IT test 5 multiple choice
_______________ is independent of particular programming languages, but it does provide standard visual symbols and notations for specifying object-oriented elements, such as classes and procedures. a. Extensible Markup Language (XML) b. Unified Modeling Language (UML) c. Structured Query Language (SQL) d. Algebraic Modeling Language (AML)
Unified Modeling Language (UML)
_______________ software closely conforms to an individual unit's subculture, which makes the transition to a new system easier for employees. a. Licensed b. In-house c. Commissioned d. User-developed
User-developed
A carefully drawn _______________ can provide a useful representation of a system, whether existing or planned. a. directed acyclic graph b. structure chart c. data flow diagram d. business process model
data flow diagram
The implementation of a new IS, also called _______________ , consists of two steps: conversion and training. a. migration b. delivery c. turn-in d. replacement
delivery
To increase security, some companies implement the _______________ approach. a. atomic transaction b. demilitarized zone c. boarding key d. denial of service
demilitarized zone
One of the risks of software licensing is the _______________ . a. low quality of software b. lack of after-sales support c. increased duration for system availability and implementation d. difficulty in modifications to meet specific needs
difficulty in modifications to meet specific needs
CIOs often find the tasks of earmarking funds for _______________ difficult because they cannot show the return on investment (ROI) of such planning. a. archival programs b. database security programs c. backup programs d. disaster recovery programs
disaster recovery programs
Coding a message into a form unreadable to an interceptor is called _______________ . a. demodulation b. encryption c. classification d. modulation
encryption
A _______________ is a server with invalid records set up to make intruders think they have accessed a production database. a. bogus server b. phish c. honeytoken d. honeypot
honeypot
A _______________ is a bogus record in a networked database that neither employees nor business partners would ever access for legitimate purposes. a. honeytoken b. phish c. flame d. canary trap
honeytoken
Managers should focus on the asset they must protect, which in most cases is _______________ , not applications. a. systems b. software c. hardware d. information
information
The concept of extracting business intelligence from large data warehouses often involves _______________ of several information systems. a. autocategorization b. codification c. compilation d. integration
integration
When tapping communications, law enforcement agencies need the cooperation of a third party such as a(n) _______________ . a. sell side platform (SSP) b. website c. systems developer d. internet service provider (ISP)
internet service provider (ISP)
The first step in systems analysis is _______________ , which determines whether there is a real need for a system and whether the system as conceived is feasible. a. search b. quest c. investigation d. research
investigation
When _______________ a software package, the buyer gains several benefits such as immediate system availability, high quality, low price, and available support. a. outsourcing b. commissioning c. licensing d. developing
licensing
Although _______________ , part of the support phase of a system's lifecycle, is viewed by IS professionals as lacking in glamour, it should not be taken lightly or left to less-experienced professionals. a. executive training b. database design c. analysis d. maintenance
maintenance
Clients should not expect vendors to list the service level and _______________ ; the clients must do it. a. metrics b. quality c. quantity d. degrees
metrics
When a client outsources, management knows how much the outsourced services will cost, which eliminates____________________. a. legal risks b. transaction risks c. compliance risks d. miscalculation risks
miscalculation risks
A _______________ is a paragraph that communicates the most important overarching goal of the organization for the next few years. a. corporate value b. mission statement c. financial statement d. scenario plan
mission statement
Experience in _______________ certain systems, such as ERP and SCM systems, can teach the IT staff for how many minutes or seconds per year the system is likely to fail. a. developing b. operating c. maintaining d. archiving
operating
Contracts for _______________ software development might be incompatible with agile development methods. a. rented b. outsourced c. licensed d. open source
outsourced
IT companies that provide both hardware and software have seen revenue from _______________ service portion of their business grow faster than from the sale of hardware and software. a. user-development b. licensing software c. tailoring software d. outsourcing
outsourcing
