Information Technology (M41) Flashcards
1
Q
This processes data and transactions to provide users with the information they need to plan, control, and operate an organization
A
An Information System
2
Q
T/F
Overall, manual accounting systems have been replaced by computerized accounting information systems
A
TRUE
3
Q
These are designed to improve productivity by supporting daily work of employees (Word, Excel, Email, etc.)
A
Office Automation Systems
4
Q
This involves the daily processing of transactions (payroll recording, cash receipts, cash disbursements)
A
Transaction Processing Systems
5
Q
This is designed to help with the decision-making process by providing access to computer data
A
Management Reporting Systems
6
Q
This is an example of a management reporting system that is designed to provide past, present, and future information for planning, organization, and controlling the operations of the organization
A
Management Information Systems
7
Q
This is an example of a management reporting system that is computer-based and combines models and data to resolve non-structured problems with extensive user involvement
A
Decision Support Systems
8
Q
This is an example of a management reporting system that is computer-based and applies reasoning methods to data in a specific relatively structured area to render advice or recommendations
A
Expert Systems
9
Q
This is an example of a management reporting system is a computerized system that is specifically designed to support executive work
A
Executive Information Systems
10
Q
What are the phases in a Systems Development Lifecycle (SDLC)
(7 Phases - PADDTIM)
A
1) Planning
2) Analysis
3) Design
4) Development
5) Testing
6) Implementation
7) Maintenance
11
Q
This is a type of testing under the testing phase (in a systems development lifecycle) that involves testing the pieces of code
A
Unit Testing
12
Q
This is a type of testing under the testing phase (in a systems development lifecycle) that involves testing of the integration of the units/pieces of code into a system
A
System Testing
13
Q
This is a type of testing under the testing phase (in a systems development lifecycle) involves testing where the separate systems can work together
A
Integration Testing
14
Q
This is a type of testing under the testing phase (in a systems development lifecycle) which determines whether the system meets the business requirements and enables users to perform their jobs efficiently and effectively
A
User Acceptance Testing
15
Q
This is a type of implementation under the implementation phase (in a systems development lifecycle) that uses two systems (old and new) until it is determined that the new system is operating properly
A
Parallel Implementation
16
Q
This is a type of implementation under the implementation phase (in a systems development lifecycle) that ceases the old system and begins using the new system immediately
A
Plunge Implementation
17
Q
This is a type of implementation under the implementation phase (in a systems development lifecycle) that involves having a small group of individuals using the new system until it is seen to be working properly
A
Pilot Implementation
18
Q
This is a type of implementation under the implementation phase (in a systems development lifecycle) that involves installing the system in a series of waves
A
Phased Implementation
19
Q
The advantage of this implementation is that there is less risk of system disaster
A
Parallel Implementation
20
Q
The disadvantage of this implementation is the additional work and cost during the implementation period
A
Parallel Implementation
It is VERY expensive to keep both systems running
21
Q
The advantage of this implementation system is that it isn’t very costly
A
Plunge Implementation
22
Q
The disadvantage of this implementation system is that it has high risk of system disaster
A
Plunge Implementation
23
Q
The advantage of this implementation system is that it provides a partial operational test of the new system at a lower cost
A
Pilot Implementation
The costs are much lower than the Parallel Implementation where both systems are being used across the board.
24
Q
In which phase of the SDLC would the activity of identifying the problem(s) that need to be solved most likely occur?
A
Planning Phase
25
List the 5 types of computers in order of largest/highest power to smallest/lowest power
1) Supercomputers
2) Mainframe Computers
3) Servers
4) Microcomputers (desktops/laptops)
5) Tablets/Smart Phones/PDAs
26
What are 4 categories of hardware?
1) Central Processing Unit (CPU)
2) Secondary Storage
3) Input Devices
4) Output Devices
27
What is the slowest & therefore cheapest form of secondary storage hardware, which is used primarily for archiving purposes
Magnetic Tape
28
What type of secondary storage hardware is similar to a USB drive?
Solid State Drives (SSDs)
29
What type of secondary storage hardware is also known as "Storage as a Service" (SaaS), hosted offsite, and is accessed via the internet?
Cloud-Based Storage
30
What is the most common secondary storage hardware medium used today?
Magnetic Disks (hard drives)
31
What is the difference between Digital & Analog?
Digital is read in binary (0s & 1s)
Analog is read using electrical, mechanical, hydraulic, or pneumatic devices to transmit the fluctuations in a signal
32
What type of secondary storage device requires no moving parts for read/write operations?
