MIS 300 Exam 2
Unlock all answers in this set
Unlock answersquestion
Knowledge workers:
answer
advise middle managers
question
The IT infrastructure is comprised of _______ and ________.
answer
IT Components and IT Services
question
Which of the following statements about your future role as a manager is false?
answer
The size of my team will likely be smaller than teams of today.
question
_____ is/are the computer hardware, software, and communications technologies that are used by IT personnel to produce IT services.
answer
IT Components
question
An organization's IT components include all of the following except:
answer
Procedures
question
If Amazon uses a list of all your purchases (books bought, price paid, dates) to recommend other books to you, then it is applying its _____.
answer
Knowledge
question
Enterprise resource planning systems
answer
use a common data base for all functional areas
question
An organization's information technology architecture:
answer
all of these
question
The title of the executive who is in charge of the people who design and build information systems, the people who use those systems, and the people responsible for managing those systems is the
answer
CIO
question
Which of the following is the correct hierarchy from the lowest level to the highest level?
answer
Data / Information / Knowledge
question
Which of the following statements is false?
answer
Each functional area within an organization has only one application.
question
Walmart's automatic replenishment system, which enables the company to reduce inventory storage requirements, is an example of which strategy for competitive advantage?
answer
Cost Leadership
question
Which of the following statements is false?
answer
Business activity monitoring is a type of scheduled reporting.
question
Which strategy for competitive advantage involves introducing new products and putting new features in existing products
answer
Innovation
question
Producing identical items in large quantities is called:
answer
Mass Production
question
Porter's _____ help(s) companies identify general strategies, whereas his _____ help(s) to identify specific activities where companies can use the strategies for greatest impact.
answer
Competitive force model; Value chain model
question
New technologies can produce new products very _____, which _____ the threat from substitute products.
answer
Quickly; Increases
question
Collecting sales tax is an example of a(n):
answer
Marketing Business Process
question
Which of the following is not an example of business - IT alignment?
answer
The company views IT as a way to support the business but not as a way to create new revenue streams.
question
The workforce in developed countries is exhibiting all of the following trends except:
answer
It includes fewer persons with disabilities
question
Which strategy for competitive advantage involves improving the manner in which an organization executes its internal business processes?
answer
Operational Effectiveness
question
Which of the following is not a role that information systems play in businesses processes?
answer
Establish Standards
question
Refer to Opening Case- What to Do About WikiLeaks?: Which of the following is false about WikiLeaks?
answer
Governments and companies are using network forensics to identify intruders who break into systems.
question
_____ issues involve who may obtain information and how much they should pay for this information.
answer
Accessibility
question
Which of the following statements is not correct?
answer
As with normal first-class mail, employers cannot read employee e-mail.
question
Shelli runs a small boutique in Tel Aviv. She has built up a very nice client base and regularly sends her clients a newsletter. A new bakery business down the block wants to buy Shelli's client list from her. If Shelli does sell the list, which ethical issue related to IT would be involved?
answer
Privacy
question
What is _____ is not necessarily _____.
answer
Unethical; Illegal
question
______________ determines who is responsible for the actions taken.
answer
Accountability
question
Shelli runs a small boutique in Tel Aviv. Her intern just came to her with a new design for her Web site. Shelli really likes the design, and she informs the intern that he is quite the artist. Section reference 1The intern responds that he found the design on the Internet. Shelli replies that they can't use it. Her decision reflects which ethical issue related to IT?
answer
Property (such as intellectual property)
question
The ____________ ethical standard states that an ethical action is the one that provides the most good or does the least harm.
answer
Utilitarian
question
How does society keep owners of electronic bulletin boards from disseminating offensive or untrue content? This is a difficult question because it involves the conflict between _____ on the one hand and _____ on the other.
answer
Freedom of Speech; Privacy
question
Refer to IT's About Business 3.3 - Your Privacy on Facebook: Which of the following is false about Facebook's privacy polices?
answer
Facebook uses an Opt-in Model
question
Privacy advocates prefer which model of informed consent?
