MIS Ch 9,11,12

________ is defined as information containing patterns, relationships, and trends.
A) Process mining
B) Business process management
C) Business intelligence
D) Spatial intelligence

C

Which of the following is true of source data for a BI system?
A) It refers to the organization's metadata.
B) It refers to data that the organization purchases from data vendors.
C) It refers to the level of detail represented by the data.
D) It refers to the hierarchical arrangement of criteria that predict a classification or a value.

B

Data ________ is the process of obtaining, cleaning, organizing, relating, and cataloging source data.
A) entry
B) acquisition
C) mining
D) encryption

B

Which of the following is a fundamental category of BI analysis?
A) automation
B) catalog
C) report servers
D) data mining

D

Push publishing delivers business intelligence ________.
A) according to a schedule or as a result of an event or particular data condition
B) through reporting, data mining, and knowledge management
C) by obtaining, cleaning, organizing, relating, and cataloging source data
D) in response to requests from users

A

________ requires the user to request BI results.
A) Push publishing
B) Pull publishing
C) Desktop publishing
D) Accessible publishing

B

Because of the various problems with operational data, large organizations choose to extract operational data into a(n) ________.
A) OLAP cube
B) neural network
C) data warehouse
D) Web server

C

________ records the source, format, assumptions and constraints, and other facts about the data.
A) Clickstream data
B) Dimensional data
C) Outsourced data
D) Metadata

D

Problematic operational data are termed ________.
A) bad data
B) rough data
C) dirty data
D) granular data

C

________ is a term used to refer to the level of detail represented by the data.
A) Granularity
B) Intricacy
C) Elaboration
D) Complexity

A

Which of the following statements is true about operational data?
A) It is always better to have data with too coarse a granularity than with too fine a granularity.
B) If the data granularity is too coarse, the data can be made finer by summing and combining.
C) Purchased operational data often contains missing elements.
D) Problematic operational data are termed rough data.

C

Due to a phenomenon called the ________, the more attributes there are, the easier it is to build a model that fits the sample data but that is worthless as a predictor.
A) attribute paradox
B) curse of dimensionality
C) uncertainty principle
D) economies of scale

B

A ________ takes data from the data manufacturers, cleans and processes the data, and then stores it.
A) data mart
B) data mine
C) data warehouse
D) data model

C

A data ________ is a data collection, smaller than the data warehouse that addresses a particular component or functional area of the business.
A) mart
B) mine
C) cube
D) model

A

Which of the following statements is true about data marts?
A) A data mart is like a distributor in a supply chain, while a data warehouse can be compared to a retail store.
B) Data mart users possess the data management expertise that data warehouse employees have.
C) Data marts address only a particular component or functional area of a business.
D) Data marts are larger than data warehouses.

C

Which of the following statements is true about reporting applications?
A) Reporting applications deliver business intelligence to users as a result of an event or particular data condition.
B) Reporting applications consist of five standard components: hardware, software, data, procedures, and people.
C) Two important reporting applications are RFM analysis and OLAP.
D) Reporting applications produce business intelligence using highly sophisticated operations.

C

Which of the following is a basic operation used by reporting tools to produce information from data?
A) coalescing
B) transposing
C) dispersing
D) calculating

D

________ analysis is a way of analyzing and ranking customers according to their purchasing patterns.
A) TQM
B) CRM
C) Market-basket
D) RFM

D

RFM analysis is used to analyze and rank customers according to their ________.
A) purchasing patterns
B) propensity to respond to a marketing stimulus
C) socio-economic status
D) motivation and needs

A

U.S. Steel Corp. is a well known steel manufacturing company. SAMCROW, one of the customers of U.S. Steel Corp. holds an RFM score of 111. Which of the following characteristics relates SAMCROW with its RFM score?
A) SAMCROW has ordered recently and orders frequently, but it orders the least expensive goods.
B) SAMCROW has not ordered in some time, but when it did order in the past it ordered frequently, and its orders were of the highest monetary value.
C) SAMCROW has not ordered for some time, it did not order frequently, and, when it
did order, it bought the least-expensive items.
D) SAMCROW has ordered recently and orders frequently, and it orders the most expensive goods.

D

A sales team should attempt to up-sell more expensive products to a customer who has an RFM score of ________.
A) 311
B) 555
C) 113
D) 545

C

Ajax is one of the customers of a well known linen manufacturing company. Ajax has not ordered linen in some time, but when it did order in the past it ordered frequently, and its orders were of the highest monetary value. Under the given circumstances, Ajax's RFM score is most likely ________.
A) 155
B) 511
C) 555
D) 151

B

How should a sales team respond to a customer who has an RFM score of 545?
A) The sales team should contact this customer immediately.
B) The sales team should let go of this customer; the loss will be minimal.
C) The sales team should attempt to up-sell more expensive goods to this customer.
D) The sales team should spend more time with this customer.

B

OLAP stands for ________.
A) online analytical processing
B) object-based lead analysis procedure
C) object-oriented analytical protocol
D) organizational lead analysis process

A

The viewer of an OLAP report can change its format. Which term implies this capability?
A) processing
B) analytical
C) dimension
D) online

D

The remarkable characteristic of OLAP reports is that they are ________, as they are online and the viewer of the report can change their format.
A) extensible
B) informal
C) specific
D) dynamic

D

An OLAP report has measures and dimensions. Which of the following is an example of a dimension?
A) total sales
B) average sales
C) sales region
D) average cost

C

Which of the following describes a dimension in an OLAP report?
A) It is a characteristic of a measure.
B) It is the item that is processed in the OLAP report.
C) It is the data item of interest.
D) It is referred to as a decision tree.

A

Which of the following is an example of a measure in an OLAP report?
A) customer type
B) purchase date
C) sales region
D) average cost

D

An ________ and an OLAP report are the same thing.
A) OLAP measure
B) OLAP cube
C) OLAP dimension
D) OLAP array

B

Which of the following observations about RFM and OLAP reports is true?
A) RFM is more generic than OLAP.
B) OLAP reports are more dynamic than RFM reports.
C) RFM reports have measures and dimensions.
D) RFM reports can drill down into the data.

B

________ is the application of statistical techniques to find patterns and relationships among data for classification and prediction.
A) Data optimization
B) Database normalization
C) Data mining
D) Data warehousing

C

Which of the following terms is used as a synonym for data mining?
A) regression analysis
B) data warehousing
C) knowledge discovery in databases
D) parallel processing

C

Which of the following is true of unsupervised data mining?
A) Analysts do not create a model or hypothesis before running the analysis.
B) Neural networks is a popular unsupervised data mining application.
C) Unsupervised data mining requires tools such as regression analysis.
D) Unsupervised data mining requires analysts to fit data to suggested hypotheses.

