Download - Cs507 Important Question
-
8/8/2019 Cs507 Important Question
1/39
Question No: 1 ( Marks: 1 ) - Please choose one
Information technology can lead to a decrease in the time for decision making
True False
Question No: 2 ( Marks: 1 ) - Please choose one
Customer touch point is a method of interaction with a customer, such as telephone, e-
mail, a customer service or help desk, conventional mail, Web site and store. True
False
Question No: 3 ( Marks: 1 ) - Please choose one
---------infrastructure consists of the physical facilities services and management that
support all computing resources in an organization
Information
Decision Management
Question No: 4 ( Marks: 1 ) - Please choose one
Which of the following refers to the process of identifying attempts to penetrate a systemand gain unauthorized access?
Intrusion detection
Audit Trial Control Trial
Documentation
Question No: 5 ( Marks: 1 ) - Please choose one
The departmental structures are --------------- in banking and financial sector. Different
Same
Mixed
Question No: 6 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
2/39
Input controls monitor the initial handshaking procedure of the user with the operating
system.
True False
Question No: 7 ( Marks: 1 ) - Please choose one
Logical intrusion skills needed to exploit logical exposures are more technical andcomplex as compared to physical exposures.
True
False
Question No: 8 ( Marks: 1 ) - Please choose one
MIS and DSS can be seen as having a systematic approach towards problem solution. True
False
Question No: 9 ( Marks: 1 ) - Please choose one
The protection of the interests of those relying on information, and the information
systems and
communications that delivers the information, from harm resulting from failures ofavailability,
confidentiality, and integrity.
False True
Question No: 10 ( Marks: 1 ) - Please choose one
Which of the following are knowledge workers who facilitate the development of
information systems and computer applications by bridging the communications gap thatexists between non-technical system users, and System designers and developers?
System Analysts
Software Engineers System Designers
Chief Executives
Question No: 11 ( Marks: 1 ) - Please choose one
______ is defined as all elements that exist outside the boundary of the organization.
-
8/8/2019 Cs507 Important Question
3/39
Size
Business Environment
Business Structure
Question No: 12 ( Marks: 1 ) - Please choose one
______ is the set of interconnected structural elements that provide the framework.
Infrastructure System
Organization
Question No: 13 ( Marks: 1 ) - Please choose one
Rectangle shape in the flow charts represents___________
Decision Process
Terminator
Question No: 14 ( Marks: 1 ) - Please choose one
Rounded shaped symbol in the flow chart is called ____________
Connector
Arrow Process
Question No: 15 ( Marks: 1 ) - Please choose one
__________ overwrites every program/software/file it infects with itself. Hence theinfected file no longer functions.
Dropper
Overwriting Viruses
Boot sector Virus
Question No: 16 ( Marks: 1 ) - Please choose one
Object oriented analysis focuses on the _________
States of objects Collaboration of objects
Implementation of objects
-
8/8/2019 Cs507 Important Question
4/39
Question No: 17 ( Marks: 1 ) - Please choose one
An information technology (IT) audit is an Examination of the controls within an entitysInformation technology infrastructure .
True
False
Question No: 18 ( Marks: 1 ) - Please choose one
Web Site monitoring is the process used to view or record both the keystrokes entered by
a computer user and the computer's response during an interactive session.
True False
Question No: 19 ( Marks: 1 ) - Please choose one
A _______________ is the possibility of a problem, whereas a problem is a risk that hasalready occured.
Risk
Threat
Intrusion
Question No: 20 ( Marks: 1 ) - Please choose one
The two major criteria that are used to analyze risks are Operational Effects and
Situational Impacts True
False
Question No: 21 ( Marks: 1 ) - Please choose one
Access Control refers to the process of identifying attempts to penetrate a system andgain unauthorized access.
True
False
Question No: 22 ( Marks: 1 ) - Please choose one
M-Commerce stands for Mobile Commerce.
True
False
-
8/8/2019 Cs507 Important Question
5/39
Question No: 23 ( Marks: 1 ) - Please choose one
Organizational Development is one of the types of Change.
