Information Technology (M41)

Question 1

This processes data and transactions to provide users with the information they need to plan, control, and operate an organization

Answer 1

An Information System

Question 2

T/F

Overall, manual accounting systems have been replaced by computerized accounting information systems

Answer 2

TRUE

Question 3

These are designed to improve productivity by supporting daily work of employees (Word, Excel, Email, etc.)

Answer 3

Office Automation Systems

Question 4

This involves the daily processing of transactions (payroll recording, cash receipts, cash disbursements)

Answer 4

Transaction Processing Systems

Question 5

This is designed to help with the decision-making process by providing access to computer data

Answer 5

Management Reporting Systems

Question 6

This is an example of a management reporting system that is designed to provide past, present, and future information for planning, organization, and controlling the operations of the organization

Answer 6

Management Information Systems

Question 7

This is an example of a management reporting system that is computer-based and combines models and data to resolve non-structured problems with extensive user involvement

Answer 7

Decision Support Systems

Question 8

This is an example of a management reporting system that is computer-based and applies reasoning methods to data in a specific relatively structured area to render advice or recommendations

Answer 8

Expert Systems

Question 9

This is an example of a management reporting system is a computerized system that is specifically designed to support executive work

Answer 9

Executive Information Systems

Question 10

What are the phases in a Systems Development Lifecycle (SDLC)

(7 Phases - PADDTIM)

Answer 10

1) Planning
2) Analysis
3) Design
4) Development
5) Testing
6) Implementation
7) Maintenance

Question 11

This is a type of testing under the testing phase (in a systems development lifecycle) that involves testing the pieces of code

Answer 11

Unit Testing

Question 12

This is a type of testing under the testing phase (in a systems development lifecycle) that involves testing of the integration of the units/pieces of code into a system

Answer 12

System Testing

Question 13

This is a type of testing under the testing phase (in a systems development lifecycle) involves testing where the separate systems can work together

Answer 13

Integration Testing

Question 14

This is a type of testing under the testing phase (in a systems development lifecycle) which determines whether the system meets the business requirements and enables users to perform their jobs efficiently and effectively

Answer 14

User Acceptance Testing

Question 15

This is a type of implementation under the implementation phase (in a systems development lifecycle) that uses two systems (old and new) until it is determined that the new system is operating properly

Answer 15

Parallel Implementation

Question 16

This is a type of implementation under the implementation phase (in a systems development lifecycle) that ceases the old system and begins using the new system immediately

Answer 16

Plunge Implementation

Question 17

This is a type of implementation under the implementation phase (in a systems development lifecycle) that involves having a small group of individuals using the new system until it is seen to be working properly

Answer 17

Pilot Implementation

Question 18

This is a type of implementation under the implementation phase (in a systems development lifecycle) that involves installing the system in a series of waves

Answer 18

Phased Implementation

Question 19

The advantage of this implementation is that there is less risk of system disaster

Answer 19

Parallel Implementation

Question 20

The disadvantage of this implementation is the additional work and cost during the implementation period

Answer 20

Parallel Implementation

It is VERY expensive to keep both systems running

Question 21

The advantage of this implementation system is that it isn’t very costly

Answer 21

Plunge Implementation

Question 22

The disadvantage of this implementation system is that it has high risk of system disaster

Answer 22

Plunge Implementation

Question 23

The advantage of this implementation system is that it provides a partial operational test of the new system at a lower cost

Answer 23

Pilot Implementation

The costs are much lower than the Parallel Implementation where both systems are being used across the board.

Question 24

In which phase of the SDLC would the activity of identifying the problem(s) that need to be solved most likely occur?

Answer 24

Planning Phase

Question 25

List the 5 types of computers in order of largest/highest power to smallest/lowest power

Answer 25

1) Supercomputers
2) Mainframe Computers
3) Servers
4) Microcomputers (desktops/laptops)
5) Tablets/Smart Phones/PDAs

Question 26

What are 4 categories of hardware?

Answer 26

1) Central Processing Unit (CPU)
2) Secondary Storage
3) Input Devices
4) Output Devices

Question 27

What is the slowest & therefore cheapest form of secondary storage hardware, which is used primarily for archiving purposes

Answer 27

Magnetic Tape

Question 28

What type of secondary storage hardware is similar to a USB drive?

Answer 28

Solid State Drives (SSDs)

Question 29

What type of secondary storage hardware is also known as “Storage as a Service” (SaaS), hosted offsite, and is accessed via the internet?