A

With ________, statistical techniques can identify groups of entities that have similar characteristics.
A) regression analysis
B) cluster analysis
C) expert systems
D) neural networks

B

With ________, data miners develop a model prior to the analysis and apply statistical techniques to data to estimate parameters of the model.
A) cluster analysis
B) unsupervised data mining
C) supervised data mining
D) click streaming

C

Which of the following is an example of a supervised data-mining technique?
A) cluster analysis
B) market-basket analysis
C) regression analysis
D) click streaming

C

Which of the following is used to show the products that customers tend to buy together?
A) regression analysis
B) market-basket analysis
C) neural networks
D) cluster analysis

B

In marketing transactions, the fact that customers who buy product X also buy product Y creates a(n) ________ opportunity. That is, "If they're buying X, sell them Y," or "If they're buying Y, sell them X."
A) cross-selling
B) value added selling
C) break-even
D) portfolio

A

In market-basket terminology, ________ is the term that describes the probability that two items will be purchased together.
A) support
B) confidence
C) lift
D) dimension

A

In market-basket terminology, the ratio of confidence to the base probability of buying an item is called the ________.
A) confidence
B) support
C) granularity
D) lift

D

________ is a hierarchical arrangement of criteria that predict a classification or a value.
A) A value chain
B) A cluster analysis
C) A decision tree
D) A neural network

C

________ is the process of creating value from intellectual capital and sharing that knowledge with employees, managers, suppliers, customers, and others who need it.
A) Intellectual property protection
B) Knowledge management
C) Business Process Reengineering
D) Repository management

B

Which of the following is a major category of knowledge assets?
A) distributors
B) suppliers
C) customers
D) employees

D

________ is the single most important content function in knowledge management applications.
A) Sourcing
B) Retrieving
C) Indexing
D) Sorting

C

The world's best-known indexing engine is operated by ________.
A) Google
B) Yahoo
C) Microsoft
D) Oracle

A

________ is a standard for subscribing to content sources.
A) Knowledge Discovery in Databases (KDD)
B) Online Analytical Processing (OLAP)
C) Real Simple Syndication (RSS)
D) Data Transfer Protocol (DTP)

C

With a(n) ________ , users can subscribe to content sources and be notified when they have been changed.
A) BI server
B) RSS reader
C) KM protocol
D) expert system

B

________ attempt to capture human expertise and put it into a format that can be used by non experts.
A) Neural networks
B) Expert systems
C) Regression analysis
D) Decision trees

B

Which of the following observations concerning expert systems is true?
A) The "If...then" rules used in these systems are created by mining data.
B) They have lived up to the high expectations set by their name.
C) They typically have fewer than a dozen rules.
D) They are difficult and expensive to develop.

D

A sales report that is current, as of the time the user accessed it on a Web server, is an example of a(n) ________.
A) static reports
B) dynamic report
C) expert system
D) market-basket analysis

B

The ________ is the most popular BI server today.
A) Microsoft Azure
B) Microsoft Windows Vista Professional
C) Microsoft SQL Server Report manager
D) Microsoft Dynamics Solomon

C

Which of the following statements is true about BI publishing alternatives?
A) Most dynamic reports are published as PDF documents.
B) For Web servers and SharePoint, the push option is mandatory.
C) BI servers extend alert/RSS functionality to support user subscriptions.
D) Publishing static BI content requires more skill, compared to publishing dynamic BI content.

C

BI servers use ________ to determine what results to send to which users and on which schedule.
A) expert systems
B) metadata
C) RSS feeds
D) neural networks

B

Developing, operating, and maintaining an org's computing infrastructure is a major function of the ________ department.
A) human resources
B) information systems
C) marketing
D) manufacturing

B

Which of the following is NOT a function of the information systems department?
A) conducting external audits
B) developing apps
C) protecting info assets
D) managing outsourcing relationships

A

In orGs that operate significant non-accounting info systems, the chief info officer is most likely to report to the ________.
A) chief financial officer
B) chief executive officer
C) director of info services
D) chief technology officer

B

If the primary info systems in an org support only accy and fin activities, the CIO should most likely report to the ________.
A) CFO
B) CTO
C) COO D) CEO

A

Which of the following is a function of the technology office in an organization's IS department?
A) managing computing infrastructure
B) creating new info systems
C) investigating new IS tech
D) maintaining existing info systems

C

In the IS department, the ________ group manages computing infrastructure, including individual computers, in-house server farms, networks, and communications media.
A) operations
B) technology
C) development
D) manufacturing

A

Which of the following statements is true of the operations group in an organization's IS department?
A) It does not include system and network administrators.
B) It monitors the user experience and responds to user problems.
C) It manages all computing infrastructure except in-house server farms and communications media.
D) Its size and structure depend on whether programs are developed in-house

B

Which of the following is true about the "maintenance" of information systems?
A) It is undertaken by the IS department only if programs are developed in-house.
B) It includes monitoring the user experience and responding to user problems.
C) It involves fixing problems or adapting existing systems to support new features.
D) It is performed by operations, as it involves fixing problems with existing software.

C

IS department, the _____ group manages process of creating new info systems as well as maintaining existing info systems.
A) operations
B) technology
C) development
D) outsourcing relations

C

If an org doesnt develop programs in-house, then the development group of the IS department will be staffed primarily by _.
A) programmers and development personnel
B) PQA test engineers
C) bus and systems analysts
D) technical writers

C

Purpose of ________ group is to protect data & info assets by est data standards and data management practices and policies.
A) data administration
B) data warehousing
C) data mining
D) data communication

A

A ________ works with users to determine system requirements, designs and develops job descriptions and procedures, and helps determine test plans.
A) system analyst
B) business analyst
C) user support representative
D) network administrator

A

A ________ prepares program documentation, help-text, procedures, job descriptions, and training materials.
A) system analyst
B) consultant
C) programmer
D) technical writer

D

The responsibilities of a computer technician include ________.
A) installing software and repairing networks
B) managing and protecting databases
C) writing program documentation
D) advising the CIO on emerging technologies

A

The responsibilities of a ________ include advising the CIO, executive group, and project managers on emerging techs.
A) project manager
B) consultant
C) system analyst
D) CTO

D

Which of the following is true about IS infrastructure?
A) Once developed, it is not possible to change IS infrastructure.
B) IS applications can be easily changed to meet organizational requirements.
C) Changing IS infrastructure is expensive and time-consuming.
D) Information systems need to change only when organizations merge

C

The ________ is the representative for IS and IT issues within the executive staff, providing the IS perspective during discussions of problem solutions, proposals, and new initiatives.
A) COO
B) CTO
C) CIO
D) CEO

C

A(n) ________ is a group of senior managers from the major business functions that works with the CIO to set IS priorities and decide among major IS projects and alternatives.
A) steering committee
B) discussion forum
C) IS department
D) network board

A

Which of the following is a function of the steering committee for an IS department?
A) writing program code
B) imparting training
C) adapting software
D) setting IS priorities

D

Which of the following statements is true about the steering committee of an IS department?
A) It serves an important communication function between the company and its clients.
B) Its membership is determined by the IS department.
C) Its schedule and agenda are set up by the CEO and other members of the executive staff.
D) Its meetings are conducted by the IS department.

D

________ is the process of hiring another organization to perform a service.
A) Merging
B) Outsourcing
C) Headhunting
D) Diversifying

B

One of the reasons outsourcing is undertaken is to ________.
A) reduce an organization's control over functions
B) increase costs for the outsourcing vendor
C) cap an organization's financial exposure D) enhance management's focus on nonessential functions

C

Which of the following is true about outsourcing?
A) It increases budgetary instability due to the level of risk involved.
B) It saves both direct and indirect management time.
C) It creates diseconomies of scale.
D) It guarantees a higher level of quality than that provided in-house.

