FINALTERM EXAMINATION
Spring 2010
CS507- Information Systems
Time: 90 min
M a r k s: 60
CS507 - Information System - Question No: 1( M a r k s: 1 )
Past court decisions have stated that privacy must be balanced against the needs of society.
► True
► False
Answer & Ref by Fuad
Privacy—
The right of privacy is not absolute. Privacy must be balanced against the needs of society
The public ’s right to know is superior to the individual’s right of privacy
CS507 - Information System - Question No: 2 vuzs ( M a r k s: 1 )
Which of the following Customer Relationship Management (CRM) is an enterprise wide effort to acquire and retain customers?
► ERP
► CRM
► MIS
► ESS
Customer Relationship Management Systems (CRM): An enterprise wide effort to acquire and retain customers.
CS507 - Information System - Question No: 3( M a r k s: 1 )
Every system comprises of basic components which in a co-ordination formulate a system.
► True
► False
Every system comprises of basic components which in a coordination formulate a system.
CS507 - Information System - Question No: 4( M a r k s: 1 )
Closed system is dependent on the internal resources and data.
► True
► False
When we refer to a closed system we talk of a system that is dependent on internal resources and data for decision making rather than external.
CS507 - Information System - Question No: 5( M a r k s: 1 )
In which of the following there is a direct interaction facilitated by auctions, classifieds, and bartering?
► EGovernment
► MCommerce
► Consumer-to-consumer EC
► Intrabusiness EC\
Auctions are so far the most popular C2C e-commerce activity.
CS507 - Information System - Question No: 6( M a r k s: 1 )
The turnaround time from the input of the transaction to the production for the output must be a few --------------------
► Minutes or less
► Hours or less
► Seconds or less
Businesses
cannot afford to have customers waiting for a TPS to respond, the
turnaround time from the input of the transaction to the production for
the output must be a few seconds or less.
CS507 - Information System - Question No: 7( M a r k s: 1 )
Which of the following refers to the process of identifying attempts to penetrate a system and gain unauthorized access?
► Threat Identification
► Intrusion detection
► Access Control
► All of above
Intrusion detection refers to the process of identifying attempts to penetrate a system and gain unauthorized access.
CS507 - Information System - Question No: 8( M a r k s: 1 )
The Internet Protocol is designed solely for the addressing and routing of data packets across a network
► True
► False
The Internet Protocol is designed solely for the addressing and routing of data packets across a network.
CS507 - Information System - Question No: 9( M a r k s: 1 )
Threat capacity is an input source for Likelihood determination.
► False
► True
Likelihood Determination inputs are:
• Threat-source motivation
• Threat capacity
• Nature of vulnerability
• Current control
CS507 - Information System - Question No: 10 ( M a r k s: 1 )
Which of the following is a weakness that can be accidentally triggered or intentionally exploited?
► Audit Trial
► Likelihood Identification
► Threat Identification
► Vulnerability
CS507 - Information System - Question No: 11( M a r k s: 1 )
There are typically ________________ kinds of audit records
► One
► Two
► Three
► Four
There are typically two kinds of audit records:
(1) An event-oriented log
(2) A record of every keystroke
CS507 - Information System - Question No: 12( M a r k s: 1 )
Documentation may include program code of application soft wares, technical manuals, user manuals etc.
► True
► False
Documentation
may include program code of application software’s, technical manuals,
user manuals and any other system-related documentation.
CS507 - Information System - Question No: 13( M a r k s: 1 )
Decisions
in which the decision maker must provide judgment, evaluation, and
insights into the problem definition would be characterized as:
► Structured
► Semi Structured
► Unstructured
Unstructured
decisions are those in which the decision maker must provide judgment,
evaluation, and insights into the problem definition.
CS507 - Information System - Question No: 14( M a r k s: 1 )
Automated data are less susceptible to destruction and misuse than paper data.
► True
► False
Electronic
data are more susceptible to destruction fraud error and misuse because
information systems concentrate data in computer files that have the
potential to be accessed by large numbers of people and by groups
outside of the organizations.
CS507 - Information System - Question No: 15 ( M a r k s: 1 )
According to “Booch”, object has following three components
► State, Behavior, Identity
► State, Behavior, Interface
► State, Interface, methods
► State, Variables, Methods
According to Booch, there are three components of object. Objects have state, behavior and identity.
CS507 - Information System - Question No: 16( M a r k s: 1 )
Null value may or may not be called zero value.
► True
► False
Answer by Fuad .
Reference ..Null : is a blank read as zero value. so it should be called Zero Value.
CS507 - Information System - Question No: 17( M a r k s: 1 )
Organizations are distinguished on the basis of __________
► Attributes
► Policy
► Management
Organizations can be distinguished on the basis of various criteria. These are as follows.
• Organizational structure
• Culture of the Organizations
• Management Style
• Decision Making Style
CS507 - Information System - Question No: 18( M a r k s: 1 )
__________ is known as father of warehouse.
► Stephen hawking
► Bill gates
► Bill Inmon
Decision Support Systems was defined by Bill Inmon, father of data warehouse.