Answer 29

Cloud-Based Storage

Question 30

What is the most common secondary storage hardware medium used today?

Answer 30

Magnetic Disks (hard drives)

Question 31

What is the difference between Digital & Analog?

Answer 31

Digital is read in binary (0s & 1s)

Analog is read using electrical, mechanical, hydraulic, or pneumatic devices to transmit the fluctuations in a signal

Question 32

What type of secondary storage device requires no moving parts for read/write operations?

Answer 32

Solid State Drives

Question 33

Another term for cloud-based storage is

Answer 33

Storage-as-a-Service (SaaS)

Question 34

This is a program that controls the display for a user (usually on a computer monitor that allows the user to interact with the system

Answer 34

a Input Interface

Question 35

This uses icons, pictures, and menus instead of text for inputs (classic example: Windows)

Answer 35

Graphical User Interface (GUI)

Question 36

These are documents that are sent to the customer and returned as inputs

Answer 36

Turnaround Documents

Question 37

What is a classic example of a turnaround document?

Answer 37

a Remittance Advice

Question 38

A good example of a point-of-sale recorder is…

Answer 38

A cash register

Question 39

T/F

Point of Sale Recorders are generally wireless

Answer 39

FALSE

They usually have a wire connection

Question 40

What is a good example of a Radio Frequency Identification (RFID)

Answer 40

A toll road that reads the toll card in a person’s card and charges it as they drive by

Question 41

T/F

RFID is a wireless input device that is used for inventory control and similar to bar-codes technology but does not require line-of sight access

Answer 41

TRUE

Question 42

What are the 4 common output devices?

Answer 42

1) Monitors
2) Printers
3) Plotters
4) Computer Output to Microfilm or Microfiche (COM)

Question 43

What is the most common output device?

Answer 43

Monitors

Question 44

This is a systems software that manages the input, output, processing, and storage devices and operations of a computer

Answer 44

an Operating System

Question 45

This is a systems software that handles common file, data manipulation, and other “housekeeping” tasks

Answer 45

Utility Programs

Question 46

This is a systems software that controls and supports transmission between computers, computers and monitors, and accesses various databases

Answer 46

Communications Software

Question 47

What is the difference between a low-end and high-end application software?

Answer 47

Low-End is all in one package, designed for small organizations.

High-End is ordinarily in Modules

Question 48

This is an applications software that is designed as a relatively complete information system

Answer 48

Enterprise Resource Planning (ERP)

Question 49

What is the difference between multiprocessing and multitasking?

Answer 49

Multiprocessing is the simultaneous execution of two or more tasks, usually by two or more CPUs that are part o the same system

Multitasking is the simultaneous processing of several jobs on one computer

Question 50

List the programming languages in order of 1st generation to 5th generation

Answer 50

1) Machine Language (Binary)
2) Assembly Language
3) “High-Level” Programming language
4) “Application-Specific Languages”
5) Visual or Graphical Interfaces

Question 51

What are examples of a high-level, 3rd generation programming language?

Answer 51

COBOL, C++, Java

Question 52

This is a review of a program by a programmer for errors before the program is run and debugged on the computer

Answer 52

Desk Checking

Question 53

This finds and eliminates errors in a computer program.

Answer 53

Debug

Question 54

This is a set of program instructions performed repetitively a predetermined number of times, or until all of a particular type of data has been processed

Answer 54

Loop

Question 55

This is a listing of the contents of storage

Answer 55

Memory Dump

Question 56

This is a section of coding inserted into a program to correct a mistake or to alter a routine

Answer 56

Patch

Question 57

This is a complete cycle of a program including put, processing, and output

Answer 57

Run

Question 58

What is a big pro for batch processing as opposed to online real-time processing

Answer 58

a Batch leaves a relatively easy-to-follow audit trail

Question 59

T/F

Misstatements in a batch computer system caused by incorrect programs or data may not be detected immediately because the processing of transactions in a batch system is not uniform

Answer 59

FALSE

The processing of transactions in a batch system usually IS uniform

Question 60

T/F

Misstatements in a batch computer system caused by incorrect programs or data may not be detected immediately because there are time delays in processing transactions in a batch system

Answer 60

TRUE

Question 61

T/F

The posting of a transaction as it occurs, to several files, without intermediate printouts, is a characteristic of a batch processed computer system

Answer 61

FALSE

Question 62

T/F

The production of numerous printouts is a characteristic of a batch processed computer system

Answer 62

TRUE

Question 63

T/F

The keypunching of transactions, following by machine processing is a characteristic of a batch processed computer system

Answer 63

TRUE

Question 64

T/F

The collection of like transactions which are sorted and processed sequentially against a master file is a characteristic of a batch processed computer system

Answer 64

TRUE

Question 65

This is a subject-oriented, integrated collection of data used to support management decision making processes

Answer 65

Data warehouse

Question 66

What is the difference between a data warehouse and a data mart?

