Test 3 Info Systems

Question 1

System Selection Process /6 (SCSDEN)

Answer 1

1. System analysis
2. Formulate Evaluation criteria
3. Compile short list of Vendors
4. Compile and Distribute the RFP
5. Evaluate Alternatives
6. Negotiate K

Question 2

Open Source Development meaning?

Answer 2

development method for software that harnesses the power of distributed peer review and transparency of process promising better quality and allowing users to access to the source code

Question 3

Cybersecurity Definition

Answer 3

refers to the set of defense an organization puts in place to mitigate threats to its technological infrastructure and digital assets

Question 4

Cybersecurity Framework /5 (IPDRR)

Answer 4

1. Identify
2. Protect
3. Detect
4. Respond
5. Recover

Question 5

1. We have identified three general approaches to the acquisition of information processing functionalities and the introduction of IT-based information systems. Which of the following is not one of them?
   A. Custom design and development
   B. System selection and acquisition
   C. End-user development
   D. Open source development
   E. None of the above

Answer 5

Ans: D
Open source development

Question 6

2. What are the three steps that occur during the implementation phase of the SDLC?
   A. Programming, Testing, Installation
   B. Investigation, Installation, Operations
   C. Programming, Installation, Maintenance
   D. Installation, Operations, Maintenance
   E. Investigation, Testing, Installation

Answer 6

Ans: D
Installation, Operations and Maintenance

Question 7

3. In which of the following phases should you expect to be most involved as a general or functional manager?
   A. Definition
   B. Build
   C. Implementation
   D. A and B
   E. A and C

Answer 7

Ans: E
A & C (Definition and Implement)

Question 8

4. In which phase(s) do the system development life cycle (SDLC) and the system selection process differ most substantially?
   A. Definition
   B. Build
   C. Implementation
   D. A and B
   E. A and C

Answer 8

Ans: D
A & B (Definition and Build)

Question 9

5. The three generic phases of a system life-cycle process are:
   A. Definition, Design, and Testing
   B. Definition, Build, and Implementation
   C. Planning, Testing, and Implementation
   D. Build, Testing, and Deployment
   E. None of the above

Answer 9

Ans: B
Definition, build and implement

Question 10

6. Why is the Systems development Life Cycle methodology typically referred to as “the waterfall model”?
   A. Because it was first popularized in a town with many waterfalls
   B. To stress the fact that phases are sequential and iteration (or going back) should be avoided as much as possible.
   C. Because the SDLC, like prototyping, is not iterative.
   D. To convey the notion that getting good user requirements is important and there should be multiple opportunities to elicit user requirements.
   E. B and D

Answer 10

Ans: B
To stress the fact that phases are sequential and iteration (or going back) should be avoided as much as possible

Question 11

7. Your book describes the systems selection process in-depth. Which of the following is not a step in the system selection process?
   A. Compile an RFP
   B. Develop a vendor short list.
   C. Solicit proposals.
   D. Visit vendor sites.
   E. Have vendors provide demonstrations

Answer 11

Ans: D
visit Vendor Sites

Question 12

8. Which of the following are not approaches to acquisition of information processing functionalities?
   A. Custom Design
   B. Custom Development
   C. System Selection and Acquisition
   D. End-user Development
   E. Open Source Development

Answer 12

Ans: E
Open-source development

Question 13

9. Which of the following is not one of the advantages related to making your own systems?
   A. Unique Tailoring
   B. Flexibility
   C. Control
   D. Faster Roll-Out
   E. All of these are advantages

Answer 13

Ans: D
Faster roll-out

Question 14

10. Which of the following is not one of the advantages related to purchasing an off-the-shelf system?
    A. Unique Tailoring
    B. Faster Roll-Out
    C. Knowledge Infusion
    D. Economical Attractiveness
    E. High Quality

Answer 14

Ans: A
Unique tailoring

Question 15

11. The Systems Development Life Cycle has three main phases. These are:
    A. Definition, System Design, and Implementation
    B. Feasibility Analysis, Programming, and Implementation
    C. Definition, Build, and Implementation
    D. Investigation, Feasibility Analysis, and System Analysis
    E. Installation, Operations, and Maintenance

Answer 15

Ans: C
Definition, Build and Implementation

Question 16

12. The IS department workers that experts in both technology and the business processes are called what?
    A. Programmers
    B. Analysts
    C. Functional Managers
    D. Help Desk Personnel
    E. Technicians.

