Technology in Investment - Chapter 8 Flashcards

1
Q

What is chapter 8

A

Technology Infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the key responsibilities of the CIO/CTO

A

Manages all the staff in the division and sets the companies technology strategty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who is the head of information technology or systems?

A

Chief Information Officers (CIO) or sometimes a Chief Technology Officer (CTO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Who does the head of production report to?

A

Reports to the CIO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the head of testing responsible for?

A

Testing new software releases and implementing change control procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the key responsibility of the head of production support?

A

Responsible for the provision of all server and desktop facilities for the day to day running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the role of a Data Base Administrators

A

Develop and enforce database standards, guidelines, operational polices ad procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Who reports to the head of production support?

A

Database administrators
Help desk analysts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Who does the head of development and implementation report to?

A

The Chief Information Officer (CIO)/(CTO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the difference between a CTO and a CIO

A

Same role, different name.

Chief Information Officer
Chief Technology Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Who reports into the head of development and implemtation?

A

Business Analysts
Application designers
Prgrammers/Developers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Who does the head of testing report into ?

A

Reports to the CIO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the head of development and implementation responsible for?

A

Commissioning of new applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Who does the head of change report into?

A

CIO or occasionally the Chief Operating Officer (COO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Who reports into the head of testing?

A

Test analysts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the responsibility of the of the Head of Change

A

Managing major change programmes and projects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Who reports to that head of change?

A

Programme managers and project managers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Who does the head of business continuity and recovery report to?

A

Reports to the CIO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the client component of the Technology infrastructure

A

Where the users input data or view enquiries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the main responsibility of the head of business continuity and recovery?

A

Managing the firms business recovery plans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Who does the head of information security report to?

A

This individual reports to the CIO (duh)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the main responsibility of the head of information security?

A

Overall direction of all security functions associated with applications & data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a thin client

A

A application running on a browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a fat client

A

A PC on which an application is downloaded on and used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the Middleware/Real-Time Messaging Layer component of the Technology infrastructure

A

Software that distributes and obtains real-time data to and from other systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the Database component of the Technology infrastructure

A

Consists of an organized collection of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is a relational database?

A

Contains a number of tables and relationships. Basically an AG grid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How are mission-critical applications usually deployed?

A

As distributed systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How is a relational database interfaced?

A

With Structured Query Language (SQL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How do distributed systems connect with one another?

A

Transmission lines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is a distributed system?

A

A distributed system is a configuration which contains a number of hardware elements that are connected by some transmission technology. Such systems consist of a number of executing programs which interact with each other via transmission lines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is Data Replication?

A

Is the process of sharing information as to ensure consistency between resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What are the three reasons for implementing a system in a distributed fashion

A

To ensure processing power is as close to the users as possible
To ensure high degree of robustness, for example, via the use of data replication
To enable hardware to be easily added

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are three reasons not to implement a system in a distributed fashion?

A

Predictability of performance
Keeping all the clocks in the system synchronized
System malfunctions can have wider system effects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What are the two ways data replication can be implemented?

A

Storing the same data on multiple storage devices or by executing the same task on multiple devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Measuring performance & Managing risk - What is external fraud?

A

Theft of information, hacking damage, third party theft and forgery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Measuring performance & Managing risk - What is internal fraud?

A

Misappropriation of assets, tax evasion, intentional mismarking of postions and bribery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Measuring performance & Managing risk - What is Employment practices and workplace safety

A

discrimination, workers, compensation, employee health and safety

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Measuring performance & Managing risk - What are Business disruption and systems failures

A

utility disruptions, software failures and hardware failures

31
Q

Measuring performance & Managing risk - What are Damage to physical assets

A

natural disasters, terrorism and vandalism

32
Q

Measuring performance & Managing risk - What are Clients, products, and business practice

A

market manipulation, anti-trust, improper trade, product defects, fiduciary breaches and account churning

33
Q

Measuring performance & Managing risk - What are Execution, delivery, and process management

A

Data entry errors, accounting errors, failed mandatory reporting and negligent loss of client assets

34
Q

Generally, the governance of risk management of information technology can be divided into two categories…

A
  • maintaining ‘business as usual’ activity, and
  • introducing business change
35
Q

Who is responsible for the maintenance of ‘Business as usual’

A

The operations side

36
Q

Who is responsible for the maintenance of ‘Business change’

A

Business side

37
Q

What is cyber security

A

protect computer systems’ hardware, software and data from:
* damage
* theft
* unauthorized use, and
disruption.

38
Q

What are the two main criminal purposes of hacking are to?

A

Facilitate identity fraud and cyber espionage

39
Q

What is identity fraud

A

Stealing personal information to gain access to data or a system

40
Q

What is phishing?

A

Attempt to trick users into disclosing information

41
Q

What is cyber espionage

A

Stealing valuable information about rival products or intellectual property

42
Q

What is Malware?

