Exam 1.
______________________ is a class of software used to meet organization-wide business needs and typically shares data with other enterprise applications used within the organization.
Enterprise software
T/F: The operating system plays no role in controlling access to system resources to provide a high level of security against unauthorized access to the users' data and programs as well as record who is using the system and for how long.
False
__________________ provide data and instructions to the computer and receive results from it.
Input/output devices
_______________ is a model used to introduce new systems into the workplace in a manner that lowers stress, encourages teamwork, and increases the probability of a successful implementation. a.) Strategic planning b.) Porter's five forces model c.) Leavitt's Diamond d.) Strategic competitive advantage
Leavitt's Diamond
Spreadsheets, word processor, and graphics presentation software are used in ___________ sphere of influence.
Personal Sphere of influence
T/F: Each use should conduct a security self-assessment test.
True
T/F: The contemporary view of information systems is that they are often so intimately involved in an organization's value chain that they are part of the process itself.
True
T/F: The growth of the internet of thing is helping to curb the number of the cyberattacks.
True
Two potential benefits of obtaining a certification in an IS subject area are: a.) new career possibilities and a potential increase in salary b.) automatic pay increase and promotion c.) movement from a technical career ladder to management career ladder and salary increase d.) receipt of certification which never expires and more rapid career advancement
a.) new career possibilities and a potential increase in salary
A blended threat, phishing, and virus are all examples of a(n) ___________.
attack vector
A(n) _______________ is the technique used to gain unauthorized access to a device or a network.
attack vector
Which of the following are non-technical skills not commonly associated with an effective Information system worker? a.) ability to meet deadlines and solve unexpected challenges b.) ability to work in a static, boring environment where there is little change c.) good communication skills d.) effective leadership skills
b.) ability to work in a static, boring environment where there is little change
Three way IS organization can be perceived by the rest of the organization that influence IS strategy are____________________. a.) flexible, resourceful, and forward-looking b.) cost center, business partner, and game changer c.) cost-effective, innovation, and creative d.) reliable, simple, and timely
b.) cost center, business partner, and game changer
A form of cyberattack that is estimated to occur every 10 seconds against an individual in the U.S. is __________________. a.) distributed denial-of-service attack b.) ransomware c.) data breach d.) social engineering
b.) ransomware
A ___________________ is a class of computer used by people on the move to run personal productivity software, access the Internet, read and prepare email and instant messages, play games, listen to music, access corporate applications and databases, and enter data at the point of contact. a.) single-user non-portable computer b.) single-user portable computer c.) multiple-user computer d.) notebook computer
b.) single-user portable computer
When comparing off-the-shelf software to proprietary software, which of the following statements is not true: a.) off-the-shelf software might not match current work processes and data standards b.) the initial cost of the off-the-shelf software is likely greater c.) off-the-shelf software may include features that the organization or user does not require and never uses d.) off-the-shelf software may lack important features thus requiring future modification or customization
b.) the initial cost of the off-the-shelf software is likely greater
Managers of the business functions most affected by a new information system have a key responsibility to ensure that_____________. a.) only the most current and most advanced technology is employed b.) the people, processes, and human structure components, are fully addressed c.) competitors cannot use a similar information system to gain a competitive advantage d.) resources are developed only against enterprise and interorganizational information systems
b.) the people, processes, and human structure components, are fully addressed
The primary hardware component of a computer responsible for routing and instructions to and from the various components of a computer is the ______________.
bus
Four drivers that set the information strategy and determine information system investments include corporate strategy, technology innovative thinking, and ___________________.