True False
Question No: 24 ( Marks: 1 ) - Please choose one
Preparing a situation for change by disconfirming existing attitudes and
behaviors is called Unfreezing. True
False
Question No: 25 ( Marks: 1 ) - Please choose one
Which of the following activity consists of the discovery, modeling, specification and
evaluation of requirements?
Development
Design Requirement
Implementation
Question No: 26 ( Marks: 1 ) - Please choose one
Which of the following scans the operating system and application software for any virus
based on the viruses they contain.
Antivirus Scanners
Active Monitors
Firewall
Question No: 27 ( Marks: 1 ) - Please choose one
__________ is an association among entities. There has to be a relationship between two
entities
Value Sets Cardinality
Relationships
-
8/8/2019 Cs507 Important Question
6/39
Question No: 28 ( Marks: 1 ) - Please choose one
A dropper is a program not a virus. True
False
Question No: 29 ( Marks: 1 ) - Please choose one
Every decision we take in daily life requires some sort of data about the alternatives
available.
True
False
Question No: 30 ( Marks: 1 ) - Please choose one
________________helps organization in gaining competitive advantage in the use of
processes, effectiveness and efficiency. BPR
CSF
SPR
MIS
Question No: 31 ( Marks: 2 )
What is cryptography?
Question No: 32 ( Marks: 2 )
What do you understand by Intrusion Detection Systems?
Question No: 33 ( Marks: 2 )
List information Requirements for Medium sizes organizations.
Question No: 34 ( Marks: 2 )
Define Dropper and Trojan horse ?
Question No: 35 ( Marks: 3 )
Designing file or database is a major component of system designing. Identify its basic
purposes.
-
8/8/2019 Cs507 Important Question
7/39
Question No: 36 ( Marks: 3 )
What is the responsibility of the management of the organization to ensure the security ofinformation systems?
Question No: 37 ( Marks: 3 )
Identify the information that is required before conducting an impact analysis?
Question No: 38 ( Marks: 3 )
Define Reengineering?
Question No: 39 ( Marks: 5 )
Briefly discuss Risk Determination ?
Question No: 40 ( Marks: 5 )
Discuss Technical Limitations of Ecommerce in comparison with Non-Technical
Limitations in organizations ?
CS507 Paper
Total Questions: 53
Multiple Choice Questions : 48
Subjective Questions : 05
Write two takeover defenses techniques (3 Marks)
Find Net Income from the following data (3 Marks)
(EBIT = 50,000, Fraction of Debt in Capital Structure = 20, Return on Debt = 10%,
Amount of Debt = 20,000 and Tax Rate = 35%
Write a note on Structure of Organization and Cost of Capital (05 Marks)
Difference b/w Declaration Date and Ex-Dividend Date (05 Marks)
Advantages of Financial Lease from point view of Lessee (05 Marks)
-
8/8/2019 Cs507 Important Question
8/39
Question No: 1 ( Marks: 1 ) - Please choose one
Medium Sized organizations are normally a family ownership run by
Father & Sons
Brothers
Father, Sons and Brothers
None of the given
Question No: 2 ( Marks: 1 ) - Please choose one
Small organizations usually have complex management structure.
True
False
Question No: 3 ( Marks: 1 ) - Please choose one
Which of the following functions provide such data as sales prospect and contact
information, product information, product configurations and sales quotes?
Sales force automation (SFA)
CRM
ERP
MIS
-
8/8/2019 Cs507 Important Question
9/39
Question No: 4 ( Marks: 1 ) - Please choose one
Closed system is dependent on the internal resources and data.
True
False
Question No: 5 ( Marks: 1 ) - Please choose one
Which of the following works in conjunction with routers and firewalls by monitoring
network usage anomalies to protect a companys information systems resources from
external as well as internal misuse?
Encryption
Intrusion Detection Systems
Firewall
All of above
Question No: 6 ( Marks: 1 ) - Please choose one
Passive Attack is one of the types of Web Security Threats
True
-
8/8/2019 Cs507 Important Question
10/39
False
Question No: 7 ( Marks: 1 ) - Please choose one
If an organization can tolerate some downtime, cold sites backup might be appropriate.
