Technology in Investment - Chapter 8

Question 1

What is chapter 8

Answer 1

Technology Infrastructure

Question 2

What are the key responsibilities of the CIO/CTO

Answer 2

Manages all the staff in the division and sets the companies technology strategty

Question 2

Who is the head of information technology or systems?

Answer 2

Chief Information Officers (CIO) or sometimes a Chief Technology Officer (CTO)

Question 3

Who does the head of production report to?

Answer 3

Reports to the CIO

Question 4

What is the head of testing responsible for?

Answer 4

Testing new software releases and implementing change control procedures

Question 4

What is the key responsibility of the head of production support?

Answer 4

Responsible for the provision of all server and desktop facilities for the day to day running.

Question 5

What is the role of a Data Base Administrators

Answer 5

Develop and enforce database standards, guidelines, operational polices ad procedures

Question 6

Who reports to the head of production support?

Answer 6

Database administrators
Help desk analysts

Question 7

Who does the head of development and implementation report to?

Answer 7

The Chief Information Officer (CIO)/(CTO)

Question 8

What is the difference between a CTO and a CIO

Answer 8

Same role, different name.

Chief Information Officer
Chief Technology Officer

Question 9

Who reports into the head of development and implemtation?

Answer 9

Business Analysts
Application designers
Prgrammers/Developers

Question 10

Who does the head of testing report into ?

Answer 10

Reports to the CIO

Question 11

What is the head of development and implementation responsible for?

Answer 11

Commissioning of new applications

Question 12

Who does the head of change report into?

Answer 12

CIO or occasionally the Chief Operating Officer (COO)

Question 13

Who reports into the head of testing?

Answer 13

Test analysts

Question 14

What is the responsibility of the of the Head of Change

Answer 14

Managing major change programmes and projects

Question 15

Who reports to that head of change?

Answer 15

Programme managers and project managers

Question 16

Who does the head of business continuity and recovery report to?

Answer 16

Reports to the CIO

Question 17

What is the client component of the Technology infrastructure

Answer 17

Where the users input data or view enquiries

Question 17

What is the main responsibility of the head of business continuity and recovery?

Answer 17

Managing the firms business recovery plans

Question 18

Who does the head of information security report to?

Answer 18

This individual reports to the CIO (duh)

Question 18

What is the main responsibility of the head of information security?

Answer 18

Overall direction of all security functions associated with applications & data

Question 19

What is a thin client

Answer 19

A application running on a browser

Question 20

What is a fat client

Answer 20

A PC on which an application is downloaded on and used.

Question 21

What is the Middleware/Real-Time Messaging Layer component of the Technology infrastructure

Answer 21

Software that distributes and obtains real-time data to and from other systems.

Question 22

What is the Database component of the Technology infrastructure

Answer 22

Consists of an organized collection of data

Question 23

What is a relational database?

Answer 23

Contains a number of tables and relationships. Basically an AG grid.

Question 24

How are mission-critical applications usually deployed?

Answer 24

As distributed systems

Question 24

How is a relational database interfaced?

Answer 24

With Structured Query Language (SQL)

Question 25

How do distributed systems connect with one another?

Answer 25

Transmission lines

Question 25

What is a distributed system?

Answer 25

A distributed system is a configuration which contains a number of hardware elements that are connected by some transmission technology. Such systems consist of a number of executing programs which interact with each other via transmission lines.

Question 26

What is Data Replication?

Answer 26

Is the process of sharing information as to ensure consistency between resources

Question 26

What are the three reasons for implementing a system in a distributed fashion

Answer 26

To ensure processing power is as close to the users as possible To ensure high degree of robustness, for example, via the use of data replication To enable hardware to be easily added

Question 27

What are three reasons not to implement a system in a distributed fashion?

Answer 27

Predictability of performance Keeping all the clocks in the system synchronized System malfunctions can have wider system effects

Question 28

What are the two ways data replication can be implemented?

Answer 28

Storing the same data on multiple storage devices or by executing the same task on multiple devices

Question 29

Measuring performance & Managing risk - What is external fraud?

Answer 29

Theft of information, hacking damage, third party theft and forgery.

Question 29

Measuring performance & Managing risk - What is internal fraud?

Answer 29

Misappropriation of assets, tax evasion, intentional mismarking of postions and bribery

Question 30

Measuring performance & Managing risk - What is Employment practices and workplace safety

Answer 30

discrimination, workers, compensation, employee health and safety

Question 31

Measuring performance & Managing risk - What are Business disruption and systems failures

Answer 31

utility disruptions, software failures and hardware failures

Question 31

Measuring performance & Managing risk - What are Damage to physical assets

Answer 31

natural disasters, terrorism and vandalism

Question 32

Measuring performance & Managing risk - What are Clients, products, and business practice

Answer 32

market manipulation, anti-trust, improper trade, product defects, fiduciary breaches and account churning

Question 33

Measuring performance & Managing risk - What are Execution, delivery, and process management

Answer 33

Data entry errors, accounting errors, failed mandatory reporting and negligent loss of client assets

Question 34

Generally, the governance of risk management of information technology can be divided into two categories...

Answer 34

* maintaining ‘business as usual’ activity, and * introducing business change

Question 35

Who is responsible for the maintenance of 'Business as usual'

Answer 35

The operations side

Question 36

Who is responsible for the maintenance of 'Business change'

Answer 36

Business side

Question 37

What is cyber security

Answer 37

protect computer systems’ hardware, software and data from: * damage * theft * unauthorized use, and disruption.

