Vocab 9 - 15 & Web 2.0 (Includes reversed cards as well) Flashcards
Computer communications
A process in which two or more computers or devices transfer data, instructions, and information.
- Sending device → Communications channel → Receiving device
computer security risk
Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.
cybercrime
A Network or Internet-based illegal act
Computer Security Risks
- Internet and network attacks
- unauthorized access and use
- hardware theft (stealing a thumb drive or hard drive)
- system failure (lightning strike)
- infromation theft (stollen identity)
- software theft (illegal copy)
Data transmitted over networks
Has a higher degree of security risk than data kept on an organization’s premises
online security service
A Web site that evaluates your computer to check for Internet and e-mail vulnerabilities.
Virus
Affects a computer negatively by altering the way the computer works <!--EndFragment-->
Worm
Replicates (copies itself), consuming resources and possibly shutting down the computer or network <!--EndFragment-->
Trojan Horse
A malicious program that hides within or looks like a legitimate program <!--EndFragment-->
Rootkit
Program that hides, creating a “back door” for a remote location to take full control of the computer.
Symptoms of an infected computer include:
- Runs much slower than usual
- Available memory is less than expected
- Files become corrupted
- Screen displays unusual message or image
- Music or unusual sounds play randomly
- Existing programs and files disappear
- Programs or files do not work properly
- Unknown programs or files mysteriously appear
- System properties change
- Operating system does not boot (start up)
- Operating system shuts down unexpectedly
Steps/precautions users can take to protect their home and work computers and mobile devices from malicious infections:
- Never start a computer with removable media inserted in the drives or plugged in the ports, unless the media are uninfected.
- Never open an email attachment unless you are expecting it and it is from a trusted source.
- Set the macro security in programs so that you can enable or disable macros. Enable macros only if the document is from a trusted source and you are expecting it.
- Install an antivirus program on all of your computers. Update the software and the virus signature files regularly.
- Scan all downloaded programs for viruses and other maleware.
- If the antivirus program flags an email attachment as infected, delete or quarantine the attachment immediately.
- Before using any removable media, scan the media for malware. Follow this procedure even for shrink-wrapped software from major developers. Some commercial software has been infected and distributed to unsuspectiing users.
- Install a personal firewall program.
- Stay informed about new virus alerts and virus hoaxes.
botnet
A group of compromised computers connected to a network
A compromised computer is known as a zombie
DoS attack
A denial of service attack: disrupts computer access to Internet services
Distributed DoS (DDoS)
back door
A program or set of instructions in a program that allows remote attackers to bypass security controls
Spoofing
A technique intruders use to make their network or Internet transmission appear legitimate.
firewall
Hardware and/or software that protects computers and networks from intrusion
Intrusion detection software
- Analyzes all network traffic
- Assesses system vulnerabilities
- Identifies any unauthorized intrusions
- Notifies network administrators of suspicious behavior patterns or system breaches
Honeypot
Vulnerable computer that is set up to entice an intruder to break into it
Unauthorized access
The use of a computer or network without permission <!--EndFragment-->
Unauthorized use
The use of a computer or its data for unapproved or possibly illegal activities.<!--EndFragment-->
The measures organizations take to help prevent unauthorized access and use:
- Acceptable use policy
- Disable file and printer sharing
- Firewalls
- Intrusion detection software
Access controls
Define who can access a computer, when they can access it, and what actions they can take:
- Two-phase processes called identification and authentication
- User name
- Password
- Passphrase
- CAPTCHA
possessed object
- Any item that you must carry to gain access to a computer or computer facility.