True
False
Question No: 8 ( Marks: 1 ) - Please choose one
Which of the following includes assessment of controls already been implemented or
planned, probability that they can be broken, assessment of potential loss despite such
controls existing?
Control Analysis
Vulnerability Assessment
Risk Management
All of above
Question No: 9 ( Marks: 1 ) - Please choose one
The out put of Threat Identification phase is a threat statement identifying and defining
threats.
True
-
8/8/2019 Cs507 Important Question
11/39
False
Question No: 10 ( Marks: 1 ) - Please choose one
Audit Trials can be used together with controls trials to identify and provide information
about users suspected of improper modification of data.
True
False
Question No: 11 ( Marks: 1 ) - Please choose one
Input controls monitor the initial handshaking procedure of the user with the operating
system.
True
False
Question No: 12 ( Marks: 1 ) - Please choose one
Automated data are less susceptible to destruction and misuse than paper data.
True
False
Question No: 13 ( Marks: 1 ) - Please choose one
The purpose of a class is to specify a classification of objects and to specify the features
that characterize the structure and behavior of those objects.
-
8/8/2019 Cs507 Important Question
12/39
True
False
Question No: 14 ( Marks: 1 ) - Please choose one
In drawing a proper flowchart, all necessary steps that are a part of process should be
listed out in ---------------------- order.
Logical
Physical
Random
Top to Bottom
Question No: 15 ( Marks: 1 ) - Please choose one
Targeting advertising to customers to increase the probability, that an offer is accepted.
True
False
Question No: 16 ( Marks: 1 ) - Please choose one
___________ is related to defining the information needs and how these will be obtained.
Infrastructure
-
8/8/2019 Cs507 Important Question
13/39
Architecture
System
Question No: 17 ( Marks: 1 ) - Please choose one
The spiral lifecycle model is a combination of the classic water Fall model and aspects of
risk analysis.
True
False
Question No: 18 ( Marks: 1 ) - Please choose one
Rectangle shape in the flow charts represents___________
Decision
Process
Terminator
Question No: 19 ( Marks: 1 ) - Please choose one
__________ is an object that exists and is distinguishable from other objects.
Value Sets
Entity
Relationships
Question No: 20 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
14/39
Object oriented analysis generates _________
Implementation constraints
System Interfaces
Conceptual model of Information
Question No: 21 ( Marks: 1 ) - Please choose one
Which of the following is not considered during OO Design?
Concurrency factor
Usability factor
Distribution factor
Question No: 22 ( Marks: 1 ) - Please choose one
Administrative Consol is one of the components of Intrusion Detection System (IDS).
True
False
Question No: 23 ( Marks: 1 ) - Please choose one
Maintaining and eventually institutionalizing the change is called Unfreezing.
True
False
-
8/8/2019 Cs507 Important Question
15/39
Question No: 24 ( Marks: 1 ) - Please choose one
Which of the following is the characteristic of being able to assign a different meaning orusage to something in different contexts - specifically?
OOP
Polymorphism
Encapsulation
Inheritance
Question No: 25 ( Marks: 1 ) - Please choose one
Which of the following is some action or event that can lead to a loss?
Threat
Damage
Accident
None of the above
Question No: 26 ( Marks: 1 ) - Please choose one
Intrabusiness is same as intraorganizational Business.
True
False
Question No: 27 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
16/39
Distributing common information to every one may result ---------- and ---------.
Waste of time, confusion
Increase productivity, awareness
Cut time, cost
None of them
Question No: 28 ( Marks: 1 ) - Please choose one
__________ is an association among entities. There has to be a relationship between two
entities
Value Sets
Cardinality
Relationships
Question No: 29 ( Marks: 1 ) - Please choose one
A denial-of-service attack floods a Web site with so many requests for services that itslows down or crashes.
True
False
Question No: 30 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
17/39
An IDS can help even if incorrectness or scope limitation in the manner threats aredefined.
True
False
Question No: 31 ( Marks: 2 )
What is cryptography?