answer
Opt-in
question
In its study of various organizations, the Ponemon Institute found that the most common cause of data breaches was:
answer
Employee Negligence
question
Which of the following is not a consequence of poor information security practices?
answer
All of the above are consequences of poor information security practices.
question
Refer to IT's About Business 4.3 - The Stuxnet Worm: Which of the following statements is true?
answer
The worm specifically targeted nuclear facilities
question
Cybercriminals can obtain the information they need in order to assume another person's identity by:
answer
All of the above are strategies to obtain information to assume another person's identity.
question
Organizations use hot sites, warm sites, and cold sites to insure business continuity. Which of the following statements is not true?
answer
A hot site needs to be located close to the organization's offices.
question
Access controls involve _____ before _____.
answer
Authentication; Authorization
question
Which of the following is(are) designed to use your computer as a launch pad for sending unsolicited e-mail to other computers?
answer
Spamware
question
A _____ is any danger to which an information resource may be exposed.
answer
Threat
question
_____ involves building an inappropriate trust relationship with employees for the purpose of gaining sensitive information or unauthorized access privileges.
answer
Social Engineering
question
Bob is using public key encryption to send a message to Ted. Bob encrypts the message with Ted's _____ key, and Ted decrypts the message using his _____ key.
answer
Public; Private
question
The term _____ refers to clandestine software that is installed on your PC through duplicitous channels but is not particularly malicious.
answer
Alien Software
question
Relates to any computer based tool that people use to work with information and support the information and information processing needs of an organization:
answer
Information Technology (IT)
question
An information system that uses computer technology to perform some or all of its intended tasks:
answer
Computer based information system (CBIS)
question
Data and/or information that have been organized and processed to convey understanding, experience, accumulated learning and expertise as they apply to a current problem or activity:
answer
Knowledge
question
Collects, processes, analyzes, stores, and disseminetes information for a specific purpose:
answer
Information Systems
question
Information systems that correct a lack of communication among the functional area IS's by tightly integrating the functional area IS's via a common database:
answer
Enterprise Resource Planning (ERP) Systems
question
Positive societal effects from the increased use of information technology:
answer
1-Provide opportunities for people with disabilities 2-Provide people with flexibility in their work (anywhere/anytime) 3-Robots will take over mundane chores 4-Enable improvements in health care
question
Negative societal effects of the increased use of information technology:
answer
1-Can cause health problems for individuals 2-Place employees on constant call 3-Potentially misinform patients about their health problems
question
The system which provides overall control and monitoring functions of a specific process or application. Generally consists of a network of computers, controllers, and I/O modules.
answer
Automation Systems
question
___ is an ongoing collection of related activities that create a product or a service of value to the organization, its business partners, and/or its customers.
answer
Business Process
question
Provide examples of Business Processes in the functional area of an organization:
answer
-Managing accounts payable -Managing accounts recieveable -managing post sale customer follow up -managing bills of materials -Managing manufacturing change orders -Applying disabilities policies -Hiring employees -Training staff and computer users -Applying internet use policy
question
Differentiate between the terms business process reengineering and business process management.
answer
BPR is a radical redesign of an organizations business processes that is intended to improve the efficiency and effectiveness of these processes. The key to BPR is for enterprises to examine their business processes from a "clean sheet" perspective and then determine for they could best reconstruct those processes to improve their business functions. B/c BPR proved difficult to implement, organizations have turned to BPM. BPM is a management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.
question
List a business pressure and describe an IT response to it;
answer
Market Pressures: An example of a market pressure is powerful customers. Customer relationship management is an effective IT response that helps companies achieve customer intimacy.
question
List a business pressure and describe an IT response to it;
answer
Technology Pressures: An example of a technology pressure is information overload. Search engines and business intelligence applications enable managers to access, navigate, and utilize vast amounts of information.
question
List a business pressure and describe an IT response to it;
answer
Societal/Political/Legal Pressures: An example is social responsibility, such as the state of the physical environment. Green IT is one response that is intended to improve the environment.