- Often are used in combination with a personal identification number (PIN)
biometric device
Authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
Digital forensics
The discovery, collection, and analysis of evidence found on computers and networks
Areas that use digital forensics
- Law enforcement
- Criminal prosecutors
- Civil lawsuits, discovery
- Military intelligence
- Insurance agencies
- Information security departments
Hardware theft
The act of stealing computer equipment <!--EndFragment-->
Hardware vandalism
The <!--StartFragment--> act of defacing or destroying computer equipment <!--EndFragment-->
Software theft occurs when someone:
- Steals software media
- Intentionally erases programs
- Illegally copies a program
- Illegally registers and/or activates a program
- Copying, loaning, borrowing, renting, or distributing software can be a violation of copyright law
EULA
An End User License Agreement typically contains the following conditions:
- Permitted to…
- Install the software on a certain number of computers (usually one)
- Make one copy of the software
- Remove the software from your computer before giving it away or selling it
- Not permitted to…
- Install the software on a network
- Give copies to friends or colleagues while continuing to use the software
- Export the software
- Rent or lease the software
Information theft
Occurs when someone steals personal or confidential information
Encryption
A process of converting readable data into unreadable characters to prevent unauthorized access
- Transposition
- Substitution
- Expansion
- Compaction
Transposition
Switch the order of characters
Substitution
Replace characters with other character
Expansion
Insert characters between existing characters
Compaction
Remove characters and store elsewhere
Public Key Encryption
- The sender creates a document to be email to the receiver.
- The sender uses the receiver’s public key to encrypt the message.
- The receiver uses his or her private key to decrypt the message.
- The receiver can read or print the message.
digital signature
An encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender
Often used to ensure that an impostor is not participating in an Internet transaction
Web browsers and Web sites use ________ techniques
encryption
Popular security techniques include:
- Digital Certificates
- Transport Layer Security (TLS)
- Secure HTTP
- VPN (Virtual Private Network)
system failure
The prolonged malfunction of a computer
A variety of factors can lead to system failure, including:
- Aging hardware
- Natural disasters
- Electrical power problems
- Noise, undervoltages, and overvoltages
- Errors in computer programs
Two ways to protect from system failures caused by electrical power variations include ___________ and ____________.
- surge protectors
- uninterruptable power supplies (UPS)
backup
Is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed
To back up a file means to make a copy of it
Offsite backups
Backups are stored in a location separate from the computer site
- Cloud Storage
Three-generation backup policy
Grandparent → Parent → Child
Two backup categories:
- Full backup
- Selective backup
- Differential
- Incremental
Wireless Security
Wireless access poses additional security risks
About 80 percent of wireless networks have no security protection (“unsecured wireless network”)
“War driving” allows individuals to detect wireless networks while driving through an area
In additional to using firewalls, some safeguards improve security of wireless networks
- Change the default SSID (Service Set Identifier)
- A wireless access point should not broadcast an SSID
- Configure WAP so only certain devices can access (e.g., MAC address configuration)
- Use WPA or WPA2 security standards •(do not use WEP)
Health Concerns of Computer Use
The widespread use of computers has led to health concerns
- Repetitive strain injury (RSI)
- Tendonitis
- Carpal tunnel syndrome (CTS)
- Computer vision syndrome (CVS)
Ergonomics
An applied science devoted to incorporating comfort, efficiency, and safety into the design of items in the workplace
Computer addiction
Occurs when the computer consumes someone’s social life. Symptoms include:
- Craves computer time
- Overjoyed when at the computer
- Unable to stop computer activity
- Irritable when not at the computer
- Neglects family and friends
- Problems at work or school
Computer ethics
Are moral guidelines that govern the use of computers and information systems
Information accuracy is a concern
Not all information on the Web is correct!
Intellectual property rights
Are the rights to which creators are entitled for their work <!--EndFragment-->
A copyright protects any tangible form of expression
IT code of conduct
Is written guidelines that help determine whether a specific computer action is ethical or unethical <!--EndFragment-->
IT Code of Conduct
- Computers may not be used to harm other people.
- Employees may not interfere with others’ computer work.
- Employees may not meddle in others’ computer files.
- Computers may not be used to steal.
- Computers may not be used to bear false witness.
- Employees may not copy or use software illegally.
- Employees may not use others’ computer resources without authorization.
- Employees may not use others’ intellectual property as their own.
- Employees shall consider the social impact of programs and systems they design.
- Employees always should use coputers in a way that demonstrates consideration and respect for fellow humans.