It is conversion of data in secret code so that it can be transmitted safely.Question No: 32 ( Marks: 2 )
What do you understand by Intrusion Detection Systems?
It is a system used to secure networks. It is used in conjunction with routers, firewalls bymonitoring network usage anomalies. It protects the companys data from external as
well as internal threats and misuse. It is used in complement with firewall.
Question No: 33 ( Marks: 2 )
List information Requirements for Medium sizes organizations.1. Day to day transaction
2. sales
3. Cash management4. receivables and payables
5. Customer profiles
6. Market information
7. Competitor information8. Research and development
Question No: 34 ( Marks: 2 )
Why we need to secure information systems?Information systems must be secured because of existence of external and internal
threats. These threats are present in every network and place. Moreover the information is
to be transmitted through network which should be secured.
-
8/8/2019 Cs507 Important Question
18/39
Question No: 35 ( Marks: 3 )
What is access control? Give example
This control establish interface between the attempting user and the computer. It monitorsthe initial handshaking procedure with the operating system e.g. if a person enters a pin
code in ATM machine, access control which is run by the system helps in blocking
illegitimate access.Question No: 36 ( Marks: 3 )
Risk mitigation is a process that takes place after the process of risk assessment has beencompleted. Discuss briefly various risk mitigation options?
Risk Avoidance: this option means to avoid the risk by avoiding the cause of the risk e.g.
close a program which is causing the risk during its use.Risk planning: It means the risk should be managed and planned, if mitigation plan is
always there, then less chances of a threat.Risk limitation: risk can be minimized by limiting the factor which may cause the risk
e.g. defining access controls which limit the access to certain risky areas of the system.
Risk assumption: it means to accept the potential risk and keep using the system or
implement such controls which minimize the risk to a certain level.Research and acknowledgement: a risk can be minimized by continuous research and
acknowledgment through which methods can be find to control and minimize the risk.
Question No: 37 ( Marks: 3 )
Briefly describe Incremental Model.
As clear from the name it is a step by step process. In this model software are built not
written. It is just like constructing a building step by step. In this model system isdesigned, implemented and tested in series of incremental builds, where a build consists
of code pieces of various modules which work as a whole to form a testable system.
Question No: 38 ( Marks: 3 )
Differentiate CRM from ERP ?
Enterprise Resource Planning (ERP) is a software package used to perform a wide range
of functions for business planning, it includes product planning, parts planning,maintaining inventories, interacting with suppliers, providing customer service and
tracking orders.
While Customer Relationship Management is a method used to maintain relationships
with customers by keeping customers profiles, contacts and other related data to be used
-
8/8/2019 Cs507 Important Question
19/39
in time.
Question No: 39 ( Marks: 5 )
Differentiate Impact analysis from Risk determination ?
Impact analysis: This is a step which measures the level of risk in case of a successful
attack. For this first we need information like; System mission
System and data criticality
Sensitivity
This information is available in company documents such as system mission report,assets critically analysis report etc. this analysis helps to define the potential risk by
comparing with the goals like loss of integrity, loss of availability and loss of
confidentiality.
Risk Determination:Whereas risk determination measures the how much assets are exposed to the potential
threat i.e. it quantifies the loss. It analyses both physical and logical threats by using foursteps
Whether or not physical or logical controls are in place?
If they are present, how reliable they are?
What is the probability of occurrence of threats against that controls How much loss can occur if threat is successful?
It shows the main difference between Impact analysis and risk determination is former,identifies the risk while other quantifies the loss.
Question No: 40 ( Marks: 5 )
Discuss Intrusion detection Systems and also explain its components ?
It is a system used to secure networks. It is used in conjunction with routers, firewalls by
monitoring network usage anomalies. It protects the companys data from external as
well as internal threats and misuse. It is used in complement with firewall.