business unit strategy
_________________ is not a specific goal of green computing. a.) reducing the use of hazardous material b.) lowering power - related costs c.) combating global climate change d.) enabling the safe disposal and/or recycling of IT products
c.) combating global climate change
Which of the following is not associated with the implantation of server virtualization? a.) lower capital costs for hardware b.) decreased energy costs to power the servers and cool the data center c.) increase in the number of software licenses that must be purchased d.) fewer personnel required to operate and support the servers
c.) increase in the number of software licenses that must be purchased
The four levels at which the CIA security triad must be implemented include_____________________. a.) interorganizational, enterprise, workgroup, and personal b.) tier 1, tier 2, tier 3, and tier 4 c.) organizational, network, application, and end user d.) organization, business unit, department, individual
c.) organizational, network, application, and end user
________________ are three subclasses of computers associated with the multiple-user computer. a.) smartphone, laptop, notebook, and tablet b.) thin client, desktop, nettop, and workstation c.) server, mainframe, and supercomputer d.) notebook, server, and nettop
c.) server, mainframe, and supercomputer
A data center designed to have an expected annual downtime of less than 30 minutes and able to handle a power outage of up to four days is a tier ________ data center. a.) 1 b.) 2 c.) 3 d.) 4
d.) 4
A federal laws that focuses on unlawful access to stored communications to obtain, alter, or prevent authorized access to a wire or electronic communication while it is in electronic storage. a.) Computer Fraud and Abuse Act b.) Fraud and Related Activity in Connection with Access Devices Statue c.) Identity Theft and Assumption Deterrence Act d.) Stored Wire and Electronic Communications and Transactional Records Access Statute
d.) Stored Wire and Electronic Communications and Transactional Records Access Statute
The perpetrator most likely to be the cause of a cyberattack is the ______________. a.) cybercriminal b.) malicious insider c.) hacktivist d.) careless insider
d.) careless insider
There are _______ steps that must be taken to perform a thorough security risk assessment. a.) three b.) five c.) seven d.) eight
d.) eight
A key difference between grid computing, multiprocessing, and parallel processing is that ______________________. a.) parallel processing is only employed with supercomputers b.) grid computing is only employed with supercomputers c.) multiprocessing only applies to server computers d.) grid computer relies on a community of computers acting together
d.) grid computer relies on a community of computers acting together
Which of the following is not a benefit associated with creating a strategic plan? a.) provides a framework to guide decision making b.) ensures effective use is made of the organization's resources c.) enables the organization to be proactive d.) guarantees that only the most current technology solutions will be employed
d.) guarantees that only the most current technology solutions will be employed
One of the consequences of a successful cyberattacks that can lead to monetary penalties for organizations that fail to comply with data protection regulations is _____________________. a.) business disruption b.) expulsion from industry sponsored organizations c.) recovery cost d.) legal consequences
d.) legal consequences
__________________ is a form of software that is distributed, typically for free, with the sources code studied, changed, and improved solely by the original developers.a.) software as a serviceb.) licensed softwarec.) a software suited.) open-source software
d.) open-source software
___________________ is a software design approach based on the use of discrete pieces of software (modules) to provide specific functions (such as displaying a customer's bill statement) as services to other applications. a.) server virtualization b.) multiprocessing c.) grid computing d.) service-oriented architecture
d.) service-oriented architecture
Which of the following is not a true statement about the software as a service model. a.) SaaS applications are available from any computer or any device anytime, anywhere b.) there are no software patches for customers to download or install c.) the associated with upgrades and new releases are lower than the traditional model d.) the SaaS subscriber must manage service levels and availability, so there may be a need to add hardware, software, software, or communications capacity as the number of users increase
d.) the SaaS subscriber must manage service levels and availability, so there may be a need to add hardware, software, software, or communications capacity as the number of users increase
Five actions an organization must take in the vent of a successful cyberattack include incident notification, protection of evidence and activity logs, incident containment, eradication, and incident __________.
follow-up
Programming languages are commonly used to perform data analysis and build application software, system software, embedded systems, Web sites, and ________________.
games
Computer forensics is a discipline that combines element of _________ and computer science.
law
An organization that monitors, manages, and maintains computer and network security for other organizations is called a _________________ service provider.
managed security
The class of computer used to support workgroups from a small department of two to three workers to large organizations with ten of thousands of employees and millions of customers is the _______________________.
multiple-user computer
The three primary types of end user license agreements are individual/multiuser, network/multiuser, and _______________.
single-user
The two basic types of software are application software and _________ software.
system
Four information system types based on their sphere of influence include interorganizational, personal, enterprise, and __________.
workgroup