• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/184

Click to flip

184 Cards in this Set

  • Front
  • Back
SANs create large central pools of storage that can be rapidly accessed and shared by multiple servers.
Answer: TRUE
Page Ref: 187
Autonomic computing is implemented primarily with enterprise or ISP servers.
Answer: FALSE
Page Ref: 181
Web services can exchange information between two different systems regardless of the operating system or programming languages on which the systems are based.
Answer: TRUE Page Ref: 186
Hypertext markup language specifies how text, graphics, video, and sound are placed on a Web page document.
Answer: TRUE Page Ref: 187
The collection of Web services that are used to build a firm's software systems constitutes what is known as a service-oriented architecture.
Answer: TRUE Page Ref: 187
Scalability refers to the ability of a computer, product, or system to expand to serve a large number of users without breaking down.
Answer: TRUE Page Ref: 194
TCO refers to the original cost of purchased technology: both hardware and software.
Answer: FALSE
Page Ref: 196
Which type of infrastructure services provides voice and video connectivity to employees, customers, and suppliers?
A) networking
B) telephone
C) VOIP
D) telecommunications
Answer: D Page Ref: 164
Which of the following is NOT an IT infrastructure service component?
A) operating system software
B) computing platforms to provide a coherent digital environment
C) physical facility management to manage the facilities housing physical components
D) IT management services to plan and develop the infrastructure and provide project management
Answer: A
Page Ref: 163-164
In a multi-tiered network:
A) the work of the entire network is centralized.
B) the work of the entire network is balanced over several levels of servers.
1
Information Systems I – 90.477-001
C) processing is split between clients and servers.
D) processing is handled by multiple, geographically remote clients.
Answer: B Page Ref: 167
Interpretations of Moore's law assert that:
A) computing power doubles every 18 months.
B) transistors decrease in size 50% every two years.
C) data storage costs decrease by 50% every 18 months. D) none of the above.
Answer: A
Page Ref: 168-170
Which of the following factors provides an understanding of why computing resources today are ever more available than in previous decades?
A) network economics
B) law of mass digital storage and Moore's law
C) declining communications costs, universal standards, and the Internet D) all of the above
Answer: D
Page Ref: 168-174
Specifications that establish the compatibility of products and the ability to communicate in a network are called
A) network standards.
B) telecommunications standards.
C) technology standards. D) Internet standards.
Answer: C Page Ref: 174
A SAN is a ________ network. A) server area
B) storage area
C) scalable architecture
D) service-oriented architecture
Answer: B
Page Ref: 177
Legacy systems are still used because they
A) can only be run on the older mainframe computers.
B) are too expensive to redesign.
C) integrate well using new Web services technologies.
D) contain valuable data that would be lost during redesign.
Answer: B Page Ref: 179
39) Connecting geographically remote computers in a single network to create a "virtual supercomputer" is called
A) co-location.
B) edge computing.
C) grid computing. D) utility computing.
Answer: C page Ref: 179
The business case for using grid computing involves all of the following EXCEPT A) cost savings.
B) increased accuracy.
C) speed of computation.
D) agility.
Answer: B
Page Ref: 179-180
Which type of computing refers to firms purchasing computing power from remote providers and paying only for the computing power they use?
A) on-demand
B) grid
C) edge
D) autonomic
Answer: A Page Ref: 181
Which of the following does grid computing utilize to create enormous supercomputing power? A) massive unused data centers
B) underutilized mainframe computers
C) networked computers with idle resources
D) networks with low usage
Answer: C
Page Ref: 181
An example of autonomic computing is
A) spyware protection software that runs and updates itself automatically.
B) software programmed to run on any hardware platform.
C) cell phones taking on the functions of handheld computers.
D) programming languages that allow non-programmers to create custom applications.
Answer: A Page Ref: 181
Which of the following is a technique used to allow users to interact with a Web page without having to wait for the Web server to reload the Web page?
A) UDDI
B) widgets
C) Ajax
D) Java
Answer: C Page Ref: 186
A software tool with a graphical user interface for displaying Web pages and for accessing the Web and other Internet resources is called a:
A) JVM.
B) Web browser.
C) FTP client.
D) All of the above.
Answer: B Page Ref: 186
Sets of loosely coupled software components that exchange information with each other using standard Web communication standards and languages are referred to as
A) Web services.
B) EAI software.
C) SOA.
D) SOAP.
