Exam 1

Question 1

Computer-based information systems (CBIS)

Answer 1

An information system that uses computer technology to perform some or all of its intended tasks.

Question 2

data items

Answer 2

An elementary description of things, events, activities, and transactions that are recorded, classified, and sorted but are not organized to convey any meeting.

Question 3

enterprise resource planning (ERP) systems

Answer 3

information systems that correct a lack of communication among the functional area ISs by tightly integrting the functional area ISs via common database

Question 4

functional area information systems (FAISs)

Answer 4

ISs that support a particular functional area within the organization

Question 5

hardware

Answer 5

a device such as a processor, monitor, keyboard, or printer Together these devices accept, process, and display data and information.

Question 6

information

Answer 6

data that have been organized so that they have meaning

Question 7

information systems (IS)

Answer 7

collects, processes, stores, analyzes, and disseminates information for a specific purpose

Question 8

information technology (IT)

Answer 8

relates to any computer-based tool that people use to work with information and support the information and information-processing needs of an organization

Question 9

information technology components

Answer 9

hardware, software, databases, and networks

Question 10

interorganizational information systems (IOS)

Answer 10

information systems that connect two or more organizations

Question 11

knowledge

Answer 11

data and/or info that have been organized and processed to convey understanding, experience, accumulated learning, and expertise as they apply to a current problem.

Question 12

knowledge workers

Answer 12

professional employees such as financial and marketing analysts, engineers, lawyers, and accountants, who are expert in a particular subject area and create information and knowledge, which they integrate into business.

Question 13

procedures

Answer 13

the set of instructions for combining hardware, software, database, and network components in order to process info and generate the desired output.

Question 14

software

Answer 14

a program or collection of programs that enable the hardware to process data

Question 15

transaction processing system (TPS)

Answer 15

supports the monitoring, collection, storage, and processing of data from the organization’s basic business transaction, each of which generates data.

Question 16

business environment

Answer 16

the combination of social, legal, economic, physical, and political factors in which businesses conduct their operations.

Question 17

business-information technology alignment

Answer 17

the tight integration of the IT function with the strategy, mission, and goals of the organization.

Question 18

business process

Answer 18

a collection of related activities that produce a product or service of value to the organization, its business partners, and or its customers.

Question 19

business process management (BPM)

Answer 19

a management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Question 20

business process reengineering (BPR)

Answer 20

a radical redesign of a business process that improves its efficiency and effectiveness, often by beginning with a “clean sheet”

Question 21

competitive forces model

Answer 21

a business framework devised by Michael Porter that analyzes competitiveness by recognizing five major forces that could endanger a company’s position.

Question 22

cross-functional business process

Answer 22

a process in which no single functional area is responsible for its completion; multiple functional areas collaborate to perform the function

Question 23

digital divide

Answer 23

the gap between those who have access to information and communications technology and those who do not

Question 24

entry barrier

Answer 24

product or service feature that customers expect from organizations in a certain industry; an organization trying to enter this market must provide this product or service at a minimum to be able to compete

Question 25

globalization

Answer 25

the integration and interdependence of economic, social, cultural, and ecological facets of life, enabled by rapid advances in information technology

Question 26

mass customization

Answer 26

a production process in which items are produced in large quantities but are customized to fit the desires of each customer

Question 27

organizational social responsibility

Answer 27

efforts by organizations to solve various social problems.

Question 28

primary activities

Answer 28

those business activities related to the production and distribution of the firm’s products and services, thus creating value

Question 29

strategic information systems (SIS)s

Answer 29

systems that help an organization gain a competitive advantage by supporting its strategic goals and or increasing performance and productivity.

Question 30

support activities

Answer 30

business activities that do not add value directly to a firm’s product or service under consideration but support the primary activities that do add value

Question 31

value chain model

Answer 31

model that shows the primary activities that sequentially add value to the profit margin; also shows the support activities

Question 32

value system

Answer 32

includes the producers, suppliers, distributors, and buyers, all with their value chains

Question 33

code of ethics

Answer 33

a collection of principles intended to guide decision making by members of an organization

Question 34

digital dossier

Answer 34

an electronic description of an individual and his or her habits

Question 35

information privacy

Answer 35

the right to determine when, and to what extent, personal information can be gathered by and or communicated by others.

Question 36

liability

Answer 36

a legal concept that gives individuals the right to recover the damages done to them by other individuals, organizations, or systems

Question 37

opt-in model

Answer 37

a model of informed consent in which a business is prohibited from collecting any personal information unless the customer specifically authorizes it

Question 38

opt-out model

Answer 38

a model of informed consent that permits a company to collect personal information until the customer specifically requests that the data not be collected.