Information privacy
Refers to the right of individuals and companies to deny or restrict the collection and use of information about them
- Huge databases store data online
- It is important to safeguard your information
cookie
A small text file that a Web server stores on your computer
Web sites use cookies for many reasons, including:
- Personalization of the experience
- Store passwords
- Assist with online shopping
- Track site visits
- Target advertisements
Spam
An unsolicited e-mail message or newsgroup posting
E-mail filtering
Blocks e-mail messages from designated sources
Anti-spam programs
Attempt to remove spam before it reaches your inbox
Phishing
A scam that sends an official-looking e-mail that attempts to obtain your personal and financial information
Pharming
A scam that attempts to obtain your personal and financial information via spoofing
The 1970 Fair Credit Reporting Act
Limits the right to view a credit report to those with legitimate business needs
Social engineering
Is defined as gaining unauthorized access or obtaining confidential information by taking advantage of trust and naiveté <!--EndFragment-->
Employee monitoring
Uses computers to observe, record, and review employees’ computer use during work on on breaks (if using an employer’s computer) <!--EndFragment-->
Content filtering
The process of restricting access to certain material on the Web
Many businesses use content filtering
Internet Content Rating Association (ICRA)
Web filtering software
Restricts access to specified Web sites
Digital forensics
The discovery, collection, analysis, and reporting of evidence found on computers and digital devices
- Focuses on computers, digital devices, and networks
- Digital evidence exists on a variety of computers
- The forensic analysis of computers and digital devices specifically involves the examination of media, programs, and data and log files
- Fastest growing discipline in the forensics field
- Also referred to as computer forensics, network forensics, or cyberforensics
Digital forensics examiners must have:
- Knowledge of the law
- Technical experience with many types of hardware and software products
- Superior communication skills
- Familiarity with corporate structures and policies
- A willingness to learn and update skills
- A knack for problem solving
Digital forensics covers several overlapping areas:
- Law enforcement
- Homeland security
- Businesses and other private sector organizations
Digital Forensics in Action: Identity Theft
Steps
- Step 1: Gather materials to analyze
- Computer media
- Computers and peripherals
- GPS receivers
- Network hardware
- Computer software
- Step 2: Transport the materials
- Step 3: Preserve the media
- Step 4: Extract evidence
- Step 5: Analyze evidence
- Analyze mobile devices
- Analyze chat room logs
- Analyze browser history logs
- Step 6: Document results
Digital Forensics in Action: Spam Attacks
A digital forensics examiner might use the following techniques to locate the attacker and/or the computer network facilitating the attacks:
- Analyze network traffic
- Track packet routes
- Analyze Internet access provider logs
- Analyze a packet trace
computer security risk
Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.
cybercrime
Network or Internet-based illegal act.
Names for Different Types of Cyber-Criminals
- Hackers
- Crackers
- Script Kiddies
- Corporate Spies
- Unethical Employees
- Cyberextortionists
- Cyberterrorists
online security service
A Web site that evaluates your computer to check for Internet and e-mail vulnerabilities
Wireless Internet access points
They allow people to connect wirelessly to the Internet from home, work, school, and in many public locations
GPS
Global Positioning System: is a navigation system comprising one or more earth-based receivers that accept and analyze signals sent by satellites in order to determine the GPS receiver’s geographic location
GPS receivers are:
- Built into many mobile devices (like your phone so the police can find you when you call 911 for help)
- Available as a handheld device
- Available with motor vehicles
collaborate
Many programs provide a means to ___________, or work together online, with others connected to a server
Collaboration software includes tools that:
… enable users to share documents via online meetings and communicate with other connected users. Examples:
- Online meetings
- Web conferences
- Document management systems
Web services enable programmers to:
… create applications that communicate with other remote computers over the Internet or on an internal business network
mashup
A Web application that combines services from two or more sources
network
A collection of computers and devices connected via communication devices and transmission media
Network Advantages:
- Facilitate communications
- Share hardware
- Share data
- Share software
- Transfer funds
LAN
A Local Area Network: connects computers and devices in a limited geographical area
WLAN
A Wireless LAN: is a LAN that uses no physical connections
MAN
A Metropolitan Area Network: connects LANs in a metropolitan area
WAN
A Wide Area Network: covers a large geographical area
network architecture
The design of computers, devices, and media on a network
P2P
An Internet network on which users access each other’s hard disks and exchange files
Network Topology
Refers to the layout of the computers and devices in a network:
- Star Network
- Bus Network
Intranet
An internal network that uses Internet technologies <!--EndFragment-->
Extranet
Allows customers or suppliers to access part of its Intranet
Network Communications Standards
- Ethernet
- TCP/IP
- Wi-Fi
- Bluetooth
Ethernet
A network standard that specifies no computer controls when data can be transmitted <!--EndFragment-->
TCP/IP
A network standard that defines how messages are routed within a network <!--EndFragment-->
Wi-Fi
Identifies any network based on the 802.11 standard that facilitates wireless communication.
