General diploma questions (from the field of study)

1st degree engineering studies

1) Discuss examples of applications of selected branches of mathematics (eg

Statistics, Numerical Methods, Discrete Mathematics) in the preparation
and implementation of IT projects.

We need mathematical application in frill of It because we don’t need

mathematical formulas from those discreet and statistic but we need
mathematical reasoning in order to help IT for rough example graph theory can
tree diagram can we used to help us with nodes and server. Numerical
analysis, area of mathematics and computer science that creates, analyses,
and implements algorithms for obtaining numerical solutions to problems
involving continuous variables.
2) Characterize the properties of selected CMS (content management
systems) and define the basic areas of their applications
 3) Characterize selected tools for automating the testing of desktop programs
and web applications.

Step 1: Understand your project requirements thoroughly. ...

Step 2: Consider your existing test automation tool as a benchmark. ...
Step 3: Identify the key criteria suitable for a project. ...
Step 4: Leverage Pugh Matrix Technique for Analysis.
 4) Compare the properties of the tools used for the needs of computer
graphics and image processing.

Image processing is usually associated with pattern recognition and is rather

treated as a subject outside of the computer graphics interest. Basically
computer graphics algorithms are used for the visualization of scenes or models
described using some abstract notation, while image processing is used on the
opposite way — i.e. when finding an abstract description of an analyzed pattern.

Medical imaging
In 1972, the engineer from British company EMI Hounsfield invented the X-ray
computed tomography device for head diagnosis, which is what is usually called
CT (computer tomography). The CT nucleus method is based on the projection
of the human head section and is processed by computer to reconstruct the
cross-sectional image, which is called image reconstruction. In 1975, EMI
successfully developed a CT device for the whole body, which obtained a clear
tomographic image of various parts of the human body. In 1979, this diagnostic
technique won the Nobel Prize.[4] Digital image processing technology for
medical applications was inducted into the Space Foundation Space Technology
Hall of Fame in 1994.[24]

5) Discuss the basic properties and applications of distributed databases.

The data is split into a number of fragments;
• Fragments may be replicated;
• Fragments/replicas are allocated to sites;
• The sites are linked by a communications network;
• The data at each site is under the control of a DBMS;
 6) Describe the stages of constructing the use case model in the SI software
design process and its description in the SI project documentation.

Software design is the process by which an agent creates a specification of

a software artifact intended to accomplish goals, using a set of primitive
components and subject to constraints.

In software engineering, a software development process is the process of

dividing software development work into distinct phases to improve design,
product management, and project management. It is also known as a software
development life cycle.

Collect information sources—How am I supposed to know that?

• Identify potential actors—Which partners and customers use the goods
and services of the business system?
• Identify potential business use cases—Which goods and services can
actors draw upon?
• Connect business use cases—Who can make use of what goods and
services of the business system?
• Describe actors—Who or what do the actors represent?
• Search for more business use cases—What else needs to be done?
• Edit business use cases—What actually has to be included in a business
use case?
• Document business use cases—What happens in a business use case?
• Model relationships between business use cases—What activities are
conducted repeatedly?
• Verify the view—Is everything correct?

7) Characterize the properties and purpose of UML diagrams.

In software engineering, a class diagram in the Unified Modelling Language

(UML) is a type of static structure diagram that describes the structure of a
system by showing the system's classes, their attributes, operations (or
methods), and the relationships among objects.
 8) Characterize the methods and tools used in practice for project
management.

Classic technique. ...

• Waterfall technique. ...
• Agile Project Management. ...
• Rational Unified Process. ...
• Program Evaluation and Review Technique. ...
• Critical Path Technique. ...
• Critical Chain Technique. ...
• Extreme Project Management.

9) Characterize the properties and applications of distributed systems.

A distributed system is a system in which components are located on
different networked computers, which can communicate and coordinate their
actions by passing messages to one another. The components interact with one
another in order to achieve a common goal.
Key characteristics of distributed systems are
• Resource Sharing

10) Characterize examples of applications of artificial intelligence in

selected IT solutions (eg in robotics).

Some of the applications of AI include expert systems, speech recognition

and machine vision. Artificial Intelligence is advancing dramatically.
... AI can perform tasks such as identifying patterns in the data more
efficiently than humans, enabling businesses to gain more insight out of their
data.
 11) Characterize electronic communication channels and
perspectives of their applications and further development
There are many different types of electronic communication including
but not limited to: email, social media newsgroups, chat rooms, video
conferencing, instant messaging, phone and fax.

12) Characterize the tools that should be used for the lawful
management of information flow in the electronic form.
1.INFORMATION GOVERNANCE FRAMEWORK
2.CONFIGURABLE TAXONOMY
3.UNIFIED VISIBILITY FOR ALL RECORDS & ASSETS

4.FULL TEXT SEARCH & ADVANCED SEARCH FUNCTIONS

5.DISPOSITION ALERTS & DASHBOARD

13) Discuss the importance of Cloud Computing technology

to the availability, scalability, security and optimization of the
costs of services provided.
Efficiency / cost reduction

• 2. Data security
• 3. Scalability
• 4. Mobility
• 5. Disaster recovery
• 6. Control
• 7. Competitive edge
 14) Discuss cloud computing service models: SaaS (Software-
as-a-Service), IaaS (Infrastructure as a Service), PaaS
(Platform as a Service).
Infrastructure as a service (IaaS)
A vendor provides clients pay-as-you-go access to storage, networking, servers and
other computing resources in the cloud.

