Untitled

Questions and Answers

In a scenario requiring both high data security and control, which storage solution is most suitable?

• Hybrid cloud storage, balancing both aspects.
• Cloud storage, for its advanced security features.
• Cloud storage, due to its inherent redundancy and backup.
• On-premise storage, offering direct control over data. (correct)

Which analogy best represents the difference between cloud and on-premise storage solutions in terms of financial investment and long-term control?

• Renting a car versus leasing a car.
• Sharing a taxi versus owning a bicycle.
• Borrowing a book from a library versus buying a book.
• Renting an apartment versus owning a house. (correct)

When would using cloud storage be most advantageous compared to on-premise storage?

• When needing to adhere to strict data governance and compliance regulations.
• When needing to ensure minimal latency for accessing data.
• If you are aiming to have complete control over the physical security of your data.
• If an organization has a limited budget for IT infrastructure and staffing. (correct)

What distinguishes a server operating system from a client operating system?

Server OS focuses on resource sharing and network management, while Client OS is designed for user-specific tasks. (B)

What key factor should an organization prioritize when choosing between on-premise and cloud storage solutions?

The organization's specific security and compliance needs. (A)

A company is developing a new web application and needs to choose protocols for different functionalities. Which of the following scenarios best illustrates the appropriate use of both HTTP and SMTP?

Using HTTP for users to browse the website and submit forms, and SMTP for the application to send automated emails. (D)

During a network troubleshooting exercise, a technician observes that data is being transmitted across Ethernet cables. According to the OSI model, at which layer is the Ethernet protocol primarily operating?

Data Link Layer (B)

A software development team is focused on creating highly maintainable software. Which combination of characteristics would best support this goal?

Modularity, comprehensive documentation, and loose coupling. (D)

An organization is implementing 'Privacy by Design' in their new application development process. Which approach best embodies this principle?

Integrating privacy considerations into every stage of the development lifecycle, from initial design to deployment. (A)

A customer requests access to their personal data held by a company, as per GDPR. The company complies, but also adds promotional material to the data they provide. Which GDPR principle has the company violated?

Purpose limitation (B)

A hospital stores patient records, including medical history and contact information, in a database. According to GDPR, which category does this data primarily fall under?

Special category data (D)

An e-commerce company decides to switch from storing customer data in individual text files to a structured system for better management and scalability. Which type of database would best fit the company's needs?

Relational Database (D)

During the design phase of a database for a library system, which step primarily focuses on defining the relationships between entities like books, authors, and borrowers?

Logical Design (C)

Which of the following scenarios is a primary use case for a Client Operating System (OS)?

Running desktop applications such as web browsers and office productivity suites. (D)

A company needs an operating system that can handle a high volume of concurrent user connections, manage file sharing, and host a database. Which type of OS is most suitable?

A Server OS, due to its optimization for multiple connections and network management. (D)

Which of the following best describes a key difference in hardware utilization between Client and Server Operating Systems?

Client OS commonly use standard hardware, while Server OS often require high-end hardware like multiple CPUs and RAID storage. (A)

Regarding security features, what is a primary distinction between Client and Server Operating Systems?

Client OS usually offer basic security, while Server OS provide advanced features like role-based access control and centralized logging. (C)

A company requires an operating system with a high degree of reliability and minimal downtime. Which characteristic of a Server OS makes it more suitable than a Client OS?

Server OS are designed for continuous operation, often aiming for 99.99% uptime. (C)

When considering the cost and licensing of operating systems, what is a typical difference between Client and Server OS?

Client OS are usually cheaper with a one-time fee or subscription, while Server OS are pricier and licensed per user or core. (D)

Which of the following tasks is a Client OS designed to execute efficiently, unlike a Server OS?

Running interactive desktop applications such as games. (D)

A small business is setting up a shared file storage and print server for approximately 20 employees. They are considering using a desktop OS instead of a Server OS to save on initial costs. What is a potential disadvantage of this approach?

A desktop OS may lack the centralized management and advanced security features needed for a multi-user environment. (B)

Which of the following scenarios best illustrates a violation of the Third Normal Form (3NF) in database design?

A non-key attribute is dependent on another non-key attribute, where changing the latter also changes the former. (C)

In the context of the LAMP stack, what is the primary role of Apache?

