ISAM 3303 MIdterm
You're designing a relational database for a customer loyalty app you're developing for a client. The client has been saving information in a series of Excel spreadsheets, but the volume of data is becoming too unwieldy to use spreadsheets effectively. Before you can import the data from the client's existing records, you need to set up some relationships between tables in the database. You need to create a relationship between the Transactions table and the Customers table. To do this, what foreign key must be added to the Transactions table? a. Transaction_Date b. Customer_ID c. Activity_ID d. Item_ID
Customer_ID
Gregory can use ____________ to provide the most relevant and complete information regarding the target market's current level of familiarity with his company's brand.
You're developing a customer loyalty app for a small chain of retail stores. The app will need a backend database to maintain customer information. While designing the app, you're conducting a planning meeting with your client to determine the scope of the project and resolve questions she has about the project. Client: I'm trying to understand how all this will work. What keeps a customer from going into the app and adding loyalty points themselves? You: Each user, whether a customer or employee, is given access only to perform the tasks they need to perform. So while a manager can ________ a customer's account to add or remove loyalty points, the customer can only read that information
Modify
The better the quality of data used in decision making processes, the more confidence users have in the decisions they make, the lower the risk of a poor decision, and the more likely the decision will achieve the desired results. Identify which characteristic of quality data is being compromised in each scenario. Secure
Sheila just discovered a backdoor to access data in her company's cloud-based database without authentication
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used The right to freedom of expression is one of the most important rights for free people in the United States. The _______________ was adopted to guarantee this right and others. a. Bill of Rights b. First Amendment c. Fourth Amendment d. Constitution
b. First Amendment
You're designing a relational database for a customer loyalty app you're developing for a client. The client has been saving information in a series of Excel spreadsheets, but the volume of data is becoming too unwieldy to use spreadsheets effectively. Before you can import the data from the client's existing records, you need to set up some relationships between tables in the database. When you create the relationship from the Customers table to the Transactions table, what type of relationship should you configure? a. One-to-many b. Many-to-many c. One-to-one d. Many-to-one
b. Many-to-many
The information system worker functions at the intersection of business and technology and designs, builds, and implements solutions that allow organizations to effectively leverage information technology systems. Which of the following are non-technical skills not commonly associated with an effective Information system worker? a. ability to meet deadlines and solve unexpected challenges b. ability to work in a static, boring environment where there is little change c. good communication skills d. effective leadership skills
b. ability to work in a static, boring environment where there is little change
You're part of a team developing an Acceptable Use Policy for employees at your state-funded agency in relation to their use of the organization's computers, mobile devices, servers, and Internet access. This is not a simple process and requires that you abide by relevant laws and guidelines to protect your organization's interests and your employees' rights. Because citizens' right to privacy is based upon a(n) _______of privacy, company policies are needed that specify for employees what information and electronic services are subject to search.
expectation
You're designing a relational database for a customer loyalty app you're developing for a client. The client has been saving information in a series of Excel spreadsheets, but the volume of data is becoming too unwieldy to use spreadsheets effectively. Before you can import the data from the client's existing records, you need to set up some relationships between tables in the database. Each table in a relational database must have exactly one primary key. The most appropriate primary key for the Transactions table could be ________________
Activity _ID
You're an HR director meeting with your CEO to discuss plans for a new application that will allow employees to track their own hours and earned vacation time. There are several pieces and parts that need to be coordinated, and the two of you are trying to decide which employees to bring on board for the project. CEO: Okay, that's good. I don't think she knows coding, though. We need a _____________. Got anyone in mind? You: Yes, let's ask Miguel. He knows several coding languages and writes gaming software in his spare time as a hobby.
Programmer
You're developing a customer loyalty app for a small chain of retail stores. The app will need a backend database to maintain customer information. While designing the app, you're conducting a planning meeting with your client to determine the scope of the project and resolve questions she has about the project. Client: I've heard that designing queries can be pretty complicated, but I want to be able to pull up information myself without needing help from a programmer. Is that possible? You: Yes—we can use a DBMS that supports ______________ so you can use a visual interface to design your own queries.
Query by example
Identify which major component of the organization is being highlighted in each scenario. Structure
Raul pulls information from the medical billing system to generate reports that will be forwarded to insurance companies.
