Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
37 Cards in this Set
- Front
- Back
|
What is IT Governance? |
From the book: It is the framework for the leadership, organizationalstructures and business processes, standards and compliance to these standards, which ensures that the organization’s information systemssupport and enable the achievement of its strategies and objectives Other definitions: It is putting structure around how organizations align IT strategy with business strategy, ensuring that companies stay on track to achieve their strategies and goals, and implementing good ways to measure IT’s performance. It makes sure that all stakeholders’ interests are taken into account and that processes provide measurable results. It is the responsibility of the board end executive management. An IT governance framework should answer some key questions, such as how the IT department is functioning overall, what key metrics management needs and what return IT is giving back to the business from the investment it’s making. |
|
|
What are the 5 areas of focus of IT Governance? |
According to the IT Governance Institute, there are five areas of focus: Strategic alignment: Linking business and IT so they work well together. Typically, the lightning rod is the planning process, and true alignment can occur only when the corporate side of the business communicates effectively with line-of-business leaders and IT leaders about costs, reporting and impacts. Value delivery: Making sure that the IT department does what’s necessary to deliver the benefits promised at the beginning of a project or investment. The best way to get a handle on everything is by developing a process to ensure that certain functions are accelerated when the value proposition is growing, and eliminating functions when the value decreases. Resource management: One way to manage resources more effectively is to organize your staff more efficiently—for example, by skills instead of by line of business. This allows organizations to deploy employees to various lines of business on a demand basis. Risk management: Instituting a formal risk framework that puts some rigor around how IT measures, accepts and manages risk, as well as reporting on what IT is managing in terms of risk. Performance measures: Putting structure around measuring business performance. One popular method involves instituting an IT Balanced Scorecard, which examines where IT makes a contribution in terms of achieving business goals, being a responsible user of resources and developing people. It uses both qualitative and quantitative measures to get those answers. |
|
|
What is the difference between Quality Assurance and Quality Control? |
Quality Assurance - process oriented. It is an activity that establishes and evaluates the processes to produce the products. It validates the production/development process to make sure that it is the right production/development process.
"Are we doing the right things in the right way?" Quality Control - product oriented. An activity which verifies if the product meets the predefined standards. "Are we getting what we expected?" |
|
|
What are the Software Development Process Elements? |
Change management - Managed way to decide which changeideas to implement and when. Version management - Keeping track of multiple versions ofcomponents and ensure that changes by different developersdo not disturb each other. System building - Collecting and assembling correct versionsof requiredcomponents andthen compile. Release management - Preparing for external releasesand keeptrack of external releases. |
|
|
What is Capability Maturity Model Integration and its levels? |
Level 1 - Initial: processes unpredictable, poorly controlled and reactive Level 2 - Managed: processes characterized for projects and is often reactive Level 3 - Defined: processes characterized for organization and is proactive Level 4 - Quantitatively Managed: processes measured and controlled Level 5 - Optimizing: focus on process improvement |
|
|
What is an ISMS? |
An ISMS (Information Security Management System) is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. It can help small, medium and large businesses in any sector keep information assets secure. |
|
|
What is Information Security? |
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical). It deals with confidentiality, integrity and availability of data. |
|
|
What are the aims/objectives of Information Security? |
Informationsecurity aims to ensure: •Confidentiality - thatthe information is accessible only to those authorized to access it. •Integrity - thatthe information is accurate and complete and that the information is notmodified without authorization. •Availability - thatthe information is accessible to authorized users when required. Information security is achieved byapplying a suitable set of controls (policies, processes, procedures,organizational structures, and software and hardware functions). |
|
|
Whatis ISO27001? |
It's a management framework for protection of business-critical information. It is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. |
|
|
What is the difference between ISO27001 and ISO27002? |
The ISO 27000 series of standards are a compilation of international standards all related to information security. The difference is that the ISO 27001 standard has an organizational focus and details requirements against which an organization’s Information Security Management System (ISMS) can be audited. ISO 27002 on the other hand is more focused on the individual and provides a code of practice for use by individuals within an organization. |
|
|
What is the Deming Cycle (PDCA or PDSA Cycle)? |
It is a continuous quality improvement model consisting out of a logical sequence of four repetitive steps for continuous improvement and learning: Plan, Do, Study (Check) and Act.
