WGU C182

Application Software

Programs end users run to accomplish tasks.

Productivity Software

Application software used to aid in productivity. I.E. Presentation software, word processor, spreadsheets.

Internet Usage Software

Email, FTP client, web browser

System Software

Consists of programs that make up the OS and directly support system itself.
**Includes services or DAEMONS

Server Software

Works with hardware to provide network service.

Local Application

Software stored on an individual computer.

Intranet

A LAN that uses IP. Used to communicate within organization.

Cloud Computing

Allows organization to access resources/app anywhere, anytime. Beneficial because an org. may access resources it may not normally have.

Operating Systems

Allows a user to easily access hardware/software, required to maintain computer environment.

Kernel

Core component of OS.
Loads when computer first boots
Sits on top of hardware, is interface b/w hardware and software.

Device Drivers

Interface b/w OS and hardware.

Shell

Interface for user, often personalized. The shell provides access to the kernel.
I.E. The GUI will translate mouse motions into calls to kernel/routines. Desktop elements include shortcuts, windows theme, menus, background.

Services (Daemons)

OS programs that start when OS is loaded. They run in the background and wait for an event to initiate.

Utility Programs

Allow user to monitor system performance.

Web Server

Role is to respond to HTTP requests.
*Most HTTP requests are for HTML docs, but could include any web accessible resource.
It's all combined into the URL.
**APACHE is most popular web server-can execute scripts for dynamic pages, use security mechanisms, log request for trend tracking.

Proxy Server

Acts as a giant cache and allows pages accessed frequently in an organization to be accessed locally.
*Also provides degree of anonymity, since IP address recorded is for proxy server and not individual client.
*Can also be used to block requests to certain servers (i.e Facebook)
*Can reject responses that contain certain content (i.e "porn")
**SQUID is most common, but APACHE can also be used as proxy server.

Database Server

Permits dB access across a network.
Performs tasks such as data analysis, data manipulation, security,and archiving.
May/may not store database itself.
**MySQL is popular.

FTP Server

Hosts files and allows clients access to files.
Access is in form of uploading/downloading files.
Requires either user has an account or logs in as anonymous user.

File Server

Computer with large hard disk storing files, but can also store software to be run over network.

Email Server

Provides email service.
Accepts email request from clients.
IMAP,POPS,HTTP,MAPI,MIME

String Data

Alphanumeric or text
Ex: James (Last name)
623 Hill Street

Number Integer

Numeric data, whole numbers.
Ex: 4

Floating Point

Decimal.
Ex: 4.2

Date/Time

Type of Data

Boolean/Logical

Type of Data.
Ex: True/False (in reply to active subscriber?)
Only two possible answers: yes/no or true/false

Flat File Database

One large single table without relations between tables.
*Most common is CSV file (files separated by comma)
*Flat file is used if amount of data is fairly small.
Ex: Spreadsheet

Relational Database

Most common structure for database.
*Distinguished by multiple tables with interrelated fields.
*When queried, data can be pulled form any # of relations that may be contained in multiple databases.
*Provides lots of flexibility.

Hierarchical Database

Organizes data by using tree-like or organizational chart type structure.
*Main data points can have multiple sub-data points (Parent/child structure)-Subpoints can only have one main data point.
* Records can be broken up so one portion is in one location and another is in another section.
Ex: Employee database could list all employees, but a child relation could contain info about employee position, pay level, responsibilities. Another child relation could include info about employee projects. Sub data is always specific to main data point.

Tuples

Records represented by rows.

Unshielded Twisted Pair (UTP)

Most commonly used network connections. Looks just as it sounds, wires twisted together in a pair.

Fiber Optic Cable

Transmits via light pulses as opposed to electromagnetic ones.

Twisted Pair

Network connection commonly used in the past. It is still seen a lot today because it was used extensively in the phone systems. Is cheap and and already in place.
**transmits using electromagnetic waves.

Coaxial Cable

Commonly used network connection.
*Transmits using electromagnetic waves.

Bandwidth

Transfer rate permissible over the media, and is described as bps or b/s (bits per second).
**Modern bandwidth is described in millions/billions bits per second (i.e. Mbps or Gbps)
*Older tech limited to thousands, (i.e. 56 Kbps)

Network Hub

Device that connects multiple computers together.
*Broadcasts to all connected devices, even if message is intended for just one.

Network Switch

Device that connects multiple computers together.
**Able to broadcast to just one if message is intended for one, but has ability to send message to all if needed.

Router

Used to connect multiple networks together.
**Has decision making abilities, can purposefully drop messages if message traffic exceeds capacity. In the event multiple messages are sent, router can make the decision to determine which message is sent first.

Transmission

Last step network performs when sending a message.

Reception

First step when network receives message.

Circuit Switch Network

Requires full pathway (or circuit) to be established and maintained during entire submission.
Ex: Phone network b/c path exists during entire conversation and communication can be both ways.

Packet Switch Network

Message pathway established as it's sent. The choice of the pathway is determined by network availability.
Ex: Message traffic.

Peer to Peer

Workstation in which each computer is equal to another.
*Cheaper than other types of servers and workstations.

Client-Server

Client is computer that will request info from another computer (the server) .
The server takes requests and responds.
*More expensive than peer to peer.
BENEFITS: More storage=faster response time.

Virtual Machine

Allows access to multiple machines without having to purchase multiple computers.
Also allows user to run software for a computer that normally would not be able to run that software.

Network Server

Dedicated, high performance computer with large hard disk drives. It may be in a cabinet so multiple servers can be housed.
**Stand alone computer, not a desktop.

Information Security Assurance Goals

"CIA"
1. Confidentiality
2. Integrity
3. Availability

IAS Confidentiality

Requires data be kept secure so that it does not fall to unauthorized users.
It goes beyond security measures and extends to policies.
Security measures should extend beyond network. A stolen laptop should not violate confidentiality.

IAS Integrity

Requires data are correct.
Requires 3 different efforts:
1. Data gathering should include an accuracy component.
2. Data must be entered into system accurately.
3. Once data is in dB, changes made will leave a record of when the change was made and by whom.

IAS Availability

Requires data/information be available when needed.

Steps of Strategic Risk Analysis

1.Identify organization information assets.
2. Identify vulnerabilities.
3.Identify threats.
4.Implement policies.

Social Engineering

Targets users directly, could include calling and asking for password because there is an issue. Could also include phishing, which involves emails that will redirect to a malicious website.

SQL Injection

Hacker issues a SQL command to web server as part of URL. B/c web server is not expecting SQL command, may pass SQL command to database. Malicious SQL command may then do damage.

Buffer Overflow

Most well known type of software injection attack.
Because buffer is limited in size, if software doesn't ensure insertions in buffer are limited in size, sufficient amounts of malicious code could overflow buffer. Malicious overflow code could then be stored in memory and run to perform operations inserted by hacker.

White Hat

Ethical Hacker

Black Hat

Unethical Hacker

Grey Hat

Both ethical and unethical at times. A fence sitter.

Packet Sniffing

Means of obtaining a password or anything sent over network without encryption.