B

Outsourcing gathers all of the possible risks into the risk of choosing the right ________.
A) steering committee
B) sales team
C) technology
D) vendor

D

________ is a form of outsourcing.
A) Buying off-the-shelf software
B) Customizing info systems
C) Acquiring licensed software
D) Updating data standards

C

Which of the following is an outsourcing alternative that provides hosted applications and data storage?
A) licensed software
B) business function outsourcing
C) software as a service (SaaS)
D) Web storefronts

C

Which of the following is an example of a company that offers SaaS?
A) Salesforce.com
B) PeopleSoft
C) Electronic Data Systems
D) Epicor

A

Sites like Amazon.com provide ________ for product vendors & distr who choose not to develop their own online presence.
A) software licenses
B) enterprise applications
C) Web storefronts
D) hardware infrastructure

C

In 2005, Marriott International chose Hewitt Associates to handle its human resources needs for the next 7 years. This is an example of ________ outsourcing.
A) network
B) software
C) business function D) application

C

Which of the following is a form of hardware outsourcing?
A) acquiring licensed products
B) cloud hosting
C) SaaS
D) Web storefronts

b

When a co outsources a system, control over prioritizing fixes for software failures and problems belongs to the ________.
A) CTO
B) vendor
C) hiring organization
D) CIO

b

Which of the following is a risk of outsourcing IS/IT functions?
A) It gives undue authority to the CIO in the executive team.
B) It provides the hiring organization with too many choices.
C) It involves the potential loss of intellectual capital.
D) It enables the vendor to gain economies of scale.

C

As an IS user, you have a right to a secure computing environment. This means that ________.
A) the organization should protect your computer and its files
B) you should protect the organization's computers and files
C) you should inform the IS about any software upgrades
D) you will never face a network problem

A

Which of the following is a right of users of information systems?
A) installing programs and applications of their choice
B) making hardware modifications when desired
C) receiving effective training according to their requirements
D) obtaining the configuration of their choice

C

Which of the following is generally a responsibility of users of information systems?
A) reporting even trivial problems
B) replacing legacy systems with improved ones
C) upgrading data standards
D) following security and backup procedures

D

Which of the following is true about users of information systems?
A) They have a responsibility to protect their computers from viruses by installing protection software.
B) They must ensure the availability of reliable and secure Internet connections.
C) They must learn standard techniques and procedures for the applications they use.
D) They should install hardware and software themselves, without bothering the IS department

C

) Users should not bother IS personnel for trivial reasons, so they have a responsibility to ________.
A) learn basic computer skills
B) protect their data
C) install security programs by themselves D) make necessary hardware modifications

A

Which of the following is true about the changes and developments foreseen for 2022?
A) Licensed, off-the-shelf software will become less configurable, less adaptable, and less flexible.
B) Fewer applications will be developed in-house and software customization will become easier.
C) Better-skilled employees will be needed to adapt software to increasingly unique organizational needs.
D) Small computing devices will become more expensive and lose their popularity.

B

A ________ is a person or organization that seeks to obtain data or other assets illegally, without the owner's permission and often without the owner's knowledge.
A) target
B) vulnerability
C) threat
D) warning

C

Which of the following is considered a threat caused by human error?
A) An employee inadvertently installs an old database on top of the current one.
B) An employee intentionally destroys data and system components.
C) A virus and worm writer infects computer systems.
D) A hacker breaks into a system to steal for financial gain.

A

Which of the following is considered a computer crime?
A) accidentally deleting customer records B) poorly written programs resulting in data losses
C) loss of data as a result of flooding
D) hacking of information systems

D

________ occurs when someone deceives by pretending to be someone else.
A) Hacking
B) Baiting
C) Sniffing
D) Pretexting

D

When referring to security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.
A) unauthorized data disclosure
B) incorrect data modification
C) faulty services D) loss of infrastructure

A

A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social Security numbers, account passwords, and so forth.
A) hacker
B) phisher
C) safeguard
D) sniffer

B

Email spoofing is a synonym for ________.
A) hacking
B) phishing
C) usurping
D) sniffing

B

________ is a technique for intercepting computer communications, either through a physical connection to a network or, in the case of wireless networks, with no physical connection.
A) Spoofing
B) Phishing
C) Sniffing
D) Pretexting

C

________ take computers with wireless connections through an area and search for unprotected wireless networks and then monitor and intercept wireless traffic at will.
A) Drive-by spoofers B) Pretexters
C) Drive-by sniffers D) Phishers

C

Which of the following is an example of a sniffing technique?
A) IP spoofing
B) caches
C) ad blockers D) adware

D

________ occurs when a person breaks into a network to steal data such as customer lists, product inventory data, employee data, and other proprietary and confidential data.
A) Pretexting
B) Phishing
C) Hacking
D) Spoofing

C

Which of the following is most likely to be the result of hacking?
A) certain Web sites being blocked from viewing for security reasons
B) small amounts of spam in your inbox
C) an unexplained reduction in your account balance D) pop-up ads appearing frequently

C

____ occurs through human error when employees dont follow proper proced or when proced have not been well designed.
A) Unauthorized data disclosure
B) Incorrect data modification
C) Denial of service D) Loss of infrastructure

B

________ occurs when comp. criminals invade a comp system & replace legitimate programs with their own unauthorized ones that shut down legitimate apps and substitute their own processing to spy, steal and manipulate data, or other purposes.
A) Hacking
B) Spoofing
C) Phishing
D) Usurpation

D

Which of the following usually happens in a malicious denial-of-service attack?
A) A hacker monitors and intercepts wireless traffic at will.
B) A hacker floods a Web server with millions of bogus service requests.
C) A hacker uses another site's IP address to masquerade as that other site.
D) A phisher pretends to be a legitimate company and requests confidential data

B

________ present the largest risk for an organization's infrastructure loss.
A) Employees
B) Natural disasters C) Hackers
D) Competitors

B

A(n) ________ is a comp program that senses when another comp is attempting to scan the disk or otherwise access a comp.
A) IDS
B) botnet
C) antivirus
D) firewall

A

Nonword passwords are vulnerable to a ____ attack, in which the PW cracker tries every possible combination of characters.
A) denial-of-service B) side channel
C) brute force
D) obfuscation

C

________ are small files that your browser stores on your computer when you visit Web sites and enable you to access Web sites without having to sign in every time.
A) Cookies
B) Registers
C) Pop-ups
D) Public keys

A

Employees resent physical searches when arriving at and departing from work. Which aspect of computer security described in the NIST Handbook is reflected here?
A) Computer security is an integral element of sound management.
B) Computer security should be cost-effective.
C) Computer security is constrained by societal factors.
D) Computer security should be periodically reassessed

C

Which of the following is a critical security function of senior management?
A) safeguarding computer hardware and software B) delegating responsibility for managing IS security
C) establishing the security policy and managing risk D) managing security programs on a real-time basis

C

Which element of a sec. policy specifies how an organization will ensure the enforcement of security programs and policies?
A) the general statement of the security policy B) the issue-specific policy
C) the network policy
D) the system-specific policy

A

A sec policy covering the matters related to the personal use of computers at work would be an example of a(n) ________.
A) data policy
B) issue-specific policy C) system-specific policy D) network security policy

