LU4 pt. 2

Question 1

What is business software?

Answer 1

It is any software or set of computer programs used by business users to perform various business functions. Used to increase productivity, measure productivity, to perform other business functions accurately.

Question 2

XXX XXX involve complex pieces of software that are very expensive to purchase and implement. It might take a larger fortune 500 company several
years to complete a large scale implementation of an enterprise system.

Answer 2

XENTERPISE APPLICATIONSX involve complex pieces of software that are very expensive to purchase and implement. It might take a larger fortune 500 company several
years to complete a large scale implementation of an enterprise system.

Question 3

Next Gen. Enterprise Applications are:

Answer 3

Enterprise solutions, enterprise suites or e-business suites to make their CRM, SCM and ERP (Enterprise Resource Planning) systems work closely with each other and link to systems of customers and suppliers (SAP Business Suite, Oracle E-Business Suite, Microsoft Dynamics Suite).

Question 4

Advantage of using Social CRM tools:

Answer 4

Business can better engage with their customers. They enable a business to connect customer conversations and relationships from social networking sites to CRM processes.

Question 5

Corporate systems:

Answer 5

People that have the most knowledge in IT; if your
corporate systems is hacked, then the entire system is going to be hacked. This one
needs to be secured the most

Question 6

Corporate servers:

Answer 6

Where you put your applications.

Question 7

XXX XXX may store information on weapons systems, intelligence
operations, and military targets. These information assets have tremendous value, and the repercussions can be devastating if they are lost, destroyed, or placed in the wrong hands.

Answer 7

XGOVERNMENT SYSTEMSX may store information on weapons systems, intelligence
operations, and military targets. These information assets have tremendous value, and the repercussions can be devastating if they are lost, destroyed, or placed in the wrong hands.

Question 8

Inadequate security and control =>

Answer 8

Serious legal liability.

Question 9

XXX XXX and control framework that protects business information assets can produce a high return on investment. Strong security
and control also increase employee productivity and lower operational
costs.

Answer 9

XA SOUND SECURITYX and control framework that protects business information assets can produce a high return on investment. Strong security
and control also increase employee productivity and lower operational
costs.

Question 10

In a XXX XXX a firm is obligated to respond to a discovery request for access to information that may be used as evidence. Company is required by law to produce those data. If the data is not handed over correctly and completely, the court can impose sever XXX and XXX penalties.

Answer 10

In a XLEGAL ACTIONX a firm is obligated to respond to a discovery request for access to information that may be used as evidence. Company is required by law to produce those data. If the data is not handed over correctly and completely, the court can impose sever XFINANCIALX and XCRIMINALX penalties.

Question 11

What does Computer Forensics entail?

Answer 11

It is the scientific collection, examination, authentication, preservation and analysis of data held on or retrieved from computer storage media in such a way that information can be used as evidence in a court of law.

Question 12

What does Computer Forensics deal with?

Answer 12

• Recovering data
• Secure strong of recovery data
• Finding significant information
• Presenting information to a court of law

Question 13

What is encryption?

Answer 13

The process of transforming plain text to data into chipper text it cannot be read by anyone other than the sender and the intended receiver.

Question 14

Who is responsible for the security of data when working in the cloud?

Answer 14

For protection of sensitive data, the accountability and responsibility still resides
with the company owning that data.

Question 15

What does identity management software do?

Answer 15

It automates the process of keeping track of all
these users and their system privileges, assigning each user a unique digital identity
for accessing each system.

It includes the following tools:

• Authenticating users
• protecting user identifies
• controlling access to system resources

Question 16

What is authentication?

Answer 16

It refers to the ability to know that a person is who he or she
claims to be.

Authentication is established by using passwords, only known by the user.

• Password systems that are too rigorous hinder employee productivity.
• Passwords can also be sniffed if transmitted over a network or stolen through
  social engineering.

Question 17

What is a token?

Answer 17

A physical device, similar to an identification card, that is designed to prove the identity of a single user. Tokens are small gadgets that typically fit on key
rings and display passcodes that change frequently.

Question 18

What is a smart card?

Answer 18

A device about the size of a credit card that contains a chip formatted with access permission and other data.

Question 19

What is biometric authentication?

Answer 19

It uses systems that read and interpret individual
human traits, such as finger prints, irises and voices to grant or deny access.

• Based on a physical and behavioural trait

Question 20

What is a two factor authentication?

Answer 20

It means validating users through a multistep process
- Good example can be a bank card; card is a physical item and the PIN (personal
identification number) is the data that go with it.

Question 21

What is a firewall?

Answer 21

Prevents unauthorised users from accessing private networks; it is a
combination of hardware and software that controls the flow of incoming and
outgoing network traffic.

