FINALTERM EXAMINATION
Spring 2008
CS507- Information Systems
Time: 90 min
M a r k s: 60
Question No: 1 ( M a r k s: 1 ) http://vuzs.net
Factors of which of the following are basic elements of reducing manufacturing cost?
Brand
Cost
Production
Quality
Factors of production are basic elements of reducing manufacturing cost.
Question No: 2 ( M a r k s: 1 ) http://vuzs.net
ERP or enterprise systems control all major business processes with a single software architecture in real time.
True
False
ERP
stands for “Enterprise Resource Planning”. A collection of software
programs that tie together an enterprise's various functions, such as
human resources, finance, marketing and sales.
Question No: 3 ( M a r k s: 1 ) http://vuzs.net
The bullwhip effect refers to erratic shifts in orders up and down the supply chain because of poor demand forecasting, price fluctuation, order batching, and
rationing within the chain.
True
False
The bullwhip effect refers to erratic shifts
in orders up and down the supply chain because of poor demand
forecasting, price fluctuation, order batching.
Question No: 4 ( M a r k s: 1 ) http://vuzs.net
The objective of the entire risk management process is that no one should hamper the working of the smooth working of IS.
True
False
The objective of the entire risk management process is that no one should hamper the working of the smooth working of IS.
Question No: 5 ( M a r k s: 1 ) http://vuzs.net
If an organization can tolerate some downtime, cold sites backup might be appropriate.
True
False
If an organization can tolerate some downtime, cold sites backup might be appropriate.
Question No: 6 ( M a r k s: 1 ) http://vuzs.net
Cryptography primarily consists of two basic processes.
True
False
Cryptography primarily consists of two basic processes.
• Encryption
• Encryption
• Decryption
Question No: 7 ( M a r k s: 1 ) http://vuzs.net
Logical intrusion skills needed to exploit logical exposures are more technical and complex as compared to physical exposures.
True
False
Logical
intrusion: The skills needed to exploit logical exposures are more
technical and complex as compared to physical exposures. Generally a
similar term used in relation to logical intrusion is hacking.
Question No: 8 ( M a r k s: 1 ) http://vuzs.net
Firewall is the primary method for keeping a computer secure from intruders.
True
False
Firewall is the primary method for keeping a computer secure from intruders.
Question No: 9 ( M a r k s: 1 ) http://vuzs.net
Where
problem is recurring and repetitive, the common factors can be
identified in order to identify a particular course of action is called
--------------------------
Structured decisions
Unstructured decisions
Semi-Structured decisions
Structured
decisions: Where problem is recurring and repetitive, the common
factors can be identified in order to identify a particular course of
action.
Question No: 10 ( M a r k s: 1 ) http://vuzs.net
The use of software routines to tie up the computer hosting a Web site that denies legitimate visitor's access is called:
denial of service.
hacking.
spoofing
sniffing
A
"denial-of-service" attack is characterized by an explicit attempt by
attackers to prevent legitimate users of a service from using that
service.
Question No: 11 ( M a r k s: 1 ) http://vuzs.net
Wireless computing devices are not subject to viruses.
True
False
Hackers and Viruses
Sources of computer viruses:
Through the Internet
Through wireless computing devices
Question No: 12 ( M a r k s: 1 ) http://vuzs.net
A
security program is a series of ongoing regular periodic reviews
conducted to ensure that assets associated with the information systems
function are safeguarded adequately.
True
False
A
security program is a series of ongoing regular periodic reviews
conducted to ensure that assets associated with the information systems
function are safeguarded adequately.”
Question No: 13 ( M a r k s: 1 ) http://vuzs.net
The
Internet's technological success does not depend on its principal
communication tools, the Transmission Control Protocol (TCP) and the
Internet Protocol (IP).
True
False
The
Internet's technological success depends on its principal communication
tools, the Transmission Control Protocol (TCP) and the Internet
Protocol (IP).
Question No: 14 ( M a r k s: 1 ) http://vuzs.net
Which
of the following helps an organization in gaining competitive advantage
in the use of processes, effectiveness and efficiency should also be
kept in mind?