Solid State Drives
33
Another term for cloud-based storage is
Storage-as-a-Service (SaaS)
34
This is a program that controls the display for a user (usually on a computer monitor that allows the user to interact with the system
a Input Interface
35
This uses icons, pictures, and menus instead of text for inputs (classic example: Windows)
Graphical User Interface (GUI)
36
These are documents that are sent to the customer and returned as inputs
Turnaround Documents
37
What is a classic example of a turnaround document?
a Remittance Advice
38
A good example of a point-of-sale recorder is...
A cash register
39
T/F
Point of Sale Recorders are generally wireless
FALSE
They usually have a wire connection
40
What is a good example of a Radio Frequency Identification (RFID)
A toll road that reads the toll card in a person's card and charges it as they drive by
41
T/F
RFID is a wireless input device that is used for inventory control and similar to bar-codes technology but does not require line-of sight access
TRUE
42
What are the 4 common output devices?
1) Monitors
2) Printers
3) Plotters
4) Computer Output to Microfilm or Microfiche (COM)
43
What is the most common output device?
Monitors
44
This is a systems software that manages the input, output, processing, and storage devices and operations of a computer
an Operating System
45
This is a systems software that handles common file, data manipulation, and other "housekeeping" tasks
Utility Programs
46
This is a systems software that controls and supports transmission between computers, computers and monitors, and accesses various databases
Communications Software
47
What is the difference between a low-end and high-end application software?
Low-End is all in one package, designed for small organizations.
High-End is ordinarily in Modules
48
This is an applications software that is designed as a relatively complete information system
Enterprise Resource Planning (ERP)
49
What is the difference between multiprocessing and multitasking?
Multiprocessing is the simultaneous execution of two or more tasks, usually by two or more CPUs that are part o the same system
Multitasking is the simultaneous processing of several jobs on one computer
50
List the programming languages in order of 1st generation to 5th generation
1) Machine Language (Binary)
2) Assembly Language
3) "High-Level" Programming language
4) "Application-Specific Languages"
5) Visual or Graphical Interfaces
51
What are examples of a high-level, 3rd generation programming language?
COBOL, C++, Java
52
This is a review of a program by a programmer for errors before the program is run and debugged on the computer
Desk Checking
53
This finds and eliminates errors in a computer program.
Debug
54
This is a set of program instructions performed repetitively a predetermined number of times, or until all of a particular type of data has been processed
Loop
55
This is a listing of the contents of storage
Memory Dump
56
This is a section of coding inserted into a program to correct a mistake or to alter a routine
Patch
57
This is a complete cycle of a program including put, processing, and output
Run
58
What is a big pro for batch processing as opposed to online real-time processing
a Batch leaves a relatively easy-to-follow audit trail
59
T/F
Misstatements in a batch computer system caused by incorrect programs or data may not be detected immediately because the processing of transactions in a batch system is not uniform
FALSE
The processing of transactions in a batch system usually IS uniform
60
T/F
Misstatements in a batch computer system caused by incorrect programs or data may not be detected immediately because there are time delays in processing transactions in a batch system
TRUE
61
T/F
The posting of a transaction as it occurs, to several files, without intermediate printouts, is a characteristic of a batch processed computer system
FALSE
62
T/F
The production of numerous printouts is a characteristic of a batch processed computer system
TRUE
63
T/F
The keypunching of transactions, following by machine processing is a characteristic of a batch processed computer system
TRUE
64
T/F
The collection of like transactions which are sorted and processed sequentially against a master file is a characteristic of a batch processed computer system
TRUE
65
This is a subject-oriented, integrated collection of data used to support management decision making processes
Data warehouse
66
What is the difference between a data warehouse and a data mart?
a Data Mart is a data warehouse that is limited in scope
67
he online analytical processing term that represents a combination of systems that help aggregate, access, and analyze business data and assist in the business decision-making process is
Business Intelligence
68
This uses sophisticated techniques from statistics, artificial intelligence and computer graphics to explain, confirm, and explore relationships among data which is stored in a data warehouse or data mart
Data Mining
69
Processing can be ______, _____, or _______
Centralized
Decentralized
Distributed
70
What is the difference between a Bit and a Byte
Bit - a binary digit (0 or 1)
Byte - A group of adjacent bits (usually 8)
71
This is the smallest storage unit in a computer
Bit
72
This is a group of related characters (Example, SSN)
Field
73
This is an ordered set of logically related fields (for example, a payroll file for one employee)
Record
74
This is a group of related records (for example, all weekly pay records YTD)
File
75
A group of related records in a relational database with a unique identifier in each record
Table
76
This is a group of related files or a group of related tables
Database
77
This type of system focuses upon data processing needs of individual departments. Each application program or system is developed to meet the needs of the particular requesting department or user group
Traditional File Processing Systems
78
This is computer hardware and software that enables the databases to be implemented
Database System
79
This is software that provides a facility for communications between various applications programs and the database
Database Management System
80
This concept separates the data from the related application programs
Data Independence
81
This is the process of identifying and organizing a database's data, both logically and physically
Data Modeling
82
This is the field that makes a record in a relational database table unique
Primary Key
83
This is the field that is common to two or more related tables in a relational database
Foreign Key
84
This is a data model designed for use in designing accounting information databases
REA Data Model
85
What does REA stand for in the REA data model?
