Term
| Knowledge discovery in database (KDD) |
|
Definition
| Combination of techniques to identify valid and useful patterns. AKA Data mining |
|
|
Term
| Online transaction processing (OLTP) |
|
Definition
| Used when databases are clustered to provide fault tolerance and higher performance. |
|
|
Term
|
Definition
| Divides transactions into units of work and ensures that all modifications take effect or none takes effect. Either the changes are committed or the database is rolled back. 1st part of ACID |
|
|
Term
|
Definition
| A transaction must follow the integrity policy developed for that particular database and ensure that all data is consistent in the different databases. 2nd part of ACID |
|
|
Term
|
Definition
| Transactions execute in isolation until completed, without interacting with other transactions. The results of the modification are not available until the transaction is completed. 3rd part of ACID |
|
|
Term
|
Definition
| Once the transaction is verified as accurate on all systems, it is committed, and the databases cannot be rolled back. 4th part of ACID |
|
|
Term
|
Definition
| Result of storing data within a database and mining the data with tools. |
|
|
Term
| 3 approaches in KDD systems |
|
Definition
• Classification - Groups together data according to shared similarities.
• Probabilistic - Identifies data interdependencies and applies probabilities to their relationships.
• Statistical - Identifies relationships between data elements and uses rule discovery. |
|
|
Term
|
Definition
| Performed to identify the relative risks and the potential consequences of what a customer can be faced with when using the particular product that is being developed. |
|
|
Term
|
Definition
| Dictates the type of information to be processed and how it will be processed |
|
|
Term
|
Definition
| Outlines the tasks and functions that the application needs to carry out |
|
|
Term
|
Definition
| Explains the states that the application will be in during and after specific transitions take place |
|
|
Term
|
Definition
| Determines if the product accurately represents and meets the specifications. |
|
|
Term
|
Definition
| Determines if the product provides the necessary solution for the intended real-world problem. |
|
|
Term
|
Definition
| Process of reviewing and evaluating security controls and functionality. |
|
|
Term
|
Definition
| Formal acceptance of the system by management and an explicit acceptance of risk. |
|
|
Term
| Joint Analysis Development (JAD) |
|
Definition
| A method that uses a team approach in application development in a workshop-oriented environment. |
|
|
Term
|
Definition
| A method that builds upon the waterfall method with an emphasis on risk analysis, prototypes, and simulations at different phases of the development cycle. |
|
|
Term
|
Definition
| A classical method that uses discrete phases of development that require formal reviews and documentation before moving into the next phase of the project. |
|
|
Term
| Rapid Application Development (RAD) |
|
Definition
| A method of determining user requirements and developing systems quickly to satisfy immediate needs. |
|
|
Term
|
Definition
| An approach that attempts to prevent errors or mistakes by following structured and formal methods of developing and testing. This approach is used for high-quality and critical applications that will be put through a strict certification process. |
|
|
Term
|
Definition
Refers to the procedures that are used to carry out changes that affect the network, individual systems, or software:
• Identifying, controlling, accounting for, and auditing changes made to the baseline trusted computing base (TCB), which includes changes to hardware, software, and firmware.
• A system that controls changes and tests documentation through the operational life cycle of a system. |
|
|
Term
|
Definition
| Development process is ad hoc or even chaotic. The company does not use effective management procedures and plans. There is no assurance of consistency, and quality is unpredictable. 1st Phase of the CMM |
|
|
Term
|
Definition
| A formal management structure, change control, and quality assurance are in place. The company can properly repeat processes throughout each project. The company does not have formal process models defined. 2nd phase of the CMM |
|
|
Term
|
Definition
| Formal procedures are in place that outline and define processes that are carried out in each project. The organization has a way to allow for quantitative process improvement. 3rd phase of the CMM. |
|
|
Term
|
Definition
The company has formal processes in place to collect and analyze qualitative data, and metrics are defined and fed into the process improvement program. 4th phase of CMM
program. |
|
|
Term
|
Definition
| The company has budgeted and integrated plans for continuous process improvement. 5ht phase of CMM |
|
|
Term
|
Definition
Third party keeps a copy of the source code, and possibly other materials, which it will release to the customer
only if specific circumstances arise, mainly if the vendor who developed the code goes out of business or for some reason is not meeting its obligations and responsibilities. |
|
|
Term
|
Definition
| Capability to suppress unnecessary details so that the important, inherent properties can be examined and reviewed |
|
|
Term
| Object-oriented design (OOD) |
|
Definition
| A design method in which a system is modeled as a collection of cooperating objects. Each individual object is treated as an instance of a class within a class hierarchy. |
|
|
Term
|
Definition
| When different objects respond to the same command, input, or message in different ways. |
|
|
Term
| Object-oriented analysis (OOA) |
|
Definition
| Process of classifying objects that will be appropriate for a solution. |
|
|
Term
|
Definition
| Performs a single task with little or no help from other modules. |
|
|
Term
|
Definition
| Measure of interconnection among modules in an application. |