There are three types of Intrusion Detection Systems1. Signature-based
2. Statistical based
3. Neutral network1. Signature based:
This type of IDS only detects the predefined and detected intrusion pattern. It may not
detect all the threat.2. Statistical Based:
It uses comprehensive details of detected and expected behaviors of systems which can
detect possible threats. May be some time it detects some events as a threat for one
system which are normal operations of that system
-
8/8/2019 Cs507 Important Question
20/39
3. Neutral Network:
It monitors general patterns of the activity on the system and keeps a database of theseactivities.
An IDS is used as part of network. It can be used a combination of software andhardware, or sometime it can also be used as a software in the system only. It is
compliment to the firewall. It is located between the firewall and the system. it can also
be used before firewall. It detects unauthorized access on the local network as well asremote attempts of unauthorized access to the system by using special host base IDS
Biometrics. It maintains a log of the attempts successful or not. It does not block these
attempts for blocking Intrusion Prevention System is used.
Components of IDS:Sensors: sensors collect the data and keep the log of the data in the system
Analyzer: It analysis the data received from the sensors.
An Administrative Console: this console is used for maintaining the configuration of the
whole IDS and only be used by the system designer or administrator.User interface: this component is for the general users and provide them access to the
IDS.
FINALTERM EXAMINATION
Spring 2010CS507- Information Systems
Time: 90 min
Marks: 60Question No: 1 ( Marks: 1 ) - Please choose one
Which of the following integrate the planning, management and use of all resources of
the organization?
ERP
CRM
ESS
OIS
Question No: 2 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
21/39
Leading ERP software vendors include SAP (SAP R/3), Oracle and PeopleSoft.
True
False
Question No: 3 ( Marks: 1 ) - Please choose one
ERP or enterprise systems control all major business processes with a single softwarearchitecture in real time.
False
True
Question No: 4 ( Marks: 1 ) - Please choose one
Every system comprises of basic components which in a co-ordination formulate asystem.
True
False
Question No: 5 ( Marks: 1 ) - Please choose one
Knowledge-Discovery in Databases and Data mining are known as thing.
True
False
-
8/8/2019 Cs507 Important Question
22/39
Question No: 6 ( Marks: 1 ) - Please choose one
The identification of risks should start with:
Description of the internal and external risks
A brainstorming session with risk management experts and a program profile
A good understanding of the program and a brainstorming session with key
stakeholders
Definitions of likelihood and impact
Question No: 7 ( Marks: 1 ) - Please choose one
Which of the following likelihood level is true for the following statement:
"The threat source is highly motivated and sufficiently capable and controls to preventthe vulnerability from being exercised are ineffective "
None of these
Medium
High
Low
Question No: 8 ( Marks: 1 ) - Please choose one
Which of the following refers to the process of identifying attempts to penetrate a system
-
8/8/2019 Cs507 Important Question
23/39
and gain unauthorized access?
Intrusion detection
Audit Trial
Control Trial
Documentation
Question No: 9 ( Marks: 1 ) - Please choose one
Accounts should have a control over various recording points in the entire process from
procurement to finished good store room.
False
True
Question No: 10 ( Marks: 1 ) - Please choose one
Which of the following refers to damage caused to the software and data without any
physical damage to the computers?
Logical Threat
Physical Threat
Both a and b
-
8/8/2019 Cs507 Important Question
24/39
None of these
Question No: 11 ( Marks: 1 ) - Please choose one
Object orientation helps in increasing abstraction and event-driven programming.
True
False
Question No: 12 ( Marks: 1 ) - Please choose one
The purpose of a class is to specify a classification of objects and to specify the features
that characterize the structure and behavior of those objects.
True
False
Question No: 13 ( Marks: 1 ) - Please choose one
The First increment in incremental model is usually the core product which addresses thebasic requirements of the system.
True
False
Question No: 14 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
25/39
A schematic representation of a sequence of operations as in a manufacturing process orcomputer program is called __________
Algorithm.
Entity Relationship Diagram
Flowchart
Question No: 15 ( Marks: 1 ) - Please choose one
_________ is a malicious program that is disguised as or embedded within legitimatesoftware.
Trojan horse
Dropper
Overwriting Viruses
Question No: 16 ( Marks: 1 ) - Please choose one
There are typically two kinds of audit records.