Answer: A
Page Ref: 186
unning a Java program on a computer requires
A) a Java Virtual Machine to be installed on the computer.
B) a Java Virtual Machine to be installed on the server hosting the Java applet. C) a miniature program to be downloaded to the user's computer.
D) no specialized software, as Java is platform-independent.
Answer: A Page Ref: 186
Which of the following is an example of an SOA environment?
A) Amazon.com's operation of hundreds of services, such as billing or customer interface, delivered by different application servers
B) E*Trade's use of lower-cost Linux servers that delivered increased computer performance
C) Thermos's use of hosted Oracle systems software running on Oracle's computers
D) None of the above
Answer: A
Page Ref: 187-188
Software applications that are based on combining different online software applications are called A) integrated software.
B) Ajax.
C) mashups.
D) virtual software.
Answer: C
Page Ref: 189
Your firm needs to implement electronic timesheet software and needs to keep within a small budget. Which of the following would be the most costly method of implementing this new software?
A) purchasing a software package
B) programming the new software in-house
C) leasing the software over the Internet
D) outsourcing the software programming
Answer: B
Page Ref: 189-191
Prewritten, commercially available sets of software programs that eliminate the need for a firm to write its own software programs for certain functions, are referred to as
A) software packages.
B) mashups.
C) outsourced software. D) open source software.
Answer: A Page Ref: 190
A formal contract between customers and their service providers that outlines the specific responsibilities of the service provider and to the customer is called a(n)
A) SOA
B) SLA
C) TCO D) RFQ
Answer: B Page Ref: 191
SaaS refers to
A) supplying online access over networks to storage devices and storage area network technology.
B) managing combinations of applications, networks, systems, storage, and security as well as providing Web site and systems performance monitoring to subscribers over the Internet.
C) hosting and managing access to software applications delivered over the Internet to clients on a subscription basis.
D) none of the above.
Answer: C Page Ref: 191
The practice of contracting custom software development to an outside firm is commonly referred to as A) outsourcing.
B) scaling.
C) service-oriented architecture.
D) application integration.
Answer: A
Page Ref: 191
Which of the following refers to the ability of a computer, product, or system to expand to serve a larger number of users without breaking down?
A) modality
B) scalability
C) expandability
D) disintermediation
Answer: B Page Ref: 194
How would you determine the market demand for your firm's IT services? A) Perform a TCO analysis.
B) Benchmark your services.
C) Hold focus groups to assess your services.
D) Analyze sales returns on key investments.
Answer: C
Page Ref: 194
Which of the following is not one of the main six factors to consider when evaluating how much your firm should spend on IT infrastructure?
A) your firm's business strategy
B) the IT investments made by competitor firms
C) market demand for your firm's services D) your firm's organizational culture
Answer: D Page Ref: 195
Your firm, an auto parts manufacturer, has just merged with an automobile engine manufacturer, and the two companies have different SCM systems. Which of the following strategies would be the most likely course to help to reduce the TCO of the merged firms' technology investments?
A) Use Web services to join the two systems.
B) Move one firm into using the other's system in order to centralize management and support services. C) Develop single ERP system that encompasses the information needs and business processes of both firms.
D) Purchase a hosted, on-demand ERP system that encompasses the needs and processes of both firms.
Answer: B
Page Ref: 196-197
Which model can be used to analyze the direct and indirect costs to help firms determine the actual cost of specific technology implementations?
A) total cost of ownership
B) return on investment
C) breakeven point
D) cost benefit analysis
Answer: A Page Ref: 196
Hardware and software acquisition costs account for about ________ percent of TCO. A) 20
B) 40
C) 60
D) 80
Answer: A
Page Ref: 196
(blank) is the ability of the computer, product, or system to expand to survey larger numbers of users without breaking down.
Scalability Page Ref: 194
Program-data dependence refers to the coupling of data stored in files and software programs that use this data such that changes in programs require changes to the data.
Answer: TRUE Page Ref: 211
Many applications today require databases that can store and retrieve multimedia.
Answer: TRUE
Page Ref: 215
In a relational database, complex groupings of data must be streamlined to eliminate awkward many-to- many relationships.
Answer: TRUE Page Ref: 219
A data warehouse is typically comprised of several smaller data marts.
Answer: FALSE
Page Ref: 225
Predictive analysis is synonymous with data mining.
Answer: FALSE
Page 229
Data cleansing is the same process as data scrubbing.