In the IT arena, hiring the services of another company to manage all or parts of the services that otherwise would be rendered by an IT unit of the organization is known as _______________ . a. benchmarking b. outsourcing c. licensing d. tracking
outsourcing
In _______________ , the old system is used along with the new system for a predetermined period of time. a. phased conversion b. parallel conversion c. flash cut conversion d. cut-over conversion
parallel conversion
ISs, especially large ones, can often be broken into functional modules and phased into operation one at a time, a process called _______________ . a. parallel conversion b. flash cut conversion c. cut-over conversion d. phased conversion
phased conversion
To determine how much security is enough security, experts are employed to estimate the cost and _______________ of damages, as well as the cost of security measures. a. probabilities b. effect c. impact d. causes
probabilities
A _______________ represents another server for all information requests from resources inside the trusted network. a. DNS server b. bogus server c. proxy server d. honeypot server
proxy server
An advantage of outsourcing IT services is that it _______________ . a. lengthens implementation cycles b. reduces license and maintenance fee c. increases control over IT operations d. ensures the security of trade secrets
reduces license and maintenance fee
One of the drawbacks of the software on demand approach is that it _______________ . a. increases implementation time significantly b. relies on storage hardware at the client location for installation c. requires clients to hire experts to maintain the systems d. reduces the control clients have over their systems
reduces the control clients have over their systems
When soliciting vendor details, the project manager sends a _______________ to the vendors identified, requesting general, somewhat informal information about a product. a. request for quotation (RFQ) b. request for information (RFI) c. request for proposal (RFP) d. request for comments (RFC)
request for information (RFI)
When requesting vendor bids, the project management team prepares a _______________ , a document specifying all the system requirements and soliciting a formal plan from each vendor contacted. a. request for comments (RFC) b. request for proposal (RFP) c. request for information (RFI) d. request for quotation (RFQ)
request for proposal (RFP)
To find the _______________ , the net present value of the system is calculated by combining the net present value of the costs of the system with the net present value of the benefits of the system. a. return on capital (ROC) b. return on investment (ROI) c. return on assets (ROA) d. rate of return (ROR)
return on investment (ROI)
CIOs often cite _______________ as an effective way to bring down the amount of work their subordinates must do. a. single sign-on (SSO) b. mandatory access control (MAC) c. security assertion markup language (SAML) d. secure sockets layer (SSL)
single sign-on (SSO)
_______________ are measures taken to ensure that only those who are authorized can use a computer or network or to certain applications or data. a. Code reviews b. Honeytokens c. Access controls d. Near field communication
Access controls
_______________ make extensive use of iterative programming, involving users often, and keeping programmers open to modifications while the development is still under way. a. Agile methods b. Incremental methods c. Traditional methods d. Waterfall methods
Agile methods
______________ encryption is defined as encryption that comprises two keys: a public key, and a private key. a. Super b. Parallel c. Cascade d. Asymmetric
Asymmetric
_______________ is meant to guarantee that the experts have passed tests that ensure their skills. a. Feasibility studies b. Standardization c. Certification d. Systems analysis
Certification
_______________ is a structured, disciplined approach that facilitates the adoption of new or modified systems by various groups and individuals within an organization. a. Prototyping b. Change management c. Knowledge extraction d. Data mining
Change management
_______________ occurs when a website receives an overwhelming number of information requests, such as merely logging on to a site. a. Denial of service (DoS) b. Meet-in-the-middle (MITM) c. Hijacking d. Global attack
Denial of service (DoS)
_______________ include ERP, SCM, and CRM applications and typically cost millions of dollars. a. Basic software applications b. Inventory software applications c. Enterprise software applications d. Project software applications
Enterprise software applications
_______________ is the secure version of HTTP. a. HTMLSec b. HTMLS c. SHTTP d. HTTPS
HTTPS
_______________ a computer means using some or all of the resources of a computer linked to a public network without the consent of its owner. a. Hijacking b. Auditing c. Phishing d. Bit flipping
Hijacking