CS507 - Information System - Question No: 19( M a r k s: 1 )
Rounded shaped symbol in the flow chart is called ____________
► Connector
► Arrow
► Process
CS507 - Information System - Question No: 20( M a r k s: 1 )
Individuals
using their skills to forward a political agenda, possibly breaking the
law in the process, but justifying their actions for political reasons
are called ________
► Hacktivsts
► Crackers
► Hackers
Hacktivsts: This
refers to individuals using their skills to forward a political agenda,
possibly breaking the law in the process, but justifying their actions
for political reasons.
CS507 - Information System - Question No: 21( M a r k s: 1 )
Object oriented analysis focuses on the _________
► States of objects
► Collaboration of objects
► Implementation of objects
Object-oriented
analysis focuses on the definition of classes and the manner in which
they collaborate to effect the customer requirements.
CS507 - Information System - Question No: 22( M a r k s: 1 )
Which of the following carry characteristics of specialization?
► Sub classes
► Sub Interfaces
► Sub objects
The
purpose of a class is to specify a classification of objects and to
specify the features that characterize the structure and behavior of
those objects. Class can be divided into sub-classes.
CS507 - Information System - Question No: 23( M a r k s: 1 )
The two major criteria that are used to analyze risks are Operational Effects and Situational Impacts
► True
► False (NOT SURE)
CS507 - Information System - Question No: 24( M a r k s: 1 )
Which of the following is not the type of CSF?
► Industry CSFs
► Environmental CSFs
► Technical CSFs
► Temporal CSFs
• Industry CSFs.
• Environmental CSFs.
• Temporal CSFs.
CS507 - Information System - Question No: 25( M a r k s: 1 )
The flowchart helps in locating and correcting errors also called debugging.
► True
► False
Proper Debugging: The flowchart helps in locating and correcting errors (Also called debugging).
CS507 - Information System - Question No: 26( M a r k s: 1 )
Which
of the following is the process or art of defining the hardware and
software architecture, components, modules, interfaces, and data for a
computer system to satisfy specified requirements?
► Systems Design
► Systems Requirement
► Coding
► Requirement
“Systems
design is the process or art of defining the hardware and software
architecture, components, modules, interfaces, and data for a computer
system to satisfy specified requirements.”
CS507 - Information System - Question No: 27( M a r k s: 1 )
Which
of the following focus on detecting potentially abnormal behavior in
function of operating system or request made by application software?
► Active Monitors
► Scanners
► Antivirus
► Behavior blockers
Behavior
blockers :Focus on detecting potentially abnormal behavior in function
of operating system or request made by application software.
CS507 - Information System - Question No: 28( M a r k s: 1 )
Buying and selling of products, services and information via computer networks, primarily through Internet is:
► E-Commerce
► E-Business
► Web Surfing
► BPR
Electronic
Commerce (e-commerce or EC) describes the buying, selling, and
exchanging of products, services, and information via computer network,
primarily the internet.
CS507 - Information System - Question No: 29( M a r k s: 1 )
_____________ is one of the component of Intrusion Detection System (IDS).
► Log File
► Host
► Administrative Consol
► None of above
An administrative console – it contains intrusion definitions applied by the analyzers.
CS507 - Information System - Question No: 30( M a r k s: 1 )
The flow of information in organization can be _______ways.
► 1
► 2
► 3
► 4
Internal and external.
CS507 - Information System - Question No: 31( M a r k s: 2 )
What are Active monitors? Define.
Answer:
This
software serves the concurrent monitoring as the system is being used.
They act as a guard against viruses while the operating system is
performing various functions e.g connected to internet, transferring
data, etc. It blocks a virus to access the specific portions to which
only the operating system has the authorized access. Active monitors can
be problem some because they can not distinguish between a user request
and a program or a virus request. As a result, users are asked to
confirm actions, including formatting a disk or deleting a file or a set
of files.
CS507 - Information System - Question No: 32( M a r k s: 2 )
What is information Quality Checklist?
Answer:
Information Quality Checklist
The
information can also be ranked in accordance with the qualities it has
in it. The experts have devised certain criteria to evaluate the quality
of information. These are stated below:
1. Is it clear who has written the information?
2. Who is the author? Is it an organization or an individual person? Is there a way to contact them?
3. Are the aims of the information clear?
4. What are the aims of the information? What is it for? Who is it for?
Does the information achieve its aims?
5. Does the information do what it says it will?
Is the information relevant to me?
List five things to find out from the information.
1. Can the information be checked?
Is the author qualified to write the information? Has anyone else said the same things
anywhere else? Is there any way of checking this out? If the information is new,
is there any proof?
2. When was the information produced?
Is it up to date? Can you check to see if the information is up to date?
3. Is the information biased in any way?
Has the information got a particular reason for wanting you to think in a particular way?
Is it a balanced view or does it only give one opinion?
4. Does the information tell you about choices open to you?
Does the information give you advice? Does it
CS507 - Information System - Question No: 33 ( M a r k s: 2 )
List any two types of information that can be used as input for vulnerability ?