B

Which of the following is an example of a system-specific security policy?
A) limiting the personal use of an organization's computer systems
B) deciding what customer data from the order-entry system will be shared with other organizations
C) designating a department for managing an organization's IS security
D) inspecting an employee's personal email for compliance with company policy

B

________ refers to things we do not know, while ________ is the likelihood of an adverse occurrence.
A) Risk; indemnity
B) Uncertainty; risk
C) Assessment; uncertainty
D) Vulnerability; risk

B

Which of the following is the first step in risk management?
A) create backup procedures
B) reduce the likelihood of a threat
C) evaluate the results of the risk management process
D) assess the threats and vulnerabilities

D

Which factor of risk assess refers to the prob that a given asset will be compromis by a given threat, despite the safeguards?
A) likelihood
B) uncertainty
C) consequence D) vulnerability

A

Which of the following is an example of an intangible consequence?
A) a dip in sales because supplies were not replenished
B) a loss of customer goodwill due to an outage
C) a drop in production due to plant maintenance D) a financial loss due to high input costs

B

To obtain a measure of probable loss, companies ________.
A) multiply likelihood by the probability of occurrence
B) multiply the vulnerability by the probability of occurrence
C) multiply likelihood by the cost of the consequences
D) multiply residual risk by the cost of the consequences

C

Which of the following is covered by the Gramm-Leach-Bliley Act of 1999?
A) information related to national security
B) records maintained by the U.S. government
C) consumer financial data stored by financial institutions
D) health data collected by doctors and other health-care providers

C

The Privacy Act of 1974 covers ________.
A) records held by private companies
B) records held by the U.S. government
C) records held by banks and other financial institutions
D) records held by non-government agencies

B

Which of the following was passed to give individuals the right to access their own health data created by doctors and other health-care providers?
A) Privacy Act of 1974
B) Sarbanes-Oxley Act
C) HIPAA
D) Gramm-Leach-Bliley Act

C

Which of the following is an example of a technical safeguard?
A) position definitions B) firewalls
C) key escrow
D) account management

B

A(n) ________ card has a microchip in it to hold data.
A) ATM
B) smart
C) biometric
D) LAN

B

Users of smart cards are required to enter a ________ to be authenticated.
A) Social Security number
B) public key
C) personal identification number
D) private key

C

Which of the following is used for biometric authentication?
A) smart cards
B) facial features
C) passwords
D) personal identification numbers

B

Which of the following statements is true for biometric identification?
A) It involves the use of a PIN for authentication.
B) It provides weak authentication.
C) It is a relatively cheap mode of authentication.
D) It often faces resistance from users for its invasive nature.

D

A system called ________ authenticates users without sending their passwords across a computer network.
A) Kerberos
B) WPA
C) pretexting
D) WEP

A

The IEEE 802.11 Committee, the group that dev. & maintains wireless stand., first developed a wireless sec standard called_.
A) Wireless Fidelity
B) Wi-Fi Protected Access
C) Wired Equivalent Privacy
D) WiMax

C

________ is the process of transforming clear text into coded, unintelligible text for secure storage or communication.
A) Inscription
B) Etching
C) Encryption
D) Decryption

C

With ________ encryption, the sender and receiver transmit a message using the same key.
A) asymmetric
B) coaxial
C) symmetric
D) collinear

C

Which of the following observations concerning Secure Socket Layer (SSL) is true?
A) It uses only asymmetric encryption.
B) It is a useful hybrid of symmetric and asymmetric encryption techniques.
C) It works between Levels 2 and 3 of the TCP-OSI architecture.
D) It is a stronger version of HTTPS.

B

You are transferring funds online through the Web site of a reputed bank. Which of the following displayed in your browser's address bar will let you know that the bank is using the SSL protocol?
A) http
B) www
C) https
D) .com

C

________ is the term used to denote viruses, worms, Trojan horses, spyware, and adware.
A) Malware
B) Kerberos
C) Usurpation
D) Spam

A

A virus is a computer program that replicates itself. The program code that causes unwanted activity is called the ________.
A) payload
B) Trojan
C) bot herder
D) key escrow

A

________ are viruses that masquerade as useful programs or files.
A) Adware
B) Firmware
C) Trojan horses D) Payloads

C

A(n) ________ is a type of virus that propagates using the Internet or other computer networks.
A) worm
B) sniffer
C) Trojan horse
D) phisher

A

What is a major difference between spyware and adware?
A) Unlike spyware, adware does not perform malicious acts.
B) Unlike spyware, adware steals data from users.
C) Unlike spyware, adware is installed with the user's permission.
D) Unlike spyware, adware does not observe user behavior

A

________, tiny files that gather demographic info, use a single code to identify users by age, gender, location, likely inc, and online activity.
A) Cookies
B) Adware
C) Payloads
D) Beacons

D

The term ________ refers to any type of program that is surreptitiously installed and that takes actions unknown and uncontrolled by the computer's owner or administrator.
A) proxy
B) payload
C) bot
D) string

C

Because encryption keys can be lost or destroyed, a copy of the key should be stored with a trusted third party. This procedure is called ________.
A) Kerberos
B) spoofing
C) brute force
D) key escrow

D

Maintaining the computers that run a DBMS in a locked room is a part of ________.
A) malware safeguards
B) recovery procedures
C) physical security procedures
D) data rights and responsibilities

C

Which of the following statements about human safeguards for employees is true?
A) Security screening in an organization is a one-time process and applies only to new employees.
B) Users' computer accounts should give users the least possible privilege necessary to perform their jobs.
C) Companies can provide user accounts and passwords to employees prior to their security training.
D) There are only two main aspects to security enforcement: responsibility and accountability.

B

When an employee is terminated, IS administrators should receive advance notice so they can ________.
A) destroy the employee's records
B) plan for new recruitment
C) disseminate information
D) remove user accounts and passwords

D

________ a site means to take extraordinary measures to reduce a system's vulnerability, using special versions of the operating system, and eliminating operating systems features and functions that are not required by the application.
A) Leveling
B) Hardening
C) Authenticating D) Certifying

B

________ are the primary means of authentication and are important not just for access to a user's computer, but also for authentication to other networks and servers to which the user may have access.
A) Private keys
B) User names
C) Passwords
D) Personal identification numbers

C

Which of the following systems procedures is specifically the responsibility of operations personnel?
A) backing up data on one's personal computer B) using systems to perform job tasks
C) backing up system databases D) knowing whom to contact when a security breach occurs

C

In disaster-preparedness term, a ________ is a utility co that can take over another co's processing with no forewarning.
A) Web farm
B) cold site
C) development site D) hot site

D

Which of the following observations is true of a cold site?
A) It is located on the company's premises.
B) It is more expensive to lease than a hot site.
C) It requires customers to install and manage systems themselves. D) It provides only office space

C

Many co create ________, which are false targets for comp criminals to attack. To an intruder, it would look like a particularly valuable resource, such as an unprotected Web site, but in actuality the only site content is a program that determines the attacker's IP address.
A) bot herders
B) hot sites
C) honeypots
D) beacons

C

MIS Ch 9,11,12 - Subjecto.com

MIS Ch 9,11,12

Your page rank:

Total word count: 5562
Pages: 20

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

________ is defined as information containing patterns, relationships, and trends.
A) Process mining
B) Business process management
C) Business intelligence
D) Spatial intelligence

C

Which of the following is true of source data for a BI system?
A) It refers to the organization’s metadata.
B) It refers to data that the organization purchases from data vendors.
C) It refers to the level of detail represented by the data.
D) It refers to the hierarchical arrangement of criteria that predict a classification or a value.

