Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

K201 MIDTERM STUDY GUIDE Describe the relationship between

advertisement 
K201 MIDTERM STUDY GUIDE
1. Describe the relationship between ethics and privacy
- ethics (principles and standards that guide our behavior) v privacy (right to be left alone)
-ePolicies- policies and procedures that address ethical computer and internet use in the business environment
and also look at privacy issues
2. Discuss the reasons why privacy issues lose trust for e-business
- hoaxes, malicious codes, spoofing, security threats and hacking
3. Describe the broad levels, formats, and granularities of information
- levels: Individual (knowledge goals, strategies); Department (goals, revenues, expenses, processes); Enterprise
(expenses, revenues..)
- formats: Document, Presentation, Spreadsheet, Database (letters, memos, product, strategy, sales, marketing)
- Granularities: detail (fine), Summary, Aggregate (coarse)- reports
4. List, describe and provide an example of each of the five characteristics of high quality information
- 1. Accuracy: Are all the values correct? Is a name spelled correctly? Doll amount recorded ta,properly?
- 2. Completeness: Are any of the values missing? Is the address complete with full street, city, state and zip?
- 3. Consistency: Is aggregate or summary information in agreement with detailed information? For example do
all total fields equal true total of the individual fields?
- 4. Uniqueness: Is each transaction, entity, and event represented only once in the information? Are there
duplicates?
- 5. Timeliness- Is the information current with respect to the business requirements? For example, is
information updated weekly, daily or hourly?
5. Evaluate the advantages of the relational database model
- creates flexibility, scalability and performance
- increased info security, info integrity/quality
- reduced info redundancy
6. Explain the primary difference between a database and a date warehouse
-a database maintains information about various types of objects events people and places whereas a data
warehouse is a logical collection of info gathered from many diff databases- supports business analysis and the
decision making tasks
7. Explain the multidimensional nature of data warehouses (and data marts) and the business value gained from
multidimensional analysis
- cube- a dimension is a particular attribute of information, each layer in a data warehouse or mart represents
the information according to an additional dimension
8. Explain why an organization cannot achieve 100 percent accurate and complete information
- human error and real-time information, things constantly change and need updating
9. Identify the importance of ensuring the cleanliness of information throughout an organization
-updating and fixing incorrect data
10. Explain the current tools and trends used in a collaborative working environment
- video conferencing, instant messaging and email
11. Identify the different ways in which companies collaborate using technology
- groupware systems: email, news groups, video phones and chat rooms
12. List and describe each phase in the systems development life cycle (SDLC)
- 1. Planning- how does the business need to do what they do right now
- 2. Analysis- what do we need new system to do
- 3. Design- How are we going to do it
- 4. Development- building
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
- 5. Testing- along all steps
- 6. Implementation- start using it, diff approaches like phasing (cold turkey, switch)
- 7.maintenance- continuous
Compare LANs, WANs and MANs
- Local Area Network- between 2 computers, cables or wireless; Wide Area Network- largest geographic region;
Metropolitan Area Network- between the 2
Compare of the two types of network architectures
- Peer to Peer: network without a central file, all computers are in a network that allows others to access the
files Ex-Napster
- Client/Server Network: A model for applications in which the bulk of the back end processing, such as
performing a search on the database, takes place on a server, while front-end processing, like communicating
with the users, is handled by the clients
List the common input, output, storage and communication devices
- input- captures info and commands, keyboard mouse
- output- see hear, accepts results of information processing requests, scanners plotters
- storage- flash drive, CD Rom,
- communication devices- equipment used to send info and receive it from one location to another, modem
Explain the difference between primary and secondary storage
- primary storage is the main memory, short-term- before saving, ex-Ram
-secondary storage- equipment designed to store information for long-term use, cds, hard drive and flash drives
Summarize K201 Tech Services Case Intro video with Jim Anderson
- faculty/students supported by UITS not TS; main concern is making sure timely response to classrooms with
problems; biggest challenge at Kelley- how to use technology in a strategic manner
Using info provided in ‘Privacy’ video with Jim Anderson, describe the differences between corporate and
university privacy expectations
- does IU monitor student email? No. Can they? Yes.
