Information Security Overview

Questions and Answers

What is the primary purpose of a for loop in programming?

To perform the same operation on different items iteratively (correct)

To manage algorithms across multiple machines

To execute a block of code only when a condition is false

To compare different sets of data

Which of the following statements best defines a blockchain?

A distributed ledger maintaining a permanent record of transactions across a network (correct)

A type of digital currency managed by a bank

A central server that processes and stores all data

A fixed collection of transaction records that cannot be changed

Which logical operator would you use to ensure two conditions must both be true for a block of code to execute?

AND (correct)

NOT

OR

XOR

What characteristic of hashing ensures that the original message cannot be retrieved from its encoded value?

One-way encryption

Which of the following best describes a digital fingerprint in blockchain technology?

A hash value that uniquely identifies a message

What is the main function of a conditional statement such as an IF statement in programming?

To decide between executing one out of two sets of instructions

What does immutability refer to in the context of blockchain technology?

The capacity to maintain a permanent, unalterable history of transactions

What is the primary use of a Non-Fungible Token (NFT) in blockchain technology?

To provide ownership of something utilizing blockchain technology

What is the main purpose of content filtering in an organization?

To prevent the transmission of unauthorized information

How does a firewall function in a private network?

By analyzing incoming and outgoing information

What does encryption do to sensitive information?

It changes the information into an unreadable format

What is the purpose of non-repudiation in network security?

To provide proof of users' actions to prevent denial

What differentiates an Intrusion Detection System (IDS) from an Intrusion Prevention System (IPS)?

IDS can only detect, while IPS can both detect and block intrusions

Which of the following statements about the role of VPNs is true?

VPNs can limit access based on device type and connection times

What is a key advantage of implementing access permissions based on previous actions?

It provides accountability and controls access effectively

What is a potential limitation of firewalls?

They may not detect all types of network threats

What is the primary purpose of SQL?

To write lines of code for data retrieval from a database

What does a data dictionary provide?

All of the metadata about the data elements

What is a primary key in a database?

A field that uniquely identifies a record in a table

Which of the following describes a record in a database?

A grouping of individual data elements represented in a table row

What is meant by data latency?

The time it takes for data to be stored or retrieved

Which option correctly defines a foreign key?

It is a type of primary key from another table acting in a current table.

What are attributes in a database table?

The types of data for each column in the table

What is cardinality in relation to data tables?

The types of relationships between data tables

What type of relationship is described by a GSU student having multiple classes?

One-to-Many

Which SQL function would you use to find the maximum value in a column?

MAX

What is the primary purpose of infographics?

To simplify the representation of data

Which term describes the aggregation of data into a summarized form?

Consolidation

What does the Drill-Down process allow users to do?

Access detailed information from summarized data

Which feature allows users to analyze data trends over time?

Slicing and Dicing

Which SQL function is used to count the number of rows matching a specific condition?

COUNT

What is a primary function of dashboards in data analysis?

To track key performance indicators

What is the primary purpose of a pivot in data presentation?

To display data in an alternative format.

Which of the following is NOT a pre-attentive attribute?

Shape

The Polar Area Graph is historically significant for which type of data?

Mortality data

What distinguishes classification analysis from cluster analysis?

Classification analysis requires predefined classes.

What is the main function of estimation analysis?

To predict outcomes based on historical data.

Affinity grouping algorithms are often referred to as what?

Association rule generators

Which characteristic is essential for effective cluster analysis?

Members of each group should be similar to each other.

What is one of the least expensive modeling techniques in data analysis?

Estimation analysis

What is the primary goal of an optimization model?

To find the most effective design or decision

Which type of model relies specifically on time-series information?

Forecasting model

What does a regression model primarily focus on?

Estimating the relationships among various variables

Which of the following best describes digitization in business processes?

The transformation of manual processes into a digital format

What aspect do operational business processes generally emphasize?

Static and daily routine tasks

Which of the following is a characteristic of managerial business processes?

They occur on a monthly basis and can be semi-routine

Robotic Process Automation primarily utilizes what type of technology?

Artificial intelligence and machine learning

What is the main objective of streamlining in business processes?

To identify and eliminate inefficiencies

Study Notes

Information Security Areas

• Three primary areas: People, Data, Attacks
• People focuses on authentication and authorization to prevent scams
• Data involves prevention and resistance to attacks.
• Attacks involve detection and response to threats.

Authentication

• Authentication verifies user identity.
• Authorisation grants access levels and permissions to a user.

General Authentication

• Public Key Encryption uses two keys: a public key accessible to everyone and a private key for individual use.
• Private key typically decrypts; public key typically encrypts.
• Authorization levels:
  • None: No access to target information
  • Read: View only target information
  • Read/Write: View and modify target information
  • Delete: Remove target information

Single-Factor Authentication

• Uses a single factor like a username and password
• Password is a string of alphanumeric characters.

Two-Factor Authentication

• Combines single-factor authentication with a security token (something the user has)

Access Control Model (Four)

• Mandatory Access Control: Most restrictive, giving control to a system owner/administrator
• Discretionary Access Control: Least restrictive, giving complete control to the owner/administrator
• Role-Based Access Control: Popular method, assigning permissions based on user roles.

Data Prevention and Resistance

• Content Filtering: Software filters content to prevent accidental or malicious transmission.
• Encryption: Scrambles data to prevent unauthorized decryption.
• Firewall: Network security that guards a private network by analyzing incoming and outgoing information.

Attack: Detection and Response

• Intrusion Detection System (IDS): Monitors network traffic to identify intruders
• Intrusion Prevention System (IPS): Monitors network activities, detects intrusions, and blocks malicious activities.

