CIS Exam 3 Notes PDF
Document Details
Uploaded by AchievableChalcedony136
Tags
Related
Summary
This document contains notes on various information security topics, including authentication and authorization methods, data protection, and different access control models.
Full Transcript
Module 8 Three primary Information Security Areas: People: Authentication and Authorization o They prevent phishing, identity theft, and pharming scams. ▪ Authentication: A method for confirming a user’s identity. Once a system determines the aut...
Module 8 Three primary Information Security Areas: People: Authentication and Authorization o They prevent phishing, identity theft, and pharming scams. ▪ Authentication: A method for confirming a user’s identity. Once a system determines the authentication of the user, it can then determine the access privileges, or authentication, for that user. ▪ Authorization: The process of providing a user with permissions including access levels, and abilities such as file access, hours of access, and amount of allocated storage space. Data: Prevention and Resistance Attacks: Detection and Response General Authentication Public Key Encryption: Using two keys, one being a key that everyone can have, and another being a private key for yourself. The private one typically decrypts, while the public one typically encrypts. Authorization Access levels: None: The identified users is not allowed to see or modify target information. Read: The identified user is allowed to see target information. Read/Write: The identified user is allowed to see and modify (a.k.a. change, update) target information. Delete: The identified user is allowed to remove target information. Single-Factor: A classic username and password. (Something that the user knows) Password: A string of alphanumeric characters used to authenticate a user and provide them with access to a system. Two-Factor Authentication: Single-factor and another security token. (Something that the user has) Token: Small electronic devices that change user passwords automatically. The user will enter their ID, then token-displayed password to gain access. Multifactor Authentication: Requires what the user has (security token), and what the user is (biometric verification Biometrics: The identification of a user based on physical characteristics, such as fingerprints, voice, iris, face, or handwriting. People: Access Control Model (Four) 1) Mandatory Access Control o Most restrictive form of control o Gives control, management of the system, and access points, to only the system owner or administrator o End-users and employees have no control over permissions o Even the owner can be restricted by the system’s parameters o Users are labeled according to their permissions to access and exit certain points based on their classification o The system’s owner usually has to create a new profile and credential every time they want to grant a user higher permissions (classifications cannot be adjusted once set) o Beneficial for facilities, militia, government that need maximum security 2) Discretionary Access Control o Least restrictive access control o Allows the owner or the administrator of the system complete and easy control over who has access and permissions throughout the system o Often runs on common OS such as Windows or MacOS o Pro: Easy to configure and control o Con: Gives the administrator too much authority, which can lead to access for inappropriate users, and leaves the system vulnerable to malware 3) Role-Based Access Control o Most popular o Assigns permissions based on the pre-defined position or role that a user holds within the organization o Pro: Simple, easy to use and set-up. Good for cloud-based systems o Con: If a user needs permissions outside of their role, the administrator has to grant permissions outside of their pre-defined role, which sometimes isn’t possible 4) Rule-Based Access Control o Gaining popularity, most dynamic because multiple rules can be made based on any kind of criteria on the go o System owners and administrators can set rules on permissions and limitations as needed. o Examples: Must be connected to this VPN, must be connected during these hours, limited access based on the device used o Permissions can even be determined based on previous access attempts, last-performed action, and required actions o Pro: Forces accountability and controlling when and where employees have access Data: Prevention and Resistance Content Filtering: Occurs when an organization uses software that filters content, such as emails, to prevent accidental or malicious transmission of unauthorized information. o Prevents whether malicious or accidental o Can prevent suspicious files, viruses, and spam Encryption: Scrambles information into an alternative form that requires a key or password to decrypt. o It can switch the order of characters/encode sensitive information, so that if thieves get a hold of it, they won’t be able to decrypt Firewall: Hardware and/or security that guards a private network by analyzing incoming and outgoing information for the correct markings Screens all the network proper traffic Can detect computers communicating It is a gatekeeper that provides safe transfer points Does not gaurantee complete protection Non-repudiation: a mechanism to ensure that individuals cannot deny their actions. Examples include ensuring that users who spend money cannot "repudiate" (deny) that they really did authorize a transaction, or authors who edit a text cannot "repudiate" that the change was theirs. Attack: Detect and Response Intrusion Detection System (IDS): full-time monitoring tools that search for patterns in network traffic to identify intruders. IDS was cutting edge a decade ago, but has now evolved into Intrustion Detection and Prevention Systems. Intrusion Prevention System (IPS): Also known as Intrusion Detection & Prevention System An IDPS is a network security appliance that monitors network and system activities to detect possible intrusions. In addition to detecting intrusions, it can also prevent them by sending alarms, block malicious network messages (and their responses) so they do not reach their destination, and reset network connections. An IDPS will also log and report information about an intrusion.