CS507 Final Term Solved Paper 2010 Information Systems
Time: 90 min
M arks- 60
CS507 - Information Systems - Q.No. 1 ( M - 1 ) http://vuzs.net
The organizational structures are formulated in order to efficiently manage which of the following:
► Business Cost
► Business Size
The organizational structures are formulated in order to efficiently manage the business operations.
CS507 - Information Systems - Q.No. 2 ( M - 1 ) http://vuzs.net
Leading ERP software vendors include SAP (SAP R/3), Oracle and PeopleSoft.
► True
► False
ERP software vendors, SAP R/3 and Oracle, have developed university alliance programs to help universities incorporate ERP software.
CS507 - Information Systems - Q.No. 3 ( M - 1 ) http://vuzs.net
Business-to-business EC (B2B) is one of the types of ECommerce.
► True
► False
Business to Business (B2B) is a model to e-commerce where businesses conduct commerce amongst themselves over the Internet/Intranet.
CS507 - Information Systems - Q.No. 4 ( M - 1 ) http://vuzs.net
---------- simply means a particular technique of directing one's attention in learning, discovery or problem solving.
► Robustness
► Heuristic
► DSS
► EIS
Heuristic simply means a particular technique of directing one’s attention in learning, discovery or problem solving.
CS507 - Information Systems - Q.No. 5 ( M - 1 ) http://vuzs.net
Which of the following works in conjunction with routers and firewalls by monitoring network usage anomalies to protect a company’s information systems resources from external as well as internal misuse?
► Encryption
► Intrusion Detection Systems
► Firewall
► All of above
Intrusion Detection Systems (IDS): An IDS works in conjunction with routers and firewalls by monitoring network usage anomalies. It protects a company’s information systems resources from external as well as internal misuse.
CS507 - Information Systems - Q.No. 6 ( M - 1 ) http://vuzs.net
A risk is the possibility of a problem, whereas a problem is a risk that has already occurred.
► True
► False
CS507 - Information Systems - Q.No. 7 ( M - 1 ) http://vuzs.net
Which of the following is a methodology used to create a plan for how an organization will resume partially or completely interrupted critical functions within a predetermined time after a disaster or disruption?
► Audit Logs
► Disaster Plan
► Audit Trials
► Business continuity Plan
“Business Continuity Planning (BCP) is a methodology used to create a plan for how an organization will resume partially or completely interrupted critical functions within a predetermined time after a disaster or disruption.”
CS507 - Information Systems - Q.No. 8 ( M - 1 ) http://vuzs.net
Documentation may include program code of application soft wares, technical manuals, user manuals etc.
► True
► False
Documentation may include program code of application softwares, technical manuals, user manuals and any other system-related documentation.
CS507 - Information Systems - Q.No. 9 ( M - 1 ) http://vuzs.net
Input controls monitor the initial handshaking procedure of the user with the operating system.
► True
► False
Access Controls: These controls monitor the initial handshaking procedure of the user with the operating system.
CS507 - Information Systems - Q.No. 10 ( M - 1 ) http://vuzs.net
Processing instructions carried out by the operating system and application software should be monitored by implementation of controls.
► True
► False
Processing instructions carried out by the operating system and application software should be monitored by implementation of controls.
CS507 - Information Systems - Q.No. 11 ( M - 1 ) http://vuzs.net
Firewall is the primary method for keeping a computer secure from intruders.
► True
► False
Firewall is the primary method for keeping a computer secure from intruders.
CS507 - Information Systems - Q.No. 12 ( M - 1 ) http://vuzs.net
Which of the following is a data model or diagram for high-level descriptions of conceptual data model.
► ERD
► Flow Chart
► Algorithm
► DFD
Entity Relationship Diagram: "The entity-relationship diagram (ERD) is a data model or diagram for high-level descriptions of conceptual data model, and it provides a graphical notation for representing such data models in the form of entity-relationship diagrams."
CS507 - Information Systems - Q.No. 13 ( M - 1 ) http://vuzs.net
Which of the following is a project management technique that divides complex projects into smaller, more easily managed segments or phases?
► SDLC
► System Design
► System Analysis
► Audit Trials
SDLC: The systems development life cycle is a project management technique that divides complex projects into smaller, more easily managed segments or phases.
CS507 - Information Systems - Q.No. 14 ( M - 1 ) http://vuzs.net
Which of the following has collection of predefined procedures related to each other?