True
False
Question No: 17 ( Marks: 1 ) - Please choose one
In assessing risks for an IT system, _______________ is the first step.
To define the scope of the effort.
-
8/8/2019 Cs507 Important Question
26/39
Vulnerability Assesment
threat identification
Question No: 18 ( Marks: 1 ) - Please choose one
Likelihood Determination phase sometimes determines that a potential vulnerability
could not be exercised by a given threat-source.
True
False
Question No: 19 ( Marks: 1 ) - Please choose one
M-Commerce stands for Mobile Commerce.
True
False
Question No: 20 ( Marks: 1 ) - Please choose one
M-Commerce (mobile commerce) refers to the conduct of e-commerce via wirelessdevices.
True
False
-
8/8/2019 Cs507 Important Question
27/39
Question No: 21 ( Marks: 1 ) - Please choose one
Which of the following is not the type of CSF?
Industry CSFs
Environmental CSFs
Technical CSFs
Temporal CSFs
Question No: 22 ( Marks: 1 ) - Please choose one
Customer feedback on any product is required for ________
Quality check
Money factors
Strategic relationship
Intellectual capital
Question No: 23 ( Marks: 1 ) - Please choose one
Which of the following is the process or art of defining the hardware and softwarearchitecture, components, modules, interfaces, and data for a computer system to satisfy
specified requirements?
Systems Design
Systems Requirement
Coding
-
8/8/2019 Cs507 Important Question
28/39
Requirement
Question No: 24 ( Marks: 1 ) - Please choose one
Which of the following is the characteristic of being able to assign a different meaning orusage to something in different contexts - specifically?
OOP
Polymorphism
Encapsulation
Inheritance
Question No: 25 ( Marks: 1 ) - Please choose one
Intrabusiness is same as intraorganizational Business.
True
False
Question No: 26 ( Marks: 1 ) - Please choose one
Decision support systems are designed to be ad hoc and quick-response systems which
are initiated and controlled by decision makers.
TRUE
FALSE
Question No: 27 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
29/39
__________ is an association among entities. There has to be a relationship between twoentities
Value Sets
Cardinality
Relationships
Question No: 28 ( Marks: 1 ) - Please choose one
In _____ decisions, problem is recurring and repetitive
Unstructured
Structured
Semi-Structured
Question No: 29 ( Marks: 1 ) - Please choose one
To accept the potential risk and continue operating the IT system or to implement
controls to lower the risk to an acceptable level is called as ---------------.
Risk Planning
Risk Assumption
Risk Limitation
None of the above
Question No: 30 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
30/39
Which of the following are the examples of secondary sources?
Commentaries, review articles and literature reviews
Guidebooks, manuals, Chronologies
Interviews, surveys and fieldwork
None of them
Question No: 31 ( Marks: 2 )
Define threat and identify its types.
Question No: 32 ( Marks: 2 )
Identify the purpose of Feasibility study.
Question No: 33 ( Marks: 2 )
What do you understand by E-Business?
Question No: 34 ( Marks: 2 )
List down the inputs to Risk Determination phase ?
Question No: 35 ( Marks: 3 )
-
8/8/2019 Cs507 Important Question
31/39
What is critical success factor? Give examples
Question No: 36 ( Marks: 3 )
Briefly describe SDLC?
Question No: 37 ( Marks: 3 )
Discuss various steps in threat identification ? Give any example of threat sources and
threat actions .
Question No: 38 ( Marks: 3 )
List down components of an Intrusion Detection System ?
Question No: 39 ( Marks: 5 )
Identify any five phase of SDLC ?
Question No: 40 ( Marks: 5 )
Discuss Technical Limitations of Ecommerce in comparison with Non-Technical
Limitations in organizations ?