question
Two information systems that support the entire organization are:
answer
Enterprise resource planning systems; Transaction processing systems
question
___ systems are designed to correct a lack of communications among ___.
answer
Enterprise resource planning; Functional area information systems
question
The introduction of ATM machines by Citibank was a classic example of which strategy for competitive advantage?
answer
Innovation
question
For most companies, the Web ___ the threat that new competitors will enter the market by ___ traditional barriers to entry.
answer
Increases, decreasing
question
In ___, the organization purchases insurance as a means to compensate for any loss.
answer
Risk Transference
question
When Amazon welcomes you by name back to its website on your second visit this is an example of which strategy for competitive advantage?
answer
Customer Orientation
question
The most overlooked people in information security are:
answer
Janitors and Guards
question
Identify the 5 competitive forces described by Porter:
answer
1-Threat of entry of new competitors 2-Bargaining power of Suppliers 3-Bargaining power of customers(buyers) 4-Threat of substitute products or services 5-Rivalry among existing firms in the industry
question
Explain how the web has an impact on the threat of entry of new competitors:
answer
For most firms, the web increases the threat that new competitors will enter the market by reducing traditional barriers to entry. Frequently, competitors need only to set up a Web site to enter a market. The web can also increase barriers to entry, as when customers come to expect a nontrivial capability from their suppliers.
question
Explain how the web has an impact on the bargaining power of suppliers:
answer
The web enables buyers to find alternative suppliers and to compare prices more easily, thereby reducing suppliers' bargaining power. From a different perspective, as companies use the web to integrate their supply chains, participating suppliers can lock in customers, thereby increasing suppliers' bargaining power.
question
Explain how the web has an impact on the bargaining power of customers (buyers):
answer
The web provides customers with incredible amounts of choices for products, as well as information about those choices. As a result, the Web increases buyer power. However, companies can implement loyalty programs in which they use the web to monitor the activities of millions of customers. Such programs reduce buyer power.
question
Explain how the web has an impact on the threat of substitute products or services:
answer
New technologies create substitute products very rapidly, and the web makes information about these products available almost instantly. As a result, industries (particularly information based industries) are in great danger from substitutes (music, books, newspapers, magazines, software) However, the web can also enable a company to build in switching costs, so that it will cost customers time and or money to switch from your company to a competitor.
question
Explain how the web has an impact on the rivalry among existing firms in the industry:
answer
In the past, proprietary information systems provided strategic advantage for firms in highly competitive industries. The visibility of Internet applications on the Web makes strategic advantage more short lived.
question
What are the 5 strategies that organizations typically adopt to counter the 5 competitive forces and achieve competitive advantage?
answer
1-Cost Leadership 2-Differentiation 3-Innovation 4-Operational Effectiveness 5-Customer-orientation
question
Produce products and/or services at the lowest cost in the industry:
answer
Cost Leadership Strategy
question
Offer different products, services, or product features:
answer
Differentiation Strategy
question
Introduce new products and services, put new features in existing products and services, or develop new ways to produce them:
answer
Innovation Strategy
question
Improve the manner in which internal business processes are executed so that the firm performs similar activities better than its rivals:
answer
Operational Effectiveness Strategy
question
Concentrate on making customers happy:
answer
Customer-orientation Strategy
question
An advantage over competitors in some measure such as cost, quality, or speed; leads to control of a market and to larger-than-average profits.
answer
Competitive Advantage
question
Systems that help an organization gain a competitive advantage by supporting its strategic goals and/or increasing performance and productivity.
answer
Strategic Information Systems (SISs)
question
The tight integration of the IT function with the strategy, mission, and goals of the organization:
answer
Business-information technology alignment
question
What are the 6 characteristics of effective alignment for BIT?
answer
1-Organizations view IT as an engine of innovation that continually transforms the business. 2-Organizations view customers and customer service as supremely important. 3-Organizations rotate business and IT professionals across departments and job functions. 4-Organizations provide clear, overarching goals for all employees. 5-Organizations ensure that IT employees understand how the company makes (or loses) money. 6-Organizations create a vibrant and inclusive company culture.