A

Malicious software used to get illegal access to systems

43
Q

What is spyware?

A

Software that gathers information about a person or organization without them knowing and sells it to a third party.

44
Q

What is Ransomware?

A

Criminals blocking a system and not reopening until a fee is paid

45
Q

What is a computer virus?

A

A software program that can copy itself and infect multiple files and then spread to a new PC

46
Q

What is a worm?

A

A virus that replicates, not infects, files and then spread to another computer

46
Q

What is a Trojan virus

A

Appears to be legitimate but actually gains unauthorized access

47
Q

What is a botnet?

A

Network of computers controlled by cyber criminals

47
Q

What is Keystroke Logging

A

The secret monitoring of keyboard presses

48
Q

What is form grabbng?

A

Interception of data submitted to web browsers, collects it before it passes over the internet and then sent to criminals

49
Q

What does DDoS stand for?

A

Distributed Denial of Service

50
Q

What is DDoS

A

Bombardment of requests t a system with the intention of immobilizing it

51
Q

Prevention and Detection of DDoS attacks - What is impact analysis?

A

Spotting problems before they arrive

52
Q

Prevention and Detection of DDoS attacks - Staff training?

A

Ensure staff are trained in recognizing attacks and password security

53
Q

Prevention and Detection of DDoS attacks - Personal Devices and Portable Devices?

A

Encrypting data on personal devices

54
Q

What is a firewall?

A

Systems that control the incoming and outgoing network traffic

55
Q

What is a pen test?

A

Penetration test

56
Q

What are the key components in the ‘Infrastructure’ Catalogue?

A

Users the help desk supports
Applications the help desk supports
Service level agreements
Hardware the help desk supports

57
Q

What is follow the sun?

A

European support is based in Europe, then Asia in Asia and America in America. The support desk ‘follows the sun’

58
Q

If ‘Round-The-Clock Support is required’ what 3 models are commonly used?

A

Follow-the-sun
Extended working hours
Partial outsourcing

59
Q

What is extended working hours?

A

The single help desk is operated through shifts

60
Q

What is partial outsourcing?

A

The overnight managing of the help desk is outsourced

61
Q

What is the role of a KPI in a SLA

A

Key metrics for which limits are recorded against in a SLA.

62
Q

How are KPIs presented?

A

Dashboard

63
Q

Support Call Prioritization - Level one, what is it?

A

Help desk

64
Q

What is the level 1 help desk responsible for (5)

A
  • receiving, recording, prioritising and tracking service calls
  • ensuring that SLA time targets are met
  • monitoring and status-tracking of all incidents
  • escalation and referral to other parts of the organisation
  • first line support, and
  • closing incidents with confirmation from the requestor
65
Q

What happens during the level to of the Support call prioritization

A

Issues are analyzed and either sent back to level 1 or escalated to level 3

65
Q

Support Call Prioritization - Level two, what is it?

A

Analyst

66
Q

Support Call Prioritization - Level three, what is it?

A

Service Specialists

67
Q

What is the relationships between service specialists and the user?

A

Service Specialists are kept hidden from the user.

68
Q

Support Call Prioritization - Level four, what is it?

A

Management

69
Q

What is a business Continuity Plan?

A

Ensuring a firm is able to recover from an emergency

69
Q

What is Disaster Recover Plan (DRP)

A

The process of regaining access to the data to resume critical business operations

70
Q

What is a Planning Committee?

A

A planning committee should be appointed to oversee the development, testing and implementation of the plan.

71
Q

What is a warm site?

A

Transactions are written at two sites, the commincation is managed though ‘Log Shipping’

72
Q

What is a cold site?

A

Spare server at a standby location. The data will be ‘cold’ so there will be some hours in getting the system up and running

72
Q

What is a hot site?

A

An approach where transactions are written at many locations simultaneously. This means if one breaks the others can keep it going

73
Q

What is ‘Log Shipping’

A

Used in warm site management to copy data from the primary to the secondary with a small latency. (5-15 mins)

74
Q

How often should a testing procedure be executed?

A

Annually

75
Q

Who is responsible for approving the disaster recovery plan?

A

Senior Management

76
Q

What is a Version Control System (VCSs)

A

Version control systems (VCSs) are software applications that manage multiple revisions of the same unit of information

77
Q

How often are change control meetings usually scheduled?

A

Weekly

77
Q

What do Version Control System (VCSs) provide for a system?

A

An opportunity to ‘Roll back’ to a previous version

78
Q

What is a change control meeting?

A

Meetings between all stakeholders to discuss business changes

79
Q

For how long do firms not make changes before a release of their annual accounts

A

4 weeks

80
Q

For how long do firms not make changes before the last week on any accounting month

A

1 week

81
Q
A
82
Q
A