Answer 66

a Data Mart is a data warehouse that is limited in scope

Question 67

he online analytical processing term that represents a combination of systems that help aggregate, access, and analyze business data and assist in the business decision-making process is

Answer 67

Business Intelligence

Question 68

This uses sophisticated techniques from statistics, artificial intelligence and computer graphics to explain, confirm, and explore relationships among data which is stored in a data warehouse or data mart

Answer 68

Data Mining

Question 69

Processing can be ______, _____, or _______

Answer 69

Centralized
Decentralized
Distributed

Question 70

What is the difference between a Bit and a Byte

Answer 70

Bit - a binary digit (0 or 1)

Byte - A group of adjacent bits (usually 8)

Question 71

This is the smallest storage unit in a computer

Answer 71

Bit

Question 72

This is a group of related characters (Example, SSN)

Answer 72

Field

Question 73

This is an ordered set of logically related fields (for example, a payroll file for one employee)

Answer 73

Record

Question 74

This is a group of related records (for example, all weekly pay records YTD)

Answer 74

File

Question 75

A group of related records in a relational database with a unique identifier in each record

Answer 75

Table

Question 76

This is a group of related files or a group of related tables

Answer 76

Database

Question 77

This type of system focuses upon data processing needs of individual departments. Each application program or system is developed to meet the needs of the particular requesting department or user group

Answer 77

Traditional File Processing Systems

Question 78

This is computer hardware and software that enables the databases to be implemented

Answer 78

Database System

Question 79

This is software that provides a facility for communications between various applications programs and the database

Answer 79

Database Management System

Question 80

This concept separates the data from the related application programs

Answer 80

Data Independence

Question 81

This is the process of identifying and organizing a database’s data, both logically and physically

Answer 81

Data Modeling

Question 82

This is the field that makes a record in a relational database table unique

Answer 82

Primary Key

Question 83

This is the field that is common to two or more related tables in a relational database

Answer 83

Foreign Key

Question 84

This is a data model designed for use in designing accounting information databases

Answer 84

REA Data Model

Question 85

What does REA stand for in the REA data model?

Answer 85

R - Resources
E - Events
A - Agents

Question 86

These are identifiable objects that have economic value

Answer 86

Resources

Question 87

These are an organization’s business activities

Answer 87

Events

Question 88

These are people or organizations about which data is collected

Answer 88

Agents

Question 89

What are the three methods of backup and recovery?

Answer 89

1) Backup of Database & Logs of Transactions
2) Database Replication
3) Backup Facility

Question 90

This is a computer network that is centered around an individual and the personal communication devises they use

Answer 90

Personal Area Networks (PANs)

Question 91

This is a privately owned network within a single building or campus of up to a few miles in size

Answer 91

Local Area Networks (LANs)

Question 92

This is a larger version of a LAN. It might include a group of nearby offices within a city

Answer 92

Metropolitan Area Network (MAN)

Question 93

These are networks that span a large geographical area, often a country or continent.

Answer 93

Wide Area Networks (WAN)

Question 94

These are languges used to create and format documents, link documents to other web pages, and to communicate between web browsers

Answer 94

HTML - Hypertext Markup Language

XML - Extensible Markup Language

Question 95

_____ is increasingly replacing _____ in internet applications due to its superior ability to tag and format documents that are communicated among trading partners

Answer 95

XML

HTML

Question 96

SQL is used to ____

Answer 96

Query a Database

Question 97

Internetwork communication requires the use of a common set of rules, ____, and _____

Answer 97

Protocols (TCP)

Shared Routing Systems (IP)

Question 98

This is the primary internet protocol for data communication on the World Wide Web

Answer 98

HTTP - Hypertext Transfer Protocol

Question 99

This is a standard for finding a document on the internet

Answer 99

URL - Uniform Resource Locator

Question 100

A framework for acessing linked resources

Answer 100

WWW - World Wide Web

Question 101

This provides the user with the ability to locate and display web resources. Examples include Firefox, Chrome, & Internet Explorer

Answer 101

Web Browser

Question 102

This is an XML application that facilitates the sharing and syndication of web content, by subscriptio

Answer 102

RSS (Really Simple Syndication)/Atom Feeds

Question 103

This is a web page diary or bulletin board

Answer 103

Blog

Question 104

What does Wiki stand for?

