B4: Information Systems

Question 1

When is distributed/decentralized processing most appropriate?

Answer 1

Large volume of info
Many locations
Fast access required

Question 2

What are the 5 components of a BIS?

Answer 2

Hardware
Software
Data
Network
People

Question 3

What are the 5 functions on data in a BIS?

Answer 3

collect
process
store
transform
distribute

Question 4

What is a group code?

Answer 4

Within account or item number, different groups of numbers have meaning

Question 5

What are the major functions in transaction processing?

Answer 5

Data input, storage, processing, information output

Question 6

What are the main objectives of an AIS?

Answer 6

record valid transactions
properly classify transactions
record at proper value
record in proper period (cutoff)
properly present info and transactions

Question 7

What is transaction processing?

Answer 7

processing large numbers of commonly occurring events in a predefined, highly structured way

Question 8

What are the steps in the SDLC?

Answer 8

A DITTO

Systems analysis
Design (conceptual and physical)
Implementation and conversion
Training
Testing
Operations and Maintenance

Question 9

What are the 7 information criteria under COBIT?

Answer 9

ICE RACE

Integrity (accurate, complete, valid)
Confidentiality (protect sensitive info)
Efficiency (low cost without compromising effectiveness)

Reliability (info represents what is purports to represent)
Availability (providing current and future info as required)
Compliance (comply with laws, contracts, regulations)
Effectiveness (relevant to business process and delivered in timely, correct, consistent, and useful manner)

Question 10

What are the four domains of the COBIT framework?

Answer 10

PO AIDS ME

Plan and organize (direct)

Acquire and implement (solution)
Deliver and support (service)

Monitor and evaluate (ensure direction followed)

Question 11

What does the MIS steering committee do?

Answer 11

Plan and oversee development and acquisition

Question 12

What does a DBA do?

Answer 12

controls the database

design database, security measures, and controls data structure

Question 13

What should always be included in a systems specification document?

Answer 13

data elements

Question 14

What are the 5 areas of COBIT IT governance?

Answer 14

strategic alignment
value delivery
resource mgmt
risk mgmt
performance mgmt

Question 15

What is COBIT enterprise architecture?

Answer 15

combination of IT resources and defined processes

Question 16

In asymmetric encryption, what is used to encrypt and decrypt?

Answer 16

public key

private key

Question 17

What is PKI?

Answer 17

public key infrastructure

system and processes used to issue and manage asymmetric keys and digital certificates

Question 18

What are the policy support documents?

Answer 18

regulations
standards and baselines
guidelines
procedures

Question 19

What are the 5 steps in disaster recovery?

Answer 19

assess risks
identify mission-critical applications and data
develop a plan
determine responsibilities of personnel involved
test disaster recovery plan

Question 20

What is the difference between a full, incremental, and differential backup?

Answer 20

exact copy of entire database
copying only data that changed since last backup
copies all changes since last FULL backup

Question 21

What are the four general types of reporting risks?

Answer 21

Strategic - choosing inappropriate technology
Operating - doing right thing wrong way
Financial - losing, wasting, having financial resources stolen
Information - loss of data integrity, incomplete transactions, hackers

Question 22

What do firewalls do?

Answer 22

deter invasion from outsiders

Question 23

What are the layers in a 3-tier architecture?

Answer 23

desktop client, application, and database

Question 24

What are the 4 priorities of SCM groups?

Answer 24

what
when and where goods delivered
how much the goods cost

Question 25

What is EDI

Answer 25

electronic exchange (computer to computer) of business transaction documents in structured formats

Question 26

What are the main differenced between E-commerce and EDI?

Answer 26

E-commerce is:
less expensive
less secure
faster (OLRT)
internet (public)

Question 27

What is the primary purpose of ERP?

Answer 27

Integrate data from all functional areas of organization’s activity

Question 28

What is TCP/IP?

Answer 28

network protocol on which internet is based

Every website has a unique address

Question 29

What do intranets do?

Answer 29

private networks with limited if any access for the public

share org info by connecting geographically separate LANs within the org

Question 30

What is the job of a systems analyst?

Answer 30

internally developed system:
determine system requirements
design overall application system
determine type of network

Purchased system:
integrates with existing internal and purchased applications
provides training to end users

Question 31

What is the job of an application programmer / software developer?

Answer 31

Writing and/or maintaining application programs

should not have access to write/update data in production systems or access application program change mgmt systems

Question 32

What is the job of a system programmer?

Answer 32

Installing, supporting, monitoring, and maintaining the operating system
Capacity planning
should not be able to write/update data in production systems or access change mgmt systems

Question 33

What is the job of a computer operator?

Answer 33

scheduling and running processing jobs

Question 34

What is program-level policy?

Answer 34

mission statement for IT security program

Question 35

What is program-framework policy?

Answer 35

IT security strategy

Question 36

What is issue-specific policy?

Answer 36

Addresses specific issues of concern

Question 37

What is system-specific policy?

Answer 37

Focus on policy issues that exist for a specific system

Question 38

What is the main objective of disaster recovery plans?

Answer 38

restoring operating functionality

prevent downtime