► Organization
► System
► Firm
Systems have collection of predefined procedures related to each other in a sequenced logical manner in order to collectively achieve the desired results.
CS507 - Information Systems - Q.No. 15 ( M - 1 ) http://vuzs.net
Which of the following increment in incremental model is usually the core product which addresses the basic requirements of the system?
► First
► Second
► Third
The first increment is usually the core product which addresses the basic requirements of the system.
CS507 - Information Systems - Q.No. 16 ( M - 1 ) http://vuzs.net
__________ overwrites every program/software/file it infects with itself. Hence the infected file no longer functions.
► Dropper
► Overwriting Viruses
► Boot sector Virus
Overwriting Viruses: As the name implies, it overwrites every program/software/file it infects with itself. Hence the infected file no longer functions.
CS507 - Information Systems - Q.No. 17 ( M - 1 ) http://vuzs.net
__________ is a person who attempts to invade the privacy of the system.
► Hacktivsts
► Hackers
► Crackers
A hacker is a person who attempts to invade the privacy of the system.
CS507 - Information Systems - Q.No. 18 ( M - 1 ) http://vuzs.net
Individuals using their skills to forward a political agenda, possibly breaking the law in the process, but justifying their actions for political reasons are called
________
► Hacktivsts
► Crackers
► Hackers
Hacktivsts: This refers to individuals using their skills to forward a political agenda, possibly breaking the law in the process, but justifying their actions for political reasons.
CS507 - Information Systems - Q.No. 19 ( M - 1 ) http://vuzs.net
Both software objects and real time objects have__________
► Identity and behavior
► Identity and state
► State and behavior
Software objects are modeled after real-world objects in that they too have state and behavior.
CS507 - Information Systems - Q.No. 20 ( M - 1 ) http://vuzs.net
Characteristics of object are called ________
► Methods
► Attributes
► Status
Attributes are the characteristics of object / class and methods are the operations related to the object / class.
CS507 - Information Systems - Q.No. 21 ( M - 1 ) http://vuzs.net
Which of the following carry characteristics of specialization?
► Sub classes
► Sub Interfaces
► Sub objects
The purpose of a class is to specify a classification of objects and to specify the features that characterize the structure and behavior of those objects. Class can be divided into sub-classes.
CS507 - Information Systems - Q.No. 22 ( M - 1 ) http://vuzs.net
Audit Trial is a weakness that can be accidentally triggered or intentionally exploited.
► True
► False
Vulnerability is a weakness that can be accidentally triggered or intentionally exploited.
CS507 - Information Systems - Q.No. 23 ( M - 1 ) http://vuzs.net
M-Commerce (mobile commerce) refers to the conduct of e-commerce via wireless devices.
► True
► False
M-Commerce (mobile commerce) refers to the conduct of e-commerce via wireless devices.
CS507 - Information Systems - Q.No. 24 ( M - 1 ) http://vuzs.net
Buying and selling of products, services and information via computer networks, primarily through Internet is:
► E-Commerce
► E-Business
► Web Surfing
► BPR
Electronic Commerce (e-commerce or EC) describes the buying, selling, and exchanging of products, services, and information via computer network, primarily the internet.
CS507 - Information Systems - Q.No. 25 ( M - 1 ) http://vuzs.net
Which of the following helps in getting the right material and physical resources together at the right place and at the right time to meet the customer’s requirements?
► BRP
► MRP
► CRP
MRP helps in getting the right material and physical resources together at the right place and at the right time to meet the customer’s requirements..
CS507 - Information Systems - Q.No. 26 ( M - 1 ) http://vuzs.net
__________ is an association among entities. There has to be a relationship between two entities
► Value Sets
► Cardinality
► Relationships
A relationship is an association among entities. There has to be a relationship between two entities.
CS507 - Information Systems - Q.No. 27 ( M - 1 ) http://vuzs.net
One of the methods of integrating different business information systems is Supply Chain management software.
► True
► False
Methods of integration
Information systems can be integrated in the following ways.
• Connect Existing modules/system
• Use Supply Chain Management (SCM) Software
• Use ERP Software
CS507 - Information Systems - Q.No. 28 ( M - 1 ) http://vuzs.net
Which of the following carries connotations of the class to which the object belonged?
► Class
► Instance
► Structure
► None of the above
Instance also carries connotations of the class to which the object belongs.