Answer 16

Ans: B
Analysts

Question 17

13. Which stage of the SDLS typically results in a “go” or “no-go” decision?
    A. Feasibility Analysis
    B. Systems Analysis
    C. System Design
    D. Programming
    E. Testing

Answer 17

Ans: A
Feasibility Analysis

Question 18

14. A bank upgrades a computer system at one of its branches. If this works correctly, then the upgraded system will be installed at the other branches. Which migration approach is this most likely related to?
    A. Parallel
    B. Direct
    C. Phased
    D. Pilot
    E. Traditional

Answer 18

Ans: D
Pilot

Question 19

15. A bank upgrades the computer systems of its branches, one branch at a time. This is most likely which of the following migration strategies?
    A. Parallel
    B. Direct
    C. Phased
    D. Pilot
    E. Traditional

Answer 19

Correct answer: C
Pilot

Question 20

1. The Build phase of the SDLC is used to ensure that the software is properly integrated with the other components of the information system. (T/F)

Answer 20

False

Question 21

2. The SDLC and prototyping methodologies are one and the same. (T/F)

Answer 21

False

Question 22

3. Both the SDLC and prototyping methodologies are use d to create custom systems. (T/F)

Answer 22

True

Question 23

4. Off-the-shelf systems enable infusion of knowledge in the organization (T/F)

Answer 23

True

Question 24

5. End-user development: The process by which an organization’s non–IT specialists create software applications. (T/F)

Answer 24

True

Question 25

6. Custom software development is a systems development approach predicated on the notion that it impossible to clearly estimate and plan in detail such complex endeavors as information systems design and development projects. (T/F)

Answer 25

False

Question 26

7. A system analyst is a highly skilled IT professional who takes the system requirements document (i.e., what the applications should do) and designs the structure of the system (i.e., how the application will perform its tasks). (T/F)

Answer 26

False

Question 27

What are Cobots?

Answer 27

they are robots that work with humans rather than take over the overall job

Question 28

What do robots help with? /2

Answer 28

1. Enabling human productivity
2. Handling menial tasks

Question 29

What is Quantum Computing?

Answer 29

A new technology using quantum mechanics to solve complex problems. Processing many different probabilities

Question 30

Blockchain?

Answer 30

A digital Database that facilitates the sharing of info among its members

Question 31

Can Blockchain guarantee confidentiality without the need for a 3rd party?

Answer 31

Yes

Question 32

Mitigation Tactics for Blockchain? /2

Answer 32

1. Network Nodes surveillance
2. Checking user credentials

Question 33

Types of Blockchain /4 (PPPC)

Answer 33

1. Public
2. Private
3. Permisssioned
4. Consortium

Question 34

What is Virtualization and Docker technology

Answer 34

Has to do with a virtual computer system and how it is packaged into standardized units.

Question 35

What is Cloud computing?

Answer 35

A delivery model for applications and storage components. (IaaS, SaaS, PaaS)

Question 36

1. Risk Audit provides the basis for:
   A. Risk Reduction
   B. Risk Transference
   C. Risk Analysis
   D. Reward Mechanism
   E. Risk increase

Answer 36

Ans: C
Risk Analysis

Question 37

2. Security should be on managers’ radar screens because of peculiar characteristics that run the risk of leaving it what?
   A. Underfunded
   B. Overfunded
   C. Overstaffed
   D. Irrelevant
   E. Neutralized

Answer 37

Ans: A
Underfunded

Question 38

3. Why is security considered a negative deliverable?
   A. It costs money
   B. It produces only tangible benefits
   C. It does not affect profits whether it is done well or poorly
   D. It is largely ignored
   E. It produces no revenue or efficiency

Answer 38

Ans: E
It produces no revenue or efficiency

Question 39

4. Risk mitigation allows the organization to do what?
   A. Devise optimal strategies
   B. Prevent security issues from ever happening in the first place
   C. Keep both costs and risks at minimum levels
   D. Maximize failure costs
   E. Reward IT workers when no issues arise