Business Process Model

• A graphical depiction of a process, showing tasks and sequence.
• Business Process Model Notation (BPMN): A graphical notation for depicting steps of a business process.
• Activity, Task, Work performed
• Event: Anything happening during the business process (ex. Customer requests)
• Workflow: Includes tasks, activities and responsibilities needed to execute each step of a business process (ex. Tasks involved in processing a customer order.)

As-Is and To-Be Process Models

• As-Is: Represents the current state of an operation.
• To-Be: Shows the result of applying changes to the existing processes.

Coding (Module 9B)

• Algorithm: Set of steps to complete a task
• Assignment: Instructs to put new values into a variable (memory location).
• Constant: A value that doesn't change (Literal Value).
• Variable: A storage location for data.
• Expression: A mathematical operation to calculate a new value.
• Equation: A calculation that results in a variable.
• Code/Coding: Instructions that direct a computer.
• Structures of Coding:
  • Sequences: Actions performed in order.
  • Conditions: Answering true/false questions in programming to guide actions.
  • Loops: Performing a set of actions repeatedly.

Data Types (Module 10A)

• Integer: Whole numbers
• Float/Real Number: Decimal numbers
• Boolean: True or False
• Codeblock: Block of code
• Strings: Text values

Condition Statements (Module 10A)

• IF Statement: Determines whether actions are to be performed based on a specific condition (true or false).
• Used in conjunction with comparison operators, which evaluate conditions, resulting in a true or false output.
• Executes commands if the condition is true or false
• Variables in condition are set or calculated in the setup.

Module 10B

• Distributed Computing: Processes/Manages algorithms across multiple machines in computer environments.
• Distributed Ledger: Allows multiple parties to access and confirm data.
• BlockChain: A distributed ledger that maintains a permanent and tamper-proof record of transactions.
• Immutability: The inability to change or erase data in a blockchain ledger.
• Ethereum/Bitcoin: Cryptocurrencies operating independently of a central bank, with records stored on blockchains.
• Digital Fingerprint (Hashing): Encoded values that uniquely identify a message or file.

Module 11A

• For Loop: Control structure for iteration and repetition
• Iteration: Performing the same operation on different items, one at a time.
• Iteration variable (Loop variable): Variable used in a loop to refer to the current item.
• Repetition: Carrying out the same action multiple times in a programmed loop.
• Flowchart: A visual step-by-step process or diagram. Displays the flow of a process (ex. program).
• Terminals: Beginning/End of a process in a flowchart
• Instructions/Action: Tasks inside a process or diagram
• Conditional Statements: Decisions or conditions in a program that change the direction based on their results.
• Inputs/Outputs: Where input is supplied into a system, and results are produced.

Module 11B

• Database: Organizes and stores data on various objects, transactions, etc.
• Database Management System: A system to create, modify, or erase data within a database while controlling access.
• Structured Query Language (SQL): Commands used to interact with a database. Data-based queries.
• Data dictionary: Metadata about data elements, including functions, purpose, and business rules.
• Entities: Tables that store data.
• Attributes: Columns in a table, describing the characteristics of data.

Module 12A

• Data element: Smallest unit of data; Data field (Column)
• Metadata: Describes the data
• Attributes: Characteristics or type of data
• Records: Related data elements in a table in rows
• Data Models: Logical structures depicting relationships between data elements.

Module 12B

• Entity: Tables in a relational database; records are rows
• Attributes: Column headings in a table; describe characteristics of data within that column.
• Each table is an entity

Module 13A

• Infographics: Data analysis results visually
• Data Visualization: Transforming data into a visual presentation
• Dashboards: Tracking Key Performance Indicator (KPI) and critical success factors (CSF)
• Consolidation: Aggregating data into larger groups of data
• Drill-Down: Examining details in data
• Slice-and-Dice: Viewing data from different perspectives (ex. Filtering results or grouping)

Module 13B

• Affinity grouping Analysis: Showing relationships between variables, and frequencies of relationships
• Association rules: Identify possibilities of events occurring together at a particular time, creating rules of likelihoods.
• Cluster Analysis: Method for dividing information into groups of similar items or data points. Similar data grouped together
• Classification Analysis: A method for categorizing data and attributes.
• Estimation Analysis: Estimating unknown data values based on historical data, often using mathematical models.

Module 14A

• Workflow: Set of steps, activities, and responsibilities in a business process or operation; includes tasks, activities and responsibilities involved in a step.
• Digitization: Converting to a digital format. Replacing manual processes with computer/digital operations.
• Robotic Process Automation (RPA): Automation of high-volume, repeatable tasks. Robots to perform tasks not requiring human intellect.
• Operational Processes: Routine, day-to-day processes.
• Managerial Processes: Semi-dynamic, month to month operations
• Strategic Processes: Long-term, non-routine, large-scale operations
• Business Process Reengineering: The redesign of business processes to improve efficiency and effectiveness.

Module 14B

• Generative Al: Creating new and unique content (images, videos, text, audio) based on models. AI which learns and creates new content.
• ChatGPT: An AI-powered chatbot capable of engaging in conversations/writing various content.
• GPT-4: Improved version of chatgpt that uses a deep learning model to learn context and relationships between data.

Disruptive Technologies

• Disruptive technologies initially serve lower-end markets, later evolving to displace existing higher-end products from their established market position.

Description

This quiz covers essential concepts in information security, focusing on the roles of people, data, and attacks. It addresses authentication methods, including single-factor and two-factor authentication, as well as the importance of authorization levels for user access. Test your knowledge on these fundamental security principles.