|
|
Term
| Object Management Architecture (OMA) |
|
Definition
| Provides standards to build a complete distributed environment. |
|
|
Term
| Object request brokers (ORB) |
|
Definition
| Manages all communications between components and enables them to interact in a heterogeneous and distributed environment. |
|
|
Term
| Common Object Request Broker Architecture (CORBA) |
|
Definition
| Provides interoperability among the vast array of software, platforms, and hardware in environments today. |
|
|
Term
| Computer-aided software engineering (CASE) |
|
Definition
| Scientific application of a set of tools and methods to a software system which is meant to result in high-quality, defect-free, and maintainable software products. |
|
|
Term
|
Definition
| A model of the gathered requirements of a software product. |
|
|
Term
| Component Object Model (COM) |
|
Definition
| Defines how components interact and provides an architecture for simple interprocess communication (IPC). |
|
|
Term
| Distributed Component Object Model (DCOM) |
|
Definition
| Defines how components interact and provides an architecture for simple distributed interprocess communication (IPC). |
|
|
Term
| Open Database Connectivity (ODBC) |
|
Definition
| De facto standard that provides a standard SQL dialect that can be used to access many types of rational databases. |
|
|
Term
| Object linking and embedding (OLE) |
|
Definition
| Provides a way for objects to be shared on a local personal computer and to use COM as their foundation. |
|
|
Term
|
Definition
| The capability for one program to call another program is called. |
|
|
Term
|
Definition
| Capability to place a piece of data inside a foreign program or document. |
|
|
Term
| Distributed Computing Environment (DCE) |
|
Definition
| Standard that was developed by the Open Software Foundation (OSF), also called Open Group. Provides an RPC service, security service, directory service, time service, and distributed file support. |
|
|
Term
| Dynamic Data Exchange (DDE) |
|
Definition
| Enables applications to share data by providing interprocess communication (IPC). |
|
|
Term
| Uses a globally unique identifier (GUID) |
|
Definition
| Distributed Component Object Model (DCOM) |
|
|
Term
| Uses a universal unique identifier (UUID). |
|
Definition
| Distributed Computing Environment (DCE) |
|
|
Term
|
Definition
| Code that can be transmitted across a network, to be executed by a system or device on the other end. |
|
|
Term
| Enterprise JavaBeans (EJB) |
|
Definition
| Structural design for the development and implementation of distributed applications written in Java. |
|
|
Term
| Provides interfaces and methods to allow different applications to be able to communicate across a networked environment by using the Internet Inter-ORB Protocol (IIOP) |
|
Definition
| Enterprise JavaBeans (EJB) |
|
|
Term
|
Definition
| A computer program containing a knowledge base and a set of algorithms and rules used to infer new facts from knowledge and incoming data. |
|
|
Term
|
Definition
| Automatically matches facts against patterns and determines which rules are applicable. |
|
|
Term
|
Definition
| A common way of developing expert systems. |
|
|
Term
| Artificial neural network (ANN) |
|
Definition
| An electronic model based on the neural structure of the brain |
|
|
Term
| When source code is processed by a compiler |
|
Definition
|
|
Term
|
Definition
| Small application, or string of code, that infects applications. |
|
|
Term
|
Definition
| Produces varied but operational copies of itself. |
|
|
Term
|
Definition
| Hides the modifications that it has made to files or boot records. |
|
|
Term
|
Definition
| Infects both the boot sector of a hard drive and executable files. |
|
|
Term
|
Definition
| Attempts to hide from antivirus software by garbling its own code. |
|
|
Term
|
Definition
| Not actual computer viruses but types of e-mail messages that are continually forwarded around the Internet. |
|
|
Term
|
Definition
| Can reproduce on their own without a host application, and are self-contained programs. |
|
|
Term
|
Definition
| Executes a program, or string of code, when a certain event happens or a date and time arrives. |
|
|
Term
|
Definition
| Program that is disguised as another program. |
|
|
Term
|
Definition
| A way of generating significant computer network traffic on a victim network. Requires three players: the attacker, the victim, and the amplifying network. |
|
|
Term
|
Definition
| Sends a large amount of User Datagram Protocol (UDP) echo traffic to IP broadcast addresses, all of it having a fake source address. |
|
|
Term
|
Definition
| TCP connections requests are sent faster than a machine can process them. |
|
|
Term
|
Definition
| A program that sends IP fragments to a machine connected to the Internet or a network. |
|
|
Term
| Distributed denial-of-service (DDoS) |
|
Definition
| Logical extension of the DoS attack that gets more computers involved in the act. |
|
|
Term
| Between-the-lines entry attack |
|
Definition
| Attacker taps into and uses an active communications line. The user may not be using the connection at that time, but it is still active, so the attacker jumps in and uses it. |
|
|
Term
|
Definition
A negative acknowledgement to tell a system that a certain piece of information was not received or that a certain message or parameter is unacceptable. Some systems do not deal with negative acknowledgements properly—they were only programmed to accept ACK packets, and attackers use this weakness
to their advantage. |
|
|
Term
|
Definition
| An attacker may access and keep a communications session open after the user attempts to terminate it. In this case, the user drops off, thinking the connection is closed, but actually the attacker kept the connection active and is now using it. |
|
|
Term
|
Definition
| Happen when an application does not check the length of data that is input. |
|
|