question
The principles of right and wrong that individuals use to make choices to guide their behaviors:
answer
Ethics
question
What are the three fundamental tenants of ethics?
answer
Responsibility, Accountability, and Liability
question
A tenet of ethics that refers to determining who is responsible for actions that were taken:
answer
Accountability
question
A legal concept that gives individuals the right to recover the damages done to them by other individuals, organizations or systems:
answer
Liability
question
A tenet of ethics in which you accept the consequences of your decisions and actions:
answer
Responsibility
question
What are the 4 categories of ethical issues related to IT?
answer
Privacy, Accuracy, Property, Accessibility
question
Identify 3 places that store personal data and the threat of privacy to these.
answer
The privacy threat in Internet bulletin boards, newsgroups, and social networking sites is that you might post too much personal information that many unknown people can see.
question
Threats to privacy include:
answer
-Advances in Information Technologies -Electronic Surveillance -Personal information in databases -Internet Bulletin boards -Newsgroups -Social Networking sites
question
___ is the right to be left alone and to be free of unreasonable personal intrusions.
answer
Privacy
question
Identify the 5 factors that contribute to the increasing vulnerability of information resources.
answer
1-Today's interconnected, interdependent, wirelessly networked business environment. 2-Smaller, faster, cheaper computers and storage devices 3-Decreasing skills necessary to be a computer hacker 4-International organized crime taking over cybercrime 5-Lack of management support
question
Give examples that go with the 5 factors that contributed to the increasing vulnerability of information resources.
answer
1-Internet 2-Netbooks, Thumb drives, iPads 3-Information system hacking programs circulating the Internet 4-Organized crime has formed transnational cybercrime cartels. Because it is difficult to know exactly where cyber attacks originate, these cartels are extremely hard to bring to justice. 5-Suppose that your company spent $10 million on information security countermeasures last year and experienced no successful attacks on information resources. Short-sighted management might conclude that the company could spend less during the next year and obtain the same results. Bad Idea.
question
Compare and contrast human mistakes and social engineering, providing an example for each.
answer
HUMAN MISTAKES are unintentional errors. However, employees can also make unintentional mistakes as a result of actions by an attacker, such as social engineering. SOCIAL ENGINEERING is an attack where the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information. -An example of a human mistake is tailgating. An example of social engineering is when an attacker calls an employee on the phone and impersonates a superior in the company.
question
Are acts performed without malicious intent that nevertheless represent a serious threat to information security.
answer
Unintentional Threats
question
A major category of unintentional threats is:
answer
Human Error
question
What are the Deliberate Threats to Information Systems?
answer
1-Espionage or Trespass 2-Information Extortion 3-Sabotage and Vandalism 4-Theft of equipment and information 5-Identity Theft 6-Protecting intellectual property 7-Software attacks 8-Alien Software 9-Supervisory control and data acquisition (SCADA) 10-Cyberterrorism and Cyber warfare
question
What are the 9 types of deliberate attacks?
answer
1-Virus 2-Worm 3-Phishing Attack 4-Spear Phishing attack 5-Denial of service attack 6-Distributed denial of service attack 7-Trojan Horse 8-Back Door 9-Logic Bomb
question
Segment of computer code that performs malicious actions by attaching to another computer program.
answer
Virus
question
Segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program)
answer
Worm
question
____ use deception to acquire sensitive personal information by masquerading as official looking emails or instant messages.
answer
Phishing Attack
question
Target large groups of people. In these attacks perpetrators find out as much information as possible to improve their chances that phishing techniques will be able to obtain sensitive, personal information.
answer
Spear Phishing Attack
question
Attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes or ceases to function.
answer
Denial of Service Attack
question
An attacker first takes over many computers, typically by using malicious software. These computers are called zombies or bots. The attacker uses these bots- which form a bonnet- to deliver a coordinated stream of information requests to a target computer, causing it to crash.
answer
Distributed Denial of Service Attack
question
Software programs that hide in other computer programs and reveal their designed behavior only when they are activated.