To serve as the web server, handling HTTP requests and serving web content to clients. (D)

Which of the following backup strategies would provide the MOST comprehensive data protection against various types of failures, including hardware failure and natural disasters?

Adhering to the 3-2-1 backup rule with copies stored on different media and in offsite locations. (B)

In the provided case study for a facility management system, what is the most appropriate relationship type between 'Properties' and 'Plans'?

One-to-many, where one property can have multiple plans associated with it. (B)

According to screen work regulations, which of the following is NOT a typical recommendation for IT technicians working with computer screens?

Mandating a specific software to record all actions, installed without the technician's explicit consent under the premise of security. (B)

Considering workplace evaluation, which factor primarily influences the determination of adequate air volume in a workspace?

The number of occupants and the rate of air exchange required for ventilation. (C)

Which of the following scenarios requires ESD protective measures MOST urgently?

A technician assembling sensitive electronic components on a workbench. (B)

When deciding between on-premise and cloud solutions, which factor would MOST strongly favor choosing a cloud solution?

A limited budget for upfront capital expenditures and a desire for scalability and flexibility in resource allocation. (D)

Flashcards

Cloud Systems

Storing data and running applications on remote servers accessed over the internet.

On-Premise Systems

Storing data and running applications on hardware located within your physical premises.

Cloud Analogy

Renting (pay-as-you-go access to resources).

On-Premise Analogy

Owning (direct control and upfront investment).

Client Operating System

An OS designed for end-user tasks like browsing, document editing, and running desktop applications.

Client OS Purpose

Designed for individual use, focusing on user-friendly tasks.

Server OS Purpose

Designed to manage network resources and multiple users simultaneously.

Client OS Optimization

Optimized for single-user tasks like browsing and office work.

Server OS Optimization

Optimized for handling multiple simultaneous connections and background processes.

Client OS User Management

Supports a single or few users.

Server OS User Management

Supports multiple users with centralized management and permissions.

Client OS Hardware

Uses standard hardware for personal computers.

Server OS Hardware

Uses high-end hardware for stability and efficiency.

ISO/OSI Model

A conceptual framework standardizing communication functions of a computing system. It has 7 layers.

Privacy by Design

Ensuring privacy is embedded into the design of a system, not added on as an afterthought.

ISO 25010

International standard defining a model for software product quality, including quality in use.

Personal Data (GDPR)

Any information that relates to an identified or identifiable natural person.

Data Processing

The set of operations performed on data, whether automated or manual.

Database Definition

A structured collection of data organized for efficient access and management.

Relational Database

A database storing data in tables with rows and columns, ideal for structured data.

Database Design - Requirements Analysis

Understanding the purpose of the database and defining its scope.

1st Normal Form (1NF)

Ensures each column in a table contains only indivisible values.

2nd Normal Form (2NF)

Removes redundant data; every non-key attribute is fully functionally dependent on the primary key.

3rd Normal Form (3NF)

Removes transitive dependencies; non-key attributes should not depend on other non-key attributes.

LAMP Stack

Linux, Apache, MySQL, PHP - a common web development stack.

PHP Data Types

Integer, Float, String, Boolean, Array, Object, NULL, Resource

Primary Key

An attribute that uniquely identifies each record in a table.

Foreign Key

An attribute in one table that refers to the primary key of another table.

Types of Relationships

One-to-one, One-to-many, Many-to-many

Study Notes

Cloud Systems vs. On-Premise Systems

• Cloud systems store data and software on remote servers in data centers.
• On-Premise systems store data and software on local, owned servers.

Cloud Systems (Online Storage & Services)

• Accessibility from anywhere with an internet connection.
• Service provider handles updates, security, and maintenance, for example Google, Microsoft, or Amazon.
• Often involves a monthly or yearly fee.
• Easy to scale storage and power as needed.
• Requires a reliable internet connection.
• Security relies on the service provider's policies.

On-Premise Systems (Local Storage & Private Servers)

• No internet required for data access on the same network.
• You are responsible for server maintenance and security.
• Higher upfront costs for hardware and setup.
• More customizable than cloud solutions.
• Scaling can be expensive and time-consuming.
• Requires technical knowledge, you must fix server failures.