Answer: TRUE
Page Ref: 234
Which of the following is NOT one of the main problems with a traditional file environment? A) data inconsistency
B) program-data independence
C) lack of flexibility in creating ad-hoc reports
D) poor security
Answer: B
Page Ref: 211-212
A DBMS reduces data redundancy and inconsistency by A) enforcing referential integrity.
B) uncoupling program and data.
C) utilizing a data dictionary.
D) minimizing isolated files with repeated data.
Answer: D
Page Ref: 213
Which of the following best illustrates the relationship between entities and attributes? A) the entity CUSTOMER with the attribute PRODUCT
B) the entity CUSTOMER with the attribute PURCHASE
C) the entity PRODUCT with the attribute PURCHASE
D) the entity PRODUCT with the attribute CUSTOMER
Answer: B
Page Ref: 210
A characteristic or quality describing an entity is called a(n) A) field.
B) tuple.
C) key field.
D) attribute.
Answer: D
Page Ref: 210
Which of the following non-digital data storage items is most similar to a database? A) library card catalog.
B) cash register receipt.
C) doctor's office invoice.
D) list of sales totals on a spreadsheet.
Answer: A
Page Ref: 210-211
The confusion created by ________ makes it difficult for companies to create customer relationship
management, supply chain management, or enterprise systems that integrate data from different sources
Answer: B
Page Ref: 211
Duplicate data in multiple data files is called data ________. A) redundancy
B) repetition
C) independence
D) partitions
Answer: A
Page Ref: 211
The type of logical database model that treats data as if they were stored in two-dimensional tables is the A) OODBMS.
B) pre-digital DBMS.
C) relational DBMS.
D) hierarchical DBMS.
Answer: C
Page Ref: 213
In a relational database, the three basic operations used to develop useful sets of data are A) select, project, and where.
B) select, join, and where.
C) select, project, and join.
D) select, from, and join.
Answer: C
Page Ref: 215
The project operation
A) combines relational tables to provide the user with more information than is otherwise available. B) creates a subset consisting of columns in a table.
C) organizes elements into segments.
D) identifies the table from which the columns will be selected.
Answer: B Page Ref: 215
Which of the following database types is useful for storing java applets as well as processing large numbers of transactions?
A) relational DBMS
B) hierarchical DBMS
C) object-relational DBMS D) OODBMS
Answer: C Page Ref: 215
The type of database management approach that can handle multimedia is the A) hierarchical DBMS.
B) relational DBMS.
C) network DBMS.
D) object-oriented DBMS.
Answer: D
Page Ref: 215
The data dictionary serves as an important data management tool by
A) assigning attributes to the data.
B) creating an inventory of data contained in the database.
C) presenting data as end users or business specialists would perceive them.
D) maintaining data in updated form.
Answer: B Page Ref: 217
The specialized language programmers use to add and change data in the database is called A) a data access language.
B) a data manipulation language.
C) structured Query language.
D) a data definition language.
Answer: B
Page Ref: 217
DBMSs typically include report-generating tools in order to A) retrieve and display data.
B) display data in an easier-to-read format.
C) display data in graphs.
D) perform predictive analysis.
Answer: B
Page Ref: 219
The process of streamlining data to minimize redundancy and awkward many-to-many relationships is called
A) normalization.
B) data scrubbing.
C) data cleansing.
D) data defining.
Answer: A Page Ref: 219
A schematic of the entire database that describes the relationships in a database is called a(n) A) data dictionary.
B) intersection relationship diagram.
C) entity-relationship diagram.
D) data definition diagram.
Answer: C
Page Ref: 220
In what type of a database system is the entire central database duplicated at all remote locations? A) partitioned
B) normalized
C) replicated
D) networked
Answer: C
Page Ref: 221
Which of the following is a main disadvantage to a distributed database system? A) lack of flexibility
B) susceptibility to data inconsistency
C) poor responsiveness to local users
D) requires more expensive computers
Answer: B
Page Ref 222
A data warehouse is composed of
A) historical data from legacy systems. B) current data.
C) internal and external data sources. D) historic and current internal data.
Answer: D Page Ref: 223
A data mart usually can be constructed more rapidly and at lower cost than a data warehouse because A) a data mart typically focuses on a single subject area or line of business.
B) all the information is historical.
C) a data mart uses a Web interface.
D) all of the information belongs to a single company.
Answer: A
Page Ref: 225
Tools for consolidating, analyzing, and providing access to vast amounts of data to help users make better business decisions are known as
A) DSS.
