FINALTERM EXAMINATION
Spring 2008
CS507- Information Systems
Time: 90 min
M a r k s: 60
Question No: 1 ( M a r k s: 1 ) http://vuzs.net
Factors of which of the following are basic elements of reducing manufacturing cost?
Brand
Cost
Production
Quality
Factors of production are basic elements of reducing manufacturing cost.
Question No: 2 ( M a r k s: 1 ) http://vuzs.net
ERP or enterprise systems control all major business processes with a single software architecture in real time.
True
False
ERP stands for “Enterprise Resource Planning”. A collection of software programs that tie together an enterprise's various functions, such as human resources, finance, marketing and sales.
Question No: 3 ( M a r k s: 1 ) http://vuzs.net
The bullwhip effect refers to erratic shifts in orders up and down the supply chain because of poor demand forecasting, price fluctuation, order batching, and
rationing within the chain.
True
False
The bullwhip effect refers to erratic shifts in orders up and down the supply chain because of poor demand forecasting, price fluctuation, order batching.
Question No: 4 ( M a r k s: 1 ) http://vuzs.net
The objective of the entire risk management process is that no one should hamper the working of the smooth working of IS.
True
False
The objective of the entire risk management process is that no one should hamper the working of the smooth working of IS.
Question No: 5 ( M a r k s: 1 ) http://vuzs.net
If an organization can tolerate some downtime, cold sites backup might be appropriate.
True
False
If an organization can tolerate some downtime, cold sites backup might be appropriate.
Question No: 6 ( M a r k s: 1 ) http://vuzs.net
Cryptography primarily consists of two basic processes.
True
False
Cryptography primarily consists of two basic processes.
• Encryption
• Decryption
Question No: 7 ( M a r k s: 1 ) http://vuzs.net
Logical intrusion skills needed to exploit logical exposures are more technical and complex as compared to physical exposures.
True
False
Logical intrusion: The skills needed to exploit logical exposures are more technical and complex as compared to physical exposures. Generally a similar term used in relation to logical intrusion is hacking.
Question No: 8 ( M a r k s: 1 ) http://vuzs.net
Firewall is the primary method for keeping a computer secure from intruders.
True
False
Firewall is the primary method for keeping a computer secure from intruders.
Question No: 9 ( M a r k s: 1 ) http://vuzs.net
Where problem is recurring and repetitive, the common factors can be identified in order to identify a particular course of action is called --------------------------
Structured decisions
Unstructured decisions
Semi-Structured decisions
Structured decisions: Where problem is recurring and repetitive, the common factors can be identified in order to identify a particular course of action.
Question No: 10 ( M a r k s: 1 ) http://vuzs.net
The use of software routines to tie up the computer hosting a Web site that denies legitimate visitor's access is called:
denial of service.
hacking.
spoofing
sniffing
A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service.
Question No: 11 ( M a r k s: 1 ) http://vuzs.net
Wireless computing devices are not subject to viruses.
True
False
Hackers and Viruses
Sources of computer viruses:
Through the Internet
Through wireless computing devices
Question No: 12 ( M a r k s: 1 ) http://vuzs.net
A security program is a series of ongoing regular periodic reviews conducted to ensure that assets associated with the information systems function are safeguarded adequately.
True
False
A security program is a series of ongoing regular periodic reviews conducted to ensure that assets associated with the information systems function are safeguarded adequately.”
Question No: 13 ( M a r k s: 1 ) http://vuzs.net
The Internet's technological success does not depend on its principal communication tools, the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
True
False
The Internet's technological success depends on its principal communication tools, the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
Question No: 14 ( M a r k s: 1 ) http://vuzs.net
Which of the following helps an organization in gaining competitive advantage in the use of processes, effectiveness and efficiency should also be kept in mind?
BPR
CSF
SPR
Use of BPR helps an organization in gaining competitive advantage in the use of processes, effectiveness and efficiency should also be kept in mind.