Question 39

profiling

Answer 39

the process of forming a digital dossier

Question 40

responsibility

Answer 40

a tenet of ethics in which you accept the consequences of your decisions and actions

Question 41

access controls

Answer 41

controls that restrict unauthorized individuals from using information resources and are concerned with user identification

Question 42

adware

Answer 42

alien software designed to help pop-up advertisements appear on your screen.

Question 43

alien software

Answer 43

clandestine software that is installed on your computer through duplicitous methods

Question 44

anti-malware systems

Answer 44

software packages that attempt to identify and eliminate viruses, worms, and other malicious software

Question 45

audit

Answer 45

an examination of information systems, their inputs, outputs, and processing

Question 46

back door

Answer 46

typically a password, known only to the attacker, that allows the attacker to access the system without having to go through any security proceedures

Question 47

biometrics

Answer 47

the science and technology of authentication by measuring the subject’s physilogic or behavioral characteristics

Question 48

blacklisting

Answer 48

a process in which a company identifies certain types of software that are not allowed to run in the company environment

Question 49

certificate authority

Answer 49

a third party that acts as a trusted intermediary between computers by issuing digital certificates and verifying the worth and integrity of the certificates

Question 50

cold site

Answer 50

a backup location that provides only rudimentary services and facilities

Question 51

controls

Answer 51

defense mechanisms

Question 52

cookie

Answer 52

small amounts of information that Web sites store on your computer, temporarily or more or less permanently

Question 53

copyright

Answer 53

a grant that provides the creator of intellectual property with ownership of it for a specified period of time, currently the life of the creator plus 70 years.

Question 54

cybercrime

Answer 54

illegal activities executed on the internet

Question 55

cyberterrorism

Answer 55

can be defined as a premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups

Question 56

cyberwarfare

Answer 56

war in which a country’s information systems could be paralyzed from a massive attack by destructive software

Question 57

demilitarized zone (DMZ)

Answer 57

a separate organizational local area network that is located between an organization’s internal network and an external network, usually the internet.

Question 58

denial-of-service attack

Answer 58

a cyber attack in which an attacker sends a flood of data packets to the target computer, with the aim of overloading its resources.

Question 59

distributed denial-of-service (DDoS) attack

Answer 59

attack that sends a flood of data packets from many compromised computers simultaneously

Question 60

digital certificate

Answer 60

an electronic document attached to a file certifying that this file is from the organization it claims to be from and has not been modified from its original format of content.

Question 61

exposure

Answer 61

the harm, loss, or damage that can result if a threat compromises an information resource

Question 62

firewall

Answer 62

a system that prevents a specific type of information from moving between untrusted networks, such as the internet and private networks, such as tour company’s network.

Question 63

hot sites

Answer 63

a fully configured computer facility, with all information resources and services, communications links, and physical plant operations, that duplicated your company’s computing resources and provides near real-life recovery of IT operations.

Question 64

information security

Answer 64

protecting an organization’s information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Question 65

intellectual property

Answer 65

the intangible property created by individuals or corporations, which is protected under trade secret, patent, and copyright laws.

Question 66

least privilege

Answer 66

a principle that users be granted the privilege for some activity only if there is a justifiable need to grant this authorization

Question 67

logic bombs

Answer 67

segments of computer code embedded within an organization’s existing computer programs

Question 68

malware

Answer 68

malicious software such as viruses or worms

Question 69

phishing attack

Answer 69

an attack that uses deception to fraudulently acquire sensitive personal information by masquerading as an official-looking email.

Question 70

physical controls

Answer 70

controls that restrict unauthorized individuals from gaining access to a company’s computer facilities

Question 71

piracy

Answer 71

copying a software program without making payment to the owner

Question 72

privilege

Answer 72

a collection of related computer system operations that can be performed by users of the system.

Question 73

public-key encryption

Answer 73

a type of encryption that uses two different keys, a public key and a private key.

Question 74

risk acceptance

Answer 74

a strategy in which the organization accepts the potential risk, continues to operate with no controls, and absorbs any damages that occur.

Question 75

risk analysis

Answer 75

the process by which an organization assesses the value of each asset being protected, estimates the probability that each asset might be compromised and compares the probable costs of each being compromised with the costs of protecting it

Question 76

risk limitation

Answer 76

a strategy in which the organization limits its risk by implementing controls that minimize the impact of a threat.

