FINALTERM EXAMINATION
Spring 2010
CS507- Information Systems
Time: 120 min
M a r k s: 60
Question No: 1 ( M a r k s: 1 ) http://vuzs.net
Information technology is being used to overcome the
business issues like, Marketing, Brand of the product, Quality of the
product, Cost control, Organizational internal and external issues.
► False
► True
Information
technology is being used to overcome the business issues like,
Marketing, Brand of the product, Quality of the product, Cost control,
Organizational internal and external issues etc.
Question No: 2 ( M a r k s: 1 ) http://vuzs.net
Ethics is a branch of philosophy that deals with what is considered to be right and wrong.
► True
► False
The goal of ethics in research is to ensure that no one is harmed or suffers adverse consequences from research activities.
Question No: 3 ( M a r k s: 1 ) http://vuzs.net
Past court decisions have stated that privacy must be balanced against the needs of society.
► True
► False
Employers
have been successful in making these arguments when aggrieved workers
have filed lawsuits for privacy violations. The few court cases have
largely been decided in the employers' favor.
Question No: 4 ( M a r k s: 1 ) http://vuzs.net
The components of open loop system do not include control and feedback mechanism.
► True
► False
The
components of open loop system do not include control and feedback
mechanism due to non-existence of internally defined objectives
Question No: 5 vuzs ( M a r k s: 1 ) http://vuzs.net
ERP’s major objective is to tightly integrate the functional areas of the organization and to enable seamless information flows across the functional areas.
► True
► False
The major objective of ERP systems is to tightly integrate the functional areas of the organization.
Question No: 6 ( M a r k s: 1 ) http://vuzs.net
One of the methods of integrating different business information systems is :
► Supply Chain management software
► Interface reconciliation software
► Message passing
► None of the given options
Information systems can be integrated in the following ways:
Connect Existing modules/system
Use Supply Chain Management (SCM) Software
Use ERP Software
Question No: 7 vuzs ( M a r k s: 1 ) http://vuzs.net
In which of the following there is a direct interaction facilitated by auctions, classifieds, and bartering?
► EGovernment
► MCommerce
► Consumer-to-consumer EC
► Intrabusiness EC
Auctions are so far the most popular C2C e-commerce activity.
Question No: 8 ( M a r k s: 1 ) http://vuzs.net
The identification of risks should start with:
► Description of the internal and external risks
► A brainstorming session with risk management experts and a program profile
► A good understanding of the program and a brainstorming session with key stakeholders
► Definitions of likelihood and impact
Question No: 9 ( M a r k s: 1 ) http://vuzs.net
There are typically ________________ kinds of audit records
► One
► Two
► Three
► Four
There are typically two kinds of audit records:
(1) An event-oriented log
(2) A record of every keystroke
Question No: 10 ( M a r k s: 1 ) http://vuzs.net
Which of the following refers to the process of identifying attempts to penetrate a system and gain unauthorized access?
► Intrusion detection
► Audit Trial
► Control Trial
► Documentation
Intrusion detection refers to the process of identifying attempts to penetrate a system and gain unauthorized access.
Question No: 11 ( M a r k s: 1 ) http://vuzs.net
Input controls monitor the initial handshaking procedure of the user with the operating system.
► True
► False
Access Controls: These controls monitor the initial handshaking procedure of the user with the operating system.
Question No: 12 ( M a r k s: 1 ) http://vuzs.net
Which one of the following computer systems uses duplication of components and data to cope with systems failures?
► Fault-tolerant systems
► Expert System
► MIS
► OIS
Fault-tolerance or graceful degradation is the property that enables a system to continue operating properly in the event of the failure of some of its components.
Question No: 13 ( M a r k s: 1 ) http://vuzs.net
Data travels across the internet through several levels of networks until it reaches its middle point.
► True
► False
Data travels across the Internet through several levels of networks until it reaches its destination.