[ Module 9A Business Process Model: A graphic depiction of a process, showing the sequence of process tasks, which is developed for a specific purpose and from a selected viewpoint Business Process Model Notation: A graphical notation that depicts the steps in a business process. Activity: A task in the business process; any work that is being performed in a process. o Represented by a rounded-corner rectangle o Examples: Checking availability; picking up customers; confirming the booking Event: Anything that happens during the course of the business process. o Represented by a circle o Examples: Customers requests; time requests; end of the process Flow: Displays the path in which the process flows. o Represented by arrows Gateway: Used to control the flow of a process o Represented by a diamond o Handles forking, merging, and joining of paths within the process o Examples: Gateway to accept or decline the request As-Is process model: Represents the current state of the operation that has been mapped, without any specific improvements or changes to existing processes. Also a functional process representation of the process problem. To-Be process model: Shows the result of applying change improvement opportunities to the current (As-Is) model. Also displays how the problem will be solved or implemented. Workflow: Includes the tasks, activities, and responsibilities required to execute each step in a business process. Automation: The process of computerizing manual tasks, making them more efficient and effective, and dramatically lowering operational costs. Module 9B Algorithm: A set of steps used to complete a specific task. They’re the building blocks for program. You follow steps in a chronological order to get a desired outcome. A set of instructions, or codes, that complete a task is called an algorithm. Programs are made of many algorithms. Computers can use algorithms more efficiently, but we ourselves also do algorithms in our daily lives (such as baking a cake) Assignment: the instruction that puts a new value into a variable (location of memory) Constant (Literal): A value that does not change; also called a literal value. Variable: A place to store the data. The storage location (variable) can be changed to a different value at a later time if you want to do the calculation with different data. Expression: A math operation to calculate a new value based on other values Equation: When the result of a calculation is stored in another variable Equation Ex) X = 72 * 3 Expression Ex) 72 * 3 Code (Coding): Instructions for a computer. Used to program a computer so that it can perform useful tasks. Writing computer codes is called programming, or coding. Structures of Coding (Codeblock) 1) Sequences: A series of actions done in a specific order to complete a task. 2) Conditions (Selections): Answering a true or false question based on the data and calculation, then pursuing one set of actions if the answer is true, or a different set of actions if the answer is false. 3) Loops: instruct the computer to repeat a set of actions over and over again until a condition becomes false. Data Types Integer: A whole number without decimal positions or fraction. Float (Real Number): Real number, decimal values can be endless. does contain decimal positions or fractions. An example is pi. Boolean: Only two values, true or false. True is 1, and False is 0. Codeblock Strings: Values that contain letters and symbols Module 10A The “==” operator in Python is known as the equality operator. The operator will return “true” if both the operands are equal. This shouldn't be confused with “=”, which is just an assignment operator (it simply tells that this = that) Boolean Mathematics: involves combining test conditions using these logical operators (or, and, not) into an equation to answer compound questions with a final result of True or False called Boolean Algebra when the result of individual tests are stored in Boolean variables. Condition statements: Implemented using an IF statement. A statement where the work performed is dependent on the condition being tested; the work is conditional. Setup: Preparing the data or information needed for a task. For a loop, this establishes the initial values of variables for the condition and loop work. Condition: A test that determines True or False. Work: The instructions you want to run: True code: Instructions you want to run only when the condition is True False code: Instructions you want to run only when the condition is False Logical (Comparison) Operators: adds power to Conditional logic by allowing the computer to combine situations when making a decision. The common logical operators used in programming include AND, OR and NOT. Code block: a group of multiple instructions that are executed together as a block. Indentation is used in Python to identify a block of code IF statement: the program is choosing between two alternate sets of programming instructions (one set of instructions when the condition is true or a different set of instructions when the condition is false Module 10B Distributed computing: Processes