answer
Trojan Horse
question
Typically a password, known only to the attacker, that allows him or her to access a computer system at will, without having to go through any security procedures.
answer
Back Door Also called a Trap Door
question
Segment of computer code that is embedded within an organization's existing computer programs and is designed to activate and perform a destructive action at a certain time or date.
answer
Logic Bomb
question
What are the 3 risk mitigation strategies?
answer
Risk Acceptance, Risk Limitation, Risk Transference
question
Define Risk Acceptance and provide an example in the context of owning a home.
answer
-Where the organization accepts the potential risk, continues operating with no controls, and absorbs any damages that occur. -If you own a home you may decide not to insure it. Thus, you are practicing risk acceptance, clearly this is a bad idea.
question
Define Risk Limitation and provide an example in the context of owning a home.
answer
-Where the organization limits the risk by implementing controls that minimize the impact of threats. -As a homeowner, you practice risk limitation by putting in an alarm system or cutting down weak trees near your house.
question
Define Risk Transference and provide an example in the context of owning a home.
answer
-Where the organization transfers the risk by using other means to compensate for the loss, such as by purchasing insurance. -The vast majority of homeowners practice risk transference by purchasing insurance on their houses and other possessions.
question
Identify the 3 major types of controls that organizations can use to protect their information resources:
answer
Physical, Access, Communications
question
___ Prevent unauthorized individuals from gaining access to a companies facilities. Common controls include walls, doors, fencing, gates, locks, badges, guards, and alarm systems. More sophisticated controls include pressure sensors, temperature sensors, and motion detectors.
answer
Physical Controls
question
___ Restrict unauthorized individuals from using information resources. These controls involve 2 major functions: Authentication and Authorization.
answer
Access Controls
question
____ Secure the movement of data across networks. These controls consist of firewalls, anti-malware systems, whitelisting and blacklisting, encryption, virtual private networking, secure socket layer, and vulnerability management systems.
answer
Communications Controls
question
Various organizations that promote fair and responsible use of information systems often develop ____.
answer
a code of ethics
question
Despite the success of E-Mealz, Jane Delaney did not originally plan to create a large enterprise.
answer
True
question
One of the big advantages of being an informed user and consumer of IT is that it enables you to anticipate future innovations and their potential applications.
answer
True
question
Global outsourcing helps an organization to:
answer
-Find the best person for the job. -Find more economical resources. -Implement spatial and temporal flexibility
question
Managing information systems in a modern organization is challenging because:
answer
the systems are very expensive to acquire, operate, and maintain; and the systems are critical to the organization's operations.
question
HR information systems, POM information systems, CRM information systems, and marketing information systems are usually classified as:
answer
Functional Area Information Systems
question
One impact of IT will be to decrease the numbers of managers employed in organizations.
answer
True
question
The core capabilities of computer-based information systems include:
answer
-Quick access to information. -Staging and processing of large amounts of data. -High-speed calculations.
question
The Internet reduces the barriers of entry for new competitors in an established industry.
answer
True
question
The Internet can both reduce and increase the bargaining power of suppliers, depending on the specific circumstances
answer
True
question
In recent years, companies such as Walmart and Amazon.com have offered streaming videos for rent on their Web sites. This is another example of how new technology has:
answer
-Increased the threat of new entrants. -Increased the threat of substitute products
question
The goals of business process reengineering are to:
answer
-Increase productivity. -Optimize operations. -Increase customer satisfaction. -Reduce waste.
question
Two major conflicting issues related to privacy are ___ and ___.
answer
Freedom of Speech; National Security
question
Making and distributing information goods to which you do not own the ___ is referred to as ____.
answer
Copyright; Piracy
question
Whereas phishing attacks are ____ , denial of service attacks are ____.
answer
remote attacks requiring user action, remote attacks requiring no user action
question
Buying health insurance is an example of risk ____, whereas going without is an example of risk _____.
answer
transference, acceptance
question
Implementing controls to prevent threats from occurring and developing a recovery plan should the threats occur are two broad functions of
answer
Risk Mitigation