Question No: 14 ( M a r k s: 1 ) http://vuzs.net
According to “Booch”, object has following three components
► State, Behavior, Identity
► State, Behavior, Interface
► State, Interface, methods
► State, Variables, Methods
According to Booch, there are three components of object. Objects have state, behavior and identity.
Question No: 15 ( M a r k s: 1 ) http://vuzs.net
Null value may or may not be called zero value.
► True
► False
Null is a blank read as zero value.
Question No: 16 ( M a r k s: 1 ) http://vuzs.net
A well designed system also helps in early detection of problems in critical areas.
► True
► False
A well designed system also helps in early detection of problems in critical areas, if any.
Question No: 17 ( M a r k s: 1 ) http://vuzs.net
What-if analysis technique is used by _________
► Model Driven DSS
► Data Driven DSS
► Data Mining
Model driven DSS uses following techniques:
- What-If analysis
Question No: 18 ( M a r k s: 1 ) http://vuzs.net
The spiral model emphasizes the need to go back and reiterate earlier steps a number of times as the project progresses.
► True
► False
The spiral model emphasizes the need to go back and reiterate earlier steps a number of times as the project progresses.
Question No: 19 ( M a r k s: 1 ) http://vuzs.net
__________ installs a virus on the PC while performing another function.
► Overwriting Viruses
► Boot sector Virus
► Dropper
Dropper is a program not a virus. It installs a virus on the PC while performing another function.
Question No: 20 ( M a r k s: 1 ) http://vuzs.net
Control
Trial can be used together with access controls to identify and provide
information about users suspected of improper modification of data.
► True
► False
Audit
trails can be used together with access controls to identify and
provide information about users suspected of improper modification of
data.
Question No: 21 ( M a r k s: 1 ) http://vuzs.net
BPR’s
major objective is to tightly integrate the functional areas of the
organization and to enable seamless information flows across the
functional areas.
► True
► False
The major objective of ERP systems is to tightly integrate the functional areas of the organization.
Question No: 22 ( M a r k s: 1 ) http://vuzs.net
The interface is implemented by _______
► Methods
► Signatures
► Classes
► Objects
Interfaces
describe the characteristics of properties, methods, and events, but
leave the implementation details up to structures or classes.
Question No: 23 ( M a r k s: 1 ) http://vuzs.net
The flowchart helps in locating and correcting errors also called debugging.
► True
► False
Proper Debugging: The flowchart helps in locating and correcting errors (Also called debugging).
Question No: 24 ( M a r k s: 1 ) http://vuzs.net
Which of the following refers to the requirement that information should be protected from improper modification?
► Data Integrity
► Validity
► Authenticity
► None of All
System and data integrity refers to the requirement that information should be protected from improper modification
Question No: 25 ( M a r k s: 1 ) http://vuzs.net
Which
of the following helps in getting the right material and physical
resources together at the right place and at the right time to meet the
customer’s requirements?
► BRP
► MRP
► CRP
MRP
helps in getting the right material and physical resources together at
the right place and at the right time to meet the customer’s
requirements. This helps in achieving on time delivery, High Quality, at
the best price.
Question No: 26 ( M a r k s: 1 ) http://vuzs.net
Which
of the following model is a series of short waterfall cycles, each
producing an early prototype representing a part of the entire project?
► Spiral
► Iterative
► WaterFall
► Incremental
Spiral
model emphasizes the need to go back and reiterate earlier steps a
number of times as the project progresses. It's actually a series of
short waterfall cycles, each producing an early prototype representing a
part of the entire project.
Question No: 27 ( M a r k s: 1 ) http://vuzs.net
_________________ is the set of interconnected structural elements that provide the framwork for supporting the entire structure
► Management System
► Infrastructure
► Decision Support System
Infrastructure,
generally, is the set of interconnected structural elements that
provide the framework for supporting the entire structure. It usually
applies only to structures that are artificial.
Question No: 28 ( M a r k s: 1 ) http://vuzs.net
Which of the following need to be ranked first on the basis of their probability of occurrence?