Answer:
Following information is used as an input
1. Reports of prior risk assessments
2. Any audit comments
3. Security requirements
4. Security test results
CS507 - Information System - Question No: 34( M a r k s: 2 )
Define CRM ?
Answer:
Customer
relationship management (CRM) is a widely-implemented strategy for
managing a company’s interactions with customers, clients and sales
prospects. It involves using technology to organize, automate, and
synchronize business processes—principally sales activities, but also
those for marketing, customer service, and technical support. The
overall goals are to find, attract, and win new clients, nurture and
retain those the company already has, entice former clients back into
the fold, and reduce the costs of marketing and client service. Customer
relationship management describes a company-wide business strategy
including customer-interface departments as well as other departments.
Measuring and valuing customer relationships is critical to implementing
this strategy.
CS507 - Information System - Question No: 35( M a r k s: 3 )
What are the information requirements for Management level in Accounting & financial Information Systems.
Answer:
Financial
Information Systems like other information systems should cater for
information requirements at each level, for instance.
Strategic level
1. Investment goals
2. Long range forecasts for firm’s financial performance
3. Acquisition of financial resources and goals
Knowledge Level
1. Analytical tools to design the right mix for investment
2. Portfolio updates
3. Market information analysis
Management level
1. Control over firm’s financial resources
2. Investment management
3. Budget management
4. Tax management
5. Profitability & Performance Evaluation
Operational Level
1. Cash flow statements through various transactions
2. Inventory and debtor’s management
3. Creditors Management
CS507 - Information System - Question No: 36 ( M a r k s: 3 )
What is access control? Give example
Answer:
Access control:
These controls establish the interface between the would-be user of the
computer system and the computer itself. These controls monitor the
initial handshaking procedure of the user with the operating system.
Example: when
a customer enters the card and the pin code in an automatic teller
machine (ATM), the access controls are exercised by the system to block
unwanted or illegitimate access.
CS507 - Information System - Question No: 37( M a r k s: 3 )
Discuss Centralized and Distributed Processing in terms of their comparison ?
Answer:
Centralized vs. Distributed Processing
Centralized
Processing is performed in one computer or in a cluster of coupled
computers in a single location. Centralized processing was the
architecture that evolved from the very first computers; however, user
access was via dumb terminals that performed none of the primary
processing. Today, centralized computers are still widely used, but the
terminals are mostly full-featured desktop computers.
Distributed
processing refers to any of a variety of computer systems that use more
than one computer, or processor, to run an application. More often,
however, distributed processing refers to local-area networks (LANs)
designed so that a single program can run simultaneously at various
sites. Most distributed processing systems contain sophisticated
software that detects idle CPUs on the network and parcels out programs
to utilize them.
Another
form of distributed processing involves distributed databases,
databases in which the data is stored across two or more computer
systems. The database system keeps track of where the data is so that
the distributed nature of the database is not apparent to users.
Distributed processing is a programming paradigm focusing on designing
distributed, open, scalable, transparent, fault tolerant systems. This
paradigm is a natural result of the use of computers to form networks.
Distributed
computing is decentralized and parallel computing, using two or more
computers communicating over a network to accomplish a common objective
or task. The types of hardware, programming languages, operating systems
and other resources may vary drastically. It is similar to computer
clustering with the main difference being a wide geographic dispersion
of the resources. As the terms can explain, processing can be done at
one location in case on centralized or at different locations in case of
distributed processing. The CS507 - Information System - Question
arises is how both types of processing are different from each other.
CS507 - Information System - Question No: 38( M a r k s: 3 )
Identify draw backs of ERP systems ?
Answer:
CS507 - Information System - Question No: 39( M a r k s: 5 )
Differentiate the following
1.Intrusion Detection vs Variance Detection
Answer:
Intrusion detection:
Intrusion
detection refers to the process of identifying attempts to penetrate a
system and gain unauthorized access. If audit trails have been designed
and implemented to record appropriate information, they can assist in
intrusion detection. Intrusion detection system can be made part of the
regular security system to effectively detect intrusion. Real time
intrusion detection is technical and complex to achieve but reasonable
extent can be attained. Real-time intrusion detection is primarily aimed
at outsiders attempting to gain unauthorized access to the system.
Variance detection:
Trends/variance-detection
tools look for anomalies in user or system behavior. It is possible to
monitor usage trends and detect major variations. The log can be
detected and analyzed to detect the irregularity. For example, if a user
typically logs in at 9 a.m., but appears at 4:30 a.m. one morning, this
may indicate either a security problem or a malfunctioning of the
system clock that may need to be investigated. The log can be
sorted/filtered for all log ins before 9 a.m. from that particular
terminal.
CS507 - Information System - Question No: 40 ( M a r k s: 5 )
Define the following:
a)EC (ECommerce)
b)EB (EBusiness)
Answer:
E-Commerce: Electronic commerce is an emerging concept that describes the process of buying and selling or exchanging of products, services and information via computer networks including the internet
EB (EBusiness): eBusiness
(electronic business) is, in its simplest form, the conduct of business
on the Internet. It is a more generic term than eCommerce because it
refers to not only buying and selling but also servicing customers and
collaborating with business partner.