- University- academic freedom, subject to regulations from FERPA (federal educational rights privacy act) vs
corporation- locked down machines, proxy server, more control
Using the information provided in Hardware/Software videos, describe Tier II support
- when someone calls into the help desk with an issue, full time support comes up with a solution
Using “Security” videos, explain Kelley’s disaster recovery plan- backup method used, backup locations
- used to rely on magnetic tapes but that was unreliable so Kelley now relies on disk space backup systems.
Storage area networks- Bloomington (2x daily updates) and IUPUI- Indy (weekly updates)
Describe the relationship between information security policies and information security plan
- policy identifies rules required to maintain info security and the plan details how organizations will implement
the security policies
Summarize the five steps to creating an information security plan
- 1. Develop the information security policies- who is responsible for designing and implementing organizations
security policies
- 2. Communicate the info sec pol- train all employees and establish clear expectations
- 3. Identify critical information, assets and risks- requires user ids, passwords and antivirus software on all
computers
- 4. Test and re-evaluate risks- continually perform security reviews and checks
- 5. Obtain stakeholder support- gain approval and support from board of directors and stakeholders
Describe authentication and the most secure type of authentication
- authentication is the method for confirming users identities and the most secure types- having user id or
24.
25.
26.
27.
28.
29.
30.
password, having smart card or token(automatically changes password), fingerprint and voice signature
(biometrics- most secure)
List and describe the three primary security areas
-1. Authentication and authorization- confirms user identity and gives someone permission to do somethinguser id, token
- 2. Prevention and resistance- stop intruders from accessing intellectual capital- content filtering, encryption,
firewalls
- 3. Detection and response
Describe the relationships and differences between hackers and viruses
- hackers- people very knowledgeable about computers and use their knowledge to invade, whereas a virus is
the software written with malicious intent, hackers use viruses to do damage
Describe the important ethical concepts relevant to information technology
- intellectual property- intangible, creative work that is embodied in physical form
- copyright(legal protection), fair use doctrine(certain situations, legal use of copyright), pirated software
(duplication distribution or sale of copyrighted software), counterfeit software(software manufactured to look
like the real thing and sold as such)
Explain the statement “Information has no ethics”
- Info doesn’t care how it is used. It will not stop itself from spamming customers, sharing itself if it is sensitive or
personal or revealing details to third parties. Info cannot delete or preserve itself.
Identify the differences between an ethical computer use policy and an acceptable computer use policy
- ethical computer use policy contains general principles to guide computer user behavior (ex- no online games
at work), acceptable computer policies users must agree to follow in order to get access
Describe the relationship between an e-mail privacy policy and an Internet use policy
- email privacy policy details the extent to which e-mail messages may be read by others vs internet use policy
contains general principles to guide the proper use of the internet. Internet- large amounts of computing
resources that users can expend thus making it essential that such use be legitimate and the internet also
contains numerous materials that some might feel are offensive and so regulation is required
Summarize the different monitoring technologies and explain the importance of an employee monitoring
policy
- Big Brother approach- companies use software that tracks internet usage and even allows the boss to read
employees’ email
-it is important because research indicates employees spend company time browsing web for personal use or
online shopping- loss of productivity
- information technology monitoring- tracks peoples activities by such measures as number of keystrokes, error
rate and number of transactions processed
Related documents
“Contrasting the early 19th versus early 21st Centuries”
“Contrasting the early 19th versus early 21st Centuries”
Central Missouri Cardiovascular Associates P
Central Missouri Cardiovascular Associates P
Privacy Confidentiality Minor
Privacy Confidentiality Minor
IAPP presentation - International Association of Privacy Professionals
IAPP presentation - International Association of Privacy Professionals
Maintaining Privacy and Dignity in Care (Fiona Throp)
Maintaining Privacy and Dignity in Care (Fiona Throp)
Merenje koncentracije i trzisne moci privrednih
Merenje koncentracije i trzisne moci privrednih
Usability and Privacy in Identity Management Architectures Audun Jøsang Mohammed AlZomai Suriadi Suriadi
Usability and Privacy in Identity Management Architectures Audun Jøsang Mohammed AlZomai Suriadi Suriadi
Download
advertisement