CH8-12 MIS
Unlock all answers in this set
Unlock answersquestion
1) ________ is the use of information technology to support the sharing of content among networks of users.
answer
Social media
question
2) A ________ is an information system that supports the sharing of content among networks of users.
answer
social media information system (SMIS)
question
3) SM communities differ from communities in the past in that they are ________.
answer
formed based on mutual interests
question
4) A(n) ________ is an inducement that is awarded to social media users for passing communications along through different tiers of communities in social media.
answer
viral hook
question
5) ________ are organizations that choose to support a presence on one or more SM sites.
answer
Social media sponsors
question
6) ________ are the companies that operate SM sites.
answer
SM application providers
question
7) Which of the following is an SM application provider?
answer
LinkedIn
question
8) Most SM applications earn their revenue through ________.
answer
advertisements
question
9) Data and responses to data that are contributed to SM sites by users and SM sponsors are referred to as ________.
answer
content data
question
10) The storage of ________ differentiates SMIS from Web site applications.
answer
connection data
question
11) A group considers Twitter to be far superior to Facebook and attempts to convince others that this is true. When confronted with contrary evidence, the group members do not change their opinion. According to Gossieaux and Moran, which of the following kinds of communities is most likely being illustrated in the given scenario?
answer
defenders of belief
question
12) Defenders-of-belief communities facilitate activities like ________.
answer
sales and marketing
question
13) According to Gossieaux and Moran, which of the following statements is true of defenders-of-belief communities?
answer
They seek conformity and want to convince others of the wisdom of their beliefs.
question
14) According to Gossieaux and Moran, a common desire to learn something, solve a problem, or make something happen is shared by ________.
answer
seekers of the truth
question
15) According to Gossieaux and Moran, which of the following activities are seekers of the truth most likely to facilitate?
answer
operations
question
16) Which of the following statements is true of social CRM?
answer
Each customer crafts his or her own relationship with the company.
question
17) The primary risk of peer-to-peer support in the context of social media and customer service is ________.
answer
loss of control
question
18) Which of the following is a significant risk of using social media for inbound and outbound logistics?
answer
loss of privacy
question
19) ________ is the dynamic social media process of employing users to participate in product design or product redesign.
answer
Crowdsourcing
question
20) ________ is the application of social media to facilitate the cooperative work of people inside organizations.
answer
Enterprise 2.0
question
21) In McAfee's SLATES Enterprise 2.0 model, "L" stands for ________.
answer
links
question
22) In McAfee's SLATES Enterprise 2.0 model, "A" stands for ________.
answer
authoring
question
23) A ________ is content structure that has emerged from the processing of many user tags in social media.
answer
folksonomy
question
24) According to McAfee, pushing enterprise content to users based on subscriptions and alerts is a characteristic of the ________ component of Enterprise 2.0.
answer
signals
question
25) Which of the following components of McAfee's Enterprise 2.0 Model involves the creation of enterprise content via blogs, wikis, discussion groups, presentations, etc.?
answer
authoring
question
26) Enterprise 2.0 workers want applications to enable them to rate tagged content and to use the tags to predict content that will be of interest to them, a process McAfee refers to as ________.
answer
extensions
question
27) Which of the following is a risk associated with human resources when using social media to form conclusions about employees?
answer
possibility of error on the site
question
28) A student invests money and time in a business administration course. In this example, the student invests in ________.
answer
human capital
question
29) When a student attends a business function for the purpose of meeting people and reinforcing relationships, he or she is investing in his or her ________.
answer
social capital
question
30) According to Nan Lin, which of the following types of capital adds value through information, influence, and personal reinforcement?
answer
social capital
question
31) According to Nan Lin, social networks provide four forms of value: information, social credentials, personal reinforcement, and ________.
answer
influence
question
32) Being linked to a network of highly regarded contacts is a form of ________.
answer
social credential
question
33) According to Henk Flap, the ________ is determined by the number of relationships in a social network, by the strength of those relationships, and by the resources controlled by those related.
answer
value of social capital
question
34) To an organization, the ________ is the likelihood that an entity in a relationship will do something that benefits the organization.
answer
strength of a relationship
question
35) Social capital, unlike traditional capital, ________.
answer
sometimes depreciates and at other times appreciates with time
question
36) Which of the following best represents the value of social capital?
answer
Number of Relationships × Relationship Strength × Entity Resources
question
37) Which of the following observations regarding the value of social capital is true?
