U402

Monday, 3 August 2009 8:31 PM

Threats to data and information

Intentional damage Computer viruses Hacking/cracking- The ability to access another information illegally and view personal or interesting information inside Tampering with files- Altering information without physically being at the computer and without others knowing Information theft Vandalism of hardware- The intentional damaging of hardware Theft of hardware Accidental damage User error Not being able to do a basic operation properly therefore, possibly losing important information Failure to follow file-management procedures People sometimes may not be able to find their files or are unable to open their files because they have: Written the long extension Not given a clear enough filename Saved in the wrong folder or drive Equipment failure/damage A piece of hardware may not work because of many reasons Fire Variation in electricity flow Smoke Water Breakage

Consequences of violating security and privacy measures Breach of privacy Loss of income Loss of intellectual property (thoughts, concepts)

Ethics

A certain way to behave which is morally acceptable Employee monitoring- Watching what the employees are really up to by seeing their computer activity secretly. Employees see this as a breach of their privacy and can sometimes slow their working capability Workplace responsibilities- The employer and employee have specific responsibilities to fulfill in the workplace An employer is expected to give employees a safe and suitable environment to work in and pay them Employees should give back in return by working or the interests of the organisation If they do not comply, the employer is within their right to sack the employee. Codes of conduct and computer use policies- How a person is meant to use the computers in an organisation or even at school

I.T Page 1

Monday, 3 August 2009 8:31 PM

Security Measures
To protect data and information from being lost, organisations tend to have security measures.

Hardware

Biometrics (Fingerprint, voice, signature, hand recognition) Swipe cards Smart cards Power Protection (UPS, surge protector) Backup media USBs External hard drives Hard disk drives CD-ROMs/DVD-ROMs Online backups Memory cards

Surveillance Technology Packet sniffers- Diagnostic tools used to

Software

See U301: Networked Information Systems

secretly see the contents being sent across the network Desktop monitoring- Programs which allow employers to view what their employees are doing on the computer from the comfort of their own seat Log files- Keeps a record of actions employees do on the computer Keeps track of sites viewed, files accessed, edited, created etc. Closed-circuit television (CCTV) Telephones- Intercept phone calls made in the business to ensure the calls are business related.

I.T Page 2

Monday, 3 August 2009 8:31 PM

Acts and Laws

The national laws in Australia are: Privacy Act 1988 The Privacy Amendment Act 2000 Copyright Act 1968 Copyright Amendment (Digital Agenda 2000) Health Records Act 2001 Information Privacy act 2000

Health Records Act

Deals with: Protecting patients' health records and information Allows the information to be used for its primary use only, therefore protecting the confidentiality of patients. Is not disclosed to third party organisations for a secondary purpose without permission

Privacy Act 1988

Deals with three main areas Safeguards collection and use of TFN by federal government agencies Protection of personal information stored by the federal government Information about people's credit worthiness held by credit reporting agencies Privacy Amendment Act 1988 Laws also adjusted for private orgnanisations

Information Privacy Principles Copyright Act 1968

Deals with The illegal borrowing of intellectual property (books, music, games, movies, television shows) and making it their own Prohibition of the copying of music, games, movies without permission from the copyright holder(s). Penalties Fine up to $60500 or 5 years jail 1. Manner and purpose of collection of personal information- If the information is used for its intended purpose and not another reason unspecified 2. Solicitation (request) of personal information from individual concerned- User must disclose why the information is being used to the individual and must be for a lawful use 3. Solicitation of personal information generally- Must be for a lawful reason and must be up-to-date and cannot interfere with the individual 4. Storage and security of personal information- Must be stored in a secure location and prevented from unauthorised access, loss etc 5. Information relating to records kept by recordkeeper6. Access to records containing personal informationIndividuals are entitled to see their information 7. Alteration of records containing personal information- Records are to be up-to-date but can be altered if they are wrong 8. Record-keeper to check accuracy etc. of personal information before use- Information can only be used once it has been checked for accuracy, timeliness etc and is relevant for the purpose it was collected for 9. Personal information to be used only for relevant purposes- Information cannot be kept if it's not relevant 10. Limits on use of personal information- Information cannot be misused and used for another purpose 11. Limits on disclosure of personal informationCannot be disclosed to anyone else without permission from the individual