_______________ describes the role of IT in an organization. a. IT vision b. IT mission statement c. IT tactical plans d. IT strategy outlines
IT mission statement
_______________ software records individual keystrokes. a. Clickstream b. Honeytoken c. Keylogging d. Public-key encryption
Keylogging
_______________ , those without which the business cannot conduct its operations, are given the highest priority by the disaster recovery coordinator. a. Backup applications b. Mission-critical applications c. Customer applications d. Recovery applications
Mission-critical applications
_______________ allows a client to know exactly what the cost of its IS functions will be over the period of the contract, which is usually several years. a. Outsourcing b. Adaptation c. In-house development d. Customization
Outsourcing
____________________ allows clients to take advantage of the vendor's experience that the vendor has gained through work with many clients in different environments. a. Licensing b. User development c. In-house development d. Outsourcing
Outsourcing
The _______________ , as it is popularly known, gives law enforcement agencies surveillance and wiretapping rights they did not have before 2001. a. PATRIOT Act b. Civil Contingencies Act c. Domestic Security Enhancement Act d. National Security Act
PATRIOT Act
_______________ is a set of processes and methods used by project managers to determine which projects will meet the organization's operational and financial goals in relation to its strategic objectives as well as the needs of its customers. a. Project portfolio management b. Supply chain management c. Customer relationship management d. Change management
Project portfolio management
Identify an advantage of certifications. a. Provides knowledge that remains up to date b. Increases competition outside a closed group c. Provides simple ways of measuring competence d. Protects potential employers against charlatans
Protects potential employers against charlatans
_______________ is a set of disks that is programmed to replicate stored data to provide a higher degree of reliability. a. RAID b. CIFS c. SSP d. SAN
RAID
Software vendors often promote fast _______________ as a selling point, and express it in terms of the short period of time over which the adopting organization can recoup the investment. a. ROR b. ROC c. ROI d. ROA
ROI
_______________ software is developed for the widest common denominator of potential user organizations. a. Commissioned b. Outsourced c. In-house developed d. Ready-made
Ready-made
_______________ is a traditional approach to systems development. a. RUP b. DSDM c. ASD d. SDLC
SDLC
_______________ is a security measure in which users are required to identify themselves only once before accessing several different systems which are linked through a network. a. Digital footprint b. Multiple encryption c. SP (single password) d. SSO (single sign-on)
SSO (single sign-on)
_______________ are the functions that a system is expected to fulfill and the features through which it will perform its tasks. a. System requirements b. IT visions c. Systems designs d. IT tactics
System requirements
While the SDLC or any other waterfall approach requires users to sign off on their requirements and then wait for the system to be completed, _______________ encourage users' involvement throughout the process. a. agile methods b. sequential methods c. spiral methods d. traditional methods
agile methods
Companies should not rely on end users to develop applications that _______________ . a. are needed immediately b. are vital for the organization's survival c. can be maintained by the users themselves d. will be used briefly and discarded
are vital for the organization's survival
A(n) _______________ is a set of indivisible transactions that are either all executed or none are—never only some. a. biometric transaction b. long-running transaction c. ready-copy-update transaction d. atomic transaction
atomic transaction
Sometimes a(n) _______________ is automatically created using data, such as the date and time of a transaction or the name or password of the user updating the file. a. global transaction b. denial of service c. atomic transaction d. audit trail
audit trail
The development of a new information system is economically justified if the _______________ . a. return on investment is negative b. operational costs are high c. costs exceed returns d. benefits outweigh the costs
benefits outweigh the costs
When a system is developed by a software vendor for a wide market rather than for a specific client, conversion often takes place at _______________ . a. gamma sites b. beta sites c. alpha sites d. delta sites
beta sites
Hijacking is carried out by surreptitiously installing a small program called a _______________ on a computer. a. bot b. mine c. sinkhole d. trapdoor
bot
In _______________ , the voltage of the power decreases, or there are very short interruptions in the flow of power. a. brownouts b. spear phishing c. keystroke logging d. blackouts