B

Data ________ is the process of obtaining, cleaning, organizing, relating, and cataloging source data.
A) entry
B) acquisition
C) mining
D) encryption

B

Which of the following is a fundamental category of BI analysis?
A) automation
B) catalog
C) report servers
D) data mining

D

Push publishing delivers business intelligence ________.
A) according to a schedule or as a result of an event or particular data condition
B) through reporting, data mining, and knowledge management
C) by obtaining, cleaning, organizing, relating, and cataloging source data
D) in response to requests from users

A

________ requires the user to request BI results.
A) Push publishing
B) Pull publishing
C) Desktop publishing
D) Accessible publishing

B

Because of the various problems with operational data, large organizations choose to extract operational data into a(n) ________.
A) OLAP cube
B) neural network
C) data warehouse
D) Web server

C

________ records the source, format, assumptions and constraints, and other facts about the data.
A) Clickstream data
B) Dimensional data
C) Outsourced data
D) Metadata

D

Problematic operational data are termed ________.
A) bad data
B) rough data
C) dirty data
D) granular data

C

________ is a term used to refer to the level of detail represented by the data.
A) Granularity
B) Intricacy
C) Elaboration
D) Complexity

A

Which of the following statements is true about operational data?
A) It is always better to have data with too coarse a granularity than with too fine a granularity.
B) If the data granularity is too coarse, the data can be made finer by summing and combining.
C) Purchased operational data often contains missing elements.
D) Problematic operational data are termed rough data.

C

Due to a phenomenon called the ________, the more attributes there are, the easier it is to build a model that fits the sample data but that is worthless as a predictor.
A) attribute paradox
B) curse of dimensionality
C) uncertainty principle
D) economies of scale

B

A ________ takes data from the data manufacturers, cleans and processes the data, and then stores it.
A) data mart
B) data mine
C) data warehouse
D) data model

C

A data ________ is a data collection, smaller than the data warehouse that addresses a particular component or functional area of the business.
A) mart
B) mine
C) cube
D) model

A

Which of the following statements is true about data marts?
A) A data mart is like a distributor in a supply chain, while a data warehouse can be compared to a retail store.
B) Data mart users possess the data management expertise that data warehouse employees have.
C) Data marts address only a particular component or functional area of a business.
D) Data marts are larger than data warehouses.

C

Which of the following statements is true about reporting applications?
A) Reporting applications deliver business intelligence to users as a result of an event or particular data condition.
B) Reporting applications consist of five standard components: hardware, software, data, procedures, and people.
C) Two important reporting applications are RFM analysis and OLAP.
D) Reporting applications produce business intelligence using highly sophisticated operations.

C

Which of the following is a basic operation used by reporting tools to produce information from data?
A) coalescing
B) transposing
C) dispersing
D) calculating

D

________ analysis is a way of analyzing and ranking customers according to their purchasing patterns.
A) TQM
B) CRM
C) Market-basket
D) RFM

D

RFM analysis is used to analyze and rank customers according to their ________.
A) purchasing patterns
B) propensity to respond to a marketing stimulus
C) socio-economic status
D) motivation and needs

A

U.S. Steel Corp. is a well known steel manufacturing company. SAMCROW, one of the customers of U.S. Steel Corp. holds an RFM score of 111. Which of the following characteristics relates SAMCROW with its RFM score?
A) SAMCROW has ordered recently and orders frequently, but it orders the least expensive goods.
B) SAMCROW has not ordered in some time, but when it did order in the past it ordered frequently, and its orders were of the highest monetary value.
C) SAMCROW has not ordered for some time, it did not order frequently, and, when it
did order, it bought the least-expensive items.
D) SAMCROW has ordered recently and orders frequently, and it orders the most expensive goods.

D

A sales team should attempt to up-sell more expensive products to a customer who has an RFM score of ________.
A) 311
B) 555
C) 113
D) 545

C

Ajax is one of the customers of a well known linen manufacturing company. Ajax has not ordered linen in some time, but when it did order in the past it ordered frequently, and its orders were of the highest monetary value. Under the given circumstances, Ajax’s RFM score is most likely ________.
A) 155
B) 511
C) 555
D) 151

B

How should a sales team respond to a customer who has an RFM score of 545?
A) The sales team should contact this customer immediately.
B) The sales team should let go of this customer; the loss will be minimal.
C) The sales team should attempt to up-sell more expensive goods to this customer.
D) The sales team should spend more time with this customer.

B

OLAP stands for ________.
A) online analytical processing
B) object-based lead analysis procedure
C) object-oriented analytical protocol
D) organizational lead analysis process

A

The viewer of an OLAP report can change its format. Which term implies this capability?
A) processing
B) analytical
C) dimension
D) online

D

The remarkable characteristic of OLAP reports is that they are ________, as they are online and the viewer of the report can change their format.
A) extensible
B) informal
C) specific
D) dynamic

D

An OLAP report has measures and dimensions. Which of the following is an example of a dimension?
A) total sales
B) average sales
C) sales region
D) average cost

C

Which of the following describes a dimension in an OLAP report?
A) It is a characteristic of a measure.
B) It is the item that is processed in the OLAP report.
C) It is the data item of interest.
D) It is referred to as a decision tree.

A

Which of the following is an example of a measure in an OLAP report?
A) customer type
B) purchase date
C) sales region
D) average cost

D

An ________ and an OLAP report are the same thing.
A) OLAP measure
B) OLAP cube
C) OLAP dimension
D) OLAP array

B

Which of the following observations about RFM and OLAP reports is true?
A) RFM is more generic than OLAP.
B) OLAP reports are more dynamic than RFM reports.
C) RFM reports have measures and dimensions.
D) RFM reports can drill down into the data.

B

________ is the application of statistical techniques to find patterns and relationships among data for classification and prediction.
A) Data optimization
B) Database normalization
C) Data mining
D) Data warehousing

C

Which of the following terms is used as a synonym for data mining?
A) regression analysis
B) data warehousing
C) knowledge discovery in databases
D) parallel processing

C

Which of the following is true of unsupervised data mining?
A) Analysts do not create a model or hypothesis before running the analysis.
B) Neural networks is a popular unsupervised data mining application.
C) Unsupervised data mining requires tools such as regression analysis.
D) Unsupervised data mining requires analysts to fit data to suggested hypotheses.

