Question #

Question

Your Answer

1

 

Wk 1

 

Chapter1

Per figure 1.2, which area of Information systems covers Security challenges

 

A.     Foundation Concepts

B.      Development Processes

C.      Business Applications

D.     Management Challenges

E.      None of the above

 

 

2

 

Wk 1

 

Chapter1

Computer systems that focus on collecting and analyzing the data

 

A.     Expect Systems (ES)

B.      Enterprise resource Planning (ERP) Systems

C.      Business Intelligence (BI) systems

D.     All of the above

E.      None of the above

 

 

3

 

Chapter 1

What system(s) support(s) Business operations

 

A.     Transaction Processing

B.      Process Control

C.      Enterprise Collaboration

D.     All of the above

E.      None of the above

 

 

4

 

Wk 1

 

Chapter1

At what stage of Developing an Information System will you know that technical feasibility of a proposed application

 

A.     Investigate

B.      Analyze

C.      Design

D.     Implement

E.      Maintain

 

 

5

 

Wk 1

 

Chapter1

Which of the following is a correct statement

 

A.     Data and Information are synonyms, they mean same

B.      Data is processed into Information by adding context to it

C.      Both data and Information depend on the context and perspective of the user

D.     All these are correct

E.      None of the above are correct

 

 

6

 

Wk 1

 

 

Chapter 8

A cross-functional enterprise system that helps a business integrate and automate many of its internal business processes and information systems

 

A.     ERP

B.      CRM

C.      SCM

D.     Intranet  Portals

 

 

7

 

Wk 1

 

Chapter 8

 

A cross-functional inter-enterprise system that helps a business manage its network of relationships and processes with its business partners

 

A.     ERP

B.      CRM

C.      SCM

D.     Intranet Portals

 

 

8

 

Chapter 8

Helps with Intra-enterprise communications, collaboration, sharing, and centralizing of information resources.

 

A.     ERP

B.      CRM

C.      SCM

D.     Intranet Portals

 

 

9

 

Wk 1

 

Chapter 8

 

The automatic exchange of electronic business documents between the  networked computers of business partners

 

A.     E-mail communications

B.      EDI

C.      Extranet Portals

D.     SCM

 

 

10

 

Chapter 8

Better functioning of Customer facing systems (fill in the blanks):  _____________________  

 

11

 

Chapter 13

Following is not one of the principle of Technology Ethics

 

A.     Technology must achieve more good than the harm

B.      Benefits and burdens of Technologies must be distributed fairly

C.      Maintain secrecy of new Technologies

D.     Those affected by the technology must be informed

E.      Risks associated with technology must be avoided as much as you can

 

 

12

 

Chapter 13

What is the closest percentage of IT budget is used on Security in developed countries?

 

A.     2%

B.      7%

C.      15%

D.     25%

 

 

13

 

Wk 1

 

Chapter 13

 

A piece of malicious code that must attach itself to another file to replicate itself is known as:

 

A.     A virus

B.      A worm

C.      A logic bomb

D.     A Trojan

 

 

14

 

Chapter 13

Privacy Law that aims keep your health data private

 

A.     U.S. Computer Matching and Privacy Act

B.      Computer Fraud and Abuse Act

A.     Electronic Communications Privacy Act

B.      HIPAA

 

 

15

 

Wk 1

 

Chapter 13

 

The presence of documentation that allows a transaction to be traced through all stages of information processing.

 

A.     Data Trace

B.      TPM – Transaction Processing Systems

C.      System security monitor

D.     Audit Trail

 

 

16

 

Chapter 11

Determining that you are who you say you are, is called 

 

A.     Authorization

B.      Authentication

C.      Non-repudiation

D.     Identification

E.      All of the above

 

 

 

17

 

Chapter 11

Process to ensure that the message was sent by the Sender and was received by the receive , is called 

 

A.     Authorization

B.      Authentication

C.      Non-repudiation

D.     Identification

E.      All of the above

 

 

 

18

 

Chapter 11

A software program that looks like a useful utility program, but actually does malicious things such as tracking your password key strokes and sending to someone

 

A.     Virus

B.      Worm

C.      Bot

D.     Trojan Horse

 

 

 

19

 

Chapter 11

A software program that does not need a host software to attach itself and propagate by itself

 

A.     Virus

B.      Worm

C.      Bot

D.     Trojan Horse

 

 

 

20

 

Wk2

 

Chapter 4

How are the actual Practices connected to Policies?

 

A.     Practices are set of procedures written based on policy

B.      No they are not connected

C.      Practices are detailed steps of instructions developed to meet the standards and those standards were built based on the policies

D.     Policies are influenced by the Practices.

 

 

21

 

Wk 2

Chapter 4

Following kind of security policy provides guidance to all the members of the organization

 

A.     EISP – Enterprise Information Security Policy

B.      ISSP – Issue Specific Security Policy

C.      SSP – System specific Security Policy

D.     All of the above

 

 

22

 

Wk 2

Chapter 4

Following kind of security policy set a strategic direction to all security efforts in the organization and is guided by the vision statement of the organization.