R - Resources
E - Events
A - Agents
86
These are identifiable objects that have economic value
Resources
87
These are an organization's business activities
Events
88
These are people or organizations about which data is collected
Agents
89
What are the three methods of backup and recovery?
1) Backup of Database & Logs of Transactions
2) Database Replication
3) Backup Facility
90
This is a computer network that is centered around an individual and the personal communication devises they use
Personal Area Networks (PANs)
91
This is a privately owned network within a single building or campus of up to a few miles in size
Local Area Networks (LANs)
92
This is a larger version of a LAN. It might include a group of nearby offices within a city
Metropolitan Area Network (MAN)
93
These are networks that span a large geographical area, often a country or continent.
Wide Area Networks (WAN)
94
These are languges used to create and format documents, link documents to other web pages, and to communicate between web browsers
HTML - Hypertext Markup Language
XML - Extensible Markup Language
95
_____ is increasingly replacing _____ in internet applications due to its superior ability to tag and format documents that are communicated among trading partners
XML
HTML
96
SQL is used to ____
Query a Database
97
Internetwork communication requires the use of a common set of rules, ____, and _____
Protocols (TCP)
Shared Routing Systems (IP)
98
This is the primary internet protocol for data communication on the World Wide Web
HTTP - Hypertext Transfer Protocol
99
This is a standard for finding a document on the internet
URL - Uniform Resource Locator
100
A framework for acessing linked resources
WWW - World Wide Web
101
This provides the user with the ability to locate and display web resources. Examples include Firefox, Chrome, & Internet Explorer
Web Browser
102
This is an XML application that facilitates the sharing and syndication of web content, by subscriptio
RSS (Really Simple Syndication)/Atom Feeds
103
This is a web page diary or bulletin board
Blog
104
What does Wiki stand for?
What I Know Is
105
This is a micro variation of a blog
Twitter
106
This is a number that identifies a machine as unique on the internet
IP Address
107
This is an entity that provides access to the internet
ISP - Internet Service Provider
108
This basic communication language or protocol of the internet has two layers
TCP/IP (Transmission Control Protocol/Internet Protocol)
109
What is the higher layer in TCP/IP?
The higher layer assembles messages or files into smaller packets that are transmitted over the internet
110
What is the lower layer in TCP/IP?
The lower layer assigns IP addresses and insures that messages are delivered to the appropriate computer
111
This is a malicious, security-breaking program that is disguised as something benign, such as a game, but is actually intended to cause IT damage
Trojan Hourse
112
This is a program that propagates itself over a network, reproducing itself as it goes
Worm
113
This states that the end user is responsible for the development and execution of the computer application that generates the information used y that same end user
End-User Computing (EUC)
114
This is the conversion of data into a form called a cipher text, that cannot be easily understood by unauthorized people
Encryption
115
This is the process of convertng encrypted data ack into its original form so it can be understood. The conversion is performed using an algorithm and key which only the users control
Decryption
116
This is a detailed sequence of actions to perform to accomplish some task
Algorithm
117
In the content of encryption, a value that must be fed into the algorithm used to decode an encrypted message in order to reproduce the original plain text
Key
118
This is an encryption system in which both the sender and receiver have access to the electronic key but do not allow others access
Private Key System
119
What is the primary disadvantage for a private key system?
Both parties must have the key
120
T/F
The use of message encryption software reduces the need for periodic password changes
FALSE
121
T/F
The use of message encryption software increases system overhead
TRUE
122
T/F
The use of message encryption software requires manual distribution of keys
FALSE
This process can be automated
123
T/F
The use of message encryption software guarantees the secrecy of data
FALSE
NOTHING guarantees the secrecy of anything
124
Controls must exist over the origin, proper submission, and proper delivery of EDI communications.
Autentication
125
This is a block of data that is transmitted from one computer to another. It contains data and authentication information.
