Fundamentals of IT

E-Commerce Challenges
Click the card to flip 👆
1 / 95
Terms in this set (95)
A database management system (DBMSis a group of programs that :• Manipulate the database • Provide an interface between the database and its users and other application programsdataraw factsA byteis made up of eight bitsFielda name, number, or combination of characters that describes an aspect ofa business object or activityPrimary keya field or set of fields that uniquely identifies the recordConsiderations when building a database• Content: what data should be collected? cost? • Access: what data should be provided to which users and when? • Logical structure: how should data be arranged so that it makes sense? • Physical organization: where should data be physically located? • Archiving: how long to store? • Security: how can data be protected?Entity-relationship (ER) diagrams:data models that use basic graphical symbols to show the organization of and relationships between dataRelational modela simple but highly useful way to organize data into collections of two-dimensional tables called relationsData CleansingThe process of detecting and then correcting or deleting incomplete, incorrect, inaccurate, irrelevant records that reside in a databaseSQLa special-purpose programming language for accessing and manipulating data stored in a relational databaseDatabase Activities• Providing a user view of the database • Adding and modifying data • Storing and retrieving data • Manipulating the data and generating reportsData definition language (DDL)• A collection of instructions and commands used to define and describe data and relationships in a specific database • Allows the database's creator to describe data and relationships that are to be contained in the schemaQuery by Example (QBEis a visual approach to developing database queries orrequestsDatabase administrators (DBAs):skilled and trained IS professionals • Works with users to define their data needs • Applies database programming languages to craft a set of databases to meet those needs • Tests and evaluates databases• Implements changes to improve their databases' performance • Assures that data is secure from unauthorized accessDatabase as a Service (DaaS)• The database is stored on a service provider's servers • The database is accessed by the client over a network, typically the Internet • Database administration is handled by the service providerBig DataExtremely large and complex data collections • Volume• Velocity• VarietyData ManagementAn integrated set of functions that defines the processes by which data is obtained, certified fit for use, stored, secured, and processed in such a way as to ensure that the accessibility, reliability, and timeliness of the data meet the needs of the data used within an organizationData warehousea large database that collects business information from many sources in the enterprise in support of management decision makingData marta subset of a data warehouse that is used by small- and medium-sized businesses and departments within large companies to support decisionmakingData laketakes a "store everything" approach to big data, saving all the data in its raw and unaltered form• Also called an enterprise data hub• Raw data is available when users decide just how they want to use the data• Only when the data is accessed for a specific analysis is it extracted from the data lakeHadoopAn open-source software framework that includes several software modules thatprovide a means for storing and processing extremely large data setsWhich of the following is the correct description of a firewall?It is hardware that prevents unauthorized data to enter the private network.A database management system (DBMS) serves as an interface between an application program and a database.TrueA collection of data fields that are all related to one object, activity, or individual is called a file.FalseWith _____, the database is stored on a service provider's server and accessed by the client over a network, typically the Internet.Database as serviceA(n) _____ is an HTML code, not visible on a displayed Web page, that contains keywords representing the Website's content, which search engines use to build indexes pointing to the Website.meta tag_____ is a special-purpose programming language for accessing and manipulating data stored in a relational database.SQLWhich of the following statements is true of a database?It helps companies analyze information to open new market opportunities.Conversion to an e-commerce or m-commerce system enables organizations to increase the accuracy of order processing and order fulfillment.trueToday, most organizations use the traditional approach to data management, where multiple information systems share a pool of related data.falseSuppose a retailer who has no technology expertise wishes to set up an online presence for his business. He ________.can use a hosting service to set up the siteA database administrator (DBA) must have a clear understanding of the fundamental business of an organization, be proficient in the use of selected database management systems, and stay abreast of emerging technologies and new design approaches.trueTransaction processing systems (TPSs):• Capture and process detailed data necessary to update the organization's records about fundamental business operations • Include order entry, inventory control, payroll, accounts payable, accounts receivable, mgeneral ledger, etc. • A TPS provides valuable input to: • Management information systems • Decision support systems• Knowledge management systemsA TPS includes• Order processing systems- Processing flow begins with receipt of customer order, then finished product inventory is checked to see if sufficient inventory is on hand to fill the order- Product pick list is printed at the warehouse and inventory is adjusted- Customer invoice is created and copy included in the customer shipment • Accounting systems- Must track the flow of data related to all the cash follows that affect the organization • Purchasing systems- Systems that support the purchasing business function- Inventory control, purchase order processing, receiving, and accounts payableThe transaction processing cycle• Data collection• Data editing• Data correction• Data manipulation• Data storage• Document productionCloud-based POS systems provide a range of capabilitiesIncluding advanced integration with digital loyalty programs, various accounting tools, and the ability to generate gift cards and couponsData StorageInvolves updating one or more databases with new transactionsEnterprise Systems- central to individuals and organizations of all sizes - Ensures that information can be shared across all business functions and all levels of management to support the running and managing of a businessEnterprise resource planning (ERP)A set of integrated programs that manage a company's vital business operations for an entire organizationERP Advantages• Improved access to quality data for operational decision making• Elimination of costly, inflexible legacy systems• Improvement of work processes• Opportunity to upgrade and standardize technology infrastructureSupply Chain Managementa system that includes planning, executing, and controlling all activities involved in: • Sourcing and procurement of raw materials • Converting raw materials to finished products • Warehousing and delivering finished product to customersCustomer relationship management (CRM) systemHelps a company manage all aspects of customer encounters, including marketing, sales, distribution, accounting, and customer serviceComputer-aided design (CAD):The use of software to assist in the creation, analysis, and modification of the design of a component or productComputer-aided manufacturing (CAM)The use of software to control machine tools and related machinery in themanufacture of components and productsComputer-aided engineering (CAE):The use of software to analyze the robustness and performance of components andassembliesBusiness analyticsThe extensive use of data and quantitative analysis to support fact-based decisionmaking within organizationsBusiness intelligence (BI)Includes a wide range of applications, practices, and technologies for the extraction,transformation, integration, visualization, analysis interpretation, and presentation ofdata to support improved decision makingOnline Analytical Processing (OLAP)A method to analyze multidimensional data from many different perspectivesDrill-down analysisInvolves the interactive examination of high-level summary data in increasing detail to gain insight into certain elementsLinear regressionA mathematical technique for predicting the value of a dependent variable based on a single independent variable and the linear relationship between the two • Consists of finding the best-fitting straight line through a set of observations of the dependent and independent variables • A linear relationship between the independent (X) and dependent (Y)variables mustexist • Errors in the prediction of the value of Y are distributed in a manner that approaches the normal distribution curve • Errors in the prediction of the value of Y are all independent of one anotherData miningA BI analytics tool used to explore large amounts of data for hidden patterns to predictfuture trends and behaviors for use in decision makingRansomwareMalware that stops you from using your computer or accessing your data until youmeet certain demands such as paying a ransom or sending photos to the attackerViruses• A piece of programming code (usually disguised as something else) that causes a computer to behave in an unexpected and undesirable manner • Spread to other machines when a computer user shares an infected file or sends an email with a virus-infected attachmentWorms• A harmful program that resides in the active memory of the computer and duplicates itself • Can propagate without human interventionTrojan Horses• A seemingly harmless program in which malicious code is hidden • A victim on the receiving end is usually tricked into opening it because it appears to be useful software from a legitimate source- The program's harmful payload might be designed to enable the attacker to destroy hard drives, corrupt files, control the computer remotely, launch attacks against other computers, steal passwords or spy on users • Often creates a "backdoor" on a computer that enables an attacker to gain future accessLogic bombA type of Trojan horse that executes when it is triggered by a specific eventBlended Threat• A sophisticated threat that combines the features of a virus, worm, Trojan horse, and other malicious code into a single payload • Might use server and Internet vulnerabilities to initiate and then transmit and spread an attack using EXE files, HTML files, and registry keysSpam• The use of email systems to send unsolicited email to large numbers of people • Also an inexpensive method of marketing used by many legitimate organizations • Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act states that it is legal to spam, provided the messages meet a few basic requirements- Spammers cannot disguise their identity by using a false return address- The email must include a label specifying that it is an ad or a solicitation- The email must include a way for recipients to opt out of future mass mailingsDistributed Denial-of-Service Attacks• An attack in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks • Keeps target so busy responding to requests that legitimate users cannot get in • Botnet- A large group of computers, controlled from one or more remote locations by hackers, without the consent of their owners- Sometimes called zombies- Frequently used to distribute spam and malicious codeRootkit• A set of programs that enables its user to gain administrator-level access to a computer without the end user's