CS507 Final term Solved Paper 2010-2

FINALTERM EXAMINATION
Spring 2010-07
CS507- Information Systems
Time: 90 min
                                                                                                                   M a r k s: 60

Question No: 1      ( M a r k s: 1 ) http://vuzs.net 
Small organizations usually have complex management structure. 

 True 
 False 
Small organizations usually have simple management structure. 

Question No: 2      ( M a r k s: 1 ) http://vuzs.net 
A hierarchical organization is structured in a way such that every entity in the organization, except one, is subordinate to a single other entity. 

 True 
 False 
A hierarchical organization is organization structured in a way such that every entity in the organization, except one, is subordinate to a single other entity.

Question No: 3      ( M a r k s: 1 ) http://vuzs.net 
Past court decisions have stated that privacy must be balanced against the needs of society.

 True 
► False
Employers have been successful in making these arguments when aggrieved workers have filed lawsuits for privacy violations. The few court cases have largely been decided in the employers' favor. 

Question No: 4      ( M a r k s: 1 ) http://vuzs.net 
Business is a system where management decisions are influenced by or have an influence on suppliers, customers, society as a whole. 

 True 
 False 
Business is a system where management decisions are influenced by or have an influence on suppliers, customers, society as a whole. 

Question No: 5      ( M a r k s: 1 ) http://vuzs.net
Customer touch point is a method of interaction with a customer, such as telephone, e-mail, a customer service or help desk, conventional mail, Web site and store.

► True 
 False
A customer touch point is a method of interaction with a customer, such as telephone, e-mail, a customer service or help desk, conventional mail, Web site and store. 

Question No: 6      ( M a r k s: 1 ) http://vuzs.net 
Which of the following  functions provide such data as sales prospect and contact information, product information, product configurations and sales quotes?

► Sales force automation (SFA) 
► CRM
► ERP
► MIS 
Sales force automation (SFA) functions provide such data as sales prospect and contact information, product information, product configurations and sales quotes.

Question No: 7      ( M a r k s: 1 ) http://vuzs.net
A ________ is an agreed-upon set of conventions that defines the rules of communication.

► Protocol 
 Interconnection Medium 
 Data Packet 
 Message 
Control Protocol (TCP) and the Internet Protocol (IP). They are referred to frequently as TCP/IP. A protocol is an agreed-upon set of conventions that defines the rules of communication. 

Question No: 8      ( M a r k s: 1 ) http://vuzs.net 
----------is a type of computer software that facilitates group decision-making within an organization 

 EMS 
 DSS 
 MIS 
An electronic meeting system (EMS) is a type of computer software that facilitates group decision-making. 

Question No: 9      ( M a r k s: 1 ) http://vuzs.net 
The identification of risks should start with:

       ► Description of the internal and external risks
       ► A brainstorming session with risk management experts and a program profile
       ► A good understanding of the program and a brainstorming session with key stakeholders
       ► Definitions of likelihood and impact

Identification of project risks is usually accomplished via a brainstorming session that includes the development team and the stakeholders. Including stakeholders in this process is essential for fostering good communication and gaining a true understanding of the business risks associated with the project

Question No: 10      ( M a r k s: 1 ) http://vuzs.net 
Automated data are less susceptible to destruction and misuse than paper data. 

 True 
► False 
Electronic data are more susceptible to destruction fraud error and misuse because information systems concentrate data in computer files that
have the potential to be accessed by large numbers of people and by groups outside of the organizations.

Question No: 11      ( M a r k s: 1 ) http://vuzs.net
 
Wireless computing devices are not subject to viruses. 

► False 
 True
Hackers and Viruses
Sources of computer viruses:
Through the Internet
Through wireless computing devices

Question No: 12      ( M a r k s: 1 ) http://vuzs.net 
The purpose of a class is to specify a classification of objects and to specify the features that characterize the structure and behavior of those objects.

► True 
 False
“The purpose of a class is to specify a classification of objects and to specify the features that characterize 
the structure and behavior of those objects.” Page 119 

Question No: 13      ( M a r k s: 1 ) http://vuzs.net 
Null value may or may not be called zero value.

► True 
► False
Null is a blank read as zero value.