B) business intelligence.
C) OLAP.
D) data mining.
Answer: B Page Ref: 226
The tool that enables users to view the same data in different ways using multiple dimensions is A) predictive analysis.
B) SQL.
C) OLAP.
D) data mining
Answer: C
Page Ref: 226
Data mining is a tool for allowing users to
A) quickly compare transaction data gathered over many years.
B) find hidden relationships in data.
C) obtain online answers to ad hoc questions in a rapid amount of time.
D) summarize massive amounts of data into much smaller, tradition
Answer: B Page Ref: 228
The organization's rules for sharing, disseminating, acquiring, standardizing, classifying, and inventorying information is called a(n)
A) information policy.
B) data definition file.
C) data quality audit.
D) data governance policy.
Answer: A Page Ref: 231
Detecting and correcting data in a database or file that are incorrect, incomplete, improperly formatted, or redundant is called
A) data auditing.
B) defragmentation.
C) data scrubbing.
D) data optimization.
Answer: C Page Ref: 234
Data cleansing not only corrects errors but also
A) establishes logical relationships between data.
B) structures data.
C) normalizes data.
D) enforces consistency among different sets of data.
Answer: D Page Ref: 234
Which of the following is NOT a method for performing a data quality audit?
A) surveying entire data files
B) surveying samples from data files
C) surveying data definition and query files
D) surveying end users about their perceptions of data quality
Answer: C
Page Ref: 234
Increasingly, voice, video, and data communications are all based on Internet technology.
Answer: TRUE
Page Ref: 249
A protocol is a standard set of rules and procedures for the control of communications in a network.
Answer: TRUE
Page Ref: 253
Two computers using TCP/IP can communicate even if they are based on different hardware and software platforms.
Answer: TRUE Page Ref: 254
Wi-Fi enables users to freely roam from hotspot to hotspot even if the hotspot is using different Wi-Fi network services.
Answer: FALSE Page Ref: 281
RFID has been exceptionally popular because of its low implementation costs.
Answer: FALSE
Page Ref: 283
A device that acts as a connection point between computers and can filter and forward data to a specified destination is called a
A) hub.
B) switch.
C) router.
D) NIC.
Answer: B Page Ref: 250
The Internet is based on which three key technologies? A) TCP/IP, HTML, and HTTP
B) TCP/IP, HTTP, and packet switching
C) Client/server computing, packet switching, and the development of communications standards for linking networks and computers
D) Client/server computing, packet switching, and HTTP
Answer: C Page Ref: 252
The method of slicing digital messages into parcels, transmitting them along different communication paths, and reassembling them at their destinations is called
A) multiplexing.
B) packet switching.
C) packet routing.
D) ATM.
Answer: B Page Ref: 252
The telephone system is an example of a ________ network. A) peer-to-peer
B) wireless
C) packet-switched
D) circuit-switched
Answer: D
Page Ref: 252
In TCP/IP, IP is responsible for
A) disassembling and reassembling of packets during transmission.
B) establishing an Internet connection between two computers.
C) moving packets over the network.
D) sequencing the transfer of packets.
Answer: A Page Ref: 253
The four layers of the TCP/IP reference model are
A) physical layer, application layer, transport layer, and the network interface layer.
B) physical layer, application layer, Internet layer, and the network interface layer.
C) application layer, transport layer, Internet layer, and the network interface layer.
D) application layer, hardware layer, Internet layer, and the network interface layer.
Answer: C
Page Ref: 253-254
Bandwidth is the
A) number of frequencies that can be broadcast through a medium.
B) number of cycles per second that can be sent through a medium.
C) difference between the highest and lowest frequencies that can be accommodated on a single channel.
D) total number of bytes that can be sent through a medium per second.
Answer: C Page Ref: 259
Which protocol is the Internet based on?
A) TCP/IP
B) FTP
C) packet-switching
D) HTTP
Answer: A
Page Ref: 260
What service converts IP addresses into more recognizable alphanumeric names? A) HTML
B) DNS
C) IP
D) HTTP
Answer: B
Page Ref: 260
IPv6 is being developed in order to
A) update the packet transmission protocols for higher bandwidth. B) create more IP addresses.
C) allow for different levels of service.
D) support Internet2.
