CHAPTER 7

Applications and Systems Development

This chapter is supplemental to and coordinated with the Applications and Systems Development chapter in the CISSP Prep Guide. The fundamentals of applications and systems development are covered in Chapter 7 of the CISSP Prep Guide at a level commensurate with that of the CISSP Examination.

This chapter includes advanced material relative to software engineering, software development, the software capability maturity model (CMM), object-oriented systems, expert systems, neural networks, genetic algorithms, databases, the data warehouse, data mining, the Common Object Model (COM), client/server architecture and distributed data processing.

It is assumed that the reader has a basic knowledge of the material contained in Chapter 7 and has the CISSP Prep Guide available to provide background information for the advanced questions pertaining to applications and systems development. These questions and answers build upon the questions and answers covered in Chapter 7 of the CISSP Prep Guide.

Advanced Sample Questions

  1. The definition “the science and art of specifying, designing, implementing and evolving programs, documentation and operating procedures whereby computers can be made useful to man” is that of:
    1. Structured analysis/structured design (SA/SD)
    2. Software engineering
    3. An object-oriented system
    4. Functional programming
  2. In software engineering, the term verification is defined as:
    1. To establish the truth of correspondence between a software product and its specification
    2. A complete, validated specification of the required functions, interfaces, and performance for the software product
    3. To establish the fitness or worth of a software product for its operational mission
    4. A complete, verified specification of the overall hardware-software architecture, control structure, and data structure for the product
  3. The discipline of identifying the components of a continually evolving system for the purposes of controlling changes to those components and maintaining integrity and traceability throughout the life cycle is called:
    1. Change control
    2. Request control
    3. Release control
    4. Configuration management
  4. The basic version of the Construction Cost Model (COCOMO), which proposes quantitative, life-cycle relationships, performs what function?
    1. Estimates software development effort based on user function categories
    2. Estimates software development effort and cost as a function of the size of the software product in source instructions
    3. Estimates software development effort and cost as a function of the size of the software product in source instructions modified by manpower buildup and productivity factors
    4. Estimates software development effort and cost as a function of the size of the software product in source instructions modified by hardware and input functions
  5. A refinement to the basic Waterfall Model that states that software should be developed in increments of functional capability is called:
    1. Functional refinement
    2. Functional development
    3. Incremental refinement
    4. Incremental development
  6. The Spiral Model of the software development process (B.W. Boehm, “A Spiral Model of Software Development and Enhancement,” IEEE Computer, May 1988) uses the following metric relative to the spiral:
    1. The radial dimension represents the cost of each phase
    2. The radial dimension represents progress made in completing each cycle
    3. The angular dimension represents cumulative cost
    4. The radial dimension represents cumulative cost
  7. In the Capability Maturity Model (CMM) for software, the definition “describes the range of expected results that can be achieved by following a software process” is that of:
    1. Structured analysis/structured design (SA/SD)
    2. Software process capability
    3. Software process performance
    4. Software process maturity
  8. Which of the following is NOT a Software CMM maturity level?
    1. Initial
    2. Repeatable
    3. Behavioral
    4. Managed
  9. The main differences between a software process assessment and a software capability evaluation are:
    1. Software process assessments determine the state of an organization's current software process and are used to gain support from within the organization for a software process improvement program; software capability evaluations are used to identify contractors who are qualified to develop software or to monitor the state of the software process in a current software project.
    2. Software capability evaluations determine the state of an organization's current software process and are used to gain support from within the organization for a software process improvement program; software process assessments are used to identify contractors who are qualified to develop software or to monitor the state of the software process in a current software project.
    3. Software process assessments are used to develop a risk profile for source selection; software capability evaluations are used to develop an action plan for continuous process improvement.
    4. Software process assessments and software capability evaluations are, essentially, identical and there are no major differences between the two.
  10. Which of the following is NOT a common term in object-oriented systems?
    1. Behavior
    2. Message
    3. Method
    4. Function