answer
Social capital depreciates and such depreciation can be ameliorated by adding something of value to interactions.
question
38) The hyper-social organization model developed by Gossieaux and Moran advocates ________.
answer
the creation of relationships in which both parties gain value
question
39) According to Gossieaux and Moran, a(n) ________ is an organization that uses social media to transform its interactions with customers, employees, and partners into mutually satisfying relationships with them and their communities.
answer
hyper-social organization
question
40) According to Gossieaux and Moran, which of the following observations is true about a hyper-social organization?
answer
It is characterized by a transformation of thinking from market segments to tribes.
question
41) According to the SEAMS dynamic process, which of the following activities is most likely to involve the identification of important communities, what they do, where they hang out, what they care about, and how organizations relate to them?
answer
sensing
question
42) A person who reads, consumes, and observes activity in one social medium and then broadcasts it in some other medium is called a(n) ________.
answer
active lurker
question
43) Web 2.0 refers to Web-delivered services and content paid for by ________.
answer
advertisers
question
44) Web 2.0 relies on ________ for revenue.
answer
advertising
question
45) Which of the following is true of Web 2.0?
answer
Most ads on social media generate revenue only when customers click on them.
question
46) Which of the following revenue models is most likely followed by companies providing Web 2.0 services?
answer
pay-per-click
question
47) Which of the following is one of the principal means that companies implementing Web 2.0 are most likely to use to attract viewers?
answer
free content
question
48) Web 2.0 encourages companies to provide software ________.
answer
as a free service
question
49) A characteristic of Web 2.0 is that the value of a Web site increases as the number of users ________.
answer
increases over time
question
50) Web 2.0 encourages ________, which occur when the output from two or more Web sites is combined into a single user experience.
answer
mashups
question
51) Google's ________ is an excellent mashup example.
answer
MyMaps
question
52) ________ measures the frequency that someone who clicks on an ad makes a purchase, "Likes" a site, or takes some other action desired by the advertiser.
answer
Conversion rate
question
53) The first step that a hyper-social organization should take to manage the risk of employee communication is to develop and publicize a(n) ________ policy.
answer
social media
question
54) A social media policy used by hyper-social organizations is a statement that ________.
answer
delineates employees' rights and responsibilities
question
55) The more technical an organization, the ________ the social policies.
answer
more lenient
question
56) ________, which refers to the matter in an SM site that is contributed by nonemployee site visitors, is the essence of SM relationships.
answer
User-generated content
question
57) If the content posted on a social networking site represents reasonable criticism of the organization's products or services, the best response would most likely be to ________.
answer
leave it
question
58) Responding to problematic content on social networking sites is best reserved for when the problematic content ________.
answer
has caused the organization to do something positive as a result
question
59) Deleting problematic content on social networking sites is best reserved for content that is ________.
answer
obscene and inappropriate
question
60) In 2024, emergence in the context of management would most likely mean a(n) ________.
answer
loss of control over employees
question
1) ________ is defined as information containing patterns, relationships, and trends of various forms of data.
answer
Business intelligence
question
2) Which of the following is true of source data for a BI system?
answer
It refers to data that the organization purchases from data vendors.
question
3) ________ is the process of obtaining, cleaning, organizing, relating, and cataloging source data.
answer
Data acquisition
question
4) Which of the following is a fundamental category of BI analysis?
answer
data mining
question
5) Push publishing delivers business intelligence ________.
answer
according to a schedule or as a result of an event or particular data condition
question
6) ________ requires the user to request BI results.
answer
Pull publishing
question
7) Because of the various problems with operational data, large organizations choose to extract operational data and typically create and staff a group of people who manage and run a(n) ________.
answer
data warehouse
question
8) ________ records the source, format, assumptions and constraints, and other facts about the data.
answer
Metadata
question
9) Problematic operational data are termed ________.
answer
dirty data
question
11) Which of the following statements is true about operational data?
answer
Purchased operational data often contains missing elements.
question
12) Due to a phenomenon called the ________, the more attributes there are, the easier it is to build a model that fits the sample data but that is worthless as a predictor.
answer
curse of dimensionality
question
13) A ________ takes data from the data manufacturers, cleans and processes the data, and locates the data on the shelves.
answer
data warehouse
question
14) A data ________ is a data collection, smaller than the data warehouse, that addresses the needs of a particular department or functional area of the business.
