Below is a non-exhaustive list of key questions you should be able to answer on the exam.
You should be able to apply the key functional concepts and ideas inherent in these questions.
It is thus important to study the material with the aim of understanding it, as opposed to simply being able to regurgitate a memorized response.
If you generally understand and are able to meaningfully respond to this list of questions you should be well prepared for the exam.
What Moore's Law is.
The effects of increased computing power combined with lower cost.
How the internet is different from other technology, as a medium of communication.
How social media has evolved in its use and adoption.
Identify some risks and downsides of social media.
How e-commerce has evolved.
List several advantages and disadvantages of the internet.
What IoT is and identify challenges this evolution brings.
Give a brief history of AI and its core recent developments.
Articulate potential impacts of AI on computing and society.
Comment on some of the thinking around the effects of technology on society.
What the digital divide is.
What the factors are which give rise to it.
How technology has affected the workplace.
Identify some negative aspects of the use of technology in the workplace.
Articulate some of the potential impacts of AI upon the workplace.
Explain the elderly digital divide and what strategies we may pursue to address it.
Explain the core concepts of morality, ethics and law, and how they relate to each other.
Give some examples of moral rules.
Explain the purpose of moral rules.
Provide a definition of “ethics”.
Describe the two general streams of ethical thought.
Describe the three ethical frameworks.
Articulate why ethics matters.
Provide factual examples illustrating the importance of ethics for the IT professional.
Articulate what “professionalism” is.
Identify the key attributes of a "profession".
Identify some bodies which provide ethical standards for computer professionals.
Identify areas of practice where ethical issues may arise.
What a "body of knowledge" is.
Identify and be able to discuss some of the major ethical issues in computing today.
Be able to give some examples of recent corporate practices giving rise to ethical and legal issues.
Given the various codes of ethics, be able to identify potential ethical issues in a specific factual scenario.
Identify some of the emerging ethical issues relating to the use of AI.
Explain John Rawls' Theory of Justice.
Describe what law is.
Identify the goals of a legal system.
Differentiate between public and private law and be able to give examples of each.
Describe what a constitution is and why Canada has one.
Describe why and how jurisdiction is divided between federal, provincial and municipal governments.
Describe how law is made and changed.
Articulate the difference between a statute and a regulation.
Describe what the Charter of Rights and Freedoms is.
When the Charter was passed.
To what conduct the Charter applies.
Describe what the Charter freedom of religion means.
Describe what the Charter freedom of thought and expression means.
Describe what the Charter freedom of assembly and association means.
Describe what “life, liberty and security of the person” means.
In general terms, what the limits of search and seizure powers by the government are.
What the equality provisions of the Charter mean.
Give a high level description of the Canadian courts system.
What taxes are and why citizens pay them.
Provide examples of different types of tax.
What a tax credit is.
What a tax deduction is.
What a corporation is and why they exist.
How a corporation governs itself.
Who owns a corporation.
The difference between criminal and civil matters.
What administrative law is.
What international law is.
What a tort is, and be able to give examples of torts that may arise in the context of computing.
What intellectual property is.
Describe the four types.
What copyright is and what it protects.
Who owns a copyright.
What “moral” copyright is.
How copyright protection is created.
How long protection lasts.
How it is enforced.
What a trademark is.
What is required to register a trademark.
How long the protection lasts.
How is it enforced.
What industrial design is.
How it is protected.
How long the protection lasts.
How it is enforced.
What a patent is.
What it protects.
How long the protection lasts.
How it is enforced.
What a “trade secret” is and how it is different from a patent.
When to choose one over the other.
Some examples of challenges to IP as a result of the internet.
What the “old” concept of privacy is.
What it means today.
What “personal information” is.
Examples of “personal information”.
Examples of things which are not “personal information”.
What the four OECD privacy fair use principles are.
How technology poses new privacy challenges and give examples.
What P3P is.
What the Access to Information Act is.
What the federal Privacy Act is and what its purpose is.
What PIPEDA is.
Explain what a Privacy Impact Assessment is.
Explain why the US Patriot Act is of concern to Canadians.
What the GDPR is and who it applies to.
What a "controller" or "processor" is under the GDPR.
What "processing" means under the GDPR.
Provide a sense of the scope of penalties for non-compliance with the GDPR.
Ways that data can be monetized.
Provide a definition of cybersecurity.
How cybercriminals steal information and why they do this.
Identify different types of cybercriminals.
Current top cybersecurity risks.
Describe how quantum computing may pose new cybersecurity risks.
What ransomware is.
What phishing is and why it is a particularly important risk to manage.
What malware is and what it can do.
Why the increased use of technology changes the cybersecurity landscape.
What the general approach to formalized cybersecurity risk management is.
What cybersecurity risk management is.
What a cybersecurity framework is.
What the NIST steps are.
Give examples of frameworks for specific areas.
Identify key framework components.
Describe what a cybersecurity risk control is.
Enumerate example areas of risk and provide examples of controls.
Given a risk area be able to suggest a potential control.
What the continuous improvement cycle of cybersecurity risk management is, and what its components are.
Define internal controls.
Why we need internal controls.
What the goals of internal controls are.
What the five main components of the COSO internal control framework are.
Identify and give examples of the two general types of controls.
Describe the limitations of internal controls.
Given one of the 17 COSO sub-components, be able to give an example.
What a project is and be able to give examples.
The stages of project management.
Give reasons why projects often fail.
The four things to manage in a project.
Who the key person in project management is, and what this person does.
What a business case is and why we do one when pursuing a project.
What a project plan is and what its key components are.
What a Gantt chart is and its purpose.
How risk is tracked in a project.
What change management is and why it is important.
What benefits management is and why it is important.
What things are done during project closure.
The importance of a "lessons learned" exercise.
What Agile is.
What SCRUM and Kanban are.
What the OECD definition of AI is.
The difference between symbolic and connectionist AI.
The difference between Shallow and Deep Learning.
What Generative AI is and be able to give some examples.
What a Large Language Model is and give a basic explanation of how it works.
Explain the transparency and explainability issues relating to AI.
Give examples of biases which may affect AI models.
Explain what AI "hallucination" is.
Explain what the "human evaluation bias" is.
Explain how generative AI is impacting how we work.
Be able to identify and describe some of the desirable AI properties identified by Waterloo U.