Cloud vs On-Premise Analogy

• Cloud is like renting an apartment: someone else maintains the building, you pay monthly, and can move easily.
• On-Premise is like owning a house: you control everything, but you have to maintain it and upgrades cost money.

Client OS vs. Server OS

• Client Operating Systems (Client OS) and Server Operating Systems (Server OS) serve different purposes.

Fundamental Differences Between Client OS and Server OS

Client OS

• Designed for everyday use by individuals.
• Optimized for user-friendly, single-user tasks like web browsing and gaming. Supports a single or few users.
• Uses standard hardware for personal computers.
• Can connect to networks but is not designed to manage them.
• Basic security features include firewalls and antivirus.
• Software compatibility includes, supporting desktop applications like browsers and games.
• May require frequent reboots for updates.
• Usually cheaper with one-time purchase or subscription-based licensing (e.g., Windows 10/11).

Server OS

• Designed to manage network resources and multiple users.
• Optimized for handling multiple simultaneous connections, services, and background processes. Supports multiple users and permissions.
• Uses high-end hardware, more RAM, multiple CPUs, RAID storage.
• Manages and controls networks, including file sharing, databases, and web hosting.
• Advanced security features include Active Directory, role-based access, encryption, logging.
• Designed for continuous operation (99.99% uptime).
• Software compatibility includes, server-specific software like web servers, databases, and virtualization.
• More expensive, often licensed per user or core (e.g., Windows Server, Linux distributions).

Key Server OS Features for Handling Multiple Simultaneous Connections & Services

• Multi-User Support: Manages multiple users and remote connections efficiently.
• Advanced Security: Role-based access control (RBAC), encryption, firewalls, and auditing tools are included.
• Virtualization Support: Runs multiple virtual machines (VMs) to host different services.
• Load Balancing: Distributes network traffic evenly to prevent overload.
• Redundancy & Failover Support: Ensures services stay online even if hardware fails.
• High Performance Networking: Handles multiple simultaneous connections using optimized protocols.
• Centralized Management: Provides tools like Active Directory, group policies, and remote administration.
• Optimized for Background Services: Prioritizes running web servers, databases, and cloud services over user-facing apps.
• Scalability: Easily expands to handle increased demand with clustering and resource allocation.
• Automated Updates & Patching: Schedules updates without downtime or user interruption.

Example Questions and Important Points

• Commenting conventions for code.
• MariaDB review
• IF vs FOR loops
• Database design and time estimation
• Image resolution calculating
• Converting formulas
• Current software inability to fully utilize a Mac's GPU.
• Creating secure classes in PHP and Object-oriented programming in PHP.
• Search algorithm
• Data base of 2,000 entries, which algorithm and why?
• HTTPS and SSL certificates, what are they
• Oracle, what is it
• Proprietary software is closed-source software
• Entity-Relationship diagrams
• The difference between instantiation and cardinality.
• Various security measures for data protection.
• Cloud vs On-Premise
• URL (DNS-ROOT, TLD, SLD)

Exam Topics

• Applied Mathematics - Data Technology and System Management - Application Development
• File sizes and data capacities
• Virtualization concepts
• Cloud vs. On-Premise differences
• Client-server architecture
• Data transfer rates
• Data security concepts
• Backup and restore strategies
• Knowledge of data exchange methods (interfaces)
• Copyright and data protection laws
• Sorting algorithms, including their applications and performance characteristics.
• Search algorithms, different types of search algorithms and their use cases.
• Object-Oriented Programming (OOP), including the core principles.
• Relational database design.
• Internet basics, Domain Name System (DNS).

Key Notes

• Units must always be included in calculations.
• Results should be shown and explained clearly.
• Documentation is important.
• The "Quick & Dirty" approach

Not Allowed

• ChatGPT
• Full code snippets
• Remote access / GitHub repositories / Cheating
• Competency-based questioning Case study discussions
• Current events in IT security (incidents, developments, etc.)
• Cybersecurity / IT security
• ISO/OSI model / Programming fundamentals
• Solution-oriented thinking

Cyber Defense / Security

• Major security vulnerabilities result in exam failure.
• Review current cyber threats, CERT.at, enisa.europa.eu, Ikarus (forecasts), and BSI
• NIS-2
• Common malware types