answer
mart
question
15) Which of the following statements is true about data marts?
answer
Data marts address the needs of a particular department or functional area of a business.
question
16) Which of the following statements is true about reporting applications?
answer
Two important reporting applications are RFM analysis and OLAP.
question
17) Which of the following is a basic operation used by reporting applications to produce business intelligence?
answer
calculating
question
18) ________ analysis is a way of analyzing and ranking customers according to their purchasing patterns.
answer
RFM
question
19) RFM analysis is used to analyze and rank customers according to their ________.
answer
purchasing patterns
question
20) U.S. Steel Corp. is a well-known steel manufacturing company. SAMCROW, one of the
answer
SAMCROW has ordered recently and orders frequently, and it orders the most expensive goods.
question
22) Ajax Inc. is one of the customers of a well-known linen manufacturing company. Ajax has not ordered linen in some time, but when it did order in the past it ordered frequently, and its orders were of the highest monetary value. Under the given circumstances, Ajax's RFM score is most likely ________
answer
511
question
23) How should a sales team respond to a customer who has an RFM score of 545?
answer
The sales team should let go of this customer; the loss will be minimal.
question
24) OLAP stands for ________.
answer
online analytical processing
question
25) The viewer of an OLAP report can change its format. Which term implies this capability?
answer
online
question
26) The remarkable characteristic of OLAP reports is that they are ________, as they are online and the viewer of the report can change their format.
answer
dynamic
question
27) An OLAP report has measures and dimensions. Which of the following is an example of a dimension?
answer
sales region
question
28) Which of the following accurately defines a dimension in an OLAP report?
answer
It is a characteristic of a measure.
question
29) Which of the following is an example of a measure in an OLAP report?
answer
average cost
question
30) An ________ and an OLAP report are the same thing.
answer
OLAP cube
question
31) Which of the following observations about RFM and OLAP reports is true?
answer
OLAP reports are more dynamic than RFM reports.
question
32) ________ is the application of statistical techniques to find patterns and relationships among data for classification and prediction.
answer
Data mining
question
33) Which of the following terms is used as a synonym for data mining?
answer
knowledge discovery in databases
question
34) Which of the following is true of unsupervised data mining?
answer
Analysts do not create a model or hypothesis before running the analysis.
question
35) With ________, statistical techniques can identify groups of entities that have similar characteristics.
answer
cluster analysis
question
36) With ________, data miners develop a model prior to the analysis and apply statistical techniques to data to estimate parameters of the model.
answer
supervised data mining
question
37) Which of the following is an example of a supervised data mining technique?
answer
regression analysis
question
38) Which of the following shows the products that customers tend to buy together?
answer
market-basket analysis
question
39) In marketing transactions, the fact that customers who buy product X also buy product Y creates a ________ opportunity. That is, "If they're buying X, sell them Y" or "If they're buying Y, sell them X."
answer
cross-selling
question
40) In market-basket terminology, ________ describes the probability that two items will be purchased together.
answer
support
question
41) In market-basket terminology, the ratio of confidence to the base probability of buying an item is called ________.
answer
lift
question
42) A ________ is a hierarchical arrangement of criteria that predict a classification or a value.
answer
decision tree
question
43) ________ is a technique for harnessing the power of thousands of computers working in parallel.
answer
MapReduce
question
44) ________ is the process of creating value from intellectual capital and sharing that knowledge with employees, managers, suppliers, customers, and others who need it.
answer
Knowledge management
question
45) Knowledge management (KM) benefits organizations because it ________.
answer
enables employees and partners to work smarter
question
46) In the context of KM systems, ________ attempted to directly capture employee expertise.
answer
expert systems
question
47) Which of the following observations concerning expert systems is true?
answer
These systems encode human knowledge in the form of "If/Then" rules.
question
48) ________ are information systems that support the management and delivery of documents including reports, Web pages, and other expressions of employee knowledge.
answer
Content Management Systems (CMS)
question
49) ________ is the application of social media and related applications for the management and delivery of organizational knowledge resources.
answer
Hyper-social knowledge management
question
50) A sales report that is current at the time the user accessed it on a Web server, is an example of a(n) ________.
answer
dynamic report
question
51) Which of the following statements is true about BI publishing alternatives?
answer
BI servers extend alert/RSS functionality to support user subscriptions.
question
52) The ________ is the most popular BI server today.
