign-on-Means that a user only has to authenticate to a system once to gain access to all its resources-that is, all the resources to which the user has been granted rights.
159
Auhroization
-Permissions -Least privilege model-The more privileges and permissions that you allocate to more users, the more you increase the risk that a privilege will be misused. Authorization policies help to reduce risk by limiting the allocation of privileges as far as possible. -Role-based access-adds an extra degree of administrative control to the DAC model. Under RBAC, a set of organizational roles are defined and users allocated to those roles. -User account types-Administrator, Guest, User account -Rule-based access-a term that can refer to any sort of access control model where access control policies are determined by system-enforced rules rather than system users. -Mandatory access controls-is based on the idea of security clearance levels. Rather than defining access control lists on resources, each object and each subject is granted a clearance level, referred to as a label. -Discretionary access controls-stresses the importance of the owner. The owner is originally the creator of the resource, though ownership can be assigned to another user. The owner is granted full control over the resource, meaning that he or she can modify its ACL to grant rights to others
160
Accounting
-Logs-logging events. Computer systems support logging of pretty much any kind of event. -Tracking-Tracking what users are doing within the system. -Web browser history
161
Non-repudiation
-Video-Surveillance cameras can record who goes in or out of a particular area -Biometrics-strong authentication can prove that a person was genuinely operating their user account and that an intruder had not hijacked the account -Signature-similarly, a physical or digital signature can prove that the user was an author of a document -Receipt-issuing a token or receipt with respect to some product or service is proof that a user requested that product and that it was delivered in a timely manner
162
Password Best Practices
Password length-Around 9-12 character is suitable for an ordinary user account. Administrative accounts should have longer passwords (14 or more characters) Password complexity-No single words/No obvious phrases in a simple form/Mix upper and lowercase Password History-Some systems keep a history of previously used passwords and prevent the user from choosing the same one again Password expiration-change the password periodically. Many systems can automatically enforce password expiration, meaning users have to choose a new password. Password reuse across sites-Don't re use work passwords for web accounts. Ideally a unique pass word for each account Password managers-A password policy should balance ensuring that users select strong passwords, which cannot be cracked by password-guessing software, and ensuring that they select memorable passwords and do not resort to reusing them across sites or writing them down Password reset process-Allows a user who has forgotten a password to self-select a new one
163
Plaint text vs. Cipher text
if you can make sense of what is written, then it is plaintext. Cipher text, or encrypted text, is a series of randomized letters and numbers which humans cannot make any sense of. Ex, an encryption algorithm takes in a plaintext message, runs the algorithm on the plaintext, and produces a ciphertext.
164
Data at rest
This state means the data is in some sort of persistent storage media -File level-folder level encryption -Disk level-whole disk encryption -Mobile device-mobile device encryption
165
Data in transit
Data in motion-this is the state when data is transmitted over a network -Email -HTTPS -VPN -Mobile application
166
Fault tolerance
Fault tolerant systems are those that contain additional components to help avoid single points of failure
167
Replication
is the process of synchronizing data between servers and potentially between sites. This replication might be real-time or bundled into batches for periodic synchronization
168
Redundancy
-Data-Combining hard disks into an array of disks can help to avoid service unavailability due to one or more disks failing. The redundant array of independent disks(RAID) standard has evolved to offer a variety of fault tolerant solutions. -Network-Without a network connection, a server is not of much use. As network cards are cheap, it is commonplace for a server to have multiple cards…Network cabling should be designed to allow or multiple paths between the various servers, so that during a failure of one part of the network, the rest remains operational. -Power-means deploying systems to ensure that equipment is protected against these events and that network operations can either continue uninterrupted or be recovered quickly
169
Backup considerations-data
Data -File backups-is an ordinary backup job -Critical data-may include proprietary, confidential, and/or personal information -Database-one of the ways of backing up a database is called replication. A replica is a copy (or mirror) of the database hosted on a separate server. -OS backups-makes a copy of the OS and installed applications so that a workstation or server can be recovered without having to manually reinstall software and reconfigure settings.
170
Backup considerations-Location
-Stored locally-use hard disks or flash drives attached to the local PC or server -Cloud storage-Cloud based storage solutions are very popular, both for home and business use. -On-site vs off-site-Backup stored in the same location as the original data is called on-site, while one kept in a different location is called off-site
171
Contingency Plan
These vulnerabilities can be mitigated by creating contingency plans and resources that allow the system to be resilient to failures and unexpected outages
172
Data restoration
If a system goes down, there may be data loss. Data can either be restored from backup or by switching over to another system to which data has been replicate. It is vital that the integrity of the data be checked before user access is re-enabled. If the data is corrupt or the database system is not working properly, trying to add more data to it could result in even more severe problems
173
Prioritization
-In a large-scale disaster, numerous systems that the company depends upon could fail. After a disaster, resources are likely to be scarce and time pressures severe. Consequently, disaster recovery plans should identify priorities for restoring particular systems first.
174
Restoring access
Once the integrity of the failover or restored system has been verified, you can re-enable user access and start processing transactions again. You might try to restrict user numbers initially, so that the system can be monitored and verified as working normally