Organizations must take strong measures to ensure secure, private, and reliable computing experiences for their employees, customers, and business partners Five actions an organization must take in the event of a successful cyberattack include incident notification, protection of evidence and activity logs, incident containment, eradication, and incident _____________
Follow-up
Naomi is a market researcher for her company, which designs and manufactures carpets and rugs. She travels globally to conferences and trade shows to track current trends in her industry. During one trip, Naomi learns about a new dye technique that results in more resilient color at a lower cost. She brings the relevant information back to her team and other experts in her company to discuss the feasibility of implementing this technique in their products. The new dye technique is implemented before competitors discover and implement similar techniques. At this point, Naomi's job role is likely to be seen as a ______________
Game Changer
Identify which major component of the organization is being highlighted in each scenario. Processes
Gina transcribes notes from the doctor regarding a patient's physical examination and adds medical codes for tracking charges to insurance companies
Protecting people's personal data is particularly important because that information could be used to steal from people, ruin their credit, prevent them from getting employment, or cause emotional and mental harm. Considering what's at stake, many laws have been passed to help keep people safe. Identify the law most relevant to each scenario. GDPR
Mario's team has been tasked with adding notifications to all their company's Web sites alerting users to the information collected while the user browses the site. The alerts apply to all users but are written to conform with laws applying to European site visitors
Your CEO arrives at work on Monday morning and is acting more stressed and irritable than usual. You're a little nervous when you're called in for a meeting with him, but you soon find out the cause of his distress. Over the weekend, he met up with a friend of his from college, who is also a CEO. The friend's company was recently hacked, resulting in a severe data breach. Their company is potentially facing a class action lawsuit and possible bankruptcy. CEO:I need to know where we stand with our IT security. What are the chances we could face similar problems? You: We've been prioritizing security upgrades and improved processes over the past year. However, a _____________would give us a more detailed and thorough assessment of existing vulnerabilities and threats.
Security Audit
Protecting people's personal data is particularly important because that information could be used to steal from people, ruin their credit, prevent them from getting employment, or cause emotional and mental harm. Considering what's at stake, many laws have been passed to help keep people safe. Identify the law most relevant to each scenario. FERPA
Tamara gives her student a form that allow her to discuss the student's grades with his parents
You're an HR director meeting with your CEO to discuss plans for a new application that will allow employees to track their own hours and earned vacation time. There are several pieces and parts that need to be coordinated, and the two of you are trying to decide which employees to bring on board for the project. CEO:I don't think they know each other yet, but I think it'll work. What about the user interface? We'll host the app on our intranet. I want to make sure it's got a clean layout with easy navigation through the site. You: Right—we can develop a web-hosted front-end for users to interact with. Zahira is our ______________ I'll ask her to jump in as well.
Web Developer
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used Which of the following statements about any website that caters to children is not true? a. It must offer comprehensive privacy policies. b. It must notify parents or guardians about its data collection practices. c. It must receive parental consent before collecting any personal information from children under 13 years of age. d. It must request birth date and a confirming social security number.
d. It must request birth date and a confirming social security number.
Computer crime is a serious and rapidly growing area of concern requiring management attention. One of the consequences of a successful cyberattack that can lead to monetary penalties for organizations that fail to comply with data protection regulations is _______________. a. business disruption b. expulsion from industry sponsored organizations c. recovery cost d. legal consequences
d. Legal Consequences
Computer crime is a serious and rapidly growing area of concern requiring management attention. A federal law that focuses on unlawful access to stored communications to obtain, alter, or prevent authorized access to a wire or electronic communication while it is in electronic storage. a. Computer Fraud and Abuse Act b. Fraud and Related Activity in Connection with Access Devices Statute c. Identity Theft and Assumption Deterrence Act d. Stored Wire and Electronic Communications and Transactional Records Access Statute
d. Stored Wire and Electronic Communications and Transactional Records Access Statute
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used A_______________ Act was written to protect children from pornography on the Internet but was ruled unconstitutional. a. The Telecommunications b. Section 230 of the Communications Decency c. Much of the Communications Decency d. The Children's Internet Protection
d. The Children's Internet Protection
The strategic planning process for the IS organization and the factors that influence it depend on how the organization is perceived by the rest of the organization Which of the following is not a benefit associated with creating a strategic plan? a. provides a framework to guide decision making b. ensures effective use is made of the organization's resources c. enables the organization to be proactive d. guarantees that only the most current technology solutions will be employed
d. guarantees that only the most current technology solutions will be employed
You've been hired by a large travel and tourism agency to upgrade their security systems. There are several specific areas of concern they'd like you to address and make recommendations. After deploying several of the recommended security improvements, you suggest that the final and most important step in protecting the organization's security perimeter is _______________
end-user education
Managers have an essential role to play in the successful implementation and use of information systems— that role changes depending on which type of information system is being implemented Four information system types based on their sphere of influence include interorganizational, personal, enterprise, and?
workgroup
The impact of a successful cyberattack can be serious and long lasting. After the obvious, direct impact on the valuable assets that were damaged, stolen, or compromised, long-term damage in other areas of the business's processes and information systems can bring the overall cost of the attack far beyond initial losses. You work for a retail chain that recently experienced a data breach, resulting in the exposure of customers' email addresses, mailing addresses, and even some credit card numbers. Identify the type of impact on the business identified in each consequence of this data breach. Business Disruption
your company's customer service line is slammed with phone calls from angry customers wanting to know if their data is included in the breach
Identify the type of information system most relevant to each scenario. Workgroup Information System
:Latoya's marketing team uses a web conferencing tool to host online training sessions for her company's new hires around the country.