answer
Microsoft SQL Server Report manager
question
53) BI servers use ________ to determine what results to send to which users and on which schedule.
answer
metadata
question
1) Which of the following statements is true of information systems?
answer
Every information system has at least one application.
question
2) Which of the following statements is true about the relationship between business processes and information systems?
answer
A business process need not relate to any information system, but an information system relates to at least one business process.
question
3) A ________ is a person who is well versed in an organization's strategy and focuses on ensuring that business processes and information systems meet the organization's competitive strategies.
answer
business analyst
question
4) ________ are IS professionals who understand both business and information technology.
answer
Systems analysts
question
5) A ________ is a network of activities, repositories, roles, resources, and flows that interact to accomplish a business function.
answer
business process
question
6) In a business process, ________ are defined as collections of related tasks that receive inputs and produce outputs.
answer
activities
question
7) In a business process, an inventory or a database is an example of a ________.
answer
repository
question
8) In a business process, a role refers to ________.
answer
a collection of activities
question
9) In a business process, resources are ________.
answer
people or computer applications that are assigned to roles
question
10) In business process management (BPM), an as-is model ________.
answer
documents the existing business process
question
11) In business process management (BPM), once the as-is model is created, the very next step that a team must take is to ________.
answer
look for improvement opportunities
question
14) ________ set the stage for the requirements for any information systems and applications that need to be created or adapted.
answer
Business process models
question
15) Which of the following can be represented using the Business Process Modeling Notation?
answer
as-is models
question
16) ________ is a standard set of terms and graphical notations for documenting business processes.
answer
Business Process Modeling Notation
question
17) Which of the following statements is true of the swim-lane layout used for modeling the business processes?
answer
It draws attention to the interactions among components of the diagram.
question
18) In a Business Process Modeling Notation (BPMN) diagram, a ________ symbol represents an activity.
answer
rectangle
question
19) In a Business Process Modeling Notation (BPMN) diagram, ________ represent decisions and usually contain a question that is answered with yes or no.
answer
diamonds
question
20) In a Business Process Modeling Notation (BPMN) diagram, dotted arrows depict the flow of ________ in the process.
answer
messages and data
question
21) In a Business Process Modeling Notation (BPMN) diagram, ________ depict the flow or sequence of activities in a process.
answer
solid arrows
question
22) In Business Process Modeling Notation (BPMN) diagrams, a square with a plus sign means that ________.
answer
an activity is considered to be a subprocess of a process
question
23) The traditional process for developing information systems is ________.
answer
the systems development life cycle
question
24) The first phase of the systems development life cycle (SDLC) is ________.
answer
defining the system
question
25) The final phase of the systems development life cycle (SDLC) is ________
answer
maintaining the system
question
26) The project plan which results from defining the system is the input to ________, which is the second phase of the SDLC.
answer
requirements analysis
question
27) The first step in the system definition phase of the systems development life cycle (SDLC) is to ________.
answer
determine the goals and scope
question
28) Once the project's goals and scope have been defined, the next immediate step in the system definition phase of the SDLC is to ________.
answer
assess feasibility
question
29) Which of the following are the four dimensions of feasibility?
answer
cost, schedule, technical, and organizational feasibility
question
30) Organizational feasibility assesses ________.
answer
whether the new system fits within the organization's customs or legal requirements
question
31) If a defined project is determined to be feasible in the SDLC, the next immediate step is to ________.
answer
form the project team
question
32) During the requirements definition stage of developing an information system, the project team will consist mostly of ________.
answer
business and systems analysts
question
33) In the system definition phase of the SDLC, the first major task for an assembled project team is to ________.
answer
plan the project
question
34) Which of the following phases of the SDLC include identifying what is to be produced, how frequently, and how fast it is to be produced?
answer
requirements analysis
question
35) The ________ phase of the SDLC involves determining hardware and program specifications, designing the database and procedures, and creating job definitions.
answer
component design
question
36) Tasks in the ________ phase of the SDLC include building and testing system components and converting users to the new system.
answer
system implementation
question
37) A(n) ________ is a formal description of a system's response to use and misuse scenarios.
answer
test plan
question
38) During the system implementation phase of the SDLC, once a system has passed testing, the organization installs the new system. Which of the following terms is used to refer to this activity?
answer
system conversion
question
39) In the system implementation phase of the SDLC, with ________ installation, the organization implements the entire new system/business processes on a limited portion of the business.