List the information required for medium size organization (2)
What are the physical threats for Information System (2)
List any two types of information that can be used as input for vulnerability. (2)
List down different types of SUPPLY CHAIN. (2)
How the information is kept in purchase department. (3)
-
8/8/2019 Cs507 Important Question
32/39
What do u know about Key stork Monitoring? (3)
Identify roles and responsibilities of any three professionals in an organization. (3)
Draw backs of ESP system. (3)
Give two examples to prove that audit trials helps to provide variants from normal
behavior which may lead to unauthorized usage of sources. (5)
Classify E-Commerce into different classes. (5)
Define Piggybacking? (2 marks)
Identify Physical threats to Information System? (2 marks)
Differentiate between CBIS from Manual Information System? (2 marks)
Differentiate Changing and Unfreezing? (2 marks)
How Viruses and Worms can be transmitted into computers? Identify any threesources. (3 marks)
List any three Dimensions in MKIS? (3 marks)
Define Trojan Horse? (3 marks)
Information system security association of USA has listed many ethical challenges,identify any three of them? (3 marks)
List down different methods used to gather information on the IT system within itsoperational boundary? (5 marks)
Discuss Intrusion system and its components? (5 marks)
Question No: 1 ( Marks: 1 ) - Please choose onePast court decisions have stated that privacy must be balanced against the needs
of society. Tru e
False
Question No: 2 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
33/39
Which of the following Customer Relationship Management (CRM) is anenterprisewide effort to acquire and retain customers? ERP CRM
MIS ES S
Question No: 3 ( Marks: 1 ) - Please choose oneEvery system comprises of basic components which in a co-ordinationformulate a system.
True False
Question No: 4 ( Marks: 1 ) - Please choose one
Closed system is dependent on the internal resources and data. True
False
Question No: 5 ( Marks: 1 ) - Please choose oneIn which of the following there is a direct interaction facilitated by auctions,
classifieds, and bartering? EGovernment
MCommerce Consumer-to-consumer EC
Intrabusiness EC
Question No: 6 ( Marks: 1 ) - Please choose oneThe turnaround time from the input of the transaction to the productionfor the output must be a few -------------------- Minutes or less Hours or less Seconds or less
Question No: 7 ( Marks: 1 ) - Please choose oneWhich of the following refers to the process of identifying attempts to
penetrate a system and gain unauthorized access? Threat Identification
Intrusion detectio nAccess Control
All of above
-
8/8/2019 Cs507 Important Question
34/39
Question No: 8 ( Marks: 1 ) - Please choose oneThe Internet Protocol is designed solely for the addressing and routing of datapackets across a network
TrueFalse
Question No: 9 ( Marks: 1 ) - Please choose oneThreat capacity is an input source for Likelihood determination. False Tru e
Question No: 10 ( Marks: 1 ) - Please choose oneWhich of the following is a weakness that can be accidentally triggered or
intentionally exploited? Audit Trial
Likelihood Identification Threat Identification Vulnerabilit y
Question No: 11 ( Marks: 1 ) - Please choose oneThere are typically ________________ kinds of audit records
One Two Three
Four
Question No: 12 ( Marks: 1 ) - Please choose oneDocumentation may include program code of application softwares, technicalmanuals, user manuals etc.