- Newest is 802.11ac (1 Gbps and higher)
- Sometimes referred to as Wireless Ethernet
Bluetooth
Defines how two Bluetooth devices use short-range radio waves to transmit data.
RFID
Uses radio signals to communicate with a tag placed in or attached to an object, animal, or person
Communications software:
- Helps users establish a connection to another computer or network
- Manages the transmission of data, instructions, and information
- Provides an interface for users to communicate with one another
communications device
Any type of hardware capable of transmitting data, instructions, and information between a sending device and a receiving device
digital modem
Sends and receives data and information to and from a digital line. Examples:
- DSL modem
- Cable modem
NIC
A Network Interface Card enables a computer or device to access a network.
- Available in a variety of form factors
- Wireless network cards often have an antenna
WAP
A Wireless Access Point is a central communications device that allows computers and devices to transfer data wirelessly or to a wired network
router
Connects multiple computers or other routers and transmits data to its correct destination
- Many routers are protected by a hardware firewall
hub or switch
connects several devices
Capabilities of home networks include:
- •\Connecting to the Internet at the same time
- Sharing a single high-speed Internet connection
- Accessing files and programs on other computers
- Sharing peripherals
- Playing multiplayer games
- Connecting game consoles to the Internet
- Using VoIP
Types of wired home networks:
- Ethernet
- Powerline cable
- Phoneline
Bandwidth
The amount of data that can travel over a communications channel
Latency
The time it takes a signal to travel from one location to another
Transmission media
Carry one or more signals
Broadband media
Transmit multiple signals simultaneously
Physical Transmission Media
- Twisted-pair cable
- Coaxial cable
- Fiber-optic cable
Cellular radio
A form of broadcast radio that is used widely for mobile communications
communications satellite
Receives microwave signals from earth, amplifies them, and broadcasts the signals over a wide area
Database
Collection of data organized in a manner that allows access, retrieval, and use of that data <!--EndFragment-->
Data
Collection of unprocessed items:
- Text
- Numbers
- Images
- Audio
- Video <!--EndFragment-->
Information
Processed data:
- Documents
- Reports
- Audio
- Images
- Video <!--EndFragment-->
Database software
Often called a database management system (DBMS), allows users to:
- Create a database
- Input, modify, and delete data
- Sort and retrieve (extract) data
- Create forms and reports
Data integrity
Refers to the quality of the data
GIGO
Garbage in, garbage out points out that the accuracy of a computer’s output depends on the accuracy of the input
Useful data and information should have the following characteristics:
- Accurate
- Verifiable
- Timely
- Organized
- Accessible
- Useful
- Cost-effective
The Hierarchy of Data
Data is organized in layers:
- File
- Tables/queries/reports
- records
- fields
- characters
character
one byte:
- Number
- letter
- space
- punctuation mark
- symbol
field
A combination of one or more related characters:
- Field name
- Field size
- Data type
Common data types
- Text (2013: Short Text)
- Numeric
- AutoNumber
- Currency
- Date
- Memo (2013: Long Text)
- Yes/No
- Hyperlink
- Object
- Attachment
record
A group of related fields
primary key
Uniquely identifies each record
table (data file)
A collection of related records
Table maintenance
Refers to the procedures that keep data current:
- Adding records
- Modifying records
- Deleting records
Maintaining Data
- Users add new records to tables when they obtain new data
- Users modify records to correct inaccurate data or update old date
- When a record no longer is needed, a user deletes it from a table
Data Validation
Compares data with a set of rules or values to verify accuracy:
- Alphabetic/Numeric check
- Range check
- Consistency check
- Completeness check
- Check digit
- Other checks
File processing approach
- Each department has its own set of files
- Used for many years
- Have data redundancy
- Isolate data
- Some use Excel for complex lists (not a “database”) <!--EndFragment-->
Database approach
- Programs and users share data
- Reduce data redundancy
- Improve data integrity
- Easier access
- Reduced development time
- Can be more vulnerable <!--EndFragment-->
data dictionary
Contains data about each file in the database and each field in those files
DBMS
Database Management System: provides several tools that allow data retrieval and maintenance
- Query language
- Query by example
- Form
- Report generator
query language
Consists of simple, English-like statements that allow users to specify the data to display, print or store