Question No: 15 ( M a r k s: 1 ) http://vuzs.net
Systems analysts work as a link between Business people, & Computer Programmers.
True
False
Systems analysts work as a link between Business people, & Computer Programmers.
Question No: 16 ( M a r k s: 1 ) http://vuzs.net
The First increment in incremental model is usually the core product which addresses the basic requirements of the system.
True
False
Ref: The first increment is usually the core product which addresses the basic requirements of the system.
Question No: 17 ( M a r k s: 1 ) http://vuzs.net
Which of the following is a form of automation where computers communicate work instructions directly to the manufacturing machinery?
CAD
CAM
CIM
Computer-aided manufacturing (CAM) is a form of automation where computers communicate work instructions directly to the manufacturing machiner.y
Question No: 18 ( M a r k s: 1 ) http://vuzs.net
Which of the following phase of decision making process involves searching for conditions in the environment that call for decisions?
Intelligence
Design
Choice
Implementation
Intelligence – searching for conditions in the environment that call for decisions
Question No: 19 ( M a r k s: 1 ) http://vuzs.net
Computer programmers apply information technology to build information systems which solves these problems but need not fully understand the business usages they are computerizing or supporting.
True
False
Why do we need Systems Analysts?
Computer programmers apply information technology to build information systems which solves these problems but need not fully understand the business usages they are computerizing or supporting.
Question No: 20 ( M a r k s: 1 ) http://vuzs.net
Rectangle shape in the flow charts represents___________
Decision
Process
Terminator
Question No: 21 ( M a r k s: 1 ) http://vuzs.net
__________ is a person who attempts to invade the privacy of the system.
Hacktivsts
Hackers
Crackers
A hacker is a person who attempts to invade the privacy of the system.
Question No: 22 ( M a r k s: 1 ) http://vuzs.net
Characteristics of object are called ________
Methods
Attributes
Status
Attributes are the characteristics of object / class and methods are the operations related to the object / class.
Question No: 23 ( M a r k s: 1 ) http://vuzs.net
Operations are usually called via _______
Functions
Signatures
Methods
Operation called only via valid operation signature.
Question No: 24 ( M a r k s: 1 ) http://vuzs.net
Web Site monitoring is the process used to view or record both the keystrokes entered by a computer user and the computer's response during an interactive session.
True
False
Keystroke monitoring is the process used to view or record both the keystrokes entered by a computer user and the computer's response during an interactive session.
Question No: 25 ( M a r k s: 1 ) http://vuzs.net
Likelihood Determination phase sometimes determines that a potential vulnerability could not be exercised by a given threat-source.
True
False
Likelihood Determination: This phase determines that a potential vulnerability could be exercised by a given threat-source.
Question No: 26 ( M a r k s: 1 ) http://vuzs.net
Active Attack is one of the types of Web Security information systems.
True
False
There is two major classes of security threats
• Passive Attacks
• Active Attacks
Question No: 27 ( M a r k s: 1 ) http://vuzs.net
Business-to-business EC (B2B) is one of the types of E-Commerce.
True
False
Business to Business (B2B) is a model to e-commerce where businesses conduct commerce amongst themselves over the Internet/Intranet.
Question No: 28 ( M a r k s: 1 ) http://vuzs.net
Collaborative commerce is one of the types of B2B.
True
False
In business-to-business (B2B) situations involving one or more partners, collaborative commerce can be used in product life-cycle management systems to reduce design time.
Question No: 29 ( M a r k s: 1 ) http://vuzs.net
ERP Systems control all major business processes with a single software architecture in real time.
True
False
Resource Planning (ERP) Control all major business processes with a single software architecture in real time.
Question No: 30 ( M a r k s: 1 ) http://vuzs.net
Temporal CSFs in an organization, results from _________
Economic changes
Technological changes
Internal needs and changes
Environmental changes
Temporal CSFs resulting from internal organizational needs and changes.