Information Privacy Act 2000

A new set of laws very similar to Privacy Act 1988 but specifically outlines the obligations of the Victorian State government Deals with: responsible collection and handling of personal information in the Victorian public sector right of access for individuals to information held about them by organisations, including contracted service providers engaged under a state contract a right for individuals to have an organisation correct information held about them, including information held by a contracted service provider remedies for interference with the information privacy of an individual

I.T Page 3

U401
Monday, 14 September 2009 9:15 PM

On-Screen User Documentation Manuals (either electronic or hard copy) which give information and instructions
on how to use a certain product.

Types of User Documentation:

Printed handbooks User guides/instruction manuals (CDs/DVDs/PDFs) Quick start guides In-house user documentations Read Me files Tutorials Help files Web Support (Community Forums, Website Help) Tool tips/hint boxes Elements in designing on-screen information Proportion: Needs to be designed in terms of importance or hierarchy. The most important information resides at top (e.g. heading, logo, contact information) This information is very large most of the time The less important information is lower down in the hierarchy Orientation: The direction and aspect of elements on a page Certain elements need to be sized or aligned correctly to have a successful user documentation For example: a help file is normally viewed as a small window. The window should be the correct size and yet still be legible to the viewer Clarity: How visually clear the information is without it being too crowded Too much objects should not exist to overload the user This would lead to the user not being able to find the information quick enough Font sizes, styles and quality of graphics affect this Consistency: How often similar styles, layouts and features are used in the user documentation. To have a consistent user documentation, things like logos, banners, headers and footers, headings and colour schemes should be similar if not the same If pages look different, this causes user confusion People may think they have navigated to a different page

I.T Page 4

Monday, 14 September 2009 9:15 PM

Backups and Restoration

Backups
There are different types of backups Incremental: Backs up files only when changes have been made using MORE THAN TWO media to back up files. Differential: Uses TWO sets of backup media to backup. One is used for full backup while the other is for differential. Full: Completely backs up files every time even if there are no changes. Quickest to restore yet longest to save Backup timeline/strategies Should aim to back up regularly depending on the size of the business. A big business should aim for daily backups at end of each day A smaller business can back up less frequently Backups should be done on more than one media. Types of media include: CD/DVD-RWs Tapes USBS Hard disks Useful because very quick to restore data Disks Online servers Memory cards Backups should be named and contain the date it was backed up. Location of backups In the case of fires and other disasters, backups should be kept in A safeguarded area Fireproof case Safe with combination lock Remote locations

Restoration
Disaster Recovery strategies Every business should have a disaster recovery plan in the case of a disaster Emergency Plan: Specific steps/procedures to be taken in the case of an accident or natural disaster Backup plan: See Backups under the 'Backups and Restoration' heading Recovery Plan: Specific procedures taken to successfully recover data in the case of data loss Test Plan: Testing out, or simulating these plans to make sure they work in the case of a real disaster Evaluating the EFFECTIVENESS of data security measures Must evaluate the: Integrity of data Ease of retrieval Security Currency of files
Integrity of data If the data, after backups and possibly retrieval, is still useable Hasn't been corrupted Can test the integrity by the three elements: accuracy, timeliness and reliability Security Make sure the security is hacker proof Measure how much the security measures has decreased the amount of data loss and hardware theft Ease of retrieval How long it takes to retrieve all files File naming conventions should be easy to follow Writing an appropriate name (short, meaningful) Timestamp Appropriate extension if not provided

I.T Page 5

Monday, 14 September 2009 9:15 PM

Purpose of Project Management

Project Managament
Organising, planning and monitoring a project Managing tasks, times and resources The planning, coordinating and controlling of the development of a solution Stages of Project Define the project Design the project Execute the project Terminate the project (evaluation/review)
Terms Task: A job that is defined that helps towards the completion of the solution. Resource: Equipment that can get the task completed. Milestone: The completion of a significant point in the project Dependency/Precedents: See Dependency under 'Task Analysis' heading. Critical Path: See Critical Path under 'Task Analysis' heading.