Packet
126
This is the electronic exchange of business transactions, in a standard format, from one entity's computer to another entity's computer through an electronic communications network
Electronic Data Interchange (EDI)
127
T/F
Increased reliance upon third parties is considered an exposure involved with EDI systems as compared to other systems
TRUE
128
T/F
Possible loss of confidentiality of information is considered an exposure involved with EDI systems as compared to other systems
TRUE
129
T/F
Delayed transaction processing time is considered an exposure involved with EDI systems as compared to other systems
FALSE
130
T/F
Increased reliance upon computer systems is considered an exposure involved with EDI systems as compared to other systems
TRUE
131
_______ is a framework to assist enterprises in achieving their objectives for governance and management of enterprise IT
COBIT - Control Objectives for Information and Related Technology
132
Who developed COBIT?
ISACA - Information Systems Audit & Control Association
133
What is the current version of COBIT?
COBIT 5
134
What are the 5 principles of COBIT 5? (MCAES)
1) Meeting stakeholder needs
2) Covering the enterprise end-to-end
3) Applying a single integrated framework
4) Enabling a holistic approach
5) Separating governance from management
135
These factors individually and collectively influence whether something will work in an organization
COBIT Enablers
136
What are the 7 COBIT Enablers? (POCPISP)
1) Processes
2) Organizational Structures
3) Culture/ethics
4) Principles & Policies
5) Information
6) Services
7) People's skills
137
What are the five principles of a reliable Trust System?
1) Security
2) Availability
3) Processing Integrity
4) Online Privacy
5) Confidentiality
138
This means that the system is protected against unauthorized use, both physical and logical
Security
139
This means that the system is available for operation and use as committed or agreed. The system is available for operation and use in conformity with the entity's availability policies
Availability
140
This means that system processing is complete, accurate, timely, and authorized
Processing Integrity
141
This means that personal information obtained as a result of e-commerce is collected, used, disclosed, and retained as committed or agreed
Online Privacy
142
This means that information designated as private is protected as committed or agree
Confidentiality
143
T/F
Internal control is ineffective when computer department personnel provide physical security for program files
FALSE
144
T/F
Internal control is ineffective when computer department personnel originate changes in master files
TRUE
Only a user should be able to change master files
145
T/F
Internal control is ineffective when computer department personnel design documentation for computerized systems
FALSE
146
T/F
Internal control is ineffective when computer department personnel participate in computer software acquisition decisions
FALSE
147
What are the five steps in the system development life cycle?
1) Software Concept
2) Requirements Analysis
3) Architectural Design
4) Coding & Debugging
5) System Testing
148
This person is responsible for maintaining the database and restricting access to the database to authorized personel
Database Administration
149
This person is responsible for the daily computer operations of both the hardware and the software
Data Operator
150
This person is responsible for custody of the removable media and for the maintenance of program and system documentation
Data Librarian
151
For the CPA Exam, remember that (at a minimum) an attempt should be made to segregate what 3 key functions in a small computer environment?
1) Programming
2) Operations
3) Library
152
What is the difference between a systems programmer and a applications programmer
The Systems programmer is responsible for implementing, modifying, and debugging the software necessary for making the hardware work.
The Applications programmer is responsible for writing, testing, and debugging the application programs from the specifications provided by a systems analyst.
153
These control program development, program changes, computer operations, and access to programs and data.
Computer General Control Activities
154
These control activities relate to specific computer applications and are embedded in the computer program used in the financial reporting system
Programmed Control Activities
155
These control activities involve employee follow-up of items listed on computer exception reports.
Manual Follow-Up of Computer Exception Reports
156
Programmed Control Activities and Manual Follow-Up of Computer Exception Reports are examples of....
Computer Application Control Activities
157
A control feature in an electronic data processing system requires the central processing unit (CPU) to send signals to the printer to activate the print mechanism for each character. The print mechanism, just prior to printing, sends a signal back to the CPU verifying that the proper print position has been activated. This type of hardware control is referred to as ....
Echo Control/Echo Check
158
Under this computer control, a special bit is added to each character that can detect if the hardware loses a bit during the internal movement of a character
Parity Check
159
This is a specialized form of user identification in which the user dials the system, identifies themselves, and is disconnected from the system before being called back
Call Back
160
This is a control total where the total is meaningless for financial purposes (for example, a mathematical sum of employee SSNs)
Hash Total
161
This is a test of the reasonableness of a field of data, given a predetermined upper and/or lower limit
Limit/Reasonableness Test
162
This is a control that allows only "valid" transactions or data to be entered into the system
Validity Check
163
This is a control that limits the types of characters accepted into a specific data field
Field Check
164
This is a control that searches for blanks inappropriately existing in input data
Missing Data Check
165
This is a control of an exact number of characters to be input
Field Size Check
166
What are the four things a disaster recovery and business continuity plan should allow the firm to do?
1) Minimize the disruption, damage, and loss
2) Establish an alternate temporary method for processing information
3) Resume normal operations as quickly as possible
4) Train and familiarize personnel to perform emergency operations