Answer: B Page Ref: 265
Instant messaging is a type of ________ service. A) chat
B) cellular
C) Web
D) wireless
Answer: A
Page Ref: 267
The need in some cases for employees to have access to sexually explicit material on the Internet, such as medical researchers, suggests that companies
A) cannot restrict Internet use.
B) need specialized software to determine which types of material are acceptable.
C) may need to maintain a database of acceptable Web sites.
D) need to base their Internet use policies on the needs of the organization and culture.
Answer: D
Page Ref: 268-269
________ integrate(s) disparate channels for voice communications, data communications, instant messaging, e-mail, and electronic conferencing into a single experience.
A) Wireless networks
B) Intranets
C) Virtual private networks
D) Unified communications
Answer: D Page Ref: 270
A VPN
A) is an encrypted private network configured within a public network.
B) is more expensive than a dedicated network.
C) provides secure, encrypted communications using Telnet.
D) is an Internet-based service for delivering voice communications.
Answer: A Page Ref: 270
Web browser software requests Web pages from the Internet using which protocol? A) URL
B) HTTP
C) DNS
D) HTML
Answer: B Page Ref: 271
To keep internal data secure, a company employing an extranet must be sure to put a ________ in place
A) router
B) server
C) firewall
D) switch
Answer: C
Page Ref: 277
The business advantages of using voice over IP (VoIP) technology include all the following except?
A) Business can lower costs by using the Internet to deliver voice information
B)VOIP is faster and more secure
C) VOIP enables communication by supporting Internet conference calls using video.
D)VOIP also provides flexibility - phones can be added or moved to different offices without ewiring or reconfiguring the network.
Answer: B
Page Ref: 267-270
The potential for unauthorized access is usually limited to the communications lines of a network.
Answer: FALSE
Page Ref: 295
Wireless networks are vulnerable to penetration because radio frequency bands are easy to scan.
Answer: TRUE
Page Ref: 297
The range of Wi-Fi networks can be extended up to two miles by using external antennae.
Answer: FALSE
Page Ref: 297
The WEP specification calls for an access point and its users to share the same 40-bit encrypted password.
Answer: TRUE Page Ref: 300
Viruses can be spread through e-mail.
Answer: TRUE
Page Ref: 300
omputer worms spread much more rapidly than computer viruses.
Answer: TRUE Page Ref: 300
The potential for unauthorized access is usually limited to the communications lines of a network.
Answer: FALSE
Page Ref: 295
Wireless networks are vulnerable to penetration because radio frequency bands are easy to scan.
Answer: TRUE
Page Ref: 297
The range of Wi-Fi networks can be extended up to two miles by using external antennae.
Answer: FALSE
Page Ref: 297
The WEP specification calls for an access point and its users to share the same 40-bit encrypted password.
Answer: TRUE Page Ref: 300
Viruses can be spread through e-mail.
Answer: TRUE
Page Ref: 300
Computer worms spread much more rapidly than computer viruses.
Answer: TRUE Page Ref: 300
Answer: TRUE Page Ref: 300
One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.
Answer: TRUE Page Ref: 302
Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.
Answer: TRUE Page Ref: 302
oS attacks are used to destroy information and access restricted areas of a company's information system
Answer: FALSE Page Ref: 302-303
The most economically damaging kinds of computer crime are e-mail viruses.
Answer: FALSE
Page Ref: 303
Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.
Answer: TRUE
Page Ref: 307
An acceptable use policy defines the acceptable level of access to information assets for different users.
Answer: FALSE Page Ref: 312
Biometric authentication is the use of physical characteristics such as retinal images to provide identification.
Answer: FALSE Page Ref: 316
Packet filtering catches most types of network attacks.
Answer: FALSE
Page Ref: 318
NAT conceals the IP addresses of the organization's internal host computers to deter sniffer programs.
Answer: TRUE
Page Ref: 318
SSL is a protocol used to establish a secure connection between two computers.
Answer: TRUE
Page Ref: 319
Public key encryption uses two keys.
Answer: TRUE
Page Ref: 320
ault-tolerant computers contain redundant hardware, software, and power supply components.
Answer: TRUE
Page Ref: 321
High-availability computing is also referred to as fault tolerance.