Tru eFalse
Question No: 13 ( Marks: 1 ) - Please choose oneDecisions in which the decision maker must provide judgment,evaluation, and insights into the problem definition would becharacterized as: Structured
-
8/8/2019 Cs507 Important Question
35/39
Semi Structured
Unstructured
Question No: 14 ( Marks: 1 ) - Please choose one
Automated data are less susceptible to destruction and misuse than paper data. Tru e
False
Question No: 15 ( Marks: 1 ) - Please choose one
According to Booch, object has following three components State, Behavior, Identity State, Behavior, Interface
State, Interface, methods State, Variables, Methods
Question No: 16 ( Marks: 1 ) - Please choose oneNull value may or may not be called zero value. Tru e
False
Question No: 17 ( Marks: 1 ) - Please choose oneOrganizations are distinguished on the basis of __________
AttributesPolicy Managemen t
Question No: 18 ( Marks: 1 ) - Please choose one
__________ is known as father of warehouse. Stephen hawkingBill gates Bill Inmo n
Question No: 19 ( Marks: 1 ) - Please choose oneRounded shaped symbol in the flow chart is called ____________
-
8/8/2019 Cs507 Important Question
36/39
Connecto rArrow
Process
Question No: 20 ( Marks: 1 ) - Please choose oneIndividuals using their skills to forward a political agenda, possibly breaking thelaw
in the process, but justifying their actions for political reasons are called________
Hacktivst sCrackers
Hackers
Question No: 21 ( Marks: 1 ) - Please choose one
Object oriented analysis focuses on the _________ States of object s
Collaboration of objects
Implementation of objects
Question No: 22 ( Marks: 1 ) - Please choose oneWhich of the following carry characteristics of specialization? Sub classe s
Sub Interfaces Sub objects
Question No: 23 ( Marks: 1 ) - Please choose oneThe two major criteria that are used to analyze risks are Operational Effects andSituational Impacts True Fals e
Question No: 24 ( Marks: 1 ) - Please choose one
Which of the following is not the type of CSF? Industry CSFs Environmental CSFs
Technical CSF sTemporal CSFs
-
8/8/2019 Cs507 Important Question
37/39
Question No: 25 ( Marks: 1 ) - Please choose oneThe flowchart helps in locating and correcting errors also called debugging. True Fals e
Question No: 26 ( Marks: 1 ) - Please choose oneWhich of the following is the process or art of defining the hardware andsoftware architecture, components, modules, interfaces, and data for acomputer system to satisfy specified requirements? Systems Desig n
Systems Requirement
Coding Requirement
Question No: 27 ( Marks: 1 ) - Please choose oneWhich of the following focus on detecting potentially abnormal behaviorin function of operating system or request made by applicationsoftware? Active Monitors
Scanners Antivirus Behavior blocker s
Question No: 28 ( Marks: 1 ) - Please choose one
Buying and selling of products, services and information via computernetworks, primarily through Internet is : E-Commerc e
E-Business Web Surfing BPR
Question No: 29 ( Marks: 1 ) - Please choose one
_____________ is one of the component of Intrusion Detection System(IDS).
Log File Host Administrative Conso l None of above
Question No: 30 ( Marks: 1 ) - Please choose one
-
8/8/2019 Cs507 Important Question
38/39
The flow of information in organization can be _______ways. 1 2
3
4
Question No: 31 ( Marks: 2 )What are Active monitors? Define.Question No: 32 ( Marks: 2 )What is information Quality Checklist?Question No: 33 ( Marks: 2 )List any two types of information that can be used as input forvulnerability ?Question No: 34 ( Marks: 2 )Define CRM ?Question No: 35 ( Marks: 3 )What are the information requirements for Management level in
Accounting & financial Information Systems.Question No: 36 ( Marks: 3 )
What is access control? Give exampleQuestion No: 37 ( Marks: 3 )
Discuss Centralized and Distributed Processing in terms of theircomparison ?
Question No: 38 ( Marks: 3 )Identify draw backs of ERP systems ?Question No: 39 ( Marks: 5 )Differentiate the following1. Intrusion Detection vs Variance DetectionQuestion No: 40 ( Marks: 5 )Define the following:a) EC (ECommerce)b) EB (EBusiness)
ifferentiation Encrption and decryption? 2 Marks
Identify Components of intrusion detection system? 2 MarksWhat do we mean by cognitive process? 2 Marks
What is stand alone processing? 2 Marks
-
8/8/2019 Cs507 Important Question
39/39
What do u mean by keystroke monitioring? 3 Marks
How virus and worms can be transmitted into computers? identify any three? 3 Marks
List down components of an intrusion detection system? 3 MarksDiscuss characteristics of flat organization? 3 Marks
Discuss various ERP attributes? 5 Marks
Incorporate Risk management SDLC? identify its phases? 5 Marks
1. How threats are identified? (2 Marks)
2. Differentiate encryption form decryption3. Define firewall?
4. Differentiae data form information in your own words
5. What is the responsibilities of the management of the organization to ensure the
security of information system6. what do you mean by keystroke monetary
7. Define Reengineering
8. What do you understand ESS
9. Identify any phase of SLDC10. How can change management phases