• It is placed between the organisation’s private internal network and distrusted
  external networks, such as the internet;
• Firewalls can also protect one part of the company’s network from the rest of the
  network.
• Firewall identifies: IP addresses, applications, incoming traffic.
• Prevents unauthorised communication into and out of the network.

Question 22

What are some firewall screening technologies?

Answer 22

Static packet filtering, stateful inspection,
network address translation, and application proxy filtering.

These are used in
combination to provide firewall protection.

Question 23

What is packet filtering?

Answer 23

It examines selected fields in the headers of data packs flowing back and forth between the trusted network and the internet, examining individual
packets in isolation.

Question 24

What is stateful inspection?

Answer 24

It is additional security by determining whether packets are part of ongoing dialogues between the sender and a receiver.

Question 25

What is a NAT (Network Address Translation)?

Answer 25

It provides another layer of protection the static packet filtering and stateful inspection are employed. NAT conceals the IP addresses of the organisation’s internal host computer(s) to prevent sniffer programs outside the firewall from ascertaining them and using that information to penetrate internal systems.

Question 26

What is application proxy filtering?

Answer 26

It examines the application content of packets. It stops data packers originating outside the organisation, inspects them and passes a proxy to the other side of the firewall.

Question 27

What is an intrusion detection system?

Answer 27

It features full-time monitoring tools placed at the most vulnerable points or hot spots of corporate networks to detect and deter intruders continually. - System generates an alarm in case of suspicious event. - Customised to shut down a particularly sensitive part of the network if it received unauthorised traffic.

Question 28

What is antivirus software?

Answer 28

It prevents, detects, and removes malware, including computer viruses, computer worms, Trojan horses, spyware and adware. - Most antivirus are effective against malware already known when the software was written=> you need to update

Question 29

What are UTMs (Unified Threat Management Systems)?

Answer 29

They help businesses reduce costs and improve manageability, security vendors have combined into a single appliance various security tools, including firewalls, virtual private networks, intrusion detection systems, and web content filtering and anti-spam software.

Question 30

What is encyption?

Answer 30

It's the process of transforming plain text or data into cipher text that cannot be read by anyone other tan the sender and the intended receiver. - Data is encrypted by using a numerical code (encryption key), that transforms plain data into cipher text.

Question 31

What are the two methods of encryption?

Answer 31

- Symmetric key encryption | - Public key encryption

Question 32

What is symmetric key encryption?

Answer 32

- The sender and receiver establish a secure internet session by creating a single encryption key and sending it to the receiver so both the sender and receiver share the same key. - Strength is measured by its bit length - The longer the key, the more difficult it is to break the key. Downside: the longer the key, the more computing power it takes for legitimate users to process the information - Disadvantage: key must be shared among sender and receivers=> exposes the key to outsiders who can intercept and decrypt it

Question 33

What is public key encryption?

Answer 33

more secure; it uses two keys: I. One shared (public) II. One totally private: The keys are mathematically related so that data encrypted with one key can be decrypted using only the other key.

Question 34

What are digital certificates?

Answer 34

Data files used to establish the identity of users and electronic assets for production of online transactions.

Question 35

Ensuring system availability:

Answer 35

As companies increasingly rely on digital networks for revenue and operations, they need to take additional steps to ensure that their systems and applications are always available.

Question 36

XXX XXX XXX contain redundant hardware, software, and power supply components that create an environment that provides continuous, uninterrupted service.

Answer 36

XFAULT-TOLERANT COMPUTER SYSTEMSX contain redundant hardware, software, and power supply components that create an environment that provides continuous, uninterrupted service.

Question 37

What is downtime?

Answer 37

It refers to periods of time in which a system is not operational.

Question 38

Controlling network traffic =>

Answer 38

Deep packet inspection

Question 39

What is Deep Packet Inspection (DPI)?

Answer 39

DPI examines data files and sorts out low-priority online material while assigning higher priority to business-critical files.

Question 40

What do Managed Security Service Providers (MSSPs) do?

Answer 40

They monitor network activity and perform vulnerability testing and intrusion detection.

Question 41

Mobile device management tools are used for:

Answer 41

* Authorisation * Maintaining inventory records * Controlling updates * Locking down or erasing lost & stolen devices * Data loss prevention technology

Question 42

What does data loss prevention technology do?

Answer 42

It can identify where critical data are saved, who is | accessing the data, how data are leaving the company, and where the data are going.

Question 43

The costs of technology consist out of:

Answer 43

``` • Original cost of acquiring and installing Hardware & Software • Administration cost for upgrades • Upgrades of Hardware & Software • Maintenance • Technical support • Training • Utilities & real estate costs Administration costs: Cost for upgrades beside the software ```

Question 44

What does the TCO (Total Cost of Ownership Model) do?

Answer 44

It analyses direct and indirect costs to help firms determine the actual cost of specific technology implementations.