and manages algorithms across many machines in a computing environment Distributed Ledger: Allows many different parties around the world to access and verify the same data. Blockchain: A type of distributed ledger, consisting of blocks of data that maintain a permanent and tamper-proof record of transactional data. Form of distributed computing where a decentralized database is managed by computers belonging to a network. Almost impossible to corrupt Immutability: Ability for a blockchain ledger to remain a permanent, indelible, and unalterable history of transactions. Ethereum: A decentralized, open-source blockchain with smart contract functionality. It is the most actively used blockchain. Ether is the native cryptocurrency for the platform. Bitcoin: A type of digital currency in which a record of transactions is maintained and new units of currency are generated by the computational solution of mathematical problems and which operates independent of a central bank. They are stored in blockchains Digital fingerprint: Hash values serve as digital fingerprints that uniquely identify the message. Hashing: generates an encoded value that cannot be converted back into the original message. Hash value: A large file will have only one unique encoded value, also known as a hash value, or a Transaction ID. Hashing is one-way encryption. Non-Fungible Token: A digital signature, backed by blockchain technology, that provides the ownership of something. Module 11A For Loop: A control instruction, used for iteration and repetition. Iteration: Performing the same operation on different items, one item at a time. o Iteration Variable: For variable in my_list: Repetition: Performing the exact same operation more than once. To create a FOR loop, you need: 1) Setup: Preparing the data or information needed for a task. 2) Sequence: a string or list or some other data with multiple items. 3) Item: a variable that holds one element of a sequence each time through the loop. When there are no more items, the loop stops. 4) Loop Work: The instructions you want repeated. In Python these instructions are indented 5) After Party: Instructions to finalize the task after the loop ends (this component is optional and is not always provided, such as print statements.) Flowchart: A visual step-by-step process of boxes, connected by arrows, that indicate the direction of the flow. The purpose is to communicate what a program or process accomplishes. Flowcharts were used to map out programs BEFORE writing a line of code Terminal: Represented by an elongated circle. Indicates the beginning or end of a process. Instructions / Actions: Represented by a rectangle. Conditional Statements: Represented by diamonds. Indicates where a decision needs to be made from code. Inputs / Outputs: Represented by a parallelogram. A user is required to input some kind of information, or the computer will display information on the screen. Pseudocode: A simple way of writing programming code in English. It is an artificial, informal language that helps programmers develop algorithms. Makes creating programs easier All you do is write, in English, what you want your program to say. Basically short statements Allows you to translate your statements into any language because there are no special commands, and it is not standardized. o Start with the algorithm you are using and phrase it with words that are easily transcribed into computer instructions o Pseudocode v. Flowchart: Flowcharts are difficult to modify with the advancement of programming language, and difficult to display all parts of a program with a flowchart. Pseudocode can better organize and see where you may have left out things Module 11B Database: Maintains data about various types of objects (inventory), events (transactions), people (employees), and places (warehouses). Database Management System: Creates, reads, updates, and deletes data in a database while controlling both access and security. Structured Query Language (SQL): Asks users to write lines of code to answer questions against a database. Used to retrieve data from a database. Data dictionary: Compiles all of the metadata about the data elements in the data model. Provides insight into the database’s functions, purpose, and business rules. Modeling Data Entities: Also referred to as a table. Stores data about a person, place, thing, transaction, or event. Two-dimensional tables are entities with rows and columns. Data element (Data field): The smallest, or most basic, unit of data. A customer’s name, address, email, and so on. Think of a column, that is a data field. Metadata: Provides details about the data. Metadata for an image could include size, resolution, and date created Attributes: The types of data for each column. For example, column 1 has attributes about employees. Records: A collection of related data elements. Records are considered individual rows in a table. For example, having 8 rows means having 8 records of data for an entity. Data models: Logical data structures that detail the relationships among data elements by using graphics or pictures. Each element is given a description, such as Customer Name. Metadata is then provided for the type of data (string, int, float) Descriptions of predefined values are included such as a zip code The relationship between all of the tables and data are then defined. Primary Key: A field (or group of fields) that uniquely identifies a given record in a table. In the table Music, the primary key is the field MusicID, which uniquely identifies each record in the table. Foreign Key: A type of primary key of one table that appears as an attribute in another table and acts to provide a logical