QBE
Query by example: provides a GUI (Graphical User Interface) to assist users with data retrieval
form
A window on the screen that provides areas for entering or modifying data
report generator
Allows users to design a report, retrieve data into the report, and display or print the report
Provides the means to ensure that only authorized users access data at permitted times by:
- Access privileges
- Principle of “least privilege”
A DMBS provides techniques to restore the database in case it is damaged or destroyed:
- Backup
- Log
- Recovery utility
- Continuous backup <!--EndFragment-->
data model
Consists of rules and standards that define how the database organizes data
relational database
Stores data in tables comprising fields and records:
- Each record (row) has a primary key
- Each field (column) has a unique name
relationship
A link between tables
SQL
Structured Query Language: is a query language that allows users to manage, update, and retrieve data
OODB
An object-oriented database: stores data in objects
Examples of applications appropriate for an object-oriented database include:
- Multimedia database
- Groupware database
- Computer-aided design database
- Hypertext database
multidimensional database
Can store data in more than two dimensions of data
- Sometimes known as a hypercube
- Can consolidate data much faster than a relational database
data warehouse
A huge database that stores and manages the data required to analyze historical and current transactions
Databases on the Web allow you to:
- Shop for products or services
- Buy or sell stocks
- Search for a job
- Make airline reservations
- Register for college classes
- Check semester grades
Database Design Guidlines
- Determine the purpose of the database
- Design the tables or files:
- Design tables or files
- Each table or file should contain data about one subject. The student table, for example, contains data about students.
- Design the records and fields for each table or file.
- Be sure every record has a unique primary key
- Use separate fields for logically distinct items.
- Do not create fields for information that can be derived from entries in other fields.
- Allow enough space for each field.
- Set default values for frequently entered data.
- Determine the relationships amoung the tables or files.
DA
Database Analyst: Decides on proper field placement, defines data relationships, and identifies user access privileges
DBA
Database Administrator: Creates and maintains data dictionaries, manages security, monitors performance, and maintains backup and recovery procedures
Employees should learn how …
to effectively use a database:
- Use database tools
- Identify new data for the database
- Maintain the database
System development
A set of activities used to build an information system.<!--EndFragment-->
system
A set of components that interact to achieve a common goal <!--EndFragment-->
IS
Information System: A collection of hardware, software, data, people, and procedures that work together to produce quality information
System development activities are grouped into phases, collectively called:
the system development life cycle (SDLC)
SDLC
system development life cycle
Three general system development guidelines:
- Group activities or tasks into phases
- Involve users
- Define standards
Phases of System Development
- Planning
- Analysis
- Design
- Implementation
- Operation, Support, and Security
- Repeat
The planning phase – four major activities:
- Review and approve project requests
- Prioritize project requests
- Allocate resources
- Form a project development team
Project management
The process of planning, scheduling, and controlling system development activities
Aspects of project management:
- Project scope
- Required activities
- Activity time estimates
- Activity cost estimates
- Order of activities
- Concurrent Activities
Gantt chart
A popular tool used to plan schedule relationships among project activities
Feasibility
A measure of how suitable the development of a system will be to the organization
- Operational feasibility
- Schedule feasibility
- Technical feasibility
- Economic feasibility
analysis phase – two major activities:
- Preliminary investigation
- Determine and define precise nature of the problem/improvement
- Interview the user who submitted the request
- Detailed analysis
- Study current system
- Determine user requirements (wants and needs)
- Recommend solution
During system development, members of the project team gather data and information using several techniques
- Review documentation
- Observe
- Survey
- Interview
- Joint Application Development
- Research
The design phase – two major activities:
- Acquire hardware and software to meet requirements
- Develop the details of the new or modified information system
prototype