Platform as a service (PaaS)

A service provider offers access to a cloud-based environment in which users can build
and deliver applications. The provider supplies underlying infrastructure.

Software as a service (SaaS)

A service provider delivers software and applications through the internet. Users
subscribe to the software and access it via the web or vendor APIs.

15) Compare application areas and service properties

in a private, public and mixed cloud model.

Public clouds are the most common way of deploying cloud computing. The cloud
resources (like servers and storage) are owned and operated by a third-party cloud
service provider and delivered over the Internet.

Advantages of public clouds:

• Lower costs—no need to purchase hardware or software and you pay only for the
service you use.
• No maintenance—your service provider provides the maintenance.
• Near-unlimited scalability—on-demand resources are available to meet your business
needs.
• High reliability—a vast network of servers ensures against failure.

A private cloud consists of computing resources used exclusively by one business or

organisation. The private cloud can be physically located at your organisation’s on-site
datacentre or it can be hosted by a third-party service provider. But in a private cloud,
 the services and infrastructure are always maintained on a private network and the
hardware and software are dedicated solely to your organisation.

Often called “the best of both worlds,” hybrid clouds combine on-
premises infrastructure, or private clouds, with public clouds so
organizations can reap the advantages of both. In a hybrid cloud, data
and applications can move between private and public clouds for
greater flexibility and more deployment options. For instance, you can
use the public cloud for high-volume, lower-security needs such as web-
based email and the private cloud (or other on-premises infrastructure)
for sensitive, business-critical operations like financial reporting.

Advantages of a private clouds:

• More flexibility—your organisation can customise its cloud environment to meet specific
business needs.
• Improved security—resources are not shared with others, so higher levels of control and
security are possible.
• High scalability—private clouds still afford the scalability and efficiency of a public cloud.

Advantages of hybrid clouds:

• Control—your organisation can maintain a private infrastructure for sensitive assets.

• Flexibility—you can take advantage of additional resources in the public cloud when you
need them.
• Cost-effectiveness—with the ability to scale to the public cloud, you pay for extra
computing power only when needed.
• Ease—transitioning to the cloud does not have to be overwhelming because you can
migrate gradually—phasing in workloads over time.
16) Characterize the "Four V" concept in relation to Big
Data security.
The general consensus of the day is that there are specific attributes that
define big data. In most big data circles, these are called the four V's: volume,
variety, velocity, and veracity.
The main characteristic that makes data “big” is the sheer volume. It makes no
sense to focus on minimum storage units because the total amount of
information is growing exponentially every year
Variety is one the most interesting developments in technology as more and
more information is digitized. Traditional data types (structured data) include
things on a bank statement like date, amount, and time. These are things that fit
neatly in a relational database.
Veracity refers to the trustworthiness of the data.
Velocity is the frequency of incoming data that needs to be processed.

17) Compare technologies: GSM, Bluetooth, Wi-Fi.

GSM / GPRS
For a long time GSM (Global System for Mobile communication) coupled with
GPRS (General Packet Radio Service) for data transfer has been the most
commonly used cellular technology for products that don’t require large amounts
of data transfer. This is mainly due to the wide availability and the relatively low
hardware cost of GSM/GPRS hardware.

As you probably already know, traditional WiFi sets up an access point that
allows many devices to connect to it. But what if you want to transfer data
directly from one device to another without the overhead of an access point?
That is where WiFi Direct comes into play.
Bluetooth Classic

The best known peer-to-peer wireless technology is Bluetooth. When you

connect your phone to a Bluetooth speaker that is a peer-to-peer wireless
connection between your phone and the speaker.
Because of the relatively short operating range, Bluetooth is fairly low power. It
consumes much less power than WiFi, and a lot less than cellular technologies
18) Characterize the properties and areas of application of WiFi-
HotSpot systems and the rights of their owners.

A hotspot is a physical location where people may obtain Internet access,

typically using Wi-Fi technology, via a wireless local-area network (WLAN)
using a router connected to an Internet service provider.
Public hotspots may be created by a business for use by customers, such as
coffee shops or hotels.

The administrator of publicly available internet such as an open Wi-

Fi hotspot can monitor all unencrypted traffic and see exactly what you're
doing.

19) Characterize the techniques used in data centers to

improve their energy efficiency (the so- called green data
center).
Deploy software technologies
Express power usage across data centres as SLAs
Encourage energy efficiency in infrastructure hardware
Engineer facilities for maximum energy efficiency
Data centre energy efficiency metrics
Metrics are instruments to measure and serve as an indicator of progress

Shrinking data for energy efficiency

Data de-duplication
Thin provisioning
20) Characterize network security technologies (Firewall and VPN
systems).