Top 10 Risks

• Broken Access Control
• Cryptographic Failures
• Injections
• Insecure Design
• Security Misconfiguration
• Vulnerable and Outdated Components
• Identification and Authentication Failures
• Software and Data Integrity Failures
• Security Logging and Monitoring Failures
• Server-Side Request Forgery (SSRF)

ISO/OSI Model

• ISO = International Organization for Standardization
• OSI = Open Systems Interconnection
• Established: 1977 / SC 16 of ISO
• Mnemonic: All People Seem To Need Data Processing
• ISO/OSI Layer: 7 Application Layer, TCP/IP Layer: Application Layer
• ISO/OSI Layer: 6 Presentation Layer, TCP/IP Layer: Application Layer
• Protocols HTTP, SMTP, FTP, DHCP, Telnet
• ISO/OSI Layer: 5 Session Layer, TCP/IP Layer: Application Layer
• ISO/OSI Layer: 4 Transport Layer, TCP/IP Layer: Transport Layer
• Protocols TCP, UDP
• ISO/OSI Layer: 3 Network Layer, TCP/IP Layer: Internet Layer
• Protocols IP, IPsec, IPv6, ICMP
• ISO/OSI Layer: 2 Data Link Layer, TCP/IP Layer: Network Layer
• Protocol Ethernet
• ISO/OSI Layer: 1 Physical Layer, TCP/IP Layer: Network Layer

Characteristics of Good Software

• Well-specified (designed for a purpose)
• Correct (valid syntax)
• Robust (resilient to errors)
• Usable (accessible, W3C standards, contrast, alt-tags, font adjustability)
• Secure
• Efficient (avoiding unnecessary code)
• Maintainable
• Reusable code (proper variable usage)
• Compatible

Privacy by Design

• Proactive, not reactive

Maximized Privacy Protection

• Ensures that personal data is automatically protected in all IT systems and business practices.
• ISO 25010 is the international standard for software quality criteria.

Data Protection and GDPR

• EU regulation, implemented in Austria's Data Protection Act.
• Regulates the handling of persona data.

User Rights

• Right to information
• Right to rectification
• Right to deletion
• Right to objection
• Right to data portability
• Right to restrict processing
• Right to access

What Qualifies as Personal Data

• Any information relating to an identified or identifiable natural person

GDPR Categories of Data

• General personal data (e.g., name)
• Sensitive personal data (race, ethnicity, political opinion, religion, sexual orientation, trade union membership)
• Genetic data
• Biometric data
• Health data

Data Processing (Manual or Automated)

• Collection, storage, modification, retrieval, organization, usage, linking, disclosure, deletion

The "8 W's" of GDPR Compliance

• Who, What, Where, Why, For What Purpose, Where To, How Long, How Secure?

Roles in GDPR

• Controller (data owner)
• Processor (third party)
• Data Subject (individual whose data is processed)

GDPR Prohibits Processing

• Unless necessary for contract fulfillment (e.g., online order).
• When required by legal obligation (e.g., tax records).
• For vital interests (e.g., medical emergencies).
• Even manual data is covered if stored systematically.

Databases

• A database is an organized collection of structured information stored electronically, usually managed by a Database Management System (DBMS).

Types of Databases

• Relational
• Object-oriented
• Distributed
• Data warehouses
• NoSQL
• Graph databases
• Open-source databases
• Cloud databases
• Multi-model databases
• Document/JSON databases
• Self-managing databases

Key database Types

• Relational
• Object-oriented
• Hierarchical
• Network-based

Database Design

• NoSQL = "Not only SQL" (alternative query methods exist).
• SQLite is suitable for smaller projects (lightweight, text-based, efficient).
• Too many I/O operations can overload servers.

Design Steps

• Requirement Analysis, includes Functional specifications and Contract agreements.
• Conceptual Schema, involves Entity-Relationship Model (ERM).
• Normalized, Logical Schema, including Normalization, Relational Model (for estimations).
• Hardware/OS selection, SQL-based data definitions.
• Testing optimization, application, maintenance, ensuring input validation with both successful and failed test cases.

Common Data Types

• Integers
• Natural numbers
• Fixed-point numbers
• Enumerations (ENUM, SET, etc.)
• Boolean
• Characters (CHAR)

Normalization Forms

• 1st Normal Form (Atomicity): Data must be stored in the smallest meaningful units.
• 2nd Normal Form (Eliminate Redundancies): Functional dependencies must be properly structured.
• 3rd Normal Form (No Transitive Dependencies): All attributes must depend solely on the primary key.

