// credits to dubrovnik101 for the cards here:
// http://quizlet.com/43823077/database-final-access-2013-flash-cards/
Things to Remember:
Architecture: Decisions about DBMS, database servers, and database distribution are tightly integrated with other architectural decisions, including network design, Web and component services, and security.
Existing databases: Most new or upgraded systems must interact with existing databases, with their pre-existing constraints. While adapting existing databases to new or updated systems, analysts must ensure their continued operation.
Domain model class diagram—Database design can't proceed until related parts of the class diagram have been developed.
What are Integrity Controls designed to do?
Designed to protect data from hardware failure and catastrophes
Redundancy - continuous access to data through redundant databases, servers, and sites
Backup - procedures make partial or full copies of a database to removable storage media, such as magnetic tape, or to data storage devices or servers at another site
Recovery - procedures read the off-site copies and replicate their contents to a database server that can then provide access to programs and users.
How to prevent fraud using Integrity Controls:
Opportunity—the ability of a person to take actions that perpetrate a fraud. For example, unrestricted access to all functions of an accounts payable system enables an employee to generate false vendor payments.
Motivation—a desire or need for the results of the fraud. Money is the usual motivation, although a desire for status or power as well as a need to be a "team player" may be contributing factors.
Rationalization—an excuse for committing the fraud or an intention to "undo" the fraud in the future. For example, an employee might falsify financial reports to stave off bankruptcy, thus enabling fellow workers to keep their jobs.
What are the objectives of Security Controls:
Maintain a stable, functioning operating environment for users and application systems (usually 24 hours a day, 7 days a week).
Firewalls to protect from hackers, viruses, works, and denial of service attacks
Protect information and transactions during transmission across the Internet and other insecure environments
Information could be intercepted, destroyed or modified
How do you encrypt data?
Common types of data requiring additional protection
Financial information
Credit card numbers, bank account numbers, payroll information, healthcare information, and other personal data
Strategies and plans for products and other mission-critical data
Government and sensitive military information
Data stored on such portable devices as laptop computers and cell phones
On Integration Testing:
Integration testing of object-oriented software is very complex because an object-oriented program consists of a set of interacting objects
Methods can be (and usually are) called by many other methods, and the calling methods may be distributed across many classes.
Classes may inherit methods and state variables from other classes.
The specific method to be called is dynamically determined at run time based on the number and type of message parameters.
Objects can retain internal variable values (i.e., the object state) between calls. The response to two identical calls may be different due to state changes that result from the first call or occur between calls.
On Usability Testing:
Most common type evaluates functional requirements, use case by use case
Can be completed in each iteration as use cases are implemented
Can test ease of learning and ease of use
Can test whether results match actual requirements
Key type of feedback from users throughout project
↧