brownouts
An issuer of digital certificates is called a _______________ . a. certificate authority (CA) b. certificate dealer (CD) c. certificate bank (CB) d. certificate warehouse (CW)
certificate authority (CA)
With encryption, the coded message is called _______________ . a. privatetext b. plaintext c. ciphertext d. publictext
ciphertext
A challenge during the support phase of a system's life cycle is _______________ . a. converting operations from an old system to a new system b. complying with changing business needs c. investigating the feasibility of a new information system d. integrating disparate stand-alone information systems
complying with changing business needs
Risks of outsourcing are high for _______________ IS services. a. network management b. accounting c. core competence d. payroll
core competence
A disadvantage of _______________ software applications is that they are less likely to be compatible with other organizations' systems. a. purchased b. open-source c. custom-designed d. licensed
custom-designed
If the cost-accounting procedures of a particular company are so specific that no commercially available software can perform them, the company must develop _______________ software. a. own-interface b. dynamic code c. adapted d. custom-designed
custom-designed
Agile methods are an efficient approach to development when a system is _______________ , when it deals with unstructured problems, and when the users cannot specify all the requirements at the start of the project. a. large b. well-funded c. complex d. small
small
A con artist telephones an employee, pretends to be from his own organization's IT unit, and says he must have the employee's password to fix a problem. This is an example of _______________ . a. social engineering b. social pathology c. data encryption d. data mining
social engineering
The concept in which an application service provider offers the use of computer programs through a network (the Internet or private network) is known as _______________ . a. security as a service (SECaaS) b. platform as a service (PaaS) c. software as a service (SaaS) d. infrastructure as a service (IaaS)
software as a service (SaaS)
Among the methods for system development, _______________ is clearly the best option for many small companies. a. purchasing software b. software on demand c. in-house development d. outsourcing
software on demand
In _______________ , criminals use personal information to attack organizational systems. a. penetration testing b. hijacking c. spear phishing d. spamming
spear phishing
To ensure compatibility with other applications within an organization, the organization's IT professionals should adopt and supply ______________ tools to interested users. a. in-house development b. standard development c. commissioned development d. licensed development
standard development
Outsourcing of _______________ ISs incurs more risk than outsourcing the routine tasks of operational ISs. a. geographic b. global c. customer d. strategic
strategic
After the planning phase, the SDLC includes four major phases: analysis, design, implementation, and _______________ . a. documentation b. production c. execution d. support
support
If a small-system development employing agile methods takes longer than planned, the overall cost is still likely to be smaller than if a full _______________ were performed. a. systems development life cycle (SDLC) b. dynamic systems development method (DSDM) c. rational unified process (RUP) d. adaptive software development (ASD)
systems development life cycle (SDLC)
Large ISs that address structured problems are usually conceived, planned, developed, and maintained within a framework called the _______________ . a. application lifecycle framework (ALF) b. enterprise application integration (EAI) c. rapid application development (RAD) d. systems development life cycle (SDLC)
systems development life cycle (SDLC)
Several diagramming sets were developed by the 1970s, but in the late-1990s, a de facto standard emerged: _______________ . a. unified modeling language b. discipline-specific modeling language c. algebraic modeling language d. framework-specific modeling language
unified modeling language
A(n) _______________ is an activity that the system executes in response to a user. a. use case b. class c. state d. interaction
use case
Duplication of applications is one of the major drawbacks of _______________ . a. licensing b. user development c. using software as a service d. outsourcing
user development
Typically, _______________ is fairly simple and limited in scope. a. licensed software b. commissioned software c. in-house-developed software d. user-developed software
user-developed software
Companies that provide IT services are commonly called _______________ . a. users b. vendors c. dealers d. clients
vendors
A _______________ is a type of malware that spreads in a network without human intervention. a. trapdoor b. worm c. Trojan horse d. logic bomb
worm