 

A.     EISP – Enterprise Information Security Policy

B.      ISSP – Issue Specific Security Policy

C.      SSP – System specific Security Policy

D.     All of the above

 

 

23

 

Wk 2

Chapter 4

This security policy tries to explain why a particular technology can or cannot be used in an organization.

 

A.     EISP – Enterprise Information Security Policy

B.      ISSP – Issue Specific Security Policy

C.      SSP – System specific Security Policy

D.     All of the above

 

 

24

 

Chapter 8

Risk management consists of following steps

 

A.     Identification

B.      Assessment

C.      Risk Control

D.     Organizational Business processes restructuring

E.      All of the above

 

 

25

 

Chapter 8

Following is not one of the risk controls that you can apply.

 

A.     Policies

B.      Ensure Laws relevant to the organizational business are implemented

C.      Programs

D.     Technical controls

 

 

26

 

Chapter 8

Types of Access Controls

A.     Discretionary

B.      NonDiscretionary

C.      Mandatory

D.     All of the above

E.      None of the above

 

 

27

Wk2

 

Chapter 4

Disaster Recovery (DR) plan comes under what kind of risk strategy

 

A.     Avoidance

B.      Transference

C.      Mitigation

D.     Acceptance

 

 

28

 

Chapter 9

Which risk control is understanding the risk you are facing and do nothing about it

 

A.     Avoidance

B.      Acceptance

C.      Mitigation

D.     Transference

 

 

29

 

Chapter 9

Which risk control aims to preempt the damage caused by the risk you identify

 

A.     Avoidance

B.      Acceptance

C.      Mitigation

D.     Transference

 

 

30

 

Chapter 9

The amount and kinds of risks that organizations accept after evaluating the balance between Security and accessibility and applying the controls, is called

 

A.     Residual Risk

B.      Risk Mitigation

C.      Risk Appetite

D.     Any of the above

 

 

31

 

Wk2

 

Chapter 4

In practice it is almost impossible to safeguard any asset 100 percent, however valuable that may be. Hence, no asset has zero risk. The amount of risk not covered by any known safeguards is known as

 

A.     Residual Risk

B.      Risk Tolerance

C.      Acceptable risk

D.     All of the above

E.      None of the above

 

 

32

 

 

Match the

Following

 

A.     Intranet

B.      Extranet

C.      Internet

D.     Company Network

 

 

 

 

 

1. enterprise and its trading partners
2. inside the enterprise
3. Enterprise Servers
4. Open to all enterprises and individuals

 

       

Question #

Question

Your Answer

1

 

Wk 1

 

Chapter1

Per figure 1.2, which area of Information systems covers Security challenges

 

A.     Foundation Concepts

B.      Development Processes

C.      Business Applications

D.     Management Challenges

E.      None of the above

 

 

2

 

Wk 1

 

Chapter1

Computer systems that focus on collecting and analyzing the data

 

A.     Expect Systems (ES)

B.      Enterprise resource Planning (ERP) Systems

C.      Business Intelligence (BI) systems

D.     All of the above

E.      None of the above

 

 

3

 

Chapter 1

What system(s) support(s) Business operations

 

A.     Transaction Processing

B.      Process Control

C.      Enterprise Collaboration

D.     All of the above

E.      None of the above

 

 

4

 

Wk 1

 

Chapter1

At what stage of Developing an Information System will you know that technical feasibility of a proposed application

 

A.     Investigate

B.      Analyze

C.      Design

D.     Implement

E.      Maintain

 

 

5

 

Wk 1

 

Chapter1

Which of the following is a correct statement

 

A.     Data and Information are synonyms, they mean same

B.      Data is processed into Information by adding context to it

C.      Both data and Information depend on the context and perspective of the user

D.     All these are correct

E.      None of the above are correct

 

 

6

 

Wk 1

 

 

Chapter 8

A cross-functional enterprise system that helps a business integrate and automate many of its internal business processes and information systems

 

A.     ERP

B.      CRM

C.      SCM

D.     Intranet  Portals

 

 

7

 

Wk 1

 

Chapter 8

 

A cross-functional inter-enterprise system that helps a business manage its network of relationships and processes with its business partners

 

A.     ERP

B.      CRM

C.      SCM

D.     Intranet Portals

 

 

8

 

Chapter 8

Helps with Intra-enterprise communications, collaboration, sharing, and centralizing of information resources.

 

A.     ERP

B.      CRM

C.      SCM

D.     Intranet Portals

 

 

9

 

Wk 1

 

Chapter 8

 

The automatic exchange of electronic business documents between the  networked computers of business partners

 

A.     E-mail communications

B.      EDI

C.      Extranet Portals

D.     SCM

 

 

10

 

Chapter 8

Better functioning of Customer facing systems (fill in the blanks):  _____________________  

 

11

 

Chapter 13

Following is not one of the principle of Technology Ethics

 

A.     Technology must achieve more good than the harm

B.      Benefits and burdens of Technologies must be distributed fairly

C.      Maintain secrecy of new Technologies

D.     Those affected by the technology must be informed

E.      Risks associated with technology must be avoided as much as you can

 

 

12

 

Chapter 13

What is the closest percentage of IT budget is used on Security in developed countries?

