a method for confirming users identities
The process of giving someone permission to do or have something
refers to the breadth of your back-up (what types of files you will back up-media, documents, OS, etc)
the amount of times that a user chooses to back up their files or website media.
magnetic tape drives, hard drives, optical media (CD, DVD), solid-state media (flash drives, SD--secure digital, CF--compact Flash)
the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting
occurs when organizations use software that filters content to prevent the transmission of unauthorized information
denial-of-service attack (DoS)
floods a Web site with so many requests for service that slows down or crashes the site
scrambles information into an alternative form that requires a key or password to decrypt the information
hardware and/or software that guards a private network by analyzing the information leaving and entering the network
attack computer systems by transmitting a virus hoax, with a real virus attached
a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization
legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
intrusion detection software (IDS)
searches out patterns in information and network traffic to indicate attacks and quickly responds to prevent any harm.
includes a variety of threats such as viruses, worms, and Trojan horses
altering the contents of packets as they travel over the internet or altering data on computer disks after penetrating a network.
a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent e-mail
a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing
a program or device that can monitor data traveling over a network
using one's social skills to trick people into revealing access credentials or other information valuable to the attacker
The forging of the return address on an e-mail so that the e-mail message appears to come from someone other than the actual sender.
software that comes hidden in free downloadable software and tracks online movements, mines the information stored on a computer, or uses a computer's CPU and storage for some task the user knows nothing about
small electronic devices that change user passwords automatically
hides inside other software, usually as an attachment or a downloadable file
software written with malicious intent to cause annoyance or damage
A type of virus that spreads itself, not only from file to file, but also from computer to computer
Systems Development Life Cycle
Phases of SDLC
Planning, Analysis, Design, Development, Testing, Implementation, Maintenance
involves establishing a high-level plan of the intended project and determining project goals
Identify and select the system for development, assess project feasibility, develop the project plan
involves analyzing end-user business requirements and refining project goals into defined functions and operations of the intended system
Gather business requirements, create process diagrams, perform a buy vs. build analysis
involves describing the desred features and operations of the system including screen layouts, business rules, process diagrams, pseudo code, and other documentation
Design the IT infrastructure, design system models
involves taking all of the detailed design documents from the design phase and transforming them into the actual system
Develop the IT infrastructure, develop the database and programs
involves bringing all the project pieces together into a special testing environment to test for errors, bugs, and interoperability and verify that the system meets all of the business requirements defined in the analysis phase
Write the test conditions, perform the systems testing
involves placing the system into production so users can begin to perform actual business operations with the system.
Write detailed user documentation, determine implementation method, provide training for the systems users
involves performing changes, corrections, additions, and upgrades to ensure the system continues to meet the business goals
build a help desk to support the systems users, perform system maintenance, provide an environment to support system changes
application (or system) testing
Veriﬁes that all units of code work together and the total system satisﬁes all of its functional and operational requirements. Will components work together?
backup and recovery testing
tests the ability of an application to be restarted after failure. will it restart after disaster or failure?
verifies instruction guides are helpful and accurate
exposes faults in the integration of software components or units. Does it work with other systems?
determines if a functional improvement or repair to the system has affected the other functional aspects of the software. Are other functions still working?
tests each unit of code as soon as the unit is complete to expose faults in the unit regardless of its interaction with other units
User Acceptance Test (UAT)
Determines whether a system satisfies its acceptance criteria, enabling the customer to decide whether or not to accept a system. Does the system satisfy user needs?
Benchmarks for Systems Success
Slash the budget, if it doesn't work kill it, keep requirements to a minimum, test and deliver frequently, assign non-IT executives to software project, ask the "dumb" questions
Software Development Methodologies
Waterfall, Rapid Application Development (RAD), Extreme Programming (XP), Agile, Role of ITIL
Set of policies, procedures, standards, processes, practices, tools, techniques, and tasks that people apply to technical and management challenges
an activity-based process in which each phase in the SDLC is performed sequentially from planning through implementation and maintenance
Rapid Application Development (RAD)
Emphasizes extensive user involvement in the rapid and evolutionary construction of working prototypes of a system to accelerate the systems development process
Extreme Programming (XP)
breaks a project into tiny phases and developers cannot continue on to the next phase until the first phase is complete
aims for customer satisfaction through early and continuous delivery of useful software components developed by an iterative process with a design point that uses the bare minimum requirements.
Role of ITIL
Framework of best practice approaches intended to facilitate the delivery of high quality IT services. Outlines an extensive set of management procedures that are intended to support businesses in achieving both high financial quality and value in IT operations.
