FINALTERM EXAMINATION
Spring 2010
CS507- Information Systems
Time: 90 min
M a r k s: 60
Question No: 1 ( M a r k s: 1 ) http://vuzs.net
Medium Sized organizations are normally a family ownership run by
► Father & Sons
► Brothers
► Father, Sons and Brothers
► None of the given
Medium Sized organizations are normally a family ownership run by brothers, father-son.
Question No: 2 ( M a r k s: 1 ) http://vuzs.net
Elements
that exist outside the boundary of the business (Organization) and have
the potential to affect all or part of the organization
called-----------------------------
► WTO
► Company Ordinance
► Company Structure
Business
Environment is defined as “all elements that exist outside the boundary
of the business(Organization) and have the potential to affect all or
part of the organization.
Question No: 3 vuzs ( M a r k s: 1 ) http://vuzs.net
Information technology can lead to decreased electronic supervision of employees.
► True
► False
Question No: 4 ( M a r k s: 1 ) http://vuzs.net
Information technology can lead to a decrease in the time for decision making
► True
► False
Question No: 5 ( M a r k s: 1 ) http://vuzs.net
High level of foreign trade has resulted in imports and exports which require inter linkage for smooth coordination.
► True
► False
High level of foreign trade has resulted in imports and exports which require inter linkage for smooth coordination.
Question No: 6 ( M a r k s: 1 ) http://vuzs.net
Which of the following Customer Relationship Management (CRM) is an enterprise wide effort to acquire and retain customers?
► ERP
► CRM
► MIS
► ESS
Customer Interaction – Efforts made to retain customers for long-term profitability and relationship.
Question No: 7 vuzs ( M a r k s: 1 ) http://vuzs.net
CBIS helps in updating every change being triggered in less time and with more effort.
► True
► False
CBIS helps in updating every change being triggered in less time and with less effort.
Question No: 8 ( M a r k s: 1 ) http://vuzs.net
In which of the following there is a direct interaction facilitated by auctions, classifieds, and bartering?
► EGovernment
► MCommerce
► Consumer-to-consumer EC
► Intrabusiness EC
Auctions are so far the most popular C2C e-commerce activity.
Question No: 9 ( M a r k s: 1 ) http://vuzs.net
When
the logic model approach is used for identifying risks, which
assumptions must be considered as part of the risk identification
process?
► The assumptions behind all elements of the logic model - the activities, outputs, and outcomes
► The assumptions behind the outcomes of the logic model
► The internal and external risks of the initiative
► The assumptions underlying the resources and reach of the logic model
A logic model sets out how an intervention is understood. This is displayed such as this:
INPUTS --> ACTIVITIES OR PROCESSES --> OUTPUTS --> OUTCOMES
Question No: 10 ( M a r k s: 1 ) http://vuzs.net
Threat capacity is an input source for Likelihood determination.
► False
► True
Ref: The input to this phase is
• Threat source motivation
• Threat capacity
• Nature of vulnerability
• Current Controls
(zubair,vuzs,feb11)
Question No: 11 ( M a r k s: 1 ) http://vuzs.net
Which of the following is
a logical record of computer activities, usage, processing pertaining
to an operating or application system or user activities?
► Control Log
► Control trial
► Audit Control
An
audit trail is a logical record of computer activities/usage/processing
pertaining to an operating or application system or user activities.
Question No: 12 vuzs ( M a r k s: 1 ) http://vuzs.net
Processing instructions carried out by the operating system and application software should be monitored by implementation of controls.
►True
► False
Processing instructions carried out by the operating system and application software should be monitored by implementation of controls.
Question No: 13 ( M a r k s: 1 ) Please choose one
------------------ phase is required to establish the scope of the plan and the methodology and techniques to be applied.
► Assessment
► Strategic
Orientation:
This start-up phase is required to establish the scope of the plan and
the methodology and techniques to be applied.
Question No: 14 ( M a r k s: 1 ) http://vuzs.net
A
security program is a series of ongoing regular periodic reviews
conducted to ensure that assets associated with the information systems
function are safeguarded adequately.