Task Analysis Identifying:

All the separate tasks that must be done The dependencies between each task Dependency: When a task that can only be commenced once the previous task is completed) Critical path: when a set of tasks will be delayed due to one task not being completed on time Allocating resources and time Match people's skills to appropriate tasks Estimate the length of time the project will take Best and worst case scenarios Talk to others who have experience Have teammates tell their independent estimates Standards must be set and covered Agreed to before execution of project Conventions followed, scheduling meetings, creating reports Designing Tasks must be documented and designed Gantt Charts PERT Charts/network diagrams Monitoring Meetings should be set for: People to report back to the team on progress Difficulties people may have encountered Ideas to be shared Progress can be recorded by: Use of Gantt charts Log books

It must Achieve its goal Be completed on time Be completed within a budget

PERT Chart: A type of organisational chart for project management. Useful when the duration of a task is uncertain. Lag time: The amount of time before the next task has to be started before the task is delayed. Lead time: The amount of time leading up to a task

I.T Page 6

U302
Tuesday, 3 November 2009 2:51 PM

Databases
Stores information in fields on different tables Primary keys: a unique identifier which must have an entry Form: Allows users to input data through an input screen which is linked to its corresponding table Much easier to input data rather than in tables Query: Ask for specific results by filtering what you want to see Information is normally set out into a report (manipulated) to be read more easily Report: Formats the query data and allows the user to add statistics, headers and footers, colour schemes etc. This is the easiest and clearest way to read information that has been filtered and formatted Macros: Programs which automatically complete a set of tasks (e.g. print a report)

Common data types

Autonumber: A number generated automatically through a sequence Text: characters alphanumeric Numeric: numbers ONLY Boolean: True/False, Yes/No Data: a variation of numeric fields Object: Any form of media Memo: unlimited text but not searchable

Relational databases: Databases that have tables with a connection between one or more other tables from a common field Types of relationships: One-to-one: When one record on one table is connected to only one record on another table. One-to-many: When one record on one table is connected to many records on another table Many-to-many: When a record on one table can be connected to many records on another table and vice versa.

Procedures to manage the handling of information

By validation: Electronic validation: using software functions to check the accuracy, reasonability and suitability of the data Some forms of electronic validation are: Spell checking Range-checking Pre-defined lists (or drop down lists) Input masks (controls how data is entered specifically e.g phone numbers, post codes) Alignment (numbers and text) Databases allow validation rules to be created Similar to a formula Only obeys data to be entered if it meets the criteria

I.T Page 7

U301
Monday, 14 September 2009 9:59 PM

What is an information system? AN INFORMATION SYSTEM CONSISTS OF

Data- to be manipulated Software Hardware Personnel- to oversee the running of the system Procedures- to make the manipulation of data as efficient as possible.

Information processing stages

How data is turned into information DATA- raw unorganised facts Once inputted, maniupated into meaningful use, it is
INFORMATION

Elements of an information system

Data Suitability Reliability Accuracy Timeliness Freedom of bias Software Operating software Application software Utility software (anti-virus software etc) Hardware Input devices (keyboard, mouse, mics) Output devices (printers, projectors, speakers) System unit (CPU, RAM) Storage devices (hard drives, USBs, CD/DVDs) Communcation devices (NICs, modems) Personnel Procedures