PHP and HTML Basics

LAMP Stack

• Linux
• Apache
• MariaDB
• PHP

Why Apache?

• Best performance for dynamic content (but resource-intensive).

PHP Data Types

• Boolean
• Integer
• Float
• String
• Always explicitly define data types when possible.

Backup Strategies

Which Data to Back Up

• Application data
• System data (system-relevant data)
• Log data (who manipulated data, when, and where)
• Software

Types of Data Backup

• Data mirroring
• Full backup
• Incremental backup
• Differential backup

Backup Types Explained

• Mirror Backup: similar to a full backup, but only the latest file version is stored, and files deleted from the source are also removed from the backup.
• Full Backup: A complete backup stored as a single file on external storage.
• Incremental Backup: Copies only data changed or created since the last backup, reducing storage needs.
• Differential Backup: Copies all files changed since the last full backup, requiring only the full backup and the latest differential backup for restoration.

3-2-1 Backup rule

• Create at least 3 copies of a file.
• Store them on at least 2 different storage media.
• Keep 1 copy in an offsite location (e.g., cloud).

Backup Selection Criteria

• Data volume.
• Backup timing.
• Effort required for restoration.
• Internet connection quality (for cloud backups).

Example Case Study

• Facility data to be structured and stored are company properties and the buildings located on these properties.
• Properties are connected and include name, address, zoning regulations, build regulations and land registry entries.
• Task, to create an Entity-Relationship Model (ERM).
• Task, describe each entity type and relationships in detail, attributes, primary and foreign keys, data types and null unique settings.

Employee Protection - IT Technician Section

• Key topics: Basics, screen work, electrostatic discharge (ESD) practice.
• Laws and regulations, Employee protection Act (ASchG), Electrical Engineering Act (ETG), Workplace Regulation, Screenwork regulation (BS-V).
• Apply screenwork regulations with computer and input device for unit of work.
• Covers tasks such as data entry, transfer, and text processing.
• Break after every 50 minutes of continuous screen work. If not possible the break can be postponed to the next hour.
• Employer must perform regular eye exam and provide glasses if needed.

Workplace space evaluation

• Air volume 12-15m3 per employee, +10m3 for each additional employee; the room height must be a minimum of 2.5m.
• Lighting needs to be natural and even; with 10% of floor area having light entry surfaces.
• Climate is best at 19-25c for low exertion and 40-70% relative humidity; noise needs to be low.

ESD Workplace (Electrostatic Discharge)

• ESD protects components while Antistatic indirectly protects the worker.
• ESD work clothing >5V while antistatic work clothing PPE with 3000V.
• List of equipments for ESD such as desk mats, wrist straps, floors mats, etc.

Data Technology & System Management

• With On-Premise the control is on the data and there is security but there are high costs; with private cloud there is secured virtual enviornment.
• Public Cloud: infrastructure and software is managed by a provider; with a low initial cost but has ongoing expenses.

Cloud Service Models

• IaaS - Infrastructure as a Service
• PaaS - Platform as a Service
• SaaS - Software as a Service

Application Development

• Comparison sorting, like Bubble Sort
• Non-Comparison Sorting, like Bucket Sort
• Data integrity ensures data is consistent and correct, and integrity rules prevent incorrect data entry.
• Types of Relationships are 1:1, 1:N, N:M

Sorting Algorithms

• Comparison-based sorts include Bubble Sort, Insertion Sort, Selection Sort, Shell Sort, Quick Sort, Merge Sort, and Heap Sort.
• Non-comparison-based (address-based) sorts include Bucket Sort, Counting Sort, and Radix Sort.
• A stable sorting algorithm maintains the order of equal elements, and an unstable algorithm does not.

Data Integrity

• Data consistency ensures that stored information is error-free.
• Integrity rules prevent incorrect data entry into databases.

Primary Key

• Uniquely identifies a record.
• Can consist of multiple attributes (e.g., social security number + birthdate).

Foreign Key

• References a record in another table.
• Contains the same values as the primary key but can appear multiple times.

Types of Relationships

• 1:1
• 1:N
• N:M