Answer: FALSE
Page Ref: 321
________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems.
A) "Security"
B) "Controls"
C) "Benchmarking"
D) "Algorithms"
Answer: A
Page Ref: 295
________ refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operationaladherence to management standards. A) "Legacy systems"
B) "SSID standards"
C) "Vulnerabilities"
D) "Controls"
Answer: D
Page Ref: 295
Large amounts of data stored in electronic form are ________ than the same data in manual form. A) less vulnerable to damage
B) more secure
C) vulnerable to many more kinds of threats
D) more critical to most businesses
Answer: C
Page Ref: 295
Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that
A) are usually bound up in legacy systems that are difficult to access and difficult to correct in case of error.
B) are not secure because the technology to secure them did not exist at the time the files were created. C) have the potential to be accessed by large numbers of people and by groups outside of the organization.
D) are frequently available on the Internet.
Answer: C
Page Ref: 295-296
Specific security challenges that threaten the communications lines in a client/server environment include A) tapping; sniffing; message alteration; radiation.
B) hacking; vandalism; denial of service attacks.
C) theft, copying, alteration of data; hardware or software failure.
D) unauthorized access; errors; spyware.
Answer: A
Page Ref: 295
Specific security challenges that threaten clients in a client/server environment include A) tapping; sniffing; message alteration; radiation.
B) hacking; vandalism; denial of service attacks.
C) theft, copying, alteration of data; hardware or software failure.
D) unauthorized access; errors; spyware.
Answer: D
Page Ref: 295
Specific security challenges that threaten corporate servers in a client/server environment include
A) tapping; sniffing; message alteration; radiation.
B) hacking; vandalism; denial of service attacks.
C) theft, copying, alteration of data; hardware or software failure.
D) unauthorized access; errors; spyware.
Answer: B
Page Ref: 295
The Internet poses specific security problems because A) it was designed to be easily accessible.
B) everyone uses the Internet.
C) Internet standards are universal.
D) it changes so rapidly.
Answer: A Page Ref: 296
The main security problem on the Internet is A) radiation.
B) bandwidth theft.
C) hackers.
D) natural disasters, such as floods and fires.
Answer: C
Page Ref: 296-297
An independent computer program that copies itself from one computer to another over a network is called a
A) worm.
B) Trojan horse.
C) bug.
D) pest.
Answer: A Page Ref: 300
In 2004, ICQ users were enticed by a sales message from a supposed anti-virus vendor. On the vendor's site, a small program called Mitglieder was downloaded to the user's machine. The program enabled outsiders to infiltrate the user's machine. What type of malware is this an example of?
A) Trojan horse
B) virus
C) worm
D) spyware
1
Answer: A Page Ref: 301
Redirecting a Web link to a different address is a form of A) snooping.
B) spoofing.
C) sniffing.
D) war driving.
Answer: B
Page Ref: 302
A key logger is a type of A) worm.
B) Trojan horse.
C) virus.
D) spyware.
Answer: D
Page Ref: 302
How do hackers create a botnet?
A) by infecting Web search bots with malware
B) by using Web search bots to infect other computers
C) by causing other people's computers to become "zombie" PCs following a master computer
D) by infecting corporate servers with "zombie" Trojan horses that allow undetected access through a back door
Answer: C Page Ref: 303
Using numerous computers to inundate and overwhelm the network from numerous launch points is called a ________ attack
A) DDoS
B) DoS
C) pharming
D) phishing
A) DDoS
B) DoS
C) pharming
D) phishing
Which of the following is NOT an example of a computer used as a target of crime? A) knowingly accessing a protected computer to commit fraud
B) accessing a computer system without authority
C) illegally accessing stored electronic communication
D) threatening to cause damage to a protected computer
Answer: C
Which of the following is NOT an example of a computer used as an instrument of crime? A) theft of trade secrets
B) intentionally attempting to intercept electronic communication
C) unauthorized copying of software
D) breaching the confidentiality of protected computerized data
Answer: D
Page Ref: 304
Phishing is a form of A) spoofing.
B) spinning.
C) snooping.
D) sniffing.
Answer: A
Page Ref: 304
Phishing involves
A) setting up bogus Wi-Fi hot spots.
B) setting up fake Web sites to ask users for confidential information.
C) pretending to be a legitimate business's representative in order to garner information about a security system.
D) using e-mails for threats or harassment.
Answer: B Page Ref: 304
Pharming involves
A) redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser.
B) pretending to be a legitimate business's representative in order to garner information about a security system.
C) setting up fake Web sites to ask users for confidential information.
D) using e-mails for threats or harassment.
Answer: A Page Ref: 305
You have been hired as a security consultant for a legal firm. Which of the following constitutes the greatest threat, in terms of security, to the firm?