► True
► False
“A security program is a series of ongoing regular periodic reviews
conducted to ensure that assets associated with the information systems
function are safeguarded adequately.”
Question No: 15 ( M a r k s: 1 ) http://vuzs.net
Entity represents sources of data received by the system or destinations of the data produced by the system.
► True
► False
Entity
represents sources of data received by the system or destinations of
the data produced by the system. E.g. Customers, suppliers, purchase
department.
Question No: 16 ( M a r k s: 1 ) http://vuzs.net
A well designed system also helps in early detection of problems in critical areas.
► True
► False
A well designed system also helps in early detection of problems in critical areas, if any.
Question No: 17 vuzs ( M a r k s: 1 ) http://vuzs.net
__________ overwrites every program/software/file it infects with itself. Hence the infected file no longer functions.
► Dropper
► Overwriting Viruses
► Boot sector Virus
Overwriting
Viruses; As the name implies, it overwrites every program/software/file
it infects with itself. Hence the infected file no longer functions.
Question No: 18 ( M a r k s: 1 ) http://vuzs.net
_________ is a malicious program that is disguised as or embedded within legitimate software.
► Trojan horse
► Dropper
► Overwriting Viruses
A Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Question No: 19 ( M a r k s: 1 ) http://vuzs.net
Individuals using their skills to forward a political agenda, possibly breaking the law in the process, but justifying their actions for political reasons are called.
►Hacktivists
► Crackers
► Hackers
Hacktivsts:
This refers to individuals using their skills to forward a political
agenda, possibly breaking the law in the process, but justifying their
actions for political reasons.
Question No: 20 ( M a r k s: 1 ) http://vuzs.net
__________ is an object that exists and is distinguishable from other objects.
► Value Sets
► Entity
► Relationships
An entity is an object that exists and is distinguishable from other objects.
Question No: 21 ( M a r k s: 1 ) http://vuzs.net
Object oriented design elaborates the hardware and software architecture to produce_________
► Implementation specifications
► Testing specifications
► Functional specifications
► Modelling specifications
Object-oriented design (OOD) elaborates the analysis models to produce implementation specifications.
Question No: 22 ( M a r k s: 1 ) http://vuzs.net
Firewall Security Systems may be a solution to Internet connectivity.
► True
► False
A
firewall allows or blocks traffic into and out of a private network or
the user's computer. Firewalls are widely used to give users secure
access to the Internet as well as to separate a company's public Web
server from its internal network.
Question No: 23 ( M a r k s: 1 ) http://vuzs.net
An IDS with the neural network feature monitors the general patterns of activity and traffic on the network and creates a database.
► True
► False
Neural
networks: An IDS with this feature monitors the general patterns of
activity and traffic on the network and creates a database.
Question No: 24 vuzs ( M a r k s: 1 ) http://vuzs.net
The purpose of data flow diagrams is to provide a --------- between users and systems developers
► Empty space
► Data Flows
► Options a and b
The purpose of data flow diagrams is to provide a linking bridge between users and systems developers
Question No: 25 ( M a r k s: 1 ) http://vuzs.net
------------------ combines many human resource functions like benefits administration, payroll, recruiting and training etc.
► Account Information System
► Financial Information System
Human
Resource Information Systems: It is an information system that combines
many human resources functions, including benefits administration,
payroll, recruiting and training, and performance analysis and review
into one package.
Question No: 26 ( M a r k s: 1 ) http://vuzs.net
Which
of the following model is a series of short waterfall cycles, each
producing an early prototype representing a part of the entire project?
► Spiral
► Iterative
► WaterFall
► Incremental
The
spiral model emphasizes the need to go back and reiterate earlier steps
a number of times as the project progresses. It's actually a series of
short waterfall cycles, each producing an early prototype representing a
part of the entire project.
Question No: 27 ( M a r k s: 1 ) http://vuzs.net
The Internet Protocol is designed solely for the connecting and routing of data packets across an internet.