Answer 104

What I Know Is

Question 105

This is a micro variation of a blog

Answer 105

Twitter

Question 106

This is a number that identifies a machine as unique on the internet

Answer 106

IP Address

Question 107

This is an entity that provides access to the internet

Answer 107

ISP - Internet Service Provider

Question 108

This basic communication language or protocol of the internet has two layers

Answer 108

TCP/IP (Transmission Control Protocol/Internet Protocol)

Question 109

What is the higher layer in TCP/IP?

Answer 109

The higher layer assembles messages or files into smaller packets that are transmitted over the internet

Question 110

What is the lower layer in TCP/IP?

Answer 110

The lower layer assigns IP addresses and insures that messages are delivered to the appropriate computer

Question 111

This is a malicious, security-breaking program that is disguised as something benign, such as a game, but is actually intended to cause IT damage

Answer 111

Trojan Hourse

Question 112

This is a program that propagates itself over a network, reproducing itself as it goes

Answer 112

Worm

Question 113

This states that the end user is responsible for the development and execution of the computer application that generates the information used y that same end user

Answer 113

End-User Computing (EUC)

Question 114

This is the conversion of data into a form called a cipher text, that cannot be easily understood by unauthorized people

Answer 114

Encryption

Question 115

This is the process of convertng encrypted data ack into its original form so it can be understood. The conversion is performed using an algorithm and key which only the users control

Answer 115

Decryption

Question 116

This is a detailed sequence of actions to perform to accomplish some task

Answer 116

Algorithm

Question 117

In the content of encryption, a value that must be fed into the algorithm used to decode an encrypted message in order to reproduce the original plain text

Answer 117

Key

Question 118

This is an encryption system in which both the sender and receiver have access to the electronic key but do not allow others access

Answer 118

Private Key System

Question 119

What is the primary disadvantage for a private key system?

Answer 119

Both parties must have the key

Question 120

T/F

The use of message encryption software reduces the need for periodic password changes

Answer 120

FALSE

Question 121

T/F

The use of message encryption software increases system overhead

Answer 121

TRUE

Question 122

T/F

The use of message encryption software requires manual distribution of keys

Answer 122

FALSE

This process can be automated

Question 123

T/F

The use of message encryption software guarantees the secrecy of data

Answer 123

FALSE

NOTHING guarantees the secrecy of anything

Question 124

Controls must exist over the origin, proper submission, and proper delivery of EDI communications.

Answer 124

Autentication

Question 125

This is a block of data that is transmitted from one computer to another. It contains data and authentication information.

Answer 125

Packet

Question 126

This is the electronic exchange of business transactions, in a standard format, from one entity’s computer to another entity’s computer through an electronic communications network

Answer 126

Electronic Data Interchange (EDI)

Question 127

T/F

Increased reliance upon third parties is considered an exposure involved with EDI systems as compared to other systems

Answer 127

TRUE

Question 128

T/F

Possible loss of confidentiality of information is considered an exposure involved with EDI systems as compared to other systems

Answer 128

TRUE

Question 129

T/F

Delayed transaction processing time is considered an exposure involved with EDI systems as compared to other systems

Answer 129

FALSE

Question 130

T/F

Increased reliance upon computer systems is considered an exposure involved with EDI systems as compared to other systems

Answer 130

TRUE

Question 131

_______ is a framework to assist enterprises in achieving their objectives for governance and management of enterprise IT

Answer 131

COBIT - Control Objectives for Information and Related Technology

Question 132

Who developed COBIT?

Answer 132

ISACA - Information Systems Audit & Control Association

Question 133

What is the current version of COBIT?

Answer 133

COBIT 5

Question 134

What are the 5 principles of COBIT 5? (MCAES)

Answer 134

1) Meeting stakeholder needs
2) Covering the enterprise end-to-end
3) Applying a single integrated framework
4) Enabling a holistic approach
5) Separating governance from management

Question 135

These factors individually and collectively influence whether something will work in an organization

Answer 135

COBIT Enablers

Question 136

What are the 7 COBIT Enablers? (POCPISP)

Answer 136

1) Processes
2) Organizational Structures
3) Culture/ethics
4) Principles & Policies
5) Information
6) Services
7) People’s skills

Question 137

What are the five principles of a reliable Trust System?