A) wireless network
B) employees
C) authentication procedures
D) lack of data encryption
Answer: B
Page Ref: 306
Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called
A) sniffing
B) social engineering
C) phishing
D) pharming
Answer: B Page Ref: 306
How do software vendors correct flaws in their software after it has been distributed? A) issue bug fixes
B) issue patches
C) re-release software
D) issue updated versions
Answer: B
Page Ref: 307
The Sarbanes-Oxley Act
A) requires financial institutions to ensure the security of customer data.
B) specifies best practices in information systems security and control.
C) imposes responsibility on companies and management to safeguard the accuracy of financial information.
D) outlines medical security and privacy rules.
answer: C Page Ref: 309
The most common type of electronic evidence is
A) voice-mail.
B) spreadsheets.
C) instant messages.
D) e-mail.
Answer: D
Page Ref: 309
Electronic evidence on computer storage media that is not visible to the average user is called ________ data.
A) defragmented
B) ambient
C) forensic
D) recovery
Answer: B Page Ref: 310
Application controls
A) can be classified as input controls, processing controls, and output controls.
B) govern the design, security, and use of computer programs and the security of data files in general throughout the organization.
C) apply to all computerized applications and consist of a combination of hardware, software, and manual procedures that create an overall control environment.
D) include software controls, computer operations controls, and implementation controls.
Answer: A Page Ref: 310
________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage.
A) Software
B) Administrative
C) Data security
D) Implementation
Answer: C Page Ref: 311
Analysis of an information system that rates the likelihood of a security incident occurring and its cost is included in a(n)
A) security policy.
B) AUP.
C) risk assessment.
D) business impact analysis.
Answer: C Page Ref: 311
Statements ranking information risks and identifying security goals are included in a(n) A) security policy.
B) AUP.
C) risk assessment.
D) business impact analysis.
Answer: A
Page Ref: 311
An analysis of the firm's most critical systems and the impact a system's outage would have on the business is included in a(n)
A) security policy.
B) AUP.
C) risk assessment.
D) business impact analysis.
Answer: D Page Ref: 314
Statements ranking information risks and identifying security goals are included in a(n) A) security policy.
B) AUP.
C) risk assessment.
D) business impact analysis.
Answer: A
Page Ref: 311
An analysis of the firm's most critical systems and the impact a system's outage would have on the business is included in a(n)
A) security policy.
B) AUP.
C) risk assessment.
D) business impact analysis.
Answer: D Page Ref: 314
Rigorous password systems
A) are one of the most effective security tools. B) may hinder employee productivity.
C) are costly to implement.
D) are often disregarded by employees.
Answer: B Page Ref: 316
An authentication token is a(n)
A) device the size of a credit card that contains access permission data.
B) type of smart card.
C) gadget that displays passcodes.
D) electronic marker attached to a digital authorization file.
Answer: C Page Ref: 316
Biometric authentication
A) is inexpensive.
B) is used widely in Europe for security applications.
C) can use a person's face as a unique, measurable trait.
D) only uses physical traits as a measurement.
Answer: C
Page Ref: 316
A firewall allows the organization to
A) enforce a security policy on traffic between its network and the Internet.
B) check the accuracy of all transactions between its network and the Internet.
C) create an enterprise system on the Internet.
D) check the content of all incoming and outgoing e-mail messages.
nswer: A Page Ref: 317
In which technique are network communications are analyzed to see whether packets are part of an ongoing dialogue between a sender and a receiver?
A) stateful inspection
B) intrusion detection system
C) application proxy filtering
D) packet filtering
Answer: A Page Ref: 318
________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors.
A) Stateful inspections
B) Intrusion detection systems
C) Application proxy filtering technologies
D) Packet filtering technologies
Answer: B Page Ref: 318
Currently, the protocols used for secure information transfer over the Internet are A) TCP/IP and SSL.
B) S-HTTP and CA.
C) HTTP and TCP/IP.
D) SSL, TLS, and S-HTTP.
Answer: D
Page Ref: 319
Most antivirus software is effective against
A) only those viruses active on the Internet and through e-mail.
B) any virus.
C) any virus except those in wireless communications applications. D) only those viruses already known when the software is written.
Answer: D Page Ref: 319
In which method of encryption is a single encryption key sent to the receiver so both sender and receiver share the same key?