  11. In object-oriented programming, when all the methods of one class are passed on to a subclass, this is called:
    1. Forward chaining
    2. Inheritance
    3. Multiple Inheritance
    4. Delegation
  12. Which of the following languages is NOT an object-oriented language?
    1. Smalltalk
    2. Simula 67
    3. Lisp
    4. C++
  13. Which of the following items is NOT a component of a knowledge-based system (KBS)?
    1. Knowledge base
    2. Procedural code
    3. Inference Engine
    4. Interface between the user and the system
  14. In an expert system, the process of beginning with a possible solution and using the knowledge in the knowledge base to justify the solution based on the raw input data is called:
    1. Dynamic reasoning
    2. Forward chaining
    3. Backward chaining
    4. A blackboard solution
  15. An off-the-shelf software package that implements an inference engine, a mechanism for entering knowledge, a user interface, and a system to provide explanations of the reasoning used to generate a solution is called:
    1. An expert system shell
    2. A knowledge base
    3. A neural network
    4. A knowledge acquisition system
  16. What key professional or professionals are required to develop an expert system?
    1. Knowledge engineer and object designer
    2. Knowledge engineer and domain expert
    3. Domain expert
    4. Domain expert and object designer
  17. An expert system that has rules of the form “If w is low and x is high then y is intermediate,” where w and x are input variables and y is the output variable, is called a:
    1. Neural network
    2. Realistic expert system
    3. Boolean expert system
    4. Fuzzy expert system
  18. What is a “subject-oriented, integrated, time-variant, nonvolatile collection of data in support of management's decision-making process”?
    1. Data mart
    2. Data warehouse
    3. Data model
    4. Data architecture
  19. The process of analyzing large data sets in a data warehouse to find nonobvious patterns is called:
    1. Data mining
    2. Data scanning
    3. Data administration
    4. Derived data
  20. The equation Z = f [Σwn in], where Z is the output, wn are weighting functions and in is a set of inputs describes:
    1. An expert system
    2. A knowledge-based system
    3. An artificial neural network (ANN)
    4. A knowledge acquisition system
  21. A database that comprises tools to support the analysis, design and development of software and support good software engineering practices is called a:
    1. Data model
    2. Database management system (DBMS)
    3. Data dictionary
    4. Data type dictionary
  22. Another type of artificial intelligence technology involves genetic algorithms. Genetic algorithms are part of the general class known as:
    1. Neural networks
    2. Suboptimal computing
    3. Evolutionary computing
    4. Biological computing
  23. The Object Request Architecture (ORA) is a high-level framework for a distributed environment. It consists of four components. Which of the following items is NOT one of those components?
    1. Object Request Brokers (ORBs)
    2. Object Services
    3. Application Objects
    4. Application Services
  24. A standard that uses the Object Request Broker (ORB) to implement exchanges among objects in a heterogeneous, distributed environment is called:
    1. The Object Management Group (OMG) Object Model
    2. A Common Object Request Broker Architecture (CORBA)
    3. Open Architecture
    4. An Interface Definition Language (IDL)
  25. Another model that allows two software components to communicate with each other independent of their platforms' operating systems and languages of implementation is:
    1. Common Object Model (COM)
    2. Sandbox
    3. Basic Object Model (BOM)
    4. Spiral Model
  26. A distributed object model that has similarities to the Common Object Request Broker Architecture (CORBA) is:
    1. Distributed Component Object Model (DCOM)
    2. The Chinese Wall Model
    3. Inference Model
    4. Distributed Data Model
  27. Which of the following is NOT a characteristic of a client in the client/server model?
    1. Extensive user interface
    2. May be diskless
    3. Data entry screens
    4. Systems backup and database protection
  28. A client/server implementation approach in which any platform may act as a client or server or both is called:
    1. Simple file transfer
    2. Peer-to-peer
    3. Application Programming Interface (API)
    4. Graphical User Interface (GUI)
  29. Which of the following is NOT a characteristic of a distributed data processing (DDP) approach?
    1. Consists of multiple processing locations that can provide alternatives for computing in the event of a site becoming inoperative.
    2. Distances from user to processing resource are transparent to the user.
    3. Security is enhanced because of networked systems.
    4. Data stored at multiple, geographically separate locations is easily available to the user.
  30. A database management system (DBMS) is useful in situations where:
    1. Rapid development of applications is required and preprogrammed functions can be used to provide those applications along with other support features such as security, error recovery, and access control.
    2. Data are processed infrequently and results are not urgently needed.
    3. Large amounts of data are to be processed in time-critical situations.
    4. The operations to be performed on the data are modified infrequently and the operations are relatively straightforward.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset