1. What data type is appropriate for:counters - ?money - money, smallmoney

1. 1. What data type is appropriate for:
2. counters - ?
3. money - money, smallmoney
4. engineering & economic calculation - float, real
5. a person's name - varchar(50)
6. a short story or chapter - text
7. true/false - bit
8. an MP3 - image
9.  
10. 2. Name three Assembly Languages in current use. 8080, 8086, 6502, Z80
11.  
12. 3. How does assembly code differ for RISC and CISC processors?
13.  
14. The primary goal of CISC architecture is to complete a task in as few lines of assembly as possible.Thus, the entire task of multiplying two numbers can be completed with one instruction:
15.  
16. MULT 2:3, 5:2
17.  
18. RISC processors only use simple instructions that can be executed within one clock cycle. In order to perform the exact series of steps described in the CISC approach, a programmer would need to code four lines of assembly:
19.  
20. LOAD A, 2:3
21. LOAD B, 5:2
22. PROD A, B
23. STORE 2:3, A
24.  
25. 4. Use these terms in a brief discussion about machine language: program, instruction set, instructions, operation code, operands.
26.  
27. In computer science, an opcode (OPERATION CODE) is the portion of a machine language INSTRUCTION that specifies the operation to be performed. Their specification and format are laid out in the INSTRUCTION SET architecture of the processor in question (which may be a general CPU or a more specialized processing unit). Apart from the opcode itself, an instruction normally also has one or more specifiers for OPERANDS (i.e. data) on which the operation should act, although some operations may have implicit operands, or none at all. There are instruction sets with nearly uniform fields for opcode and operand specifiers, as well as others (the x86 architecture for instance) with a more complicated, varied length structure.
28.  
29. 5. Briefly describe and differentiate among 1st, 2nd, 3rd, & 4th generation languages. Provide an example of each.
30.  
31. The first generation of programming language, or 1GL, is machine language. Machine language statements are written in binary code, and each statement corresponds to one machine action.
32.  
33. The second generation programming language, or 2GL, is assembly language. Assembly language is the human-readable notation for the machine language used to control specific computer operations. An assembler is a program that translates assembly language into machine language. Since assembly language consist of human-readable abbreviations, the assembler must first convert assembly language into machine-readable language before the computer can readily understand its instructions.
34.  
35. The third generation of programming language, 3GL, or procedural language uses a series of English-like words, that are closer to human language, to write instructions. High-level programming languages make complex programming simpler and easier to read, write and maintain. Programs written in a high-level programming language must be translated into machine language by a compiler or interpreter.
36.  
37.  
38. The fourth generation programming language or non-procedural language, often abbreviated as 4GL, enables users to access data in a database. A very high-level programming language is often referred to as goal-oriented programming language because it is usually limited to a very specific application and it might use syntax that is never used in other programming languages.
39.  
40. 6. About 1GL and 2GL: How are the similar? How are they different?
41.  
42. They are the same essentially but 2GL is able to be read by humans. 2GL uses symbols that are converted into 1GL by an assembler.
43.  
44. 7. Name three each of 3GL and 4GL.
45.  
46. 3GL - COBOL, FOTRAN, Pascal, C, C++,
47. 4GL - SQL, NOMAD, FOCUS
48.  
49.  
50. 8. What's the difference between a 3GL and a 4GL?
51.  
52. 3GLs are dumbed down versions of more complex languages to humans can understand them better.
53. 4GL is for accessing data in a database.
54.  
55. EXTRA READING: http://www.slideshare.net/py7rjs/generations-of-programming-languages-presentation
56.  
57. 9. In a brief essay (4-5 quality sentences is all you need), name and describe these IT security standards:
58. COBIT - The Control Objectives for Information and related Technology (COBIT) is “a control framework that links IT initiatives to business requirements, organises IT activities into a generally accepted process model, identifies the major IT resources to be leveraged and defines the management control objectives to be considered”. The IT GOVERNANCE INSTITUTE (ITGI) first released it in 1995, and the latest update is version 4.1, published in 2007.
59.  
60. SOX - After a number of high profile business scandals in the US, including Enron and WorldCom, the Sarbanes-Oxley Act of 2002 (SOX) was enacted as legislation in 2002. This act is also known as the “Public Company Accounting Reform and Investor Protection Act”. The purpose is to “protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes”. This regulation affects all companies listed on stock exchanges in the US.
61.  
62. PCI - Defined by the Payment Card Industry Security Standards Council, the Payment Card Industry Data Security Standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) for organisations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.
63.  
64. HIPAA - The Health Insurance Portability And Accountability Act (HIPAA) of 1996 is a US law designed to improve the portability and continuity of health insurance coverage in both the group and individual markets, and to combat waste, fraud, and abuse in health insurance and health care delivery as well as other purposes26. The Act defines security standards for healthcare information, and it takes into account a number of factors including the technical capabilities of record systems used to maintain health information, the cost of security measures, the need for training personnel, the value of audit trails in computerised record systems, and the needs and capabilities of small healthcare providers.
65.  
66. 10. Briefly describe three different types of controls as they relate to Information Security:
67.  
68. Administrative
69.  
70. Administrative controls (also called procedural controls) consist of approved written policies, procedures, standards and guidelines. Laws and regulations created by government bodies are also a type of administrative control because they inform the business. Some industry sectors have policies, procedures, standards and guidelines that must be followed – the Payment Card Industry (PCI) Data Security Standard required by Visa and Master Card is such an example. Other examples of administrative controls include the corporate security policy, password policy, hiring policies, and disciplinary policies. Administrative controls form the basis for the selection and implementation of logical and physical controls. Logical and physical controls are manifestations of administrative controls. Administrative controls are most important.
71.  
72. Logical
73.  
74. Logical controls (also called technical controls) use software and data to monitor and control access to information and computing systems. For example: passwords, network and host based firewalls, network intrusion detection systems, access control lists, and data encryption are logical controls.
75.  
76. Physical
77.  
78. Physical controls monitor and control the environment of the work place and computing facilities. They also monitor and control access to and from such facilities. For example: doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems, cameras, barricades, fencing, security guards, cable locks, etc. Separating the network and work place into functional areas are also physical controls.