1.slash the budget, 2. kill it if it doesn't work/or not useful, 3. keep requirements to a minimum(start with what software must do, not what it should do), 4. test and deliver frequently(have customer see the working parts, test no less than once a month), 5. assign non-IT executives to software projects
project management applied to SDLC
A role of project management
Project management roles
Time, cost, scope
If a proposed solution is feasible and achievable from a financial, technical, and organizational standpoint
Economical, Technical, Operational, Legal, Scheduling
Do benefits exceed costs?
Is technology available?
Can our organization operate it?
Does it meet all regulations and laws?
Is the implementation schedule practical? Have we allowed time to build, train, etc.?
Implementation (Construction) tasks and strategies
Train users, convert, Benefits and risks of different strategies, acceptance testing
Switch from the old system to the new system "overnight", discard old system completely and immediately use new system
Avoids some risk, run the old and new systems until the new one is activated and working
Activate a new system one module at a time
Activate and test the new system in one branch of an organization
Project Management Issues
Choose strategic projects, set the project scope, manage resources and maintain the project plan, change management, risk assessment, risk management, risk mitigation
Choosing strategic projects
Focus on organizational goals, categorize projects, perform a financial analysis
Defines the work that must be completed to deliver a product with the specified features and functions. The statement describes the business need, justification, requirements, and current boundaries for the project
Manage Resources and Maintain the project plan
Identify requirements, establish clear and achievable objectives, balance the competing demands of quality, scope, time and cost, adapt the specifications, plans, and approach to the different concerns and expectations of the various stakeholders
Focus on People, communications, change, and risk
evaluation of the short-term and long-term risks associated with a particular activity or hazard
the process of proactive and ongoing identification, analysis, and response to risk factors
any step(s) taken to minimize the expected schedule delay of a risk
a set of techniques that aid in evolution, composition, and policy management of the design and implementation of a system
collaborative web pages that allow users to edit documents, share ideas, or monitor the status of a project
an IT-based set of tools that supports the work of teams by facilitating the sharing and flow of information
content management system
Provides tools to manage the creation, storage, editing, and publication of information in a collaborative environment
an organization's key strength or business function that it does better than any of its competitors
digital asset management system (DAM)
though similar to document management, generally works with binary rather than text files, such as multimedia file types
Organizations that cannot adapt to the new demands placed on them for surviving in the information age are doomed to extinction.
when those with access to technology have great advantages over those without access to technology
a new way of doing things that initially does not meet the needs of existing customers
document management system
supports the electronic capturing, storage, distribution, archival, and accessing of documents
consists of anything that can be documented, archived, and codified, often with the help of IT
software that supports team interaction and dynamics including calendaring, scheduling, and video-conferencing
hypertext transport protocol (HTTP)
the Internet Standard that supports the exchange of information on the WWW.
includes document exchange, shared whiteboards, discussion forums and email. These functions that improve personal productivity reducing the time spent searching for information of chasing answers.
global public network of computer networks that pass information from one to another using common computer protocols
supports the capturing, organization, and dissemination of knowledge (i.e., know-how) throughout an organization
involves shared participation in business processes, such as workflow, in which knowledge is hard coded as rules. This is beneficial in terms of improving automation and the routing of information.
includes document exchange, shared whiteboards, discussion forums and email. These functions that improve personal productivity reducing the time spent searching for information of chasing answers.
standards that specify the format of data as well as the rules to be followed during transmission
an evolving extension of the WWW in which web content can be expressed not only in natural language, but also in a format that can be read and used by software agents, thus permitting them to find, share, and integrate information more easily.
a collection of services that communicate with each other, for example, passing data from one service to another or coordinating an activity between one or more services
less experienced staff observe more experienced staff to learn how their more experienced counterparts approach their work
social networking analysis
A process of mapping a group's contacts to identify who knows whom and who works with whom.
produces an improved product customers are eager to buy, such as a faster car or larger hard drive
knowledge contained in people's heads
a set of interactive telecommunication technologies that allow two or more locations to interact via two-way video and audio transmissions simultaneously
a set of economic, social, and technology trends that collectively form the basis for the next generation of the Internet; a more mature, distinctive medium characterized by user participation, openness, and network effects
blends audio, video, and document-sharing technologies to create virtual meeting rooms where people "gather" at a password-protected website
web content management systems
adds an additional layer to document and digital asset management that enables publishing content both to intranets and to public websites
web-based tools that make it easy for users to add, remove, and change online content
workflow management systems
facilitate the automation and management of business processes and control the movement of work through the business process
world wide web
global hypertext system that uses the internet as its transport mechanism
application service provider (ASP)
a company that offers an organization access over the Internet to systems and related services that would otherwise have to be located in personal or organizational computers
A business that operates in a physical store without an Internet presence.
applies to businesses buying from and selling to each other over the internet
applies to any business that sells its products or services to consumers over the internet
a business that operates in a physical store and on the internet. Ex REI and Barnes and Noble
the exact pattern of a consumer's navigation through a site
a count of the number of people who visit one site and click on an advertisement that takes them to the site of the advertiser
applies to any consumer that sells a product or service to a business over the internet
Companies that use the Internet to distribute copyrighted content, including news, music, games, books, movies, and many other types of information.
the conducting of business on the Internet including, not only buying and selling, but also serving customers and collaborating with business partners
the buying and selling of goods and services over the internet
the B2B purchase and sale of supplies and services over the Internet
A version of a retail store where customers can shop at any hour of the day without leaving their home or office
an Intranet that is available to strategic allies (such as customers, suppliers, and partners)
measures the visitor interactions with the target ad
agents, software, or businesses that bring buyers and sellers together that provide a trading infrastructure to enhance e-business
internet service provider (ISP)
a company that provides individuals and other companies access to the Internet along with additional related services, such as website building
an internalized portion of the internet, protected from outside access, that allows an organization to provide access to information and application software to only its employees
the ability to purchase goods and services through a wireless internet-enabled device (such as a kiosk)
Intermediaries between buyers and sellers of goods and services.
online service provider (OSP)
offers an extensive array of unique services such as its own version of a web browser
Web site that offers a broad array of resources and services, such as email, online discussion groups, search engines, and online shopping malls (ex Google)
pure-play (virtual) business
A business that operates on the Internet only without a physical store. Ex. Amazon.com, Expedia.com
service level agreements (SLAs)
define the specific responsibilities of the service provider and set the customer expectations
a website or web application that uses content from more than one source to create a completely new service
Wireless internet service provider (WISP)
an ISP that allows subscribers to connect to a server at designated hotspots or access points using a wireless connection
a flowchart should be complete so that all necessary steps and decisions are included
a flowchart should be clear and unambiguous
flowcharts are drawn so that flow goes from top to bottom or left to right
single process exit
only one flow line should exit from a process symbol
flows related to decision
only one flow line should enter a decision symbol, but two flow lines should exit, one for each possible outcome.
single start flow
only one flow line should exit a start symbol
single end flow
only one flow line should enter an end symbol. it is possible to have multiple end symbols because multiple situations can lead the program to terminate.
connector symbols should be used when multiple arrow heads need to come together. only one arrow should leave a connector symbol
begins the process
ends the process
used to represent inputs from the user or outputs to the user
a junction where a decision must be made. must return true or false.
used to represent any type of function or action. This symbol may be used to represent one step or a sequence of steps
used when more than one flow arrow head needs to come together
represents movement to the next operation
an efficient way to express algorithms in a succinct and precise manner
translates a complete high level language program such as C++ or Pascal into a complete machine language program
translate once, stored in .EXE or .DLL files, fast because it can run machine code directly
executable file name
dynamic linked library
efficient but not compatible (use a different compiler for different machines such as Windows, OS X, Linux), must install machine-level program on user's machine before the program runs
sequentially translates each programming statement or instruction into machine language when the program is run.
converts code statement by statement into machine-level language just before execution (at run-time)
translation done every time the program is run (some of machine's processing power used to complete translation), good for short programs and programs that are updated regularly (used when optimal speed not required), discards commands no longer needed, specific to each type of machine. A website will ask for source code (HTML), download it, and it is translated for your source code (browser translates)
HTML, VBA, Java Script
uses both a compiler and an interpreter. high-level language programs first run through a compiler, which translates the code into an intermediate form, which an interpreter can then easily translate into machine code.
java virtual machines; last step interpreter that does the last step of translation statement-by-statement just before execution (at runtime); specific to each operating system and must be installed on the destination machines
statement by statement at runtime
Java, visualbasic.net (also called "dot net"
whole program; then, statement by statement
when a programmer uses incorrect words or grammar. these errors violate programming rules, incorrect use of language's defined set of key terms and operators. A compiler or interpreter can usually catch these errors.
errors that do not violate the specified syntax of the programming language but are logically incorrect; often caused by logic errors. Found when running
often cause runtime errors; code that is logically incorrect
mostly translated program in 2-level programming
The development of software that uses events to provide controls in computer systems. The use of a GUI on a modern personal computer requires event-driven programming.
compiled into byte code, stored as a separate file, referenced using <applet> or <object> tags, JVM in browser, programmed w/ Java programming tools
four common internet tools
intranet, extranet, portal, kiosk