relationship between the two tables. Genre is an attribute in both the Artists table and Songs table. The two tables have a relationship that is connected by the foreign key (the shared attribute). Module 12A Cardinality: describes the type of relationships that are possible between entities (data tables). Business Advantages of a Relational Database Increased flexibility o Physical view of data: Deals with the physical storage of data on a storage device. o Logical view of data: Focuses on how individual users logically access data to meet their own particular business needs. Increased scalability and performance o Data latency: The time that it takes for data to be stored or retrieved. Reduced data redundancy o Data redundancy: The duplication of data, or the storage of the same data, in multiple places. o Normalizing: The process of separating entities (tables) and removing redundant data to as few copies as possible Increased data integrity o Integrity Constraints: Rules that help ensure the quality of data. Increased data security o Identity management: A broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise). ▪ Controls their access to resources within that system by associating user rights and restrictions with the established identity. Module 12B Each table is an entity. The entity for the movies table is a movie. Each field is one attribute – it describes something about the entity. Every record is one instance (one movie) Common SQL Commands SELECT and FROM: To retrieve data, the query will consist of a SELECT statement. The basic SELECT statement can be divided into two logical sections. What should we retrieve? In SQL this is done by listing the specific field names (fields are columns!) to be retrieved o SELECT trees, flowers, plants From what database and table should we retrieve it? Identifying which table is done by providing the table name after the word FROM. o FROM PlantTable Filtering SQL Commands WHERE: restricts the visible records of data based on a criteria entered to the filter control SELECT trees, flowers, plants FROM PlantTable WHERE trees = ‘Pine’; LIKE: filters records that match a specified pattern. SELECT * FROM employees WHERE name LIKE 'J%'; Note) The % means that the name starts with J. A % at the beginning would mean that the name has to end with J. Sorting SQL Commands ORDER BY: allows you to sort the result set by one or more columns, either in ascending or descending order. SELECT * FROM employees ORDER BY salary, name; Extra SQL Commands DISTINCT: it removes duplicate values in a column. It's used to filter out duplicate entries. SELECT DISTINCT department FROM employees; JOIN: Used to combine rows from two or more tables based on a related column. It doesn't directly sort or filter records but rather merges datasets. SELECT employees.name, departments.department_name FROM employees JOIN departments ON employees.department_id = departments.id; Entity Relationships: One-to-One A GSU student to a Panther ID One-to-Many A GSU student to GSU classes Many-to-Many GSU Students to GSU Classes SQL Calculation Functions SUM: Adds up all the values in a specified column. AVG: Calculates the average value of a specified column. COUNT: Returns the number of rows that match a specified condition. MIN: Finds the minimum value in a specified column. MAX: Finds the maximum value in a specified column. FIRST: Retrieves the first value in a specified column based on the order of the query. LAST: Retrieves the last value in a specified column based on the order of the query. Module 13A Infographics: Presents the results of data analysis, displaying the patterns, relationships and trends in a graphical format. It is a representation of information in a format designed to make the data easily understandable at a glance. People use infographics to quickly communicate a message, to simplify the representation of large amounts of data, to see data patterns and relationships, and to monitor changes in variables over time. Dashboards : Tracks key performance indicators (KPIs) and critical success factors (CSFs) by compiling information from multiple sources and tailoring it to meet user needs. Data Visualization: describes technologies that allow users to see or visualize data; to transform information into a business perspective Consolidation: The aggregation of data from simple roll-ups to complex groupings of interrelated information. For example, data for different sales representatives can then be rolled up to an office level, then a state level, then a regional sales level. Drill-Down: Enables users to view details, and details of details, of information. This is the reverse of consolidation; a user can view regional sales data and then drill down all the way to each sales representative's data at each office. Slice-and-Dice: The ability to look at information from different perspectives. One slice of information could display all product sales during a given promotion. Another slice could display a single product's sales for all promotions. Slicing and dicing is often performed along a time axis to analyze trends and find time- based patterns in the information. Pivot: (Also known as rotation) rotates data to display alternative presentations of the data. For example, a pivot can swap the rows and columns of a report to show the data in a different format. Characteristics of good visualizations: Pre-attentive Attributes: Visual cues that the human brain processes within 250 milliseconds; Color, size, orientation, and flicker. Effective use of visual cues such as color, size, orientation, and flicker. o Color for correlation o Size for quantity o Orientation for trends Better, communication, and innovation