Professional Documents
Culture Documents
Final Exam Review
Final Exam Review
*note that final exam is cumulative, but this review sheet only covers material after Midterm II
Information Security
• AIC triad
• Social engineering attacks (https://youtu.be/bjYhmX_OUQQ)
• Security controls (administrative, technical, physical)
• Security functions and frameworks (you don’t need to memorize each function of a security
control, but you should know how controls, functions, and frameworks are related)
• Information security best practices (rotation of duties)
Project Management
• Characteristics of a project
• Triple constraints
• Scope creep, scope leap, scope grope
• Project planning documents (e.g., work breakdown structure, project charter)
• SDLC (I won’t ask you about specific names of phases, but you should know what the SDLC is,
when it is appropriate/inappropriate, and the importance of requirements specification)
• Waterfall vs. agile software development methodologies
Data Management
• What is a database? DBMS?
• Entity-Relationship model (entities, relationships, attributes)
• Relationship types (one-to-one, one-to-many, many-to-many; how to model using “crow’s
foot” notation in a data model)
• Primary and secondary keys