A

With ________, statistical techniques can identify groups of entities that have similar characteristics.
A) regression analysis
B) cluster analysis
C) expert systems
D) neural networks

B

With ________, data miners develop a model prior to the analysis and apply statistical techniques to data to estimate parameters of the model.
A) cluster analysis
B) unsupervised data mining
C) supervised data mining
D) click streaming

C

Which of the following is an example of a supervised data-mining technique?
A) cluster analysis
B) market-basket analysis
C) regression analysis
D) click streaming

C

Which of the following is used to show the products that customers tend to buy together?
A) regression analysis
B) market-basket analysis
C) neural networks
D) cluster analysis

B

In marketing transactions, the fact that customers who buy product X also buy product Y creates a(n) ________ opportunity. That is, "If they’re buying X, sell them Y," or "If they’re buying Y, sell them X."
A) cross-selling
B) value added selling
C) break-even
D) portfolio

A

In market-basket terminology, ________ is the term that describes the probability that two items will be purchased together.
A) support
B) confidence
C) lift
D) dimension

A

In market-basket terminology, the ratio of confidence to the base probability of buying an item is called the ________.
A) confidence
B) support
C) granularity
D) lift

D

________ is a hierarchical arrangement of criteria that predict a classification or a value.
A) A value chain
B) A cluster analysis
C) A decision tree
D) A neural network

C

________ is the process of creating value from intellectual capital and sharing that knowledge with employees, managers, suppliers, customers, and others who need it.
A) Intellectual property protection
B) Knowledge management
C) Business Process Reengineering
D) Repository management

B

Which of the following is a major category of knowledge assets?
A) distributors
B) suppliers
C) customers
D) employees

D

________ is the single most important content function in knowledge management applications.
A) Sourcing
B) Retrieving
C) Indexing
D) Sorting

C

The world’s best-known indexing engine is operated by ________.
A) Google
B) Yahoo
C) Microsoft
D) Oracle

A

________ is a standard for subscribing to content sources.
A) Knowledge Discovery in Databases (KDD)
B) Online Analytical Processing (OLAP)
C) Real Simple Syndication (RSS)
D) Data Transfer Protocol (DTP)

C

With a(n) ________ , users can subscribe to content sources and be notified when they have been changed.
A) BI server
B) RSS reader
C) KM protocol
D) expert system

B

________ attempt to capture human expertise and put it into a format that can be used by non experts.
A) Neural networks
B) Expert systems
C) Regression analysis
D) Decision trees

B

Which of the following observations concerning expert systems is true?
A) The "If…then" rules used in these systems are created by mining data.
B) They have lived up to the high expectations set by their name.
C) They typically have fewer than a dozen rules.
D) They are difficult and expensive to develop.

D

A sales report that is current, as of the time the user accessed it on a Web server, is an example of a(n) ________.
A) static reports
B) dynamic report
C) expert system
D) market-basket analysis

B

The ________ is the most popular BI server today.
A) Microsoft Azure
B) Microsoft Windows Vista Professional
C) Microsoft SQL Server Report manager
D) Microsoft Dynamics Solomon

C

Which of the following statements is true about BI publishing alternatives?
A) Most dynamic reports are published as PDF documents.
B) For Web servers and SharePoint, the push option is mandatory.
C) BI servers extend alert/RSS functionality to support user subscriptions.
D) Publishing static BI content requires more skill, compared to publishing dynamic BI content.

C

BI servers use ________ to determine what results to send to which users and on which schedule.
A) expert systems
B) metadata
C) RSS feeds
D) neural networks

B

Developing, operating, and maintaining an org’s computing infrastructure is a major function of the ________ department.
A) human resources
B) information systems
C) marketing
D) manufacturing

B

Which of the following is NOT a function of the information systems department?
A) conducting external audits
B) developing apps
C) protecting info assets
D) managing outsourcing relationships

A

In orGs that operate significant non-accounting info systems, the chief info officer is most likely to report to the ________.
A) chief financial officer
B) chief executive officer
C) director of info services
D) chief technology officer

B

If the primary info systems in an org support only accy and fin activities, the CIO should most likely report to the ________.
A) CFO
B) CTO
C) COO D) CEO

A

Which of the following is a function of the technology office in an organization’s IS department?
A) managing computing infrastructure
B) creating new info systems
C) investigating new IS tech
D) maintaining existing info systems

C

In the IS department, the ________ group manages computing infrastructure, including individual computers, in-house server farms, networks, and communications media.
A) operations
B) technology
C) development
D) manufacturing

A

Which of the following statements is true of the operations group in an organization’s IS department?
A) It does not include system and network administrators.
B) It monitors the user experience and responds to user problems.
C) It manages all computing infrastructure except in-house server farms and communications media.
D) Its size and structure depend on whether programs are developed in-house

B

Which of the following is true about the "maintenance" of information systems?
A) It is undertaken by the IS department only if programs are developed in-house.
B) It includes monitoring the user experience and responding to user problems.
C) It involves fixing problems or adapting existing systems to support new features.
D) It is performed by operations, as it involves fixing problems with existing software.

C

IS department, the _____ group manages process of creating new info systems as well as maintaining existing info systems.
A) operations
B) technology
C) development
D) outsourcing relations

C

If an org doesnt develop programs in-house, then the development group of the IS department will be staffed primarily by _.
A) programmers and development personnel
B) PQA test engineers
C) bus and systems analysts
D) technical writers

C

Purpose of ________ group is to protect data & info assets by est data standards and data management practices and policies.
A) data administration
B) data warehousing
C) data mining
D) data communication

A

A ________ works with users to determine system requirements, designs and develops job descriptions and procedures, and helps determine test plans.
A) system analyst
B) business analyst
C) user support representative
D) network administrator

A

A ________ prepares program documentation, help-text, procedures, job descriptions, and training materials.
A) system analyst
B) consultant
C) programmer
D) technical writer

D

The responsibilities of a computer technician include ________.
A) installing software and repairing networks
B) managing and protecting databases
C) writing program documentation
D) advising the CIO on emerging technologies

A

The responsibilities of a ________ include advising the CIO, executive group, and project managers on emerging techs.
A) project manager
B) consultant
C) system analyst
D) CTO

D

Which of the following is true about IS infrastructure?
A) Once developed, it is not possible to change IS infrastructure.
B) IS applications can be easily changed to meet organizational requirements.
C) Changing IS infrastructure is expensive and time-consuming.
D) Information systems need to change only when organizations merge

C

The ________ is the representative for IS and IT issues within the executive staff, providing the IS perspective during discussions of problem solutions, proposals, and new initiatives.
A) COO
B) CTO
C) CIO
D) CEO

C

A(n) ________ is a group of senior managers from the major business functions that works with the CIO to set IS priorities and decide among major IS projects and alternatives.
A) steering committee
B) discussion forum
C) IS department
D) network board

A

Which of the following is a function of the steering committee for an IS department?
A) writing program code
B) imparting training
C) adapting software
D) setting IS priorities

D

Which of the following statements is true about the steering committee of an IS department?
A) It serves an important communication function between the company and its clients.
B) Its membership is determined by the IS department.
C) Its schedule and agenda are set up by the CEO and other members of the executive staff.
D) Its meetings are conducted by the IS department.

D

________ is the process of hiring another organization to perform a service.
A) Merging
B) Outsourcing
C) Headhunting
D) Diversifying

B

One of the reasons outsourcing is undertaken is to ________.
A) reduce an organization’s control over functions
B) increase costs for the outsourcing vendor
C) cap an organization’s financial exposure D) enhance management’s focus on nonessential functions

C

Which of the following is true about outsourcing?
A) It increases budgetary instability due to the level of risk involved.
B) It saves both direct and indirect management time.
C) It creates diseconomies of scale.
D) It guarantees a higher level of quality than that provided in-house.