► Threat
► Damage
► Accident
► All of the above
Likelihood
of occurrence of Threat: Having identified the threats, they need to be
ranked on the basis of their probability of occurrence.
Question No: 29 ( M a r k s: 1 ) http://vuzs.net
Active Attack is one of the types of Web Security Threats.
► True
► False
There is two major classes of security threats
• Passive Attacks
• Active Attacks
Question No: 30 ( M a r k s: 1 ) http://vuzs.net
Which of the following carries connotations of the class to which the object belonged?
► Class
► Instance
► Structure
► None of the above
Instance also carries connotations of the class to which the object belongs.
Question No: 31 ( M a r k s: 2 )
What do you understand by OLAP?
Answer:
Online Analytical Processing: Decision
support software that allows the user to quickly analyze information
that has been summarized into multidimensional views and hierarchies.
The term online refers to the interactive querying facility provided to
the user to minimize response time.
Question No: 32 ( M a r k s: 2 )
How threats are identified?
Answer:
Threats
can be identified on the basis of nature of Threat which can either be
accidental-natural occurrences/force major, or deliberate-intentional
act of harm or on the basis of sources of threat which can either be
internal-threat caused within the organization, or external-threat from
some one outside the organization.
Question No: 33 ( M a r k s: 2 )
List down the inputs to Risk Determination phase ?
Answer:
Likelihood of threat exploitation
Magnitude of impact
Adequacy of planned and current controls
Question No: 34 ( M a r k s: 2 )
Identify components of Intrusion detection system ?
Answer:
Sensors
that are responsible for collecting data. The data can be in the form
of network packets, log files, system call, traces, etc. Analyzers that
receive input from sensors and determine intrusive activity.
An administrative console – it contains intrusion definitions applied by the analyzers.
A user interface.
Question No: 35 ( M a r k s: 3 )
What are the challenges to organizations for launching Ecommerce? Identify any three.
Answer:
Security
is the biggest challenge to for launching Ecommerce There is a
consensus that the issue of computer and data security is the biggest
hurdle in the growth of ecommerce. Web servers also face this security
threat.
Some other problems with launching e-commerce business is lack of trust of customers, culture and languages problems.
lengthy procedure of payment and receipt of products or services.
Question No: 36 ( M a r k s: 3 )
Designing file or database is a major component of system designing. Identify its basic purposes.
Answer:
Designing file or database has the following purposes.
1. Data convenience is ensured to the user as and when it is required.
2. Data updates in master file will mechanically keep posted the data in the whole system.
3. Data is professionally processed & stored.
4. Data reliability that is Correctness of data is ensured.
Question No: 37 ( M a r k s: 3 )
What is the responsibility of the management of the organization to ensure the security of information systems?
Answer:
Executive
or senior management take the responsibility to provide safe and secure
information system environment to their employees and user of
information system. Due to it employees will feel no harm or fear and
can easily do the work with secure information system of an
organization.
Question No: 38 ( M a r k s: 3 )
Discuss various steps in threat identification ? Give any example of threat sources and threat actions .
Answer:
Following are steps in threat identification.
- 1.Threat source identification
- 2.Motivation and threat actions
For example a hacker can hack a system and can delete or get any personal data or information.
Question No: 39 ( M a r k s: 5 )
Can you classify E-Commerce into different classes? Idetify any five.
Answer:
E-Commerce models can be classified as
Business to Business (B2B),
Business to Consumer (B2C)
Consumer to Consumer (C2C)
Business to Employee (B2E),
E-Government
Question No: 40 ( M a r k s: 5 )
How Audit trails are technical mechanism that helps managers to maintain individual accountability?
Answer:
In Audit
trails are technical mechanism Users are recognized by the record being
retain. Users are informed of what the password allows them to do and
why it should be kept secure and confidential. Audit trails also help to
give alternative from normal behavior which can guide to illegal usage
of resources.
Audit
trails can be used together with access controls to identify and
provide information about users alleged of inappropriate modification of
data.