Answer 137

1) Security
2) Availability
3) Processing Integrity
4) Online Privacy
5) Confidentiality

Question 138

This means that the system is protected against unauthorized use, both physical and logical

Answer 138

Security

Question 139

This means that the system is available for operation and use as committed or agreed. The system is available for operation and use in conformity with the entity’s availability policies

Answer 139

Availability

Question 140

This means that system processing is complete, accurate, timely, and authorized

Answer 140

Processing Integrity

Question 141

This means that personal information obtained as a result of e-commerce is collected, used, disclosed, and retained as committed or agreed

Answer 141

Online Privacy

Question 142

This means that information designated as private is protected as committed or agree

Answer 142

Confidentiality

Question 143

T/F

Internal control is ineffective when computer department personnel provide physical security for program files

Answer 143

FALSE

Question 144

T/F

Internal control is ineffective when computer department personnel originate changes in master files

Answer 144

TRUE

Only a user should be able to change master files

Question 145

T/F

Internal control is ineffective when computer department personnel design documentation for computerized systems

Answer 145

FALSE

Question 146

T/F

Internal control is ineffective when computer department personnel participate in computer software acquisition decisions

Answer 146

FALSE

Question 147

What are the five steps in the system development life cycle?

Answer 147

1) Software Concept
2) Requirements Analysis
3) Architectural Design
4) Coding & Debugging
5) System Testing

Question 148

This person is responsible for maintaining the database and restricting access to the database to authorized personel

Answer 148

Database Administration

Question 149

This person is responsible for the daily computer operations of both the hardware and the software

Answer 149

Data Operator

Question 150

This person is responsible for custody of the removable media and for the maintenance of program and system documentation

Answer 150

Data Librarian

Question 151

For the CPA Exam, remember that (at a minimum) an attempt should be made to segregate what 3 key functions in a small computer environment?

Answer 151

1) Programming
2) Operations
3) Library

Question 152

What is the difference between a systems programmer and a applications programmer

Answer 152

The Systems programmer is responsible for implementing, modifying, and debugging the software necessary for making the hardware work.

The Applications programmer is responsible for writing, testing, and debugging the application programs from the specifications provided by a systems analyst.

Question 153

These control program development, program changes, computer operations, and access to programs and data.

Answer 153

Computer General Control Activities

Question 154

These control activities relate to specific computer applications and are embedded in the computer program used in the financial reporting system

Answer 154

Programmed Control Activities

Question 155

These control activities involve employee follow-up of items listed on computer exception reports.

Answer 155

Manual Follow-Up of Computer Exception Reports

Question 156

Programmed Control Activities and Manual Follow-Up of Computer Exception Reports are examples of….

Answer 156

Computer Application Control Activities

Question 157

A control feature in an electronic data processing system requires the central processing unit (CPU) to send signals to the printer to activate the print mechanism for each character. The print mechanism, just prior to printing, sends a signal back to the CPU verifying that the proper print position has been activated. This type of hardware control is referred to as ….

Answer 157

Echo Control/Echo Check

Question 158

Under this computer control, a special bit is added to each character that can detect if the hardware loses a bit during the internal movement of a character

Answer 158

Parity Check

Question 159

This is a specialized form of user identification in which the user dials the system, identifies themselves, and is disconnected from the system before being called back

Answer 159

Call Back

Question 160

This is a control total where the total is meaningless for financial purposes (for example, a mathematical sum of employee SSNs)

Answer 160

Hash Total

Question 161

This is a test of the reasonableness of a field of data, given a predetermined upper and/or lower limit

Answer 161

Limit/Reasonableness Test

Question 162

This is a control that allows only “valid” transactions or data to be entered into the system

Answer 162

Validity Check

Question 163

This is a control that limits the types of characters accepted into a specific data field

Answer 163

Field Check

Question 164

This is a control that searches for blanks inappropriately existing in input data

Answer 164

Missing Data Check

Question 165

This is a control of an exact number of characters to be input

Answer 165

Field Size Check

Question 166

What are the four things a disaster recovery and business continuity plan should allow the firm to do?

Answer 166

1) Minimize the disruption, damage, and loss
2) Establish an alternate temporary method for processing information
3) Resume normal operations as quickly as possible
4) Train and familiarize personnel to perform emergency operations