Answer 39

Ans: A
Devise Optimal Strategies

Question 40

5. When a company is faced with a security threat, they have which three strategies available to them?
   A. Acceptance, avoidance, and transference
   B. Acceptance, reduction, and transference
   C. Avoidance, reduction, and transference
   D. Acceptance, avoidance, and reduction
   E. All of the above

Answer 40

Ans: B
Acceptance, Reduction, and Transference

Question 41

6. Which of the following strategies is associated with increased potential for failure?
   A. Acceptance
   B. Avoidance
   C. Reduction
   D. Transference
   E. Analysis

Answer 41

Ans: A
Acceptance

Question 42

7. Insurance costs are most directly associated with which risk strategy?
   A. Acceptance
   B. Avoidance
   C. Reduction
   D. Transference
   E. Analysis

Answer 42

Ans: D
Transference

Question 43

8. Increased anticipation costs are most directly associated with which risk strategy?
   A. Acceptance
   B. Avoidance
   C. Reduction
   D. Transference
   E. Analysis

Answer 43

Ans: C
Reduction

Question 44

9. Which of the following is an example of an internal threat?
   A. Viruses
   B. Intrusions
   C. Social Engineering
   D. Backdoors
   E. Angry Employees

Answer 44

Ans: E
Angry Employees

Question 45

10. Which of the following refers to code built into a program to allow the programmer a way to bypass password protection?
    A. Password Spoofing
    B. Bugs
    C. Viruses
    D. Phishing
    E. Backdoors

Answer 45

Ans: E
Backdoors

Question 46

11. Which of the following is an automated method of seeking passwords?
    A. Phishing
    B. Social Engineering
    C. Software bugs
    D. Backdoors
    E. Careless behavior

Answer 46

Ans: A
Phishing

Question 47

12. Which of the following is not a form of malware?
    A. Viruses
    B. Spyware
    C. Sniffers
    D. Keyloggers
    E. Worms

Answer 47

Ans: C
Sniffers

Question 48

13. Why is a Trojan horse not a virus?
    A. It does not have a payload
    B. It does not have a trigger event
    C. It does not replicate
    D. It is a legitimate form of security protection
    E. It does not do anything harmful

Answer 48

Ans: C
It does not replicate

Question 49

14. Why is spyware usually not considered a virus?
    A. It does not replicate
    B. It does not have a payload
    C. It does not do anything other than watch what the user does
    D. It only shows advertisements
    E. None of the above. They are always viruses

Answer 49

Ans: A
It does not replicate

Question 50

15. Which of the following is a viable method of dealing with internal security threats?
    A. Antivirus software
    B. Policies regarding what computing resources are accessible to whom
    C. Firewalls
    D. Policies that mandate frequent updates to programs and such
    E. Not immediately deleting terminated employees

Answer 50

Ans: B
Policies regarding what computing resources are accessible to whom

Question 51

1. True or False: IT Risk Management is the process of identifying and measuring information systems security risks to devise the optimal mitigation strategy. (T/F)

Answer 51

True

Question 52

2. True or False: Creating security policies that spell out the behaviors that should be follow in order to minimize security risks and auditing the policies to ensure compliance will mitigate security risks.(T/F)

Answer 52

True

Question 53

3. True or False: Function Creep, when used in terms of privacy risks, refers to new technological advances and devices that generate more data than ever. (T/F)

Answer 53

False

Question 54

4. Malicious cyberactivity is decreasing due to improvements in software protection systems. (T/F)

Answer 54

False

Question 55

5. Biometrics refers to the use of a measurement of some biological parameter to uniquely identify users. (T/F)

Answer 55

True

Question 56

3 types of risk mitigation strategies (ART)

Answer 56

1. Risk Acceptance
2. Risk Reduction
3. Risk Transference

Question 57

Can 3D printers often replicate the product the same way? (T/F)

Answer 57

False

Question 58

2 Primary Types of AR

Answer 58

1. Marker-Based
2. Market-Less

Question 59

What is Addiction by Design

Answer 59

It uses positive reinforcement to encourage users to spend more time on their platform