Question 77

risk management

Answer 77

a process that identifies, controls, and minimizes the impact of threats, in an effort

Question 78

risk mitigation

Answer 78

a process whereby the organization takes concrete actions against risks, such as implementing controls and developing a disaster recovery plan

Question 79

risk transference

Answer 79

a process in which the organization transfers the risk by using other means to compensate for a loss such as purchasing insurance

Question 80

secure socket layer (SSL)

Answer 80

an encryption standard used for secure transactions such as credit card purchases and online banking

Question 81

security

Answer 81

the degree of protection against criminal activity, danger, damage, and or loss

Question 82

social engineering

Answer 82

getting around security systems by tricking computer users inside a company into revealing sensitive information or gaining unauthorzed

Question 83

spam

Answer 83

unsolicited email

Question 84

spamware

Answer 84

alien software that uses your computer as a launch platform for spammers

Question 85

spyware

Answer 85

alien software that can record your keystrokes and or capture your passwords

Question 86

trade secret

Answer 86

intellectual work, such as a business plan, that is a company secret and is not based on public information

Question 87

Trojan horse

Answer 87

a software program containing a hidden function that presents a security risk

Question 88

tunneling

Answer 88

a process that encrypts packet inside another packet

Question 89

virtual private network (VPN)

Answer 89

a private network

Question 90

viruses

Answer 90

malicious software that can attach itself to other computer programs without the owner of the program being aware of the infection

Question 91

vulnerability

Answer 91

the possibility that an information resource will be harmed by a threat

Question 92

whitelisting

Answer 92

a process in which a company identifies acceptable software and permits it to run, and either prevents anything else from running or lets new software run in a quarantined environment until the company can verify its validity

Question 93

worms

Answer 93

destructive programs that replicate themselves without requiring another program to provide a safe environment for replication

Question 94

Identify several ways in which you depend on information technology in your daily life

Answer 94

texting, email, research, shop, pay bills

Question 95

What are three ways in which information technology can impact managers

Answer 95

1. may reduce middle managers
2. less time to make decisions
3. increase likelihood of having to supervise geographically

Question 96

What are three ways in which information technology can impact nonmanagerial workers

Answer 96

1. may eliminate jobs
2. may cause employees to feel a loss of identity
3. cause job stress and repetitive stress injury

Question 97

List three positives and three negatives societal effects of the increased use of IT

Answer 97

positive: 1. opportunities for disabled people 2. work flexibility 3. improvements in healthcare
negative: 1. cause health problems 2. place employees on constant call 3. misinform patients about their health problems

Question 98

List and provide examples of the three types of business pressures, and describe one IT response to each.

Answer 98

1. Market pressures: powerful customers
2. Technology pressures: info overload
3. societal/political/legal pressures: social responsibility (environment)

Question 99

Identify 5 competitive forces

Answer 99

1. threat of new competitors
2. bargaining power of suppliers
3. bargaining power of customers
4. threat of substitute products
5. rivalry amongst existing firms in industry

Question 100

5 strategies to counter competitive forces

Answer 100

1. cost leadership strategy- lowest cost
2. differentiation strategy- different products or services
3. innovation strategy- introduce new products and services
4. operational effectiveness strategy- improve internal business processes
5. customer-orientation strategy- focus on customer’s happiness

Question 101

List 3 fundamental tenets of ethics

Answer 101

1. responsibility
2. accountability
3. liability

Question 102

List 4 categories of ethical issues related to information technology

Answer 102

1. privacy
2. accuracy
3. property
4. access to information

Question 103

Identify three places that store data and discuss one personal threat to the privacy of the data stored there.

Answer 103

databases, forums, and social networking sites. the threat is you might post too much that unknown people can see.

Question 104

Identify 5 factors that contribute to vulnerability of information resources and provide an example of each

Answer 104

1. interconnected, wirelessly networked-internet
2. smaller, faster, cheaper, computers and storage devices- ipads thumbdrives
3. decreasing skills necessary to hack-hacking programs on the internet
4. international organized crime taking over cybercrime-cartels
5. lack of management support

Question 105

10 types of deliberate attacks

Answer 105

1. espionage or trespass
2. information extortion
3. sabotage and vandalism
4. theft of equipment
5. identity theft
6. protecting intellectual property
7. software attacks
8. alien software
9. supervisory control and data acquisition
10. cyberterrorism or cyberwarfare

Question 106

Identify three major types of controls that organization can use to protect their information resources.

Answer 106

1. physical controls
2. access controls
3. communication controls