consent or knowledge • Attackers can use the rootkit to execute files, access logs, monitor user activity, and change the computer's configuration • Symptoms of rootkit infections:- Computer locks up or fails to respond to input from the keyboard- Screen saver changes without any action on the part of the user- Taskbar disappears- Network activities function extremely slowAdvanced Persistent Threat• APT is a network attack in which an intruder gains access to a network and stays undetected with the intention of stealing data over a long period of time • An APT attack advances through the following five phases:- Reconnaissance- Incursion- Discovery- Capture- Export • Detecting anomalies in outbound data is the best way for administrators to discover that the network has been the target of an APT attackPhishing• The act of fraudulently using email to try to get the recipient to reveal personal data • Con artists send legitimate-looking emails urging recipients to take action to avoid a negative consequence or to receive a reward • Spear-phishing is a variation of phishing where fraudulent emails are sent to a certain organization's employees- Much more precise and narrow- Designed to look like they came from high-level executives within organizationSmishing and Vishing• Smishing is a variation of phishing that involves the use of texting • Vishing is similar to smishing except the victims receive a voice mail message telling them to call a phone number or access a Web siteCyberespionage• Involves the development of malware that secretly steals data in the computer systems of organizations, such as government agencies, military contractors, political organizations, and manufacturing firms • Mostly targeted toward high-value data such as the following:- Sales, marketing, and new product development plans, schedules, and budgets- Details about product designs and innovative processes- Employee personal information- Customer and client data- Sensitive information about partners and partner agreementsCyberterrorism• The intimidation of government of civilian population by using information technology to disable critical national infrastructure to achieve political, religious, or ideological goals • Department of Homeland Security (DHS) provides a link that enables users to report cyber incidents- Incident reports go to the U.S. Computer Emergency Readiness Team (US-CERT) • Cyberterrorists try daily to gain unauthorized access to a number of important and sensitive sitesA strong security program begins by• Assessing threats to the organization's computers and network • Identifying actions that address the most serious vulnerabilities • Educating users about the risks involved and the actions they must take to prevent a security incidentRisk assessmentThe process of assessing security-related risks to an organization's computer and networks form both internal and external threatsFirewall• A system of software, hardware, or a combination of both that stands guard between an organization's internal network and the Internet and limits network access based on the organization's access policyNext-generation firewall (NGFW)• A hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents • Goes deeper to inspect the payload of packets and match sequences of bytes for harmful activitiesIntrusion detection system (IDS)• Software and/or hardware that monitors system and network resources and activities • Notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environmentManaged Security Service Provider (MSSP)• A company that monitors, manages, and maintains computer and network security for other organizations • Includes companies such as AT&T, Computer Sciences Corporation, Dell SecureWorks, IBM, Symantec, and VerizonExamples of computer-related waste include:• Organization's operating unintegrated information systems • Acquiring redundant systems • Wasting information system resourcesComputer-related mistakes refer to:• Errors • Failures • Other computer problems that make computer output incorrect or not usefulComputer-Related Mistakes• Common causes• Unclear expectations• Inadequate training and feedback• Program development that contains errors• Incorrect input by a data-entry clerk • Some examples:• Data-entry or data-capture errors• Programming errors• Errors in handling files• Mishandling of computer output• Inadequate planning for and control of equipment malfunctionsIS efficiency and effectiveness involves:• Establishing policies and procedures • Implementing policies and procedures • Monitoring policies and procedures • Reviewing policies and proceduresMobile crowd sensing (MCSa means of acquiring data through sensor-enhanced mobile devicesThe Children's Online Privacy Protection Act (COPPA) of 1998Impacts the design and operations of Web sites that cater to childrenLibelpublishing an intentionally false written statement that is damaging to aperson's or organization's reputationSeated immobility thromboembolism (SIT)Formation of blood clots in the legs or lungsRepetitive strain injury (RSI)An injury or disorder of the muscles, nerves, tendons, ligaments, or joints caused byrepetitive motionCarpal tunnel syndrome (CTS)Inflammation of the nerve that connects the forearm to the palm of the wristTwo primary causes of computer-related health problems are• A poorly designed work environment • Failure to take regular breaks to stretch the muscles and rest the eyesErgonomicsis the science of designing machines, products, and systems tomaximize safety, comfort, and efficiency of people who use themethics• Ethical behavior conforms to generally accepted social norms • Morals are one's personal beliefs about right and wrong • Law is a system of rules that tells us what we can and cannot doA code of ethics:• States the principles and core values essential to a set of people and, therefore, govern their behavior• Can become a reference point for weighing what is legal and what is ethical