 

A.     2%

B.      7%

C.      15%

D.     25%

 

 

13

 

Wk 1

 

Chapter 13

 

A piece of malicious code that must attach itself to another file to replicate itself is known as:

 

A.     A virus

B.      A worm

C.      A logic bomb

D.     A Trojan

 

 

14

 

Chapter 13

Privacy Law that aims keep your health data private

 

A.     U.S. Computer Matching and Privacy Act

B.      Computer Fraud and Abuse Act

A.     Electronic Communications Privacy Act

B.      HIPAA

 

 

15

 

Wk 1

 

Chapter 13

 

The presence of documentation that allows a transaction to be traced through all stages of information processing.

 

A.     Data Trace

B.      TPM – Transaction Processing Systems

C.      System security monitor

D.     Audit Trail

 

 

16

 

Chapter 11

Determining that you are who you say you are, is called 

 

A.     Authorization

B.      Authentication

C.      Non-repudiation

D.     Identification

E.      All of the above

 

 

 

17

 

Chapter 11

Process to ensure that the message was sent by the Sender and was received by the receive , is called 

 

A.     Authorization

B.      Authentication

C.      Non-repudiation

D.     Identification

E.      All of the above

 

 

 

18

 

Chapter 11

A software program that looks like a useful utility program, but actually does malicious things such as tracking your password key strokes and sending to someone

 

A.     Virus

B.      Worm

C.      Bot

D.     Trojan Horse

 

 

 

19

 

Chapter 11

A software program that does not need a host software to attach itself and propagate by itself

 

A.     Virus

B.      Worm

C.      Bot

D.     Trojan Horse

 

 

 

20

 

Wk2

 

Chapter 4

How are the actual Practices connected to Policies?

 

A.     Practices are set of procedures written based on policy

B.      No they are not connected

C.      Practices are detailed steps of instructions developed to meet the standards and those standards were built based on the policies

D.     Policies are influenced by the Practices.

 

 

21

 

Wk 2

Chapter 4

Following kind of security policy provides guidance to all the members of the organization

 

A.     EISP – Enterprise Information Security Policy

B.      ISSP – Issue Specific Security Policy

C.      SSP – System specific Security Policy

D.     All of the above

 

 

22

 

Wk 2

Chapter 4

Following kind of security policy set a strategic direction to all security efforts in the organization and is guided by the vision statement of the organization.

 

A.     EISP – Enterprise Information Security Policy

B.      ISSP – Issue Specific Security Policy

C.      SSP – System specific Security Policy

D.     All of the above

 

 

23

 

Wk 2

Chapter 4

This security policy tries to explain why a particular technology can or cannot be used in an organization.

 

A.     EISP – Enterprise Information Security Policy

B.      ISSP – Issue Specific Security Policy

C.      SSP – System specific Security Policy

D.     All of the above

 

 

24

 

Chapter 8

Risk management consists of following steps

 

A.     Identification

B.      Assessment

C.      Risk Control

D.     Organizational Business processes restructuring

E.      All of the above

 

 

25

 

Chapter 8

Following is not one of the risk controls that you can apply.

 

A.     Policies

B.      Ensure Laws relevant to the organizational business are implemented

C.      Programs

D.     Technical controls

 

 

26

 

Chapter 8

Types of Access Controls

A.     Discretionary

B.      NonDiscretionary

C.      Mandatory

D.     All of the above

E.      None of the above

 

 

27

Wk2

 

Chapter 4

Disaster Recovery (DR) plan comes under what kind of risk strategy

 

A.     Avoidance

B.      Transference

C.      Mitigation

D.     Acceptance

 

 

28

 

Chapter 9

Which risk control is understanding the risk you are facing and do nothing about it

 

A.     Avoidance

B.      Acceptance

C.      Mitigation

D.     Transference

 

 

29

 

Chapter 9

Which risk control aims to preempt the damage caused by the risk you identify

 

A.     Avoidance

B.      Acceptance

C.      Mitigation

D.     Transference

 

 

30

 

Chapter 9

The amount and kinds of risks that organizations accept after evaluating the balance between Security and accessibility and applying the controls, is called

 

A.     Residual Risk

B.      Risk Mitigation

C.      Risk Appetite

D.     Any of the above

 

 

31

 

Wk2

 

Chapter 4

In practice it is almost impossible to safeguard any asset 100 percent, however valuable that may be. Hence, no asset has zero risk. The amount of risk not covered by any known safeguards is known as

 

A.     Residual Risk

B.      Risk Tolerance

C.      Acceptable risk

D.     All of the above

E.      None of the above

 

 

32

 

 

Match the

Following

 

A.     Intranet

B.      Extranet

C.      Internet

D.     Company Network

 

 

 

 

 

1. enterprise and its trading partners
2. inside the enterprise
3. Enterprise Servers
4. Open to all enterprises and individuals