Question No: 31 ( M a r k s: 1 )
What is the purpose of line symbol in the Entity Relationship Diagram?
Answer
Lines link attributes to entity sets, entity sets to relationship sets (also represent roles).
Question No: 32 ( M a r k s: 1 )
What are the logical threats to the information systems?
Answer
This refers to damage caused to the software and data without physical presence. Examples are viruses and worms, logical intrusion commonly referred to as hacking.
Question No: 33 ( M a r k s: 2 )
What is an entity?
Answer
An entity is an object that exists and is distinguishable from other objects. An entity is described using a set of attributes. For example specific person, company, event, plant, crop, department, section, cost center.
Question No: 34 ( M a r k s: 2 )
Define CRM.
Answer:
Customer relationship management (CRM) is a widely-implemented strategy for managing a company’s interactions with customers, clients and sales prospects. It involves using technology to organize, automate, and synchronize business processes—principally sales activities, but also those for marketing, customer service, and technical support. The overall goals are to find, attract, and win new clients, nurture and retain those the company already has, entice former clients back into the fold, and reduce the costs of marketing and client service. Customer relationship management describes a company-wide business strategy including customer-interface departments as well as other departments. Measuring and valuing customer relationships is critical to implementing this strategy.
Question No: 35 ( M a r k s: 3 )
Identify basic steps to implement BPR.
Answer
Following steps should be followed to implement BPR:
• Break down the CSF’s into the key or critical business processes and gain process ownership.
• Break down the critical processes into sub-processes, activities and task and
form the teams around these.
• Re-design, monitor and adjust the process-alignment in response to difficulties in the change process.
Question No: 36 ( M a r k s: 3 )
Define Risk Determination. Identify its inputs and outputs.
Answer
Risk determination phase assesses the risk and level of risk to IT system.
The inputs of to this phase are
1. Likelihood of threat exploitation
2. Magnitude of impact
3. Adequacy of planned and current controls
The output is the determination of risk and associated risk levels.
Question No: 37 ( M a r k s: 3 )
Differentiate CRM from ERP
Answer
The difference between CRM and ERP is that CRM is more inward looking and is mainly used in the sales and marketing department, while ERP is outward looking and touches all departments.
CRM is generally project based, while ERP is sweeping in its focus.
Question No: 38 ( M a r k s: 5 )
How the likelihood is determined? Enlist the factors.
Answer
Likelihood Determination:
To derive an overall likelihood rating that indicates the probability that a potential value may be exercised within the construct of the associated threat environment, the following governing factors must be considered.
- Threat-source motivation and capability
- Nature of the vulnerability
- Existence of effectiveness of current controls
Question No: 39 ( M a r k s: 5 )
What do you understand by Disaster Recovery Planning?
Answer
A disaster recovery plan is a comprehensive statement of consistent actions to be taken before, during and after a disaster. The plan should be documented and tested to ensure the continuity of operations and availability of critical resources in the event of a disaster.
The disaster recovery plan is used to recover a facility rendered inoperable, including relocating operation into a new location. Disaster recovery planning is a subset of a larger process known as business continuity planning and should include planning for resumption of applications, data, hardware, communications (such as networking) and other IT infrastructure.
Question No: 40 ( M a r k s: 10 )
How can we compute the expected loss? Discuss the occurrence of threats.
Answer
The amount of expected loss is computed through following formula:
A = B x C x D
1. A = Expected Loss.
2. B = Chances (in %) of threat occurrence.
3. C = Chances (in %) of Threat being successful.
4. D = Loss which can occur once the threat is successful.
Question No: 41 ( M a r k s: 10 )
How will you compare Integrated Systems to ERP?
Answer
Enterprise resource planning (ERP) integrates internal and external management information across an entire organization, embracing finance/accounting, manufacturing, sales and service, CRM, etc. Whereas system integration is bringing together the component subsystems into one system and ensuring that the subsystems function together as a system.