These are the nine steps in order to make data into information Acquisiton: Acquiring data i.e. survey, interview, poll, recordings Input: Writing the data into an information system by keyboard, tape recorder, CD/DVD, mouse, scanner etc. Validation: Check the data to ensure there is no inaccuracies Manipulation: Present the data in the way the user wants to see (e.g. sorting the names of a club in alphabetical order Storage: Finding a suitable storage method to store the data for later use e.g. USB, hard drive, CDs, back-ups Retrieval: Needs to be retrieved from the storage for later use or to be transferred to the computer's main memory Output: Creating the information of either text, graphics, other media or a combination of those. This information can be outputted by printers, monitors, projectors Communication: This information is then presented or distributed to a specific audience via fax, email, mail, video conferencing Disposal: Once the information is old, the information is deleted from all the sources by either shredding

1. Analyse Define the information problem Investigate the problem Define the data required (output and input) Determine the software to be used 2. Design Plan the solution (Gantt Chart or PERT chart) Draw layout diagrams of the solutons Create formula lists or macro designs (depending on the type of solution) IPO chart/Flow chart Choosing fonts, alignment, colours, conventions Creating test data and tables Create criteria for evaluation (used in evaluation step) 3. Develop Create the solution on your desired software 4. Test Frequently test the solution to minimise errors Two types of testing (see Glossary M-Z) 5. Document Provide sufficient documentation for the intended user to use the solution Must be clear and easy to read and follow Can be either electronic or physical copies 6. Implement Make the solution ready to use for the intended customer 7. Evaluate View the criteria made in design phase to see if solution has met requirements Show how the solution has met requirements i.e. annotations

Solving an information problem

I.T Page 8

Monday, 14 September 2009 9:59 PM

Prototype websites

Managing and transmitting files

In a virtual environment, there should be steps taken to safely transmit and manage files. Encryption Access hierarchy: Subdivided into 'main', 'secure' and 'project' depending on the level of publicity desired. Main: Where the most public online information is contained Secure: Desired if the information needs to be secure. Encryption is recommended Project: If the information is secret to only a specific group Antivirus software Backups File-naming conventions Version control: To ensure every team member has the same version of a software or at least save files in a version that is compatible.

I.T Page 9

Monday, 14 September 2009 9:59 PM

Transmission Media
Can be carried in various ways Through cables Through wireless

Cables
Twisted-pair cable: when the cables are twisted in pairs and then twisted again as a group. Reason it is twisted because no interference occurs. Coaxial cable: a similar cable however uses insulation then copper, aluminum, tin or lead foil then another layer of insulation. Foil used to protect from signals from outside Fibre-optic: Uses light pulses through glass or plastic strands and can produce speeds 100Mbps.

Wireless
Radio waves Microwaves Satellite Infra-red

I.T Page 10

Monday, 14 September 2009 9:59 PM

Networked Information Systems

What is a network? Connects computers to share data, peripherals, information etc. Allows computers to communicate with each other and send messages, files, instructions etc. Types of networks Bus Network: All computers, printers and other peripherals run to a central cable also known as the backbone. Advantages: Least costly of the four types of networks Easy to add/remove a station No hubs used so less cable needed Disadvantages: Hard to extend cable as the whole network will be inoperative until the new cable is installed When there is a problem with the central cable, all devices are down Ring Network: Devices are connected in a ring and messages travel through each computer until it reaches the destination Advantages: No advantages Disadvantages: Difficult to set up as it needs to use as little cable as possible while having the ring formation Can cause lag time to receive a message as there will be network traffic Expensive with lengths of cable If one device is down, the whole network is down Star Network: All devices are connected directly to a hub Advantages: Easy to connect another device without interrupting network Can add extra cable without interrupting network Disadvantages: Hub sends message to all computers instead of the proper destination causing traffic, so lag time If hub is broken, network is down Expensive because longest amount of cabling is used in star networks. Tree Network: Number of star networks connected to a large bus network Advantages: Has the best of star and bus networks Use of fibre-optic cable for the backbone Disadvantages: Very costly and complicated to create