Computer crime is a serious and rapidly growing area of concern requiring management attention. The growth of the Internet of Things is helping to curb the number of cyberattacks. True or False?
False
After entering data into a relational database, users can make inquiries, analyze the data, and organize the data. Identify which data process is being used in each scenario. Project
Arnold needs a list showing only customers' names and email addresses
Computer crimes are committed by a wide variety of people, some who intend harm and some who are careless or themselves the victim of computer crime. The type of perpetrator somewhat indicates the kind of damage that is most likely to result from a particular cyberattack. Identify which type of perpetrator is at work in each scenario. Cybercriminal
Ashleigh hacks into a local stores payments processing system and transfers money to her PayPal account.
Computer crime is a serious and rapidly growing area of concern requiring management attention. A blended threat, phishing, and virus are all examples of a(n) ______________
Attack Vector
Computer crime is a serious and rapidly growing area of concern requiring management attention. A(n) ___________is the technique used to gain unauthorized access to a device or a network.
Attack Vector
You've been hired by a large travel and tourism agency to upgrade their security systems. There are several specific areas of concern they'd like you to address and make recommendations. Next, they're concerned about ways their network has been exposed to viruses due to employees using company computers to visit international Web sites with questionable security. What can you add to the network to offer the company better control over which Web sites are approved for business interactions? a. Two-factor authentication b. Proxy server c. Data encryption d. VPN
B. Proxy Server
Computer crime is a serious and rapidly growing area of concern requiring management attention. A form of cyberattack that is estimated to occur every 10 seconds against an individual in the U.S. is _______________. a. distributed denial-of-service attack b. ransomware c. data breach d. social engineering
B. Ransomware
You're helping to on-board a new employee who will be spending some time working from home as well as traveling twice a month for meetings with clients. Employee: Actually, I just bought a new tablet recently that I really like. Will I be able to use that tablet for work? You: Yes, we have a _______________so you can use your tablet to access company computing resources and applications
BYOD Policy
Software developers must make trade-offs between project schedules, project costs, system reliability, and software quality .Safety-critical systems are easy to learn and use because they perform quickly and efficiently, they meet their users' needs, and they operate safely and reliably. True or False?
False
The better the quality of data used in decision making processes, the more confidence users have in the decisions they make, the lower the risk of a poor decision, and the more likely the decision will achieve the desired results. Identify which characteristic of quality data is being compromised in each scenario. Accessible
Brandon can't sign into his company's knowledge base because authentication service is down for maintenance
The strategic planning process for the IS organization and the factors that influence it depend on how the organization is perceived by the rest of the organization. Four drivers that set the information strategy and determine information system investments include corporate strategy, technology innovations, innovative thinking, and _________________
Business Unit Strategy
Software developers must make trade-offs between project schedules, project costs, system reliability, and software quality. The builders of safety-critical systems must determine when they have completed sufficient testing and sign off their approval to release the product. This is typically an easy and straight-forward decision. True or False?
False
You've been hired by a large travel and tourism agency to upgrade their security systems. There are several specific areas of concern they'd like you to address and make recommendations. First, the agency is concerned about protecting their internal network where they host some servers, databases, and several workstations. Due to their global exposure with travel activities around the world, they've experienced some fairly sophisticated attacks on their network. You discover they're using an older firewall that simply isn't designed to protect against today's technologies. What would be a better alternative to protect their network resources? a. TLS b. Proxy server c. NGFW d. Biometric authentication
C. NGFW
Naomi is a market researcher for her company, which designs and manufactures carpets and rugs. She travels globally to conferences and trade shows to track current trends in her industry. During one trip, Naomi learns about a new dye technique that results in more resilient color at a lower cost. She brings the relevant information back to her team and other experts in her company to discuss the feasibility of implementing this technique in their products. Which part of her company's supply chain will be most directly affected by these changes?
C. Operations
Identify the type of information system most relevant to each scenario. Interorganizational Information System
Cam's financial management company subscribes to a carefully researched combination of databases and analyst reports.
You're helping to upgrade a hospital's perioperative IS, which manages information for patients receiving surgery. You're talking with the hospital's chief surgeon to ensure the surgical staff are aware of how the upgrade work might affect their systems until the process is complete. Doctor: How can you know how long the upgrade will take? And how do you know it will work? You: We use a sophisticated __________process to plan, track, and control each change. We've also conducted extensive testing on clones of your existing systems, and will allow time during the maintenance window for additional testing during and after the upgrade.
Change management
Protecting people's personal data is particularly important because that information could be used to steal from people, ruin their credit, prevent them from getting employment, or cause emotional and mental harm. Considering what's at stake, many laws have been passed to help keep people safe. Identify the law most relevant to each scenario. HIPAA
Chloe fills out a forma at her doctor's appointment that allows her doctor to release medical information to her employer