CS507 - Information Systems - Q.No. 29 ( M - 1 ) http://vuzs.net
Object oriented analysis focuses on _________
► Modular approach
► Incremental approach
► Traditional approach
► Derived approach
Object-oriented programming, a modular approach to computer program (software) design.
CS507 - Information Systems - Q.No. 30 ( M - 1 ) http://vuzs.net
Evaluate recovery patterns, relevant costs involved is an example of monitoring
► TRUE
► FALSE
Monitoring helps in evaluating the quality of decisions that have been made. This may include the following:
- Discount costs being born by the organization.
CS507 - Information Systems - Q.No. 31 ( M - 2 )
What are the information requirements of the service sector?
Answer:
Information requirements of Service Sector
• Quality of service provided.
• Mode of delivery
• Customer Satisfaction
• Time Scheduling
• Resource Management
CS507 - Information Systems - Q.No. 32 ( M - 2 )
Define Business Continuity Planning (BCP) ?
Answer: Business Continuity Planning (BCP) is a methodology used to create a plan for how an organization will resume partially or completely interrupted critical functions within a predetermined time after a disaster or disruption.”
CS507 - Information Systems - Q.No. 33 ( M - 2 )
Identify different types of Information assets ?
Answer:
1- Security Policy
2- Security Program
CS507 - Information Systems - Q.No. 34 ( M - 2 )
Identify components of Intrusion detection system ?
Answer: Components of IDS
An IDS comprises on the following:
• Sensors
• Analyzers
• An administration
CS507 - Information Systems - Q.No. 35 ( M - 3 )
What is the necessary information needed to begin impact analysis?
Answer: Before beginning the impact analysis, it is necessary to obtain the following necessary information.
• System mission
• System and data criticality
• System and data sensitivity
CS507 - Information Systems - Q.No. 36 ( M - 3 )
Define Active attacks?
Answer: Active attacks may include obtaining unauthorized access to modify data or programs, causing a denial of service, escalating privileges, accessing other systems. They affect the integrity, availability and authentication attributes of network security.
CS507 - Information Systems - Q.No. 37 ( M - 3 )
Why is it needed for Accounting information system (AIS) to be linked with all other information systems in an organization?
Answer: Accounting information system (AIS) is linked to all the information systems in an organization. This is important because the data required for proper book keeping and generation of transactional reports is extracted from all over the organization. For instance sales information can be sought only from marketing information system and stock information is available in manufacturing information system.
CS507 - Information Systems - Q.No. 38 ( M - 3 )
Identify any six factors that should be considered in order for change to be successful?
Answer:
Following factors should be considered in order for change to be successful:
• What are the implications and barriers to successful implementation?
• What processes will we need to change/introduce?
• Who will feel threatened by the change?
• How do we change people's behavior?
• How will success be measured and what value will success
•Is the proposed change aligned with the strategic plan?
CS507 - Information Systems - Q.No. 39 ( M - 5 )
What do you understand by Privacy? How can privacy be protected? List threats to Privacy.
Answer:
Privacy means the quality or condition of being secluded from the presence or view of others, the state of being free from unsanctioned intrusion: a person's right to privacy, the state of being concealed; secrecy. Privacy is quite a subjective/relative concept.
Protecting Privacy
The rights of privacy must be balanced against the needs of the society. Every society has to decide somewhere on the gray area between hiding all and knowing all extremes. Public’s rights to know is superior to the individual’s rights of privacy. Usually public and individual’s rights stand in conflict with each other. Since government agencies have their concerns in priority e.g. criminal investigation, undesirable social activities. Various aspects can be seen as a threat to privacy.
Threats to Privacy
• Electronic surveillance
• Data Profiling
• Online Privacy
• Workplace monitoring
• Location tracking
• Background checks
• Financial privacy
• Medical record and genetic profiling
• Digital right
• Intellectual property rights
• Taxation Issues
CS507 - Information Systems - Q.No. 40 ( M - 5 )
Give any two examples to prove that Audit trails help to provide variants from normal behavior which may lead to unauthorized usage of resources.
Answer: Audit trails help to provide variants from normal behavior which may lead to unauthorized usage of resources. For example
• Audit trails can be used together with access controls to identify and provide information about users suspected of improper modification of data (e.g., introducing
errors into a database).
• An audit trail may record "before" and "after" images, also called snapshots of records.