A) SSL
B) symmetric key encryption
C) public key encryption
D) private key encryption
Answer: B Page Ref: 320
A digital certificate systemA) uses third-party CAs to validate a user's identity.
B) uses digital signatures to validate a user's identity.
C) uses tokens to validate a user's identity.
D) are used primarily by individuals for personal correspondence.
Answer: A Page Ref: 320
Downtime refers to periods of time in which a
A) computer system is malfunctioning.
B) computer system is not operational.
C) corporation or organization is not operational.
D) computer is not online.
Answer: B Page Ref: 321
Online transaction processing requires A) more processing time.
B) a large server network.
C) fault-tolerant computer systems.
D) dedicated phone lines.
Answer: C
Page Ref: 321
In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.
A) high availability computing
B) deep-packet inspection
C) application proxy filtering
D) stateful inspection
Answer: B Page Ref: 322
The development and use of methods to make computer systems recover more quickly after mishaps is called
A) high availability computing.
B) recovery oriented computing.
C) fault tolerant computing.
D) disaster recovery planning.
Answer: B Page Ref: 322
A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as ________.
Answer: war driving Page Ref: 297
________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.
Answer: Identity theft Page Ref: 304
_______ refers to the ability to know that a person is who he or she claims to be.
Answer: Authentication
Page Ref: 316
Which if the following is not an issue of security challenges on the Internet as that issue applies to aglobal enterprise?

A: More vulnerable because they are virtually open to anyone

B: Computers that are constantly connected to the Internet via cable modem or DSL line are more open to penetration by outsiders because they use a fixed Internet address where they can be more easily identified.

C: Cable Modems are faster so hackers can get in more quickly

D:Corporate systems must be extended outside the organization so that employees working with wireless and other mobile computing devices can access them.
Answer: C
Page Ref: 295-300
Whichof the flowing is not one of the components of IT infrastructure that firms need to manage.
A:) Internet Platforms and Computer Hardware Platforms
B:) Operating Systems Platforms and Enterprise Software Applications
C:) Networking/Telecommunications and Data Management and Storage
D:)Project Management and Application Development
Answer: D (Question refers to Infrastrcture)
The ________________________________ states that the amount of digital information is roughly doubling every year.
Answer: D (Question refers to Infrastrcture)
Which of the following is not one of the management challenges posed by IT infrastructure.
A) Using Best of Breed technology
B) Coordinating infrastructure components
C) Dealing with scalability and technology change
D) Management and governance
Answer: Law of Mass Digital Storage
________________________ is the process of creating small stable data structures from complex groups of data when designing a relational database.
Answer: A
_________________________ enables Internet technology to be used for telephone voice transmission over the Internet or private networks.
Answer: Normalization
____________________ are secure, encrypted, private networks that have been configured within a public network to take advantage of the economies of scale and management facilities of large networks, such as the Internet.
Answer: Voice over Internet Protocol (VoIP)
All of the following are the common threats against contemporary information systems except: A) Technical factors
B) Organizational factors
C) Poor management decisions.
D) Government Factors
Answer: Virtual private networks
Growing use of Linux and open-source software. Open-source software is produced and maintained by a global community of programmers and is downloadable for free. Linux is a powerful, resilient open-source operating system that can run on multiple hardware platforms and is used widely to run Web servers.
Identify and describe five or more of the current trends in contemporary software platforms.
Java is an operating-system and hardware-independent programming language that is the leading interactive programming environment for the Web.
Identify and describe five or more of the current trends in contemporary software platforms.
Web services and service-oriented architecture. Software for enterprise integration includes enterprise applications and middleware such as enterprise application integration (EAI) software and Web services. Unlike EAI software, Web services are loosely coupled software components based on open Web standards that are not product-specific and can work with any application software and operating system. They can be used as components of Web-based applications linking the systems of two different organizations or to link disparate systems of a single company.
Identify and describe five or more of the current trends in contemporary software platforms.
Ajax, a new software techniques for enabling Web applications.
Identify and describe five or more of the current trends in contemporary software platforms.
Mashups, or combining Web applications to create new products.
Identify and describe five or more of the current trends in contemporary software platforms.
Widgets, small software programs that can be added to Web pages or placed on the desktop to provide additional functionality
Identify and describe five or more of the current trends in contemporary software platforms.
outside sources, including application software packages, by outsourcing custom application development to an external vendor (that may be offshore), or by renting software services from an application service provider.
Identify and describe five or more of the current trends in contemporary software platforms.