QBA 362

Spring 2014

Final exam study guide.

 

In general, on the final exam you will be responsible for understanding all the material covered so far.  I will not however ask multiple choice or short answer questions on chapters or material covered before the second mid-term exam.

 

The following topics from the materials since the second mid-term exam may be covered by multiple choice, short-answer, and essay questions:

 

Ethics, privacy and security:

·         Ethics - ethical structure, ethical computer use.

·         Intellectual property - copyright, pirated digital content, including movies, music, books, software and other digital content.

·         Privacy

o   Rights – for individuals, employees, consumers.

o   Employer monitoring of employees.

§  Technologies

§  Think about how good management should implement a monitoring policy.

o   Current laws regarding information privacy in the US.

o   European Union vs. US information privacy standards.

§  Specific practices US businesses can follow to do business with European businesses and consumers (from the lecture and website about http://export.gov/safeharbor/).

§  From the differences the US and Europe in current law and standards you can infer how cultures are different between the two. Think about this.

·         Adware and spyware.

·         The Sedona principles.

 

Emerging technology issues:

·         Personal software as a service (also related to the ‘Bring-your-own-device’ group report).

·         Push vs. pull technologies.

·         Personal software-as-a-service.

·         Automatic speech recognition (e.g., Dragon software).

·         RFID technology.

·         Virtual assistants.

o   For example the Denise video.

·         Computing everywhere (also known as ubiquitous computing).

o   For example the Sixth sense technology from the TED video we watched.

o   For example display anywhere by Corning glass.

 

Computer Crime and Forensics

·         Security - information as resource to be protected.

o   Threats from employees.

o   Threats from outside the firm.

o   Types of threats – viruses, worms, denial of service attacks (see the short videos from the lecture slides).

o   Types of hackers.

o   Social engineering – as an example of how simple and easy social engineering is to accomplish see the short video from the lecture slide).

·         Bot net malware – Storm, Conficker, Stuxnet – how they worked and caused damage.

·         Computer forensics – forensic technology for recovering hidden / lost data, places to look for data (for example view the Encase video about searching ‘unallocated disk space’ from the lecture slide and the expert testimony video from the Casey Anthony trial).

o   The two phases of digital forensics – generally what actions are taken.