► True
► False
The Internet Protocol is designed solely for the addressing and routing of data packets across a network.
Question No: 28 ( M a r k s: 1 ) http://vuzs.net
Which of the following need to be ranked first on the basis of their probability of occurrence?
► Threat
► Damage
► Accident
► All of the above
Having identified the threats, they need to be ranked on the basis of their probability of occurrence.
Question No: 29 ( M a r k s: 1 ) http://vuzs.net
Active Attack is one of the types of Web Security Threats.
► True
► False
There is two major classes of security threats
• Passive Attacks
• Active Attacks
Question No: 30 vuzs ( M a r k s: 1 ) http://vuzs.net
Object oriented analysis focuses on _________
► Modular approach
► Incremental approach
► Traditional approach
► Derived approach
Object-oriented programming, a modular approach to computer program (software) design.
Question No: 31 ( M a r k s: 2 )
What are the basic components of DSS?
Answer:
There are two major components
• DSS
data base – is a collection of current and historical data from
internal external sources. It can be a massive data warehouse.(vuzs)
• Decision Support Software system – is the set of software tools used for data analysis.
Question No: 32 ( M a r k s: 2 )
Define the following:
Answer:
a) Ethics:
Ethics are moral choice made by individual in relation to the rest of
the community , rules of governing members and standards of acceptable
behaviour.
b) Code of ethics: Code of ethics is collection of rules as guide for the members of the organization.
Question No: 33 ( M a r k s: 2 )
What is Stand Alone Processing?
Answer:
Self
contained is computer is micro computer that is not connected to
a network. Processing on this computer is called stand alone processing.
Question No: 34 ( M a r k s: 2 )
Define intrusion detection ?
Answer:
Intrusion Detection is a process that identifies the attempts to penetrate the system and gain unauthorized access.
Question No: 35 vuzs ( M a r k s: 3 )
How can we make our password secure?
Answer:
1: Keep secret
2: Don’t write anywhere
3: Always use the password with combination of letters, numbers, upper and lower cases
4: change password regular basis
Question No: 36 ( M a r k s: 3 )
What are some of the things you should keep in mind when identifying risks?
Answer:
Risk Identification: Following points should be kept in mind when identifying risks:
- Project risk management plan
- Review the progress of your schedule
- See what’s driving the project finish date
- Review Projects costs
- Spot risks using visual report
- Create or update a baseline or interim plan
- Hide a column in a view
Question No: 37 ( M a r k s: 3 )
What is Data Driven Decision Support System?
Answer:
Data
driven DSS use large pool of data in major organizational systems. They
help to extract information from large quantities of data stored. These
systems rely on Data Warehouses created from Transaction Processing
systems.
They use following techniques for data analysis
• Online analytical processing, and
• Data mining
Question No: 38 ( M a r k s: 3 )
Define Re-engineering ?
Answer:
Re
engineering is the fundamental rethinking and redesigning of business
process to achieve dramatic improvement in critical, contemporary
measures of performance, such as cost, quality, service and speed.
Question No: 39 ( M a r k s: 5 )
List any five reasons that attract organizations to ERP?
Answer:
1. Planning the operations
2.
Integrated customer related information – order tracking with customer
database, inventory and shipment at different locations.
3.
Standardized HR information – A company with multiple business units
will require a comprehensive and all-encompassing method of locating
employees and communicating with them.
4. Integrated financial information and analysis.
5. Monitoring the operations including those of sub-vendors and manufacturers
Question No: 40 ( M a r k s: 5 )
Give
any two examples to prove that Audit trails help to provide variants
from normal behavior which may lead to unauthorized usage of resources.
Answer:
Audit trails help to provide variants from normal behavior which may lead to unauthorized usage of resources. For example
•
Audit trails can be used together with access controls to identify and
provide information about users suspected of improper modification of
data (e.g., introducing errors into a database).
• An audit trail may record "before" and "after" images, also called snapshots of records.