answer
pilot
question
40) In the system implementation phase of the SDLC, with ________ installation, the new system runs alongside the old one until it has been tested and is fully operational.
answer
parallel
question
41) In the context of system implementation phase of the SDLC, a ________ installation is the riskiest because the old system is shut down and the new system is introduced.
answer
plunge
question
42) In the system implementation phase of the SDLC, with the ________ installation, the organization installs the next piece of the system only after the previous piece works.
answer
phased
question
43) Fixing a system so that it works correctly, or adapting it to changes in requirements, occurs during the ________ phase of the SDLC.
answer
maintenance
question
44) In systems development, documents, designs, prototypes, data models, database designs, and working data entry screens are examples of ________.
answer
deliverables
question
45) Project teams create a ________, which is a hierarchy of the tasks required to complete a project.
answer
work breakdown structure
question
46) A ________ shows the tasks, dates, and dependencies for the tasks of a project.
answer
Gantt chart
question
47) A ________ is a sequence of activities that determine the earliest date by which a project can be completed.
answer
critical path
question
48) A ________ involves balancing three critical factors: requirements, cost, and time.
answer
trade-off
question
49) According to Brooks' Law, adding more people to a late project will ________.
answer
create diseconomies of scale
question
50) The situation where addition of resources creates inefficiencies is known as ________.
answer
diseconomies of scale
question
51) The final work breakdown structure (WBS) plan shows planned tasks, dependencies, durations, and resource assignments. It is denoted as ________ WBS.
answer
baseline
question
52) The term ________ refers to a set of management policies, practices, and tools that developers use to maintain control over the SDLC project's resources.
answer
configuration control
question
53) The SDLC process follows a linear sequence from requirements to design to implementation. Therefore, the SDLC process is also known as the ________.
answer
waterfall method
question
54) Rapid application development, the unified process, extreme programming, and scrum have led to ________.
answer
agile development
question
55) Which of the following is true of paired programming?
answer
two team members share the same computer to write a computer program together
question
56) According to the scrum process, once the tasks are known for a given set of requirements, the next step is to assign each task a difficulty score, called ________.
answer
points
question
57) The total number of points of work a team can accomplish in each scrum period is called ________.
answer
velocity
question
1) Developing, operating, and maintaining an organization's computing infrastructure is a major function of the ________ department.
answer
information systems
question
2) Which of the following statements is true of an IS department?
answer
The operations group monitors user experience and responds to user problems.
question
3) If an organization runs an information system that provides little support to accounting, it's chief information officer will most likely report to the ________.
answer
chief executive officer
question
4) Which of the following is a responsibility of a CIO?
answer
reporting to the chief executive officer
question
5) Which of the following is a function of the technology office in an organization's IS department?
answer
investigating new information systems
question
6) In an IS department, the ________ group manages computing infrastructure, including individual computers, in-house server farms, networks, and communications media.
answer
operations
question
7) Which of the following statements is true of the operations group in an organization's IS department?
answer
It monitors the user experience and responds to their problems.
question
8) Which of the following statements is true about the "maintenance" of information systems?
answer
It involves adapting existing systems to support new features.
question
9) In the IS department, the ________ group manages the process of creating new information systems as well as maintaining existing information systems.
answer
development
question
10) If an organization does not develop programs in-house, then the development group of the IS department will be staffed primarily by ________ who work with users, operations, and vendors to acquire and install licensed software and to set up the system components around that software.
answer
business and systems analysts
question
11) The purpose of the ________ group is to protect data and information assets by establishing data standards and data management practices and policies.
answer
data administration
question
12) A ________ works with users to determine system requirements, designs and develops job descriptions and procedures, and helps determine test plans.
answer
system analyst
question
13) A ________ prepares program documentation, help-text, procedures, job descriptions, and training materials.
answer
technical writer
question
14) The responsibilities of a computer technician include ________.
answer
installing software and repairing networks
question
15) The responsibilities of a ________ include advising the chief information officer, executive group, and project managers on emerging technologies.
answer
chief technology officer
question
16) Which of the following statements is true about data administration?
answer
It establishes standards to protect information assets.
question
17) Which of the following is a limitation of aligning information systems with organizational strategy?
answer
Adapting the IS to new versions of business processes is complex and time-consuming.
question
18) The ________ is the representative for IS and IT issues within the executive staff who provides the IS perspective during discussions of problem solutions, proposals, and new initiatives
answer
chief information officer
question
19) A(n) ________ is a group of senior managers from the major business functions that works with the CIO to set IS priorities and decide among major IS projects and alternatives.
answer
steering committee
question
20) Which of the following is a function of the steering committee for an IS department?
answer
setting IS priorities
question
21) Which of the following statements is true about the steering committee of an IS department?
answer
The steering committee's meetings are conducted by the IS department.
question
22) Which of the following statements is true about IS planning functions?
answer
The CEO and other executive staff decide the membership of the steering committee.
question
23) ________ is the process of hiring another organization to perform a service.
answer
Outsourcing
question
24) One of the reasons outsourcing is undertaken is to ________.
answer
cap an organization's financial exposure
question
25) Which of the following statements is true about outsourcing?
answer
It saves both direct and indirect management time.
question
26) An outsource vendor changes its strategic direction. Under which of the following outsourcing risks can this be associated?
answer
loss of control
question
27) Which of the following statements is a characteristic of outsourcing?
answer
To achieve quality, it is easier to hire another vendor than it is to rehire internal staff.
question
28) ________ is a form of outsourcing.
answer
Acquiring licensed software
question
29) Which of the following is a form of outsourcing hardware infrastructure exclusively?
answer
IaaS cloud hosting
question
30) Which of the following is an outsourcing alternative in which hardware and both operating system and application software are leased?
answer
Software as a Service (SaaS)
question
31) Which of the following is an example of outsourcing an entire business function?
answer
outsourcing the function of arranging employee travel
question
32) In 2005, Marrion International chose a human resources consulting agency to handle its human resource needs for the next 7 years. This is an example of ________ outsourcing.
answer
business function
question
33) When a company outsources a system, control over prioritizing fixes for software failures and problems belongs to the ________.
answer
quality vendor
question
34) Which of the following is a risk of outsourcing IS/IT functions?
answer
It involves the potential loss of intellectual capital.
question
35) Every IS user has a right to a secure computing environment. This means that ________.
answer
the organization should protect his/her computer and its files
question
36) Which of the following is a right of users of information systems?
answer
receiving effective training
question
37) Which of the following is generally a responsibility of users of information systems?
answer
following security and backup procedures
question
38) Which of the following statements is true about users of information systems?
answer
They should learn standard techniques and procedures for the applications they use.
question
39) Users should not bother IS personnel for trivial issues, instead they should fulfill their responsibilities by ________.
answer
learning basic computer skills
question
40) Which of the following statements is true about the changes and developments foreseen by the year 2024?
answer
Most organizations will move their internal hardware infrastructure into the cloud.
question
1) A ________ is a person or an organization that seeks to obtain or alter data or other IS assets illegally, without the owner's permission and often without the owner's knowledge.
answer
threat
question
2) Which of the following is considered a threat caused by human error?
answer
an employee inadvertently installs an old database on top of the current one
question
3) Which of the following is considered a computer crime?
answer
hacking of information systems
question
4) ________ occurs when someone deceives by pretending to be someone else.
answer
Pretexting
question
6) A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social Security numbers, account passwords, and so forth.
answer
phisher
question
7) Email spoofing is a synonym for ________.
answer
phishing
question
8) ________ is a technique for intercepting computer communications, either through a physical connection to a network or without a physical connection in the case of wireless networks.
answer
Sniffing
question
9) ________ take computers with wireless connections through an area and search for unprotected wireless networks and then monitor and intercept wireless traffic at will.
answer
Drive-by sniffers
question
10) Which of the following is an example of a sniffing technique?
answer
adware
question
11) ________ occurs when a person breaks into a network to steal data such as customer lists, product inventory data, employee data, and other proprietary and confidential data.
answer
Hacking
question
12) Which of the following is most likely to be a result of hacking?
answer
an unauthorized transaction from a user's credit card
question
13) ________ occurs through human error when employees do not follow proper procedures or when procedures have not been well designed.
answer
Incorrect data modification
question
14) ________ is the type of security loss that involves computer criminals invading a computer system and replacing legitimate programs with their own unauthorized ones that shut down legitimate applications and substitute their own processing to spy, steal, and manipulate data
answer
Usurpation
question
15) Which of the following usually happens in a malicious denial-of-service attack?
answer
a hacker floods a Web server with millions of bogus service requests
question
16) ________ present the largest risk for an organization's infrastructure loss.