BPR
CSF
SPR
Use of BPR helps an organization in gaining competitive advantage in the use of processes, effectiveness and efficiency should also be kept in mind.
Question No: 15 ( M a r k s: 1 ) http://vuzs.net
Systems analysts work as a link between Business people, & Computer Programmers.
True
False
Systems analysts work as a link between Business people, & Computer Programmers.
Question No: 16 ( M a r k s: 1 ) http://vuzs.net
The First increment in incremental model is usually the core product which addresses the basic requirements of the system.
True
False
Ref: The first increment is usually the core product which addresses the basic requirements of the system.
Question No: 17 ( M a r k s: 1 ) http://vuzs.net
Which
of the following is a form of automation where computers communicate
work instructions directly to the manufacturing machinery?
CAD
CAM
CIM
Computer-aided
manufacturing (CAM) is a form of automation where computers communicate
work instructions directly to the manufacturing machiner.y
Question No: 18 ( M a r k s: 1 ) http://vuzs.net
Which
of the following phase of decision making process involves searching
for conditions in the environment that call for decisions?
Intelligence
Design
Choice
Implementation
Intelligence – searching for conditions in the environment that call for decisions
Question No: 19 ( M a r k s: 1 ) http://vuzs.net
Computer
programmers apply information technology to build information systems
which solves these problems but need not fully understand the business
usages they are computerizing or supporting.
True
False
Why do we need Systems Analysts?
Computer
programmers apply information technology to build information systems
which solves these problems but need not fully understand the business
usages they are computerizing or supporting.
Question No: 20 ( M a r k s: 1 ) http://vuzs.net
Rectangle shape in the flow charts represents___________
Decision
Process
Terminator
Question No: 21 ( M a r k s: 1 ) http://vuzs.net
__________ is a person who attempts to invade the privacy of the system.
Hacktivsts
Hackers
Crackers
A hacker is a person who attempts to invade the privacy of the system.
Question No: 22 ( M a r k s: 1 ) http://vuzs.net
Characteristics of object are called ________
Methods
Attributes
Status
Attributes are the characteristics of object / class and methods are the operations related to the object / class.
Question No: 23 ( M a r k s: 1 ) http://vuzs.net
Operations are usually called via _______
Functions
Signatures
Methods
Operation called only via valid operation signature.
Question No: 24 ( M a r k s: 1 ) http://vuzs.net
Web
Site monitoring is the process used to view or record both the
keystrokes entered by a computer user and the computer's response during
an interactive session.
True
False
Keystroke monitoring is the process used to view or record both the keystrokes entered by a computer user and the computer's response during an interactive session.
Question No: 25 ( M a r k s: 1 ) http://vuzs.net
Likelihood
Determination phase sometimes determines that a potential vulnerability
could not be exercised by a given threat-source.
True
False
Likelihood Determination: This phase determines that a potential vulnerability could be exercised by a given threat-source.
Question No: 26 ( M a r k s: 1 ) http://vuzs.net
Active Attack is one of the types of Web Security information systems.
True
False
There is two major classes of security threats
• Passive Attacks
• Active Attacks
Question No: 27 ( M a r k s: 1 ) http://vuzs.net
Business-to-business EC (B2B) is one of the types of E-Commerce.
True
False
Business
to Business (B2B) is a model to e-commerce where businesses conduct
commerce amongst themselves over the Internet/Intranet.
Question No: 28 ( M a r k s: 1 ) http://vuzs.net
Collaborative commerce is one of the types of B2B.
True
False
In business-to-business (B2B)
situations involving one or more partners, collaborative commerce can
be used in product life-cycle management systems to reduce design time.
Question No: 29 ( M a r k s: 1 ) http://vuzs.net
ERP Systems control all major business processes with a single software architecture in real time.
True
False
Resource Planning (ERP) Control all major business processes with a single software architecture in real time.
Question No: 30 ( M a r k s: 1 ) http://vuzs.net
Temporal CSFs in an organization, results from _________
Economic changes
Technological changes
Internal needs and changes
Environmental changes
Temporal CSFs resulting from internal organizational needs and changes.