Plan - purpose, plan, target Do - implement the plan Check - study the outcome Act - learn, adjust, reformulate. Take action to standardize or improve the process. This is a process approach for the design and deployment of an ISMS (Information security Management System) |
|
|
What is Risk Management Plan? |
Riskmanagement is a discipline that exists to deal with non-speculative risks –those risks from which only a loss can occur. In other words, speculative risks,those from which either a profit or a loss can occur, are the subject of the organization’sbusiness strategy whereas non-speculative risks, which can reducethe value of the assets with which the organization undertakes its speculativeactivity, are (usually) the subject of a risk management plan. These are sometimes called permanent and ‘pure’risks, in order to differentiate them from the crisis and speculative types. Risk management plans usually have four linked, objectives. These are: 1. to eliminate risks; 2. to reduce to ‘acceptable’ levels those that cannot be eliminated; and theneither 3. to live with them, exercising carefully the controls that keep them‘acceptable’; or 4. to transfer them, by means of insurance, to some other organization. |
|
|
What are the tools for Risk Identification? |
Financial statement analysis - Identify real assets, liabilities etc Business processes analysis - Investigate internal company operation, identify weak spots, identify assets Onsite inspection - Observe assets and processes directly Manager reviews - Get information from departments about their current own evaluation Contract analysis - Evaluate liabilities and contractual obligations using the firms contracts |
|
|
What are the Design Principles for websites?
|
High-quality content Often updated Minimal download time Ease of use Relevant to the user's needs Unique to the online medium Net-centric corporate culture = HOME-RUN |
|
|
What are the different Project Management Models? |
Waterfall Model - The waterfall model is a sequential design process, used in software development processes, in which progress is seen as flowing steadily downwards (like a waterfall) through the phases of conception, initiation, analysis, design, construction, testing, production/implementation and maintenance. V - Model - The V-model represents a software development process (also applicable to hardware development) which may be considered an extension of the waterfall model. Instead of moving down in a linear way, the process steps are bent upwards after the coding phase, to form the typical V shape. Agile Model - Agile methodology is an alternative to traditional project management, typically used in software development. It helps teams respond to unpredictability through incremental, iterative work cadences, known as sprints. Agile methodologies are an alternative to waterfall, or traditional sequential development. Spiral Model - cycles through 4 phases (planning, risk analysis, engineering and evaluation). The spiral model, also known as the spiral life cycle model, is a systems development life cycle (SDLC) model used in information technology (IT). The spiral model is a risk-driven process model generator for software projects.This model of development combines the features of the prototyping model and the waterfall model. The spiral model is favored for large, expensive, and complicated projects. RAD (Rapid Application Development Model) - In general, RAD approaches to software development put less emphasis on planning tasks and more emphasis on development. In contrast to the waterfall model, which emphasizes rigorous specification and planning, RAD approaches emphasize the necessity of adjusting requirements in reaction to knowledge gained as the project progresses. PRINCE2: Projects in a controlled environment. Structured approach to project management. A generic project management tool - onesize fits all (projects). It is based on 7 principles, themes and processes. The seven themes are: business case organization quality plans risk change progress The seven processes: Starting up a project Initiating a project Directing a project Controlling a stage Managing stage boundaries Managing product delivery Closing a project Seven principles Continued business justification learn from experience defined roles and responsibilities manage by stages manage by exception focus on products tailored to suit the project environment |
|
|
What is Unified Modelling Language? |
The Unified Modeling Language (UML) is a general-purpose, developmental, modeling language in the field of software engineering, that is intended to provide a standard way to visualize the design of a system. It uses graphic notation to create visual models of software systems. (Use Cases, Class Diagrams, etc). UML is the result of Booch's, Rumbaugh's and Jacobson's combined best features of their OO methods. |
|
|
Write the number 0 to 15 in Binary |
Dec Binary 0 0000 1 0001 2 0010 3 0011 4 0100 5 0101 6 0110 7 0111 8 1000 9 1001 10 1010 11 1011 12 1100 13 1101 14 1110 15 1111 |