Polar Area Graph: Wedges with each color representing a different category, while each section represents which month the data corresponds to. Used by Florence Nightingale for mortality data, and still exists today. Module 13B Affinity Grouping Analysis: Reveals the relationship between variables along with the nature and frequency of the relationships. Many people refer to affinity grouping algorithms as association rule generators because: o They create rules to determine the likelihood of events occurring together at a particular time or following each other in a logical progression. Cluster Analysis: Technique used to divide an information set into mutually exclusive groups: The members of each group are as close together as possible to one another, and the different groups are as far apart as possible. Identifies similarities and differences among datasets, allowing similar datasets to be clustered together. Classification Analysis: The process of organizing data into categories or groups for its most effective and efficient use For example, groups of political affiliation and charity donors. The primary goal of a classification analysis is to decide the best way to classify records. The difference between classification and cluster analysis: Classification analysis requires that all classes are defined BEFORE the analysis begins. Estimation Analysis: Determines values for an unknown, continuous variable behavior OR estimated future value. Estimation models predict numeric outcomes based on historical data. For example, the percentage of high school students who will graduate based on student-teacher ratio or income levels. An estimate is similar to a guess and is one of the least expensive modeling techniques. Many organizations use estimation analysis to determine the overall costs of a project from start to completion. Data Mining: The process of analyzing data to extract information not offered by the raw data alone. Data mining can also begin at a summary information level (coarse granularity) and progress through increasing levels of detail (drilling down) or the reverse (drilling up). Companies use data mining techniques to compile a complete picture of their operations, all within a single view, allowing them to identify trends and improve forecasts. It can determine relationships among such: o internal factors as price, product positioning, or staff skills, and external factors such as economic indicators, competition, and customer demographics. The elements of data mining include: Data: Foundation for data-directed decision making. Discovery: Process of identifying new patterns, trends, and insights. Data mining tools: To perform data mining, users need data mining tools. Data mining tools use a variety of techniques to find patterns and relationships in large volumes of information that predict future behavior and guide decision making. Data mining uncovers trends and patterns, which analysts use to build models that, when exposed to new information sets, perform a variety of information analysis functions. Data mining tools for data warehouses help users uncover business intelligence in their data. Data mining uncovers patterns and trends for business analysis such as: o Analyzing customer buying patterns to predict future marketing and promotion campaigns. o Building budgets and other financial information. o Detecting fraud by identifying deceptive spending patterns. Data Mining Analysis Techniques Data profiling: The process of collecting statistics and information about data in an existing source. Insights extracted from data profiling can determine how easy or difficult it will be to use existing data for other purposes along with providing metrics on data quality. Data replication: The process of sharing information to ensure consistency between multiple data sources. Discovery Data Mining Modeling Techniques for Predicting Insights Prediction: A prediction is a statement about what will happen or might happen in the future; for example, predicting future sales or employee. Note) All forecasts are predictions, but not all predictions are forecasts. Types of Prediction Models Optimization Model: A statistical process that finds the way to make a design, system, or decision as effective as possible For example, finding the values of controllable variables that determine maximal productivity or minimal waste. Determine which products to produce given a limited number of ingredients. Choose a combination of projects to maximize overall earnings. Forecasting Model: Forecasts are predictions based on time-series information, allowing users to manipulate the time series for forecasting activities Time-series information: Time-stamped information collected at a particular frequency. Web visits per hour. Sales per month. Customer service calls per day. Regression model: A statistical process for estimating the relationships among variables. Regression models include many techniques for modeling and analyzing several variables, when the focus is on the relationship between a dependent variable and one or more independent variables. Predict the winners of a marathon based on gender, height, weight, hours of training. Explain how the quantity of weekly sales of a popular brand of beer depend on its price at a small chain of supermarkets. Module 14A Workflow: Includes the tasks, activities, and responsibilities required to execute each step in a business process. Digitization: The automation of existing manual and paper-based processes and workflows to a digital format. Robotic Process Automation/Improvement: The use of software with artificial intelligence (AI) and machine learning capabilities to handle high- volume, repeatable tasks that previously required a human to perform. 