86. b. Conformance testing is a type of compliance testing conducted by independent parties to ensure management that system specifications are followed through validation, which may include testing. For example, conformance testing is conducted on a cryptographic module against its cryptographic algorithm standards. Penetration testing is conducted either by a red team or blue team.
87. Which of the following statements is not true? A data warehouse is:
a. Distributed
b. Subject-oriented
c. Time-variant
d. Static in nature
87. a. Databases can be distributed, but not the data warehouse. A distributed data warehouse can have all the security problems faced by a distributed database. From a security viewpoint, data warehousing provides the ability to centrally manage access to an organization’s data regardless of a specific location. A data warehouse is subject-oriented, time-variant, and static in nature.
88. Database application systems have similarities and differences from traditional flat file application systems. Database systems differ most in which of the following control areas?
a. Referential integrity
b. Access controls
c. Data editing and validation routines
d. Data recovery
88. a. Referential integrity means that no record may contain a reference to the primary key of a nonexisting record. Cascading of deletes, one of the features of referential integrity checking, occurs when a record is deleted and all other referenced records are automatically deleted. This is a special feature of database applications.
The other three choices are incorrect because they are the same for flat file and database systems. They both need access controls to prevent unauthorized users accessing the system, they both need data editing and validation controls to ensure data integrity, and they both need data recovery techniques to recover from a damaged or lost file.
89. Software re-engineering is where:
a. Software engineering techniques are applied to fix the old software.
b. The existing system is analyzed and new functionality is added.
c. The existing programming code is manually converted to a database.
d. Software engineering techniques are applied to design a new system.
89. b. Software re-engineering is an approach for adding new functionality to an existing system. Unlike reverse software engineering, which aims to recycle existing specifications into an entirely new system, software re-engineering extends the functionality of a system without re-creating it. Software engineering is the use of a systematic, disciplined, quantifiable approach to the development, operation, and maintenance of software; that is, the use of engineering principles in the development of software. It uses a combination of automated and manual tools, techniques, and procedures.
90. Transaction management mechanisms are applied to ensure that a structured query language (SQL) database remains in a consistent state at all times. Which of the following SQL statements is not part of the transaction management functions?
a. Rollback
b. Roll-forward
c. Commit
d. Savepoint
90. b. A database may be in a consistent or inconsistent state. A consistent state implies that all tables (or rows) reflect some real-world change. An inconsistent state implies that some tables (or rows) have been updated but others still reflect the old world. A transaction management mechanism enables the database to return to the previous consistent state if an error occurs. Roll-forward restores the database from a point in time when it is known to be correct to a later time.
Rollback is incorrect because the rollback statement terminates a transaction and cancels all changes to the database, including data or schema changes. This returns the database to the previous consistent state.
Commit is incorrect because the commit statement terminates a transaction and commits all changes to the database, including both data and schema changes. This makes the changes available to other applications. If a commit statement cannot complete a transaction successfully, for example, a constraint is not met, an exception is raised, and an implicit rollback is performed.
Savepoint is incorrect because the savepoint feature enables a user to mark points in a transaction, creating subtransactions. With this feature, a user can roll back portions of a transaction without affecting other subtransactions.