|
|
Write the following Binary Numbers into numbers: 11011 10111 00101 10000 111010 100001 |
Answers: 11011 = 27 10111 = 23 00101 = 5 10000 = 16 111010 = 58 100001 = 33 *For more info, check the slides called Binary Numbers, as I can't copy paste the tables here. |
|
|
What is Object-oriented Programming (OOP)? |
OOP is a programming paradigm based on the concept of "objects", which are data structures that contain data, in the form of fields, often known as attributes; and code, in the form of procedures, often known as methods. It consists of OOA (Object-oriented Analysis) and OOD (Object-oriented Design). In OOA, object-modeling techniques are applied to analyze the functional requirements of a system while in OOD, the analysis models are elaborated to produce implementation specifications. OOA focuses on what the system does whereas OOD focuses on how the system does it. |
|
|
What is SCRUM method? |
SCRUM is an agile process that allows us to focus on delivering the highest businessvalue in the shortest time. Itallows us to rapidly and repeatedly inspect actual working software (every twoweeks to one month). Thebusiness sets the priorities and teams self-organize to determine the best way todeliver the highest priority features. Everytwo weeks to a month anyone can see real working software and decide to releaseit as is or continue to enhance it for another sprint. |
|
|
What is the SCRUM framework? |
Roles: Product Owner - defines the product requirements and the vision, decides the release date and content, accepts or rejects work results. Scrum Master - ensures the team is fully functional and productive, enables close cooperation across roles and functions, responsible for enacting scrum values and practices NOT responsible for hiring nor a team manager. He is more of a facilitator/coach, supports the product owner Team - cross functional, self-organizing Meetings: Sprint planning Sprint review Sprint retrospective Daily Scrum meeting Artifacts: Product backlog - A list of all desired work on the project, ideally expressed such that each item has value to the users or customers of the product. Sprint backlog - The list of requirements the team takes on to develop in the next sprint. Sprint: A period of max 30 days during which the team develop software from the sprint backlog. Every task should be assigned to one or more person Burndown charts - Burndown chart is a graph showing the remaining amount ofwork in the sprint. |
|
|
What is KANBAN Method? |
Kanban in the context of software development can mean a visual process-management system that tells what to produce, when to produce it, and how much to produce. |
|
|
What is Inheritance? |
It is the process by which objects can acquire the properties of objects of other classes. When two classes have a parent-child relationship, the child class (subclass) inherits the properties of the parent class (superclass). |
|
|
What is Abstraction? |
The process of picking up common features of objects. The principle of abstraction focuses on similarities and ignores the differences in the initial stages, a mechanism to reduce complexity of the software. |
|
|
What is Encapsulation? |
Abstraction and encapsulation are complementary concepts. Abstraction helps people to think about what they are doing whereas encapsulation allows program changes to be reliably made with limited effort and focuses on the implementation that gives rise to the observed behavior. |
|
|
What is Polymorphism? |
It means different forms (poly means different and morph means form). It means the ability to take more than one form, same operations behaving differently on different classes. Two methods are method overloading and method overriding. |
|
|
What is the difference between method overriding and method overloading? |
Method overloading is the practice of using the same method to denote several operations whereas Method overriding refers to practice of providing different implementations of a method in the derived class. (Examples on p. 114 in the Software Engineering book) |
|
|
What are the three relations between various objects? |
Is-A Relationship - specifies the features of inheritance. Here, a class can inherit the properties or features of another class. A triangular head arrow represents inheritance. Has-A Relationship - termed as aggregation. Here, a class contains another class as its member, represented by a diamond headed line Uses-A Relationship - represents association. Here, objects interact with other objects. It is bi-directional and is denoted by a simple line. |
|
|
What is a Use Case? Use Case Diagram? |