Network hardware and software

Network operating sotware: software that controls how specific devices can communicate with each other. Tasks that can be perfomed are: Controlling file access Managing print queues Authenticating access to network servers Maintaining a log of network usage and problems Communication software Electronic mail (email) File protocol transfer (FTP) Web browser IM Chat room Network interface card (NIC): used to link a computer or other component to the network Wireless access point: A location where wireless devices can connect to a wired or wireless network Hub: A device which can receive a signal from one device and sends it to all other devices on the hub. Are NOT used in bus or ring networks as they do NOT have a central point. Switch: Receives a signal from one device and sends it to the appropriate destination device Stores the MAC address of each device Can send many signals simultaneously Used in many client/server networks if there are more than two servers Routers: A communications device which sends information to the appropriate LAN. Modem: Used to send a computer's digital signal over the telephone line

Network Security

Networks need to be protected from information being stolen The different types of security are: Usernames and passwords Firewall: Filters information entering the network Examines the IP address of the incoming computer and blocks it from entering protected servers, files, folders etc. Can also be used to restrict employees from accessing sensitive information Malware Protection: Protects the computer or network from malicious software and viruses. These are usually virus-protection software and anti-spyware software. Encryption: Converting information into a secret code which can only be read by authorised users. Two types of encryption: Symmetric-key protection: where two computers share the same key to encrypt and decrypt a file and is only known by those two computers Asymmetric-key protection: where each computer has two keys: a public and private key. The public key is the same for all computers and is used only for encrypting a file. The way to decrypt it is by using the private key which is only kept for yourself.

I.T Page 11

Monday, 14 September 2009 9:59 PM

Logical Design of a Network

Many considerations in designing a network Ability to fulfill required functions Cost Applications Security LAN protocols Expansion capability Compatibility of components Access to required information and resources

I.T Page 12

Glossary A-L
Sunday, 11 October 2009 3:11 PM A Acquisition: Acquiring data i.e. survey, interview, poll, recordings Access hierarchy: Subdivided into 'main', 'secure' and 'project' depending on the level of publicity desired. G Gantt Chart: A type of organisational chart used commonly in project managent

B Backup: Incremental: Backs up files only when changes have been made. Differential: Uses two sets of backup media to backup. One is used for full backup while the other is for differential. Full: Completely backs up files every time even if there are no changes. Quickest to restore yet longest to save

H Hacking: The ability to access another information illegally and view personal or interesting information inside Hub: A device which can receive a signal from one device and sends it to all other devices on the hub.

C Conventions: A formal way of displaying information Critical Path: The longest time frame in a task Cables: Coaxial: A similar cable however uses insulation then copper, aluminum, tin or lead foil then another layer of insulation. Twisted-pair: When the cables are twisted in pairs and then twisted again as a group. Fibre-optic: Uses light pulses through glass or plastic strands and can produce speeds 100Mbps. Communication: This information is then presented or distributed to a specific audience via fax, email, mail, video conferencing Cracking: See Hacking

I Input: Writing the data into an information system by keyboard, tape recorder, CD/DVD, mouse, scanner etc.

D Databases Relational: Databases that have tables with a connection between one or more other tables from a common field Dependency: When a task that can only be commenced once the previous task is completed) Decisions: Day-to-day: Decisions at worker level such as deciding which customer to serve next etc. Operational: Decisions made by operational managers such as deciding how much stock to order, hiring workers etc. Tactical: Decisions over several weeks or months on the running of organisation Strategic: Decisions relating towards long-term goals of organisation Disposal: Once the information is old, the information is deleted from all the sources by either shredding

E Encryption: Converting information into information into a secret code which can only be read by authorised users.

F Firewall: Filters information entering the network Form: Allows users to input data through an input screen which is linked to its corresponding table

Lag time: The amount of time before the next task has to be started before the task is

Lead time: The amount of time leading up to a task Log files: Keeps a record of actions employees do on the computer

delayed.

I.T Page 13

Glossary M-Z
Sunday, 11 October 2009 4:10 PM

M Malware Protection: Protects the computer or network from malicious software and viruses. Manipulation: Present the data in the way the user wants to see (e.g. sorting the names of a club in alphabetical order Monitoring: Desktop/Employee: Programs which allow employers to view what their employees are doing on the computer from the comfort of their own seat Macros: Programs which automatically complete a set of tasks (e.g. print a report)

T Testing: Formal: A complete testing of the entire solution upon completion through comprehensive documentation (testing tables) Informal: Frequent testing of the solution through development to see if solution behaves accordingly. Tampering with files: Altering information without physically being at the computer and without others knowing Tables: Relational: A table links to another table by a common field Flat-file: All fields are in one table

N Network operating sotware: software that controls how specific devices can communicate with each other. Network interface card (NIC): used to link a computer or other component to the network

O Objectives: Small achievable tasks completed to accomplish the big goal. Output: Creating the information of either text, graphics, other media or a combination of those. This information can be outputted by printers, monitors, projectors

V Validation: Check the data to ensure there is no inaccuracies Electronic: Using software functions to check the accuracy, reasonability and suitability of the data Manual: The creator proofreads for errors Vandalism: The intentional damaging of hardware and software

Packet sniffers: Diagnostic tools used to secretly see the contents being sent
across the network PERT Chart: A type of organisational chart used for project management

W Wireless access point: A location where wireless devices can connect to a wired or wireless network

Q Query: Ask for specific results by filtering what you want to see

R Relationships: One-to-one: When one record on one table is connected to only one record on another table. One-to-many: When one record on one table is connected to many records on another table Many-to-many: When a record on one table can be connected to many

I.T Page 14

 Many-to-many: When a record on one table can be connected to many records on another table and vice versa. Routers: A communications device which sends information to the appropriate LAN. Retrieval: Needs to be retrieved from the storage for later use or to be transferred to the computer's main memory Report: Formats the query data and allows the user to add statistics, headers and footers, colour schemes etc.

S Hub: A device which can receive a signal from one device and sends it to all other devices on the hub. Storage: Finding a suitable storage method to store the data for later use e.g. USB, hard drive, CDs, back-ups

I.T Page 15

Organisations and information needs

Tuesday, 3 November 2009 5:54 PM

Decision-making
Two factors: Level of management Type of decision Strategic decisions: Made by the Senior management relating to long term goals of an organisation. Example: releasing a new product line Tactical decisions: Made by the Middle management (or managers) relating to the running of the organisation. Operational decisions: Made by the operational management relating to tasks such as hiring, firing, new stock. Day-to-day decisions: Made by the store workers relating to immediate decisions such as serving the next customer etc.

I.T Page 16

Very important: Exam basics

Tuesday, 3 November 2009 5:55 PM

Purpose of Project Management

It must Achieve its goal Be completed on time Be completed within a budget 1. 2. 3. 4. 5. 6. 7. 8. 9.

Information processing steps

Acquisition Input Validation Manipulation Storage Retrieval Output Communication Disposal

What is an information system? AN INFORMATION SYSTEM CONSISTS OF

Data- to be manipulated Software Hardware Personnel- to oversee the running of the system Procedures- to make the manipulation of data as efficient as possible.

Goals, objectives and the mission statement

Mission statement: The purpose of an organisation which bases the goals and objectives Goals: A big task which helps to fulfill the mission statement Objectives: Many small tasks (mainly through information systems) which help in achieving the big goal

How data is turned into information DATA- raw unorganised facts Once inputted, maniupated into meaningful use, it is
INFORMATION

Evaluating the EFFECTIVENESS of data security measures Must evaluate the: Integrity of data Ease of retrieval Security Currency of files

I.T Page 17