Question No: 31 ( M a r k s: 1 )
What is the purpose of line symbol in the Entity Relationship Diagram?
Answer
Lines link attributes to entity sets, entity sets to relationship sets (also represent roles).
Question No: 32 ( M a r k s: 1 )
What are the logical threats to the information systems?
Answer
This
refers to damage caused to the software and data without physical
presence. Examples are viruses and worms, logical intrusion commonly
referred to as hacking.
Question No: 33 ( M a r k s: 2 )
What is an entity?
Answer
An
entity is an object that exists and is distinguishable from other
objects. An entity is described using a set of attributes. For example
specific person, company, event, plant, crop, department, section, cost
center.
Question No: 34 ( M a r k s: 2 )
Define CRM.
Answer:
Customer
relationship management (CRM) is a widely-implemented strategy for
managing a company’s interactions with customers, clients and sales
prospects. It involves using technology to organize, automate, and
synchronize business processes—principally sales activities, but also
those for marketing, customer service, and technical support. The
overall goals are to find, attract, and win new clients, nurture and
retain those the company already has, entice former clients back into
the fold, and reduce the costs of marketing and client service. Customer
relationship management describes a company-wide business strategy
including customer-interface departments as well as other departments.
Measuring and valuing customer relationships is critical to implementing
this strategy.
Question No: 35 ( M a r k s: 3 )
Identify basic steps to implement BPR.
Answer
Following steps should be followed to implement BPR:
• Break down the CSF’s into the key or critical business processes and gain process ownership.
• Break down the critical processes into sub-processes, activities and task and
form the teams around these.
• Re-design, monitor and adjust the process-alignment in response to difficulties in the change process.
Question No: 36 ( M a r k s: 3 )
Define Risk Determination. Identify its inputs and outputs.
Answer
Risk determination phase assesses the risk and level of risk to IT system.
The inputs of to this phase are
1. Likelihood of threat exploitation
2. Magnitude of impact
3. Adequacy of planned and current controls
The output is the determination of risk and associated risk levels.
Question No: 37 ( M a r k s: 3 )
Differentiate CRM from ERP
Answer
The
difference between CRM and ERP is that CRM is more inward looking and
is mainly used in the sales and marketing department, while ERP is
outward looking and touches all departments.
CRM is generally project based, while ERP is sweeping in its focus.
Question No: 38 ( M a r k s: 5 )
How the likelihood is determined? Enlist the factors.
Answer
Likelihood Determination:
To
derive an overall likelihood rating that indicates the probability that
a potential value may be exercised within the construct of the
associated threat environment, the following governing factors must be
considered.
- Threat-source motivation and capability
- Nature of the vulnerability
- Existence of effectiveness of current controls
Question No: 39 ( M a r k s: 5 )
What do you understand by Disaster Recovery Planning?
Answer
A
disaster recovery plan is a comprehensive statement of consistent
actions to be taken before, during and after a disaster. The plan should
be documented and tested to ensure the continuity of operations and
availability of critical resources in the event of a disaster.
The
disaster recovery plan is used to recover a facility rendered
inoperable, including relocating operation into a new location. Disaster
recovery planning is a subset of a larger process known as business
continuity planning and should include planning for resumption of
applications, data, hardware, communications (such as networking) and
other IT infrastructure.
Question No: 40 ( M a r k s: 10 )
How can we compute the expected loss? Discuss the occurrence of threats.
Answer
The amount of expected loss is computed through following formula:
A = B x C x D
1. A = Expected Loss.
2. B = Chances (in %) of threat occurrence.
3. C = Chances (in %) of Threat being successful.
4. D = Loss which can occur once the threat is successful.
Question No: 41 ( M a r k s: 10 )
How will you compare Integrated Systems to ERP?
Answer
Enterprise
resource planning (ERP) integrates internal and external management
information across an entire organization,
embracing finance/accounting, manufacturing, sales and service, CRM,
etc. Whereas system integration is bringing together the
component subsystems into one system and ensuring that the subsystems
function together as a system.