B

Outsourcing gathers all of the possible risks into the risk of choosing the right ________.
A) steering committee
B) sales team
C) technology
D) vendor

D

________ is a form of outsourcing.
A) Buying off-the-shelf software
B) Customizing info systems
C) Acquiring licensed software
D) Updating data standards

C

Which of the following is an outsourcing alternative that provides hosted applications and data storage?
A) licensed software
B) business function outsourcing
C) software as a service (SaaS)
D) Web storefronts

C

Which of the following is an example of a company that offers SaaS?
A) Salesforce.com
B) PeopleSoft
C) Electronic Data Systems
D) Epicor

A

Sites like Amazon.com provide ________ for product vendors & distr who choose not to develop their own online presence.
A) software licenses
B) enterprise applications
C) Web storefronts
D) hardware infrastructure

C

In 2005, Marriott International chose Hewitt Associates to handle its human resources needs for the next 7 years. This is an example of ________ outsourcing.
A) network
B) software
C) business function D) application

C

Which of the following is a form of hardware outsourcing?
A) acquiring licensed products
B) cloud hosting
C) SaaS
D) Web storefronts

b

When a co outsources a system, control over prioritizing fixes for software failures and problems belongs to the ________.
A) CTO
B) vendor
C) hiring organization
D) CIO

b

Which of the following is a risk of outsourcing IS/IT functions?
A) It gives undue authority to the CIO in the executive team.
B) It provides the hiring organization with too many choices.
C) It involves the potential loss of intellectual capital.
D) It enables the vendor to gain economies of scale.

C

As an IS user, you have a right to a secure computing environment. This means that ________.
A) the organization should protect your computer and its files
B) you should protect the organization’s computers and files
C) you should inform the IS about any software upgrades
D) you will never face a network problem

A

Which of the following is a right of users of information systems?
A) installing programs and applications of their choice
B) making hardware modifications when desired
C) receiving effective training according to their requirements
D) obtaining the configuration of their choice

C

Which of the following is generally a responsibility of users of information systems?
A) reporting even trivial problems
B) replacing legacy systems with improved ones
C) upgrading data standards
D) following security and backup procedures

D

Which of the following is true about users of information systems?
A) They have a responsibility to protect their computers from viruses by installing protection software.
B) They must ensure the availability of reliable and secure Internet connections.
C) They must learn standard techniques and procedures for the applications they use.
D) They should install hardware and software themselves, without bothering the IS department

C

) Users should not bother IS personnel for trivial reasons, so they have a responsibility to ________.
A) learn basic computer skills
B) protect their data
C) install security programs by themselves D) make necessary hardware modifications

A

Which of the following is true about the changes and developments foreseen for 2022?
A) Licensed, off-the-shelf software will become less configurable, less adaptable, and less flexible.
B) Fewer applications will be developed in-house and software customization will become easier.
C) Better-skilled employees will be needed to adapt software to increasingly unique organizational needs.
D) Small computing devices will become more expensive and lose their popularity.

B

A ________ is a person or organization that seeks to obtain data or other assets illegally, without the owner’s permission and often without the owner’s knowledge.
A) target
B) vulnerability
C) threat
D) warning

C

Which of the following is considered a threat caused by human error?
A) An employee inadvertently installs an old database on top of the current one.
B) An employee intentionally destroys data and system components.
C) A virus and worm writer infects computer systems.
D) A hacker breaks into a system to steal for financial gain.

A

Which of the following is considered a computer crime?
A) accidentally deleting customer records B) poorly written programs resulting in data losses
C) loss of data as a result of flooding
D) hacking of information systems

D

________ occurs when someone deceives by pretending to be someone else.
A) Hacking
B) Baiting
C) Sniffing
D) Pretexting

D

When referring to security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.
A) unauthorized data disclosure
B) incorrect data modification
C) faulty services D) loss of infrastructure

A

A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social Security numbers, account passwords, and so forth.
A) hacker
B) phisher
C) safeguard
D) sniffer

B

Email spoofing is a synonym for ________.
A) hacking
B) phishing
C) usurping
D) sniffing

B

________ is a technique for intercepting computer communications, either through a physical connection to a network or, in the case of wireless networks, with no physical connection.
A) Spoofing
B) Phishing
C) Sniffing
D) Pretexting

C

________ take computers with wireless connections through an area and search for unprotected wireless networks and then monitor and intercept wireless traffic at will.
A) Drive-by spoofers B) Pretexters
C) Drive-by sniffers D) Phishers

C

Which of the following is an example of a sniffing technique?
A) IP spoofing
B) caches
C) ad blockers D) adware

D

________ occurs when a person breaks into a network to steal data such as customer lists, product inventory data, employee data, and other proprietary and confidential data.
A) Pretexting
B) Phishing
C) Hacking
D) Spoofing

C

Which of the following is most likely to be the result of hacking?
A) certain Web sites being blocked from viewing for security reasons
B) small amounts of spam in your inbox
C) an unexplained reduction in your account balance D) pop-up ads appearing frequently

C

____ occurs through human error when employees dont follow proper proced or when proced have not been well designed.
A) Unauthorized data disclosure
B) Incorrect data modification
C) Denial of service D) Loss of infrastructure

B

________ occurs when comp. criminals invade a comp system & replace legitimate programs with their own unauthorized ones that shut down legitimate apps and substitute their own processing to spy, steal and manipulate data, or other purposes.
A) Hacking
B) Spoofing
C) Phishing
D) Usurpation

D

Which of the following usually happens in a malicious denial-of-service attack?
A) A hacker monitors and intercepts wireless traffic at will.
B) A hacker floods a Web server with millions of bogus service requests.
C) A hacker uses another site’s IP address to masquerade as that other site.
D) A phisher pretends to be a legitimate company and requests confidential data

B

________ present the largest risk for an organization’s infrastructure loss.
A) Employees
B) Natural disasters C) Hackers
D) Competitors

B

A(n) ________ is a comp program that senses when another comp is attempting to scan the disk or otherwise access a comp.
A) IDS
B) botnet
C) antivirus
D) firewall

A

Nonword passwords are vulnerable to a ____ attack, in which the PW cracker tries every possible combination of characters.
A) denial-of-service B) side channel
C) brute force
D) obfuscation

C

________ are small files that your browser stores on your computer when you visit Web sites and enable you to access Web sites without having to sign in every time.
A) Cookies
B) Registers
C) Pop-ups
D) Public keys

A

Employees resent physical searches when arriving at and departing from work. Which aspect of computer security described in the NIST Handbook is reflected here?
A) Computer security is an integral element of sound management.
B) Computer security should be cost-effective.
C) Computer security is constrained by societal factors.
D) Computer security should be periodically reassessed

C

Which of the following is a critical security function of senior management?
A) safeguarding computer hardware and software B) delegating responsibility for managing IS security
C) establishing the security policy and managing risk D) managing security programs on a real-time basis

C

Which element of a sec. policy specifies how an organization will ensure the enforcement of security programs and policies?
A) the general statement of the security policy B) the issue-specific policy
C) the network policy
D) the system-specific policy