answer
Natural disasters
question
17) Which of the following statements is true about losses due to computer security threats?
answer
Some organizations don't report all their computer crime losses, and some won't report such losses at all.
question
18) A(n) ________ is a computer program that senses when another computer is attempting to scan the disk or otherwise access a computer.
answer
intrusion detection system
question
19) Nonword passwords are vulnerable to a ________ attack, in which the password cracker tries every possible combination of characters.
answer
brute force
question
20) ________ are small files that the browser stores on the user's computer when he/she visits Web sites and enables him/her to access Web sites without having to sign in every time.
answer
Cookies
question
21) Removing and disabling ________, which may contain sensitive security data, presents an excellent example of the trade-off between improved security and cost.
answer
cookies
question
22) Which of the following is a critical security function that the senior management should address in an organization?
answer
establishing the security policy
question
23) In information security, which of the following is true of managing risk?
answer
Organizations should implement safeguards that balance the trade-off between risk and cost.
question
27) Users of smart cards are required to enter a ________ to be authenticated.
answer
personal identification number
question
28) Which of the following is used for biometric authentication?
answer
facial features
question
29) Which of the following statements is true of biometric identification?
answer
) It often faces resistance from users for its invasive nature.
question
30) A ________ is a number used to encrypt data.
answer
key
question
31) In asymmetric encryption, each site has a ________ for encoding messages.
answer
public key
question
32) With ________, the sender and receiver transmit a message using different keys.
answer
asymmetric encryption
question
33) Secure Socket Layer is also known as ________.
answer
transport layer security
question
34) Which of the following statements is true of the Secure Socket Layer (SSL)?
answer
It is used to send sensitive data such as credit card numbers.
question
35) Mark is transferring funds online through the Web site of a reputed bank. Which of the following will be displayed in the address bar of his browser that will let him know that the bank is using the SSL protocol?
answer
https
question
36) A ________ examines each part of a message and determines whether to let that part pass.
answer
packet-filtering firewall
question
37) Packet-filtering firewalls ________.
answer
can filter both inbound and outbound traffic
question
38) ________ is the term used to denote viruses, worms, and Trojan horses.
answer
Malware
question
39) A virus is a computer program that replicates itself. The program code that causes unwanted activity is called the ________.
answer
payload
question
40) ________ are viruses that masquerade as useful programs or files.
answer
Trojan horses
question
41) A ________ is a type of virus that propagates using the Internet or other computer networks.
answer
worm
question
42) ________ is similar to spyware but it watches user activity and produces pop-ups.
answer
Adware
question
43) Which of the following is likely to be accepted by a poorly designed application, leading to improper disclosure of data?
answer
SQL injection
question
44) ________ refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.
answer
Data administration
question
45) ________ is a function pertaining to a particular database that develops procedures and practices to control and protect the database.
answer
Database administration
question
46) Which of the following statements is true of data administration?
answer
It is involved in establishing data safeguards.
question
47) Key escrow is a(n) ________.
answer
safety procedure that allows a trusted party to have a copy of the encryption key
question
48) ________ protect databases and other organizational data.
answer
Data safeguards
question
49) The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.
answer
) provide physical security
question
50) Which of the following statements is true with regard to human safeguards?
answer
Documenting position sensitivity enables security personnel to prioritize their activities based on possible risk.
question
51) ________ involve the people and procedure components of information systems
answer
Human safeguards
question
52) Which of the following statements is true about human safeguards for employees?
answer
User accounts should be defined to give users the least possible privilege necessary to perform their jobs.
question
53) When an employee is terminated, IS administrators should receive advance notice so that they can ________.
answer
remove the user account and password
question
54) ________ a Web site means to take extraordinary measures to reduce a system's vulnerability, using special versions of the operating system.
answer
Hardening
question
55) The process of hardening a Web site is a ________ safeguard.
answer
technical
question
56) ________ are the primary means of authentication and are important not just for access to a user's computer, but also for authentication to other networks and servers to which the user may have access.
answer
Passwords
question
57) Which of the following systems procedures is specifically the responsibility of operations personnel?
answer
creating back up of system databases
question
58) ________ involves accomplishing job tasks during failure.
answer
Recovery
question
59) Firewalls produce ________ which include lists of all dropped packets, infiltration attempts, and unauthorized access attempts from within the firewall.
answer
activity logs
question
60) ________ are false targets for computer criminals to attack.
answer
Honeypots