Question No: 14      ( M a r k s: 1 ) http://vuzs.net 
Existence of functional departments in each organization may vary with the nature of industry and the nature of products/services being offered.

► True
 False 
Existence of Functional departments in every organization vary with the nature of industry and the nature of products/services being offered.

Question No: 15      ( M a r k s: 1 ) http://vuzs.net 
RAID model combines the elements of the waterfall model with the philosophy of prototyping.

► True 
► False 
Incremental Model: This model combines the elements of the waterfall model with the philosophy of prototyping.

Question No: 16      ( M a r k s: 1 ) http://vuzs.net 
_________ means information hiding.

 Inheritance 
► Encapsulation
 Class
Encapsulation means information hiding.

Question No: 17      ( M a r k s: 1 ) http://vuzs.net 
Testing is easy for the software that is developed using OOAD due to use of ___________

► Modular approach 
 Real time modeling
► Usability feature
Object-oriented programming, a modular approach to computer program (software) design.

Question No: 18      ( M a r k s: 1 ) http://vuzs.net 
Characteristics of object are called ________

 Methods 
► Attributes 
 Status
Attributes are the characteristics of object / class and methods are the operations related to the object / class.

Question No: 19      ( M a r k s: 1 ) http://vuzs.net 
An event-oriented log usually contain records describing system events, application events, or user events.

► True 
 False
An event-oriented log ---- this usually contain records describing system events, application events, or user events. 

Question No: 20      ( M a r k s: 1 ) http://vuzs.net 
An information technology (IT) audit  is an Examination of the controls within an entity’s Information technology infrastructure .

► True 
► False
An information technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure.


Question No: 21      ( M a r k s: 1 ) http://vuzs.net 
In assessing risks for an IT system, _______________ is the first step.

 To define the scope of the effort. 
 Vulnerability Assesment
► threat identification
In assessing risks for an IT system, the first step is to define the scope of the effort. 

Question No: 22      ( M a r k s: 1 ) http://vuzs.net 
Risk Management  includes assessment of controls already been implemented or planned, probability that they can be broken, assessment of potential loss despite such controls existing.

► True 
 False
Control Analysis: This phase includes assessment of controls already been implemented or planned, probability that they can be broken, assessment of potential loss despite such controls existing.

Question No: 23      ( M a r k s: 1 ) http://vuzs.net 
Access Control refers to the process of identifying attempts to penetrate a system and gain unauthorized access.

 True 
► False
Access Controls: Controlling who can access the system. 

Question No: 24      ( M a r k s: 1 ) http://vuzs.net 
M-Commerce stands for Mobile Commerce. 

 True 
► False
M-Commerce (mobile commerce) refers to the conduct of e-commerce via wireless devices.

Question No: 25      ( M a r k s: 1 ) http://vuzs.net 
Past court decisions have stated that privacy must be balanced against the needs of ethics.

 True 
► False 
Employers have been successful in making these arguments when aggrieved workers have filed lawsuits for privacy violations. The few court cases have largely been decided in the employers' favor. 

Question No: 26      ( M a r k s: 1 ) http://vuzs.net 
Which of the following is the primary method for keeping a computer secure from intruders?

► Password 
► Antivirus
► Scanners
► Firewall
Firewall is the primary method for keeping a computer secure from intruders. 

Question No: 27      ( M a r k s: 1 ) http://vuzs.net 
__________ is an association among entities. There has to be a relationship between two entities 

 Value Sets 
 Cardinality
► Relationships
A relationship is an association among entities. There has to be a relationship between two entities.

Question No: 28      ( M a r k s: 1 ) http://vuzs.net 
____________ are the symbols indicates the flow of the procedure being explained.

 Entity Relationship Diagram 
 DFD
► Flowchart 
Symbols used for flow charts:
Arrow: The symbol indicates the flow of the procedure being explained.

Question No: 29      ( M a r k s: 1 ) http://vuzs.net 
To accept the potential risk and continue operating the IT system or to implement controls to lower the risk to an acceptable level is called as ---------------.

► Risk Planning 
► Risk Assumption
 Risk Limitation
 None of the above
Risk assumption: To accept the potential risk and continue operating the IT system or to implement controls to lower the risk to an acceptable level. 

Question No: 30      ( M a r k s: 1 ) http://vuzs.net 
RAID models based on producing deliverables frequently/repetitively

 True 
► False
Iterative models are an approach for developing systems based on producing deliverables frequently/repetitively. 


Question No: 31      ( M a r k s: 2 
What should be the basic objective of an organization in your opinion?

Answer:

The basic objective of an organization is to make a profit and get a sustainable 
Competency. 

Question No: 32      ( M a r k s: 2
Why we need to secure information systems?

Answer:

Importance of Security
Sound security is fundamental to achieving this assurance. Furthermore, there is a need for organizations to protect themselves against the risks inherent with the use of information systems while simultaneously recognizing the benefits that can accrue from having secure information systems. Thus, as dependence on information systems increases, security is universally recognized as a pervasive, critically needed, quality.

Question No: 33      ( M a r k s: 2
Define intrusion detection

Answer:

Intrusion detection
Intrusion detection refers to the process of identifying attempts to penetrate a system and gain unauthorized access.

Question No: 34      ( M a r k s: 2 
Identify components of Intrusion detection system

Answer:
Components of an IDS
An IDS comprise of following components:

• Sensors
• Analyzers
• An administrative console
• A user interface.

Question No: 35      ( M a r k s: 3 )
How can we make our password secure

Answer:

Best Password practices
• Keep the password secret – do not reveal it to anyone
• Do not write it down – if it is complex, people prefer to save it in their cell phone memory, or write on a piece of paper, both of these are not preferred practices.
• Changing password regularly – Passwords should be associated with users not machines.
Password generation program can also be used for this purpose.
• Be discreet – it is easy for the onlookers to see which keys are being used, care should be taken while entering the password.
• Do not use obvious password – best approach is to use a combination of letters, numbers, upper case and lower case. Change passes word immediately if you suspect that anyone else knows it.

Question No: 36      ( M a r k s: 3 )
What are some of the things you should keep in mind when identifying risks?

Answer:

Risk Identification: Following points should be kept in mind when identifying risks:
  • Project risk management plan
  • Review the progress of your schedule
  • See what’s driving the project finish date
  • Review Projects costs
  • Spot risks using visual report
  • Create or update a baseline or interim plan
  • Hide a column in a view

Question No: 37      (M a r k s: 3
Briefly describe Incremental Model.

Answer:

Incremental Models:
In incremental models, software is built not written. Software is constructed step by step in the same way a building is constructed. The products is designed, implemented, integrated and tested as a series of incremental builds, where a build consists of code pieces from various modules interacting together to provide a specific functional capability and testable as a whole.

Question No: 38      ( M a r k s: 3 ) 
Information system security association of USA has listed many ethical challenges, identify any three of them?

Answer:

Ethical Challenges:

Information system security association of USA has listed down following ethical challenges:

1. Misrepresentation of certifications, skills
2. Abuse of privileges
3. Inappropriate monitoring
4. Withholding information
5. Divulging information inappropriately
6. Overstating issues
7. Conflicts of interest
8. Management / employee / client issues

Question No: 39      ( M a r k s: 5 )
What do you think what are the key benefits of Ecommerce to organizations?

Answer:

E Commerce is one of the most important facets of the Internet to have emerged in the recent times. Ecommerce or electronic commerce involves carrying out business over the Internet with the assistance of computers, which are linked to each other forming a network. To be specific ecommerce would be buying and selling of goods and services and transfer of funds through digital communications.

Following are the benefits of Ecommerce:

  • Expanded Geographical Reach
  • Expanded Customer Base
  • Increase Visibility through Search Engine Marketing 
  • Provide Customers valuable information about your business
  • Available 24/7/365 - Never Close
  • Build Customer Loyalty
  • Reduction of Marketing and Advertising Costs
  • Collection of Customer Data.

Question No: 40      ( M a r k s: 5 )
What do you understand by Disaster Recovery Planning?

Answer:

The disaster recovery plan is used to recover a facility rendered inoperable, including relocating operation into a new location. Disaster recovery planning is a subset of a larger process known as business continuity planning and should include planning for resumption of applications, data, hardware, communications (such as networking) and other IT infrastructure.

Leave a Reply

Related Posts Plugin for WordPress, Blogger...