A

A sec policy covering the matters related to the personal use of computers at work would be an example of a(n) ________.
A) data policy
B) issue-specific policy C) system-specific policy D) network security policy

B

Which of the following is an example of a system-specific security policy?
A) limiting the personal use of an organization’s computer systems
B) deciding what customer data from the order-entry system will be shared with other organizations
C) designating a department for managing an organization’s IS security
D) inspecting an employee’s personal email for compliance with company policy

B

________ refers to things we do not know, while ________ is the likelihood of an adverse occurrence.
A) Risk; indemnity
B) Uncertainty; risk
C) Assessment; uncertainty
D) Vulnerability; risk

B

Which of the following is the first step in risk management?
A) create backup procedures
B) reduce the likelihood of a threat
C) evaluate the results of the risk management process
D) assess the threats and vulnerabilities

D

Which factor of risk assess refers to the prob that a given asset will be compromis by a given threat, despite the safeguards?
A) likelihood
B) uncertainty
C) consequence D) vulnerability

A

Which of the following is an example of an intangible consequence?
A) a dip in sales because supplies were not replenished
B) a loss of customer goodwill due to an outage
C) a drop in production due to plant maintenance D) a financial loss due to high input costs

B

To obtain a measure of probable loss, companies ________.
A) multiply likelihood by the probability of occurrence
B) multiply the vulnerability by the probability of occurrence
C) multiply likelihood by the cost of the consequences
D) multiply residual risk by the cost of the consequences

C

Which of the following is covered by the Gramm-Leach-Bliley Act of 1999?
A) information related to national security
B) records maintained by the U.S. government
C) consumer financial data stored by financial institutions
D) health data collected by doctors and other health-care providers

C

The Privacy Act of 1974 covers ________.
A) records held by private companies
B) records held by the U.S. government
C) records held by banks and other financial institutions
D) records held by non-government agencies

B

Which of the following was passed to give individuals the right to access their own health data created by doctors and other health-care providers?
A) Privacy Act of 1974
B) Sarbanes-Oxley Act
C) HIPAA
D) Gramm-Leach-Bliley Act

C

Which of the following is an example of a technical safeguard?
A) position definitions B) firewalls
C) key escrow
D) account management

B

A(n) ________ card has a microchip in it to hold data.
A) ATM
B) smart
C) biometric
D) LAN

B

Users of smart cards are required to enter a ________ to be authenticated.
A) Social Security number
B) public key
C) personal identification number
D) private key

C

Which of the following is used for biometric authentication?
A) smart cards
B) facial features
C) passwords
D) personal identification numbers

B

Which of the following statements is true for biometric identification?
A) It involves the use of a PIN for authentication.
B) It provides weak authentication.
C) It is a relatively cheap mode of authentication.
D) It often faces resistance from users for its invasive nature.

D

A system called ________ authenticates users without sending their passwords across a computer network.
A) Kerberos
B) WPA
C) pretexting
D) WEP

A

The IEEE 802.11 Committee, the group that dev. & maintains wireless stand., first developed a wireless sec standard called_.
A) Wireless Fidelity
B) Wi-Fi Protected Access
C) Wired Equivalent Privacy
D) WiMax

C

________ is the process of transforming clear text into coded, unintelligible text for secure storage or communication.
A) Inscription
B) Etching
C) Encryption
D) Decryption

C

With ________ encryption, the sender and receiver transmit a message using the same key.
A) asymmetric
B) coaxial
C) symmetric
D) collinear

C

Which of the following observations concerning Secure Socket Layer (SSL) is true?
A) It uses only asymmetric encryption.
B) It is a useful hybrid of symmetric and asymmetric encryption techniques.
C) It works between Levels 2 and 3 of the TCP-OSI architecture.
D) It is a stronger version of HTTPS.

B

You are transferring funds online through the Web site of a reputed bank. Which of the following displayed in your browser’s address bar will let you know that the bank is using the SSL protocol?
A) http
B) www
C) https
D) .com

C

________ is the term used to denote viruses, worms, Trojan horses, spyware, and adware.
A) Malware
B) Kerberos
C) Usurpation
D) Spam

A

A virus is a computer program that replicates itself. The program code that causes unwanted activity is called the ________.
A) payload
B) Trojan
C) bot herder
D) key escrow

A

________ are viruses that masquerade as useful programs or files.
A) Adware
B) Firmware
C) Trojan horses D) Payloads

C

A(n) ________ is a type of virus that propagates using the Internet or other computer networks.
A) worm
B) sniffer
C) Trojan horse
D) phisher

A

What is a major difference between spyware and adware?
A) Unlike spyware, adware does not perform malicious acts.
B) Unlike spyware, adware steals data from users.
C) Unlike spyware, adware is installed with the user’s permission.
D) Unlike spyware, adware does not observe user behavior

A

________, tiny files that gather demographic info, use a single code to identify users by age, gender, location, likely inc, and online activity.
A) Cookies
B) Adware
C) Payloads
D) Beacons

D

The term ________ refers to any type of program that is surreptitiously installed and that takes actions unknown and uncontrolled by the computer’s owner or administrator.
A) proxy
B) payload
C) bot
D) string

C

Because encryption keys can be lost or destroyed, a copy of the key should be stored with a trusted third party. This procedure is called ________.
A) Kerberos
B) spoofing
C) brute force
D) key escrow

D

Maintaining the computers that run a DBMS in a locked room is a part of ________.
A) malware safeguards
B) recovery procedures
C) physical security procedures
D) data rights and responsibilities

C

Which of the following statements about human safeguards for employees is true?
A) Security screening in an organization is a one-time process and applies only to new employees.
B) Users’ computer accounts should give users the least possible privilege necessary to perform their jobs.
C) Companies can provide user accounts and passwords to employees prior to their security training.
D) There are only two main aspects to security enforcement: responsibility and accountability.

B

When an employee is terminated, IS administrators should receive advance notice so they can ________.
A) destroy the employee’s records
B) plan for new recruitment
C) disseminate information
D) remove user accounts and passwords

D

________ a site means to take extraordinary measures to reduce a system’s vulnerability, using special versions of the operating system, and eliminating operating systems features and functions that are not required by the application.
A) Leveling
B) Hardening
C) Authenticating D) Certifying

B

________ are the primary means of authentication and are important not just for access to a user’s computer, but also for authentication to other networks and servers to which the user may have access.
A) Private keys
B) User names
C) Passwords
D) Personal identification numbers

C

Which of the following systems procedures is specifically the responsibility of operations personnel?
A) backing up data on one’s personal computer B) using systems to perform job tasks
C) backing up system databases D) knowing whom to contact when a security breach occurs

C

In disaster-preparedness term, a ________ is a utility co that can take over another co’s processing with no forewarning.
A) Web farm
B) cold site
C) development site D) hot site

D

Which of the following observations is true of a cold site?
A) It is located on the company’s premises.
B) It is more expensive to lease than a hot site.
C) It requires customers to install and manage systems themselves. D) It provides only office space

C

Many co create ________, which are false targets for comp criminals to attack. To an intruder, it would look like a particularly valuable resource, such as an unprotected Web site, but in actuality the only site content is a program that determines the attacker’s IP address.
A) bot herders
B) hot sites
C) honeypots
D) beacons

C

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending