 |
|
#1
11-27-2011, 08:35 PM
|
||||
|
||||
cs507 solved final term paper
1. Which of the following usually contain records describing system events, application events, or user events
An event-oriented log pg 149 A record of every keystroke Option a and b None of these 2. Which of the following is an object that exists and is distinguishable from other objects? Entity pg 113 Attribute Object Instance 3. A Protocol is an agreed-upon set of conventions that defines the rules of communication. True pg 128 False 4. The organization refers to a organizational structure with few or no levels of intervening management between staff and managers is called----------------- Hierarchical organization Flat Organization pg 10 Pyramid Organization 5. ERP s major objective is to tightly integrate the functional areas of the organization and to enable seamless information flows across the functional areas. True False 6. Threat capacity is an input source for Likelihood determination. False True pg 156 7. Buying and selling of products, services and information via computer networks, primarily the Internet is : E-Commerce page 172 E-Business Web Surfing BPR 8. Which of the following refers to the process of identifying attempts to penetrate a system and gain unauthorized access? Threat Identification Intrusion detection (page 150) Access Control All of above 9. Which of the following likelihood level is true for the following? "The threat source lacks motivation or capability or controls are in place to prevent or at Least significantly impede the vulnerability from being exercised." High Low (page 156) Medium None of these 10. The flowchart helps in locating and correcting errors also called debugging. True (page 105) False 11. The purpose of data flow diagrams is to provide a --------- between users and systems developers Linking bridge (page 106) Empty Space Data Flows Options a and b 12. Active Attack is one of the types of Web Security information systems. True False 13. Accounts should have a control over various recording points in the entire process from procurement to finished good store room. False True page 55 14. Commentaries are the example of _________ sources. Primary Tertiary Secondary page 3 15. One of the methods of integrating different business information systems is: ► Supply Chain management software pg18 ► Interface reconciliation software ► Message passing ► None of the given options 16.__________ overwrites every program/software/file it infects with itself. Hence the infected file no longer functions. ► Dropper ► Overwriting Viruses ► Boot sector Virus 17.Object oriented analysis focuses on the _________ ► States of objects ► Collaboration of objects ► Implementation of objects 18. In drawing a proper flowchart, all necessary steps that are a part of process should be listed out in ---------------------- order. ► Logical ► Physical ► Random ► Top to Bottom 19.Which of the following is not the type of CSF? ► Industry CSFs ► Environmental CSFs ► Technical CSFs ► Temporal CSFs 20. According to “Booch”, object has following three components ► State, Behaviour, Identity ► State, Behaviour, Interface ► State, Interface, methods ► State, Variables, Methods 21.__________ is known as father of warehouse. ► Stephen hawking ► Bill gates ► Bill Inmon 22. Every decision we take in daily life requires some sort of information about the alternatives available. ► True ► False 23. Collaborative commerce is one of the types of B2B. True False 24. Maintaining and eventually institutionalizing the change is called Unfreezing. ► True ► False 25 to 30mcqs were new CS507_Finalterm_Session 3_Subjective 2011 1. What is the concept of IS Audit? (5 marks) Information systems include accounting and finance function as a critical part of the entire system. Hence, these days audit of information systems as whole incisively focuses on finance and accounting aspect as well. For example, all banks and financial institutions have soft wares supporting interest computations. During the audit of IS, the integrity of the source code/program instructions have to be checked and assurance obtained that these have not been tampered with or altered in any manner. An information technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. When transactions are executed and recorded through computers, the lack of physical audit trail requires implementation of controls with the Information systems so as to give the same result as controls are implemented in a manual information system IS audit focuses more on examining the integrity of controls and ensuring whether they are properly working. Obtained evidence evaluation can ensure whether the organization's information systems safeguard assets, maintains data integrity, and is operating effectively and efficiently to achieve the organization's goals or objectives. 2. What are the aspects of Privacy issue is dealt with? (5 marks) Following aspects should be covered when privacy is dealt with. What kind of surveillance should be used by an employer on an employee? What things can keep to themselves and not be forced to reveal to others? What information about individuals should be kept in database and how secure is the information there – Issues of Data Protection What can be revealed to others about oneself if one is required to do so? 3. Differentiate Bugs from viruses? (5 marks) Virus vs. Bug Bug is an internal malfunction of the software. It is an unintentional fault in a program. It is an incorrect functioning of a particular procedure in a program. This is caused by improper application of programming logic. For example, free trial versions of soft wares are available on line. These beta versions are not tested fully and often contain bugs that can disrupt the system. Incorrect definition of a formula or linkage can give incorrect results. Virtually all complex programs contain virus. Incorrect/ invalidated / unedited data entry is not a programming fault or a bug. The process of removing bugs from software is termed as debugging. Virus is the external threat which is not a malfunction of the software. However, a bug in the software can create a virus. 4. Define Object Oriented Analysis and Design (OOAD)? (2 marks) The concept of object oriented analysis and design focuses on problems in terms of classes and objects. This concept combines aspects of both entity relationship diagram and data flow diagrams. 5. Define Computer Aided Manufacturing (CAM)? (2 marks) Computer-aided manufacturing (CAM) is a form of automation where computers communicate work instructions directly to the manufacturing machinery. 6. Define Dropper and Trojan horse? (2 marks) Dropper A dropper is a program not a virus. It installs a virus on the PC while performing another function. Trojan horse A Trojan horse is a malicious program that is disguised as or embedded within legitimate software. They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed. 7. What are the objectives of ERP? (2 marks) ERP applications address the complete business process. ERP applications are modular generally covering all aspects of the business as each aspect is dependant upon the other. ERP is extended to the enterprise level, encompassing not only the organization but also the entities external to organization i.e. suppliers and customer. 8. Define ERP? (2 marks) “ERP (enterprise resource planning) is an industry term for the broad set of activities supported by multi-module application software that helps a manufacturer or other business manage the important parts of its business, including product planning, parts purchasing, maintaining inventories, interacting with suppliers, providing customer service, and tracking orders.” 9. Briefly define hackers? (3 marks) Hackers A hacker is a person who attempts to invade the privacy of the system. In fact he attempts to gain unauthorized entry to a computer system by circumventing the system’s access controls. Hackers are normally skilled programmers, and have been known to crack system passwords, with quite an ease. Initially hackers used to aim at simply copying the desired information from the system. But now the trend has been to corrupt the desired information. 10. Discuss Technical Limitations of Ecommerce in business? (Marks: 3) Technological Limitations Lack of universal standards for quality, security, and reliability The telecommunications bandwidth is insufficient, especially for m-commerce (electronic commerce via mobile phones). Difficulty in integrating e-commerce infrastructure with current organizational IT systems - Many companies use IT systems, which are old (i.e. legacy systems). These were developed to support different needs and different kinds of software and applications. These systems contain valuable business information but have to be integrated with new ones. In many occasions this is extremely difficult. When it comes to full integration with back-office operations, for example, the cost of integrating legacy systems with modern ones may be greater than that of actually scrapping them completely 11. What are three challenges faced by security association of USA?(3 marks) Information system security association of USA has listed down following ethical challenges 1. Misrepresentation of certifications, skills 2. Abuse of privileges 3. Inappropriate monitoring 12. Briefly describe SDLC? (3 marks) The Systems Life Cycle (SLC) is a type of methodology used to describe the process for building information systems, intended to develop information systems in a very deliberate, structured and methodical way, reiterating each stage of the life cycle. A Systems Development Life Cycle (SDLC) adheres to important phases that are essential for developers, such as planning, analysis, design, and implementation. 13. What should be kept in mind while identifying the risk? (3 marks) 
|
|
Linear Mode