Question 38

What are the two main criminal purposes of hacking are to?

Answer 38

Facilitate identity fraud and cyber espionage

Question 39

What is identity fraud

Answer 39

Stealing personal information to gain access to data or a system

Question 40

What is phishing?

Answer 40

Attempt to trick users into disclosing information

Question 41

What is cyber espionage

Answer 41

Stealing valuable information about rival products or intellectual property

Question 42

What is Malware?

Answer 42

Malicious software used to get illegal access to systems

Question 43

What is spyware?

Answer 43

Software that gathers information about a person or organization without them knowing and sells it to a third party.

Question 44

What is Ransomware?

Answer 44

Criminals blocking a system and not reopening until a fee is paid

Question 45

What is a computer virus?

Answer 45

A software program that can copy itself and infect multiple files and then spread to a new PC

Question 46

What is a worm?

Answer 46

A virus that replicates, not infects, files and then spread to another computer

Question 46

What is a Trojan virus

Answer 46

Appears to be legitimate but actually gains unauthorized access

Question 47

What is a botnet?

Answer 47

Network of computers controlled by cyber criminals

Question 47

What is Keystroke Logging

Answer 47

The secret monitoring of keyboard presses

Question 48

What is form grabbng?

Answer 48

Interception of data submitted to web browsers, collects it before it passes over the internet and then sent to criminals

Question 49

What does DDoS stand for?

Answer 49

Distributed Denial of Service

Question 50

What is DDoS

Answer 50

Bombardment of requests t a system with the intention of immobilizing it

Question 51

Prevention and Detection of DDoS attacks - What is impact analysis?

Answer 51

Spotting problems before they arrive

Question 52

Prevention and Detection of DDoS attacks - Staff training?

Answer 52

Ensure staff are trained in recognizing attacks and password security

Question 53

Prevention and Detection of DDoS attacks - Personal Devices and Portable Devices?

Answer 53

Encrypting data on personal devices

Question 54

What is a firewall?

Answer 54

Systems that control the incoming and outgoing network traffic

Question 55

What is a pen test?

Answer 55

Penetration test

Question 56

What are the key components in the 'Infrastructure' Catalogue?

Answer 56

Users the help desk supports Applications the help desk supports Service level agreements Hardware the help desk supports

Question 57

What is follow the sun?

Answer 57

European support is based in Europe, then Asia in Asia and America in America. The support desk 'follows the sun'

Question 58

If 'Round-The-Clock Support is required' what 3 models are commonly used?

Answer 58

Follow-the-sun Extended working hours Partial outsourcing

Question 59

What is extended working hours?

Answer 59

The single help desk is operated through shifts

Question 60

What is partial outsourcing?

Answer 60

The overnight managing of the help desk is outsourced

Question 61

What is the role of a KPI in a SLA

Answer 61

Key metrics for which limits are recorded against in a SLA.

Question 62

How are KPIs presented?

Answer 62

Dashboard

Question 63

Support Call Prioritization - Level one, what is it?

Answer 63

Help desk

Question 64

What is the level 1 help desk responsible for (5)

Answer 64

* receiving, recording, prioritising and tracking service calls * ensuring that SLA time targets are met * monitoring and status-tracking of all incidents * escalation and referral to other parts of the organisation * first line support, and * closing incidents with confirmation from the requestor

Question 65

What happens during the level to of the Support call prioritization

Answer 65

Issues are analyzed and either sent back to level 1 or escalated to level 3

Question 65

Support Call Prioritization - Level two, what is it?

Answer 65

Analyst

Question 66

Support Call Prioritization - Level three, what is it?

Answer 66

Service Specialists

Question 67

What is the relationships between service specialists and the user?

Answer 67

Service Specialists are kept hidden from the user.

Question 68

Support Call Prioritization - Level four, what is it?

Answer 68

Management

Question 69

What is a business Continuity Plan?

Answer 69

Ensuring a firm is able to recover from an emergency

Question 69

What is Disaster Recover Plan (DRP)

Answer 69

The process of regaining access to the data to resume critical business operations

Question 70

What is a Planning Committee?

Answer 70

A planning committee should be appointed to oversee the development, testing and implementation of the plan.

Question 71

What is a warm site?

Answer 71

Transactions are written at two sites, the commincation is managed though 'Log Shipping'

Question 72

What is a cold site?

Answer 72

Spare server at a standby location. The data will be 'cold' so there will be some hours in getting the system up and running

Question 72

What is a hot site?

Answer 72

An approach where transactions are written at many locations simultaneously. This means if one breaks the others can keep it going

Question 73

What is 'Log Shipping'

Answer 73

Used in warm site management to copy data from the primary to the secondary with a small latency. (5-15 mins)

Question 74

How often should a testing procedure be executed?

Answer 74

Annually

Question 75

Who is responsible for approving the disaster recovery plan?

Answer 75

Senior Management

Question 76

What is a Version Control System (VCSs)

Answer 76

Version control systems (VCSs) are software applications that manage multiple revisions of the same unit of information

Question 77

How often are change control meetings usually scheduled?

Answer 77

Weekly

Question 77

What do Version Control System (VCSs) provide for a system?

Answer 77

An opportunity to 'Roll back' to a previous version

Question 78

What is a change control meeting?

Answer 78

Meetings between all stakeholders to discuss business changes

Question 79

For how long do firms not make changes before a release of their annual accounts

Answer 79

4 weeks

Question 80

For how long do firms not make changes before the last week on any accounting month

Answer 80

1 week