A use case is a methodology used in system analysis to identify, clarify, and organize system requirements. The use case is made up of a set of possible sequences of interactions between systems and users in a particular environment and related to a particular goal. It is an effective tool to capture, represent and analyze the functional requirements of a system. A use case diagram is a representation of a user's interaction with the system that shows the relationship between the user and the different use cases in which the user is involved. A use case diagram can identify the different types of users of a system and the different use cases and will often be accompanied by other types of diagrams as well. |
|
|
What are the two memory classifications? the further classifications? |
There are two categories namely: Primary memory Secondary memory Primary can be further classified into Read Only Memory (ROM) Non volatile and Random Access Memory (RAM) Volatile The fundamental difference bet. the two is their capabilities to retain stored information during power-off condition. data stored within a RAM would be lost but not the date stored within a ROM. |
|
|
What are the common types of ROM? |
ROM - type where erasing is not possible PROM - Programmable ROM allows only one time programming (OTP) after which the device holds the data forever w/o giving any chance to erase it. Offers more flexibility than Mask-Programmable factory prepared ROM, hence more expensive than ROM. EPROM - Erasable Programmable ROM. Allows erasure as well as reprogramming facilities suitable for any prototype development stage, more expensive than PROM EEPROM Electrically Erasable Programmable ROM. Does not require UV exposure and may be electrically erased FLASH's - very much similar to EEPROM but EEPROM is byte-wise while FLASH is not. |
|
|
What are the common types of RAM? |
DRAM - Dynamic RAM. most widely adopted only on transistor or FET along with one capacitor is enough to retain one bit information SRAM - Static RAM. offers fastest speed for communication. More transistors which mean sit is more expensive. SDRAM - Synchronous DRAM Hybrid and faster than DRAM |
|
|
How is the memory system of any computer categorized? |
IT is categorized by three parameters: 1. Access time - the time necessary to complete a unit communication between the processor and the concerned memory device. It is the time delay bet. issuing the read command from the processor and the arrival of the target data within the processor. 2. Cost of storage/bit - the lower the access time, the higher is the storage cost. Access time is inversely proportional to the cost of storage per bit 3. Affordable convenient size - Some memory types are capable of storing relatively larger amount of data within a suitable size. For example, magnetic storage devices (tape drives )may be capable of storing several thousands of gigabytes of data, within a reasonable size of spool. |
|
|
What is cache? |
Pronounced as cash, a special high-speed storage mechanism. Cache can be either a reserved section of main memory or an independent high-speed storage device. |
|
|
What are the two types of caching? |
Memory Caching - A memory cache, sometimes called a cache store or RAM cache, is a portion of memory made of high-speed static RAM (SRAM) instead of the slower and cheaper dynamic RAM (DRAM) used for main memory. Memory caching is effective because most programsaccess the same data or instructions over and over. By keeping as much of this information as possible in SRAM, the computer avoids accessing the slower DRAM. Disk Caching - works under the same principle as memory caching, but instead of using high-speed SRAM, a disk cache uses conventional main memory. The most recently accessed data from the disk (as well as adjacent sectors) is stored in a memory buffer. When a program needs to access data from the disk, it first checks the disk cache to see if the data is there. Disk caching can dramatically improve the performance of applications, because accessing a byte of data in RAM can be thousands of times faster than accessing a byte on a hard disk. |
|
|
What are the levels of cache? |
The cache, which is closest to the processor is designated as L1 (Level 1). In general, L1 is part of the CPU in the same wafer with the CPU. It works with the same clock speed as that of the processor and due to its proximity to the processor, it is the fastest to be communicated with. The next one is L2 (Level 2) cache, generally, within the same package of the processor but as a separate wafer. Due to its individuality (not sharing the same wafer area with the CPU like L1 cache), L2 cache can offer more storage area and consumes almost identical time for communication. L3 cache is generally outside the processor's package. L1 and L2 are primary caches while L3 is designated as secondary cache. |
|
|
What is cache hit? cache miss? hit rate? |
It is taken as a cache hit when the instruction or data which is currently necessary by the processor is available within the cache. If it is isn't, then it is designated as a cache miss. The number of such cache hits expressed as percentage is known as hit rate. For example, if out of 50 instructions required by the CPU, 40 are supplied by the cache then the hit rate is 80%. |
