ISM Final Exam Review Guide CHAPTER 6 What is SDLC Systems Development Life Cycle structured step by step approach for developing information systems aka Waterfall Methodology each phase is followed by one another Seven Phases in SDLC 1 Planning develop project plan 2 Analysis gather system requirements 3 Design design system 4 Development build the system 5 Testing test the system 6 Implementation detailed documentation user training 7 Maintenance support system users maintain supportive environment Planning Phase 1 define system to be developed choose Critical Success Factor CSF 2 set project scope defines system requirements 3 develop project plan Project Plan defines what when who of system development Project Manager defines develops tracks project Project Milestones key dates for which certain aspects done Analysis Phase 1 gather business requirements Business Requirements requests system must meet Joint Application Development JAD define review of system s business requirements done by workers IT 2 prioritize requirements Requirements Definition Document prioritizes business requirements in single document Technical Architecture hardware software telecommunications required for system Design Phase 1 design technical architecture 2 design system models Development Phase 1 build technical architecture 2 build database programs Testing Phase 1 write test conditions detailed steps system must perform 2 perform system testing Implementation Phase 1 write detailed user documentation User Documentation shows how to use the system 2 prove training for system users online or workshop Maintenance Phase 1 build help desk to support system users Help Desk group of people who respond to questions 2 provide supportive environment Characteristics of SDLC Context method originally for old computers Size BIG applications Cost high Rigidity Not Iterative Component Based Development CBD focuses on building small self contained blocks of components that can be reused across variety of applications Standard Interface Loosely Coupled Rapid Application Development RAD aka rapid prototyping emphasizes extensive user involvement to accelerate system s development process development team is continuously designing developing testing prototypes not on study guide Selfsourcing End User Development development support of IT systems by end users with little no help from IT specialists do it yourself approach more acceptable for developing smaller systems design development testing implementation replaced by prototyping Advantages of Selfsourcing improves requirements determination increases end user participation increases speed of systems development reduces invisible backlog list of all systems that an organization needs to develop but doesn t have resources to do so Disadvantages of Selfsourcing potential for inadequately developed systems lack of organizational focus cid 224 privatized systems insufficient design analysis cid 224 subpar systems lack of documentation external support cid 224 short lived systems Outsourcing delegation of specified work to third party specified length of time specified cost specified level of service Outsourcing Options purchase existing software and then 1 pay to have certain modifications made 2 pay for right to make modifications yourself 3 pay for entirely new unique system to be created Advantages of Outsourcing focus on unique core competencies exploit intellect of another organization better predict future costs acquire leading edge technology improve performance Disadvantages of Outsourcing reduces technical know how reduces degree of control increases vulnerability increases dependency CHAPTER 7 IT Infrastructure implementation of your organization s architecture includes hardware software information Software Infrastructure ERP collection of integrated software for businesses replaces islands of information processes SOA Service Oriented Architecture software architecture perspective that focuses on development use reuse of small self contained services Goal to meet all application software needs ERP SOA plug and play components services all modules are interoperable IT infrastructure beneath are hidden from users Client Server Network Infrastructure one or more computers that are servers which provide services to other computers clients Features servers clients work together to optimize processing info storage etc Pros offloads info processing burden from the server Cons places heavy load on network capacity Five Models of Client Server Network Infrastructure 1 Distributed Presentation server handles almost all functions 2 Rempte Presentation client handles all presentation functions 3 Distributed Logic server handles all data management client handles all presentation formatting logic processing is shared 4 Remote Data Management server handles data management only client formats presentation processes business rules 5 Distributed Data Management client handles all presentation formatting business rule processing data management duties are shared Tiered Infrastructure IT system is partitioned into layers where each layer performs specific type of functionality tiered to represent types of client server network 3 Tier Infrastructure client application server database server N Tier Infrastructure scalable 3 tier structure with more servers ex web CHAPTER 8 Phishing program system website that pretends to be authentic to gain personal information for purpose of identity theft Cookie small file containing info about you your web activities which a web site places on your computer Anonymous Web Browsing AWB hides your identity from web sites you visit based on web proxy technology Techniques of Hackers Vulnerability Scanner part of intrusion detection system in firewalls Computer Virus software written with malicious intent to cause annoyance damage DoS Attach floods web site with so many service requests it slows down crashes Denial of Service Attack Packet Sniffer examines info passing by your computer or other network devices Computer Security Goals Availability Confidentiality Integrity Types of Computer Security 1 Hardware Security Threats drinks food kicked bumped Controls good use policy backup 2 Software Security Threats virus malfunction improper accessibility Controls anti virus access control backup 3 Physical Security Threats power loss natural disasters human vandals Controls uninterruptible power supply backup 4 Network Security Threats data
View Full Document