1) Operational business processes: Static, routine, daily business processes such as stocking inventory, checking out customers, or daily opening and closing processes. o Automation: The process of computerizing manual tasks, making them more efficient and effective, and dramatically lowering operational costs. 2) Managerial Business processes: Managerial business processes are semi dynamic, semi routine, monthly business processes such as resource allocation, sales strategy, or manufacturing process improvements. o Streamlining: Improves business process efficiencies by simplifying or eliminating unnecessary steps. 3) Strategic business processes: Dynamic, nonroutine, long-term business processes such as financial planning, expansion strategies, and stakeholder interactions. o Business Process Reengineering: The analysis and redesign of workflow within and between enterprises. Module 14B Generative AI: a type of artificial intelligence (Al) that uses machine learning algorithms to create new and original content like images, videos, text, and audio. Dall-E Midjourney ChatGPT DeepMind ChatGPT: OpenAI’s AI powered chatbot that answers questions and prompts in any format you request. It can carry a human-like conversation, or write various content. Pulls from LLMs (Large Language Models) It is NOT sentient; it cannot think or feel. It is a transformer that predicts texts based on sequences. GPT-4: Otherwise known as 4th generation generative pre-trained transformer. It uses a deep learning model that learns context by tracking relationships and data. Generates content by predicting the next, or most likely, word It can “see”! It is multimodal, meaning that it can work with both images and text. It can better infer the user’s intentions without repeated prompting It has 1 trillion parameters, which are the measure of a model’s intelligence It was able to pass the LSAT and Uniform Bar Exam, and proficient in more than 20 languages Digital Darwinism: Implies that organizations that cannot adapt to the new demands placed on them for surviving in the information age are doomed to extinction. Sustaining Technology: Produces an improved product customers are eager to buy, such as a faster car or larger hard drive. Sustaining technologies tend to provide us with better, faster, and cheaper products in established markets. Incumbent companies most often lead sustaining technology to market, but they virtually never lead in markets opened by disruptive technologies. Disruptive technology: A new way of doing things that initially does not meet the needs of existing customers. Disruptive technologies typically enter the low end of the marketplace and eventually evolve to displace high-end competitors and their reigning technologies. They are disruptive because they are not “sustaining”, meaning it’s not based on any history or markets about what’s already available Innovators Dilemma: The Innovator's Dilemma by Clayton M. Christensen discusses how established companies can take advantage of disruptive technologies without hindering existing relationships with customers, partners, and stakeholders. You can still lose market positions even while listening to existing customers, and investing aggressively in technology. Problem? You ay have placed too much emphasis on satisfying customers' current needs, while neglecting new disruptive technology to meet customers' future needs and thus losing market share. A principle of Christensen's theory of disruption is that technology itself is not the disruptor. o For example, Netflix created a new business model; streaming video made that business model possible. Technology enables the new business model to coalesce. Technology is the tool -not the end result. Disruptive Innovations: Disruptive innovations have inferior performance when compared to traditional offerings. Disruptive innovations tend to be rejected by leading customers. Disruptive innovations are commercialized in a small or insignificant segment of the market. Disruptive innovations are considered low margin business opportunities compared to traditional products YouTube Videos on Disruptive Technology How do disruptive innovations enter markets and displace leaders? Some customers are only satisfied by high-levels of performance from a technology Disruptive technologies enter the market as a low-performance product, but it eventually improves in performance. Incumbents, or the leaders of the industry at the current time, typically do not invest in disruptive technology with the business logic that it doesn’t fit a consumer’s needs Disruptive technology creeps up to where it becomes the best quality and high- performing, and incumbent market leaders miss out on the opportunity to invest their resources in using the new technology How can companies can navigate disruptive innovations? It takes rare foresight, and a lot of courage, to change a business process/workflow based on upcoming disruptive innovations Nurture new ventures and business models as soon as customers start to consume these innovations even when they’re low-quality ACT BEFORE YOU HAVE TO! ACTION! Even if you have doubts, making an action will be worth it because your new business model will accelerate as the innovation becomes superior; Be AGGRESSIVE AND ACCELERATE YOUR INVESTMENT IN THE DISRUPTIVE INNOVATION Your industry has fundamentally changed and has a new business model. Your earnings will die if you don’t adapt to the changing technologies. Summary: Companies that show foresight and a willingness to make bold moves (ACTION, ACUITY, ACCELERATION, ADAPTATION) before it’s TOO LATE will survive