Firewalls. A firewall is a blockade between a secure internal network and

an untrusted network such as the Internet. ... A firewall provides a
controlled single point of contact (called a chokepoint ) between your
secure internal network and the untrusted network.
A virtual private network (VPN) extends a private network across a public
network and enables users to send and receive data across shared or public
networks as if their computing devices were directly connected to the
private network.

21) Characterize the properties of the e-mail security tools used

(Secure Mail).

Virus and Spam Protection

Email Archiving

Encryption

22) Discuss the security threats on the Internet of Things.

 23) Characterize the tools used to manage the security
of applications for mobile devices.
We can explain without using the word android right

• Android's own screen pinning system. One of Android's most useful security
tools is also one of its most easily overlooked. ...
• A password management app. ...
• A two-factor authentication utility. ...
• Android's Smart Lock feature. ...
• Android's advanced app-scanning feature. ...
• Android Device Manager. ...
• An Android VPN client.

24) Characterize the security policy principles applied

in enterprises (companies) of various scale.
Confidentiality, integrity, and availability (CIA) define the basic building blocks
of any good security program

It maintains confidentiality, availability, integrity, and asset values.

• Types of Security Policies. A security policy is a document that contains data
about the way the company plans to protect its data assets from known and
unknown threats. ...
• Promiscuous Policy. ...
• Permissive Policy. ...
• Prudent Policy. ...
• Paranoid Policy.
 25) Characterize the principles of business continuity
planning in the company (DRP -Disaster Recovery Plan).
1. Create a disaster recovery team.

2. Identify and assess disaster risks.

3. Determine critical applications, documents, and resources.

4. Specify backup and off-site storage procedures.

5. Test and maintain the DRP.

26) Discuss the security risks associated with the use of

private mobile devices (BYOD: Bring Your Own Device) for
business purposes in the company.
• Opportunities for Data Theft. BYOD policies make it easy to stay in contact with
your employees. ...
• Malware Infiltration. ...
• Potential Legal Issues. ...
• Device Loss or Theft. ...
• Poor Mobile Management. ...
• Lack of Employee Training. ...
• Shadow IT.
Also

• human resources information,

• health information,
• confidential or privileged information relating to legal matters,
• financial information,
• proprietary information and trade secrets, and
• client or marketing lists.
 27) Discuss operational support for computer security
incidents.
As stated above, the five steps of the OPSEC process are:
• Identification of Critical Information. ...
• Analysis of Threats. ...
• Analysis of Vulnerabilities. ...
• Assessment of Risks. ...
• Application of Appropriate Countermeasures.

Security Operations Support

Vulnerability management
Incident response services
Data Loss Prevention

28) Characterize tools for enterprises that enable safe

cooperation of employees from various departments.
Communication tools:
Communication between project participants is essential when a company wants to
develop collaborative work. The use of software facilitates communication so that
information circulates between collaborators. Conventional tools need to streamline the
flow of information between teams, departments and even countries.

Tools for sharing applications and resources:

Project team members can work on the same document, work remotely and online or on
the same system. These enterprise systems offer the option to manipulate documents
online so that all employees have access to information. It’s possible to modify documents
at any time and for several collaborators to update a file simultaneously. Some examples
of document sharing tools are Box, SharePoint, OneDrive and Google Drive.
Information and knowledge management tools:
Projects are divided among collaborators but the tasks are interconnected and
notifications are sent to the concerned persons. The notification system allows teams to
save time by being instantly informed of activity progress. The software generally relies
on a platform that allows the entire team to access information.

Coordination tools:
 These tools help to include project team members in the planning and monitoring
phases of projects and to link them to each other by providing them with information.
Project team members can use the software to create invoices, track budgets and
progress, view their tasks, evaluate deadlines, and analyze past time sheets.

29) Characterize the tools for mobile devices that allow you to
maintain contact and efficient work on the go for employees
from various departments of the company.
Voice calls, text messaging, instant messaging (IM), email and video calls are some of the more
common ways to communicate from a smartphone.
The Most Popular and Efficient Business Communications Tools You Can Start Using Now
• Intranet/Social Intranet.
• Chat rooms, Private and Group Messaging.
• Discussion Forums.
• Ticketing, Issue Tracking and Case Software.
• Internal Blogs, Video and Audio.

30) Discuss the procedure for responding to IT security

incidents in the company.

According to the SANS Institute, there are six key phases of an incident response plan:

1. Preparation: Preparing users and IT staff to handle potential incidents should they should
arise.
2. Identification: Determining whether an event qualifies as a security incident.
3. Containment: Limiting the damage of the incident and isolating affected systems to prevent
further damage.
4. Eradication: Finding the root cause of the incident and removing affected systems from the
production environment.
5. Recovery: Permitting affected systems back into the production environment and ensuring
no threat remains.
6. Lessons learned: Completing incident documentation, performing analysis to learn from the
incident and potentially improving future response efforts.