A (proof of concept) – a limited, working model of the proposed system
- Prototypes have inadequate or missing documentation
- Users tend to embrace the prototype as a final system
- Prototypes should not eliminate or replace current system activities
Implementation phase
Construct the new or modified system and deliver it. Common steps:
- Develop programs
- Install and test the new system
- Train users
- Convert to the new system
Operation, support, and security phase
Provide ongoing assistance for an Information System and its users after implementation. Common activities:
- Perform maintenance activities
- Monitor system performance
- Assess system security
Enterprise computing
- Comprehensive use of computers in networks (e.g., LANs and WANs)
- Can include a series of interconnected networks
- Involves a variety of operating systems, protocols, and network architectures
Types of enterprises include:
- Retail
- Manufacturing
- Service
- Wholesale
- Government
- Educational
- Transportation
Most Enterprises are ____________ organizations
hierarchical
In an Enterprise, personnel typically fall into one of four categories:
- Executive Management
- Middle Management
- Operational Management
- Non-management Employees
Enterprise information
Information gathered in ongoing operations of an
- Enterprise-sized organization
- Business intelligence
- Business process management
- Business process automation
Managers
Coordinate resources by carrying out four activities:
- Planning
- Organizing
- Leading
- Controlling
Information System
A set of hardware, software, data, people, and procedures that work together to provide information
Enterprise functional units might include:
- Accounting and Finance
- Human Resources
- Engineering or Product
- Manufacturing
- Marketing
- Sales
- Distribution
- Customer Service
- Information Technology
Accounting software
Manages everyday transactions
Billing software
Helps the company reconcile purchases with customer payments
Financial software
Helps managers budget, forecast, and analyze
Human Resources Information System
Manages one or more human resources functions
Employee Relationship Management System
Manages communication between employees and the business
MRP
Material Requirements Planning - Uses software to help monitor and control processes related to production
MRP II
Manufacturing Resource Planning II - is an extension of MRP that includes software to help with scheduling
Distribution Systems
- Provide forecasting for inventory control
- Manage and track shipping
- Provide analysis and information on warehouse inventory
CIM
Customer Interaction Management - software manages day-to-day customer interactions
IT Department
Information Technology department - makes technology decisions for the enterprise:
- Build or buy new Information Systems?
- Has an Information System and its technology outlived useful life?
Web site management programs
Collect data designed to help organizations make informed decisions regarding Web presence
General purpose Information Systems categories:
- Office Information System
- Transaction Processing System
- Management Information System
- Decision Support System
- Expert System
Batch processing vs. real-time online transaction processing
Batch processing can much longer to complete. The process for each is as follows:
- Batch processing
- Reservation requested
- Batch of reservations
- Process complete
- Real-time Online processing
- Reservation requested
- Process complete
Integrated Information Systems
- Customer Relationship Management
- Enterprise Resource Planning
- Content Management Systems
Customer Relationship Management
Manages information about customer interactions, purchases, and interests
Enterprise Resource Planning
Provides centralized, integrated software to help manage and coordinate ongoing activities
Content Management Systems
Combine databases, software, and procedures
portal
A collection of links, content, and services presented on a Web page related to a job
data warehouse
A huge database that stores and manages data required to analyze transactions
Workflow (or Flow Chart)
Identifies related steps involved in completing a project or business process
VPN
A Virtual Private Network - provides a secure connection to a network server
Virtualization
Supports sharing or pooling computing resources:
- Server virtualization
- Storage virtualization
Storage virtualization
Provides capability to create one logical storage device from many physical storage devices
Server virtualization
Provides capability to partition a physical server logically into many virtual servers
Cloud computing
Is an Internet-based service that provides computing services
Grid computing
Combines many networked servers and/or personal computers to act as one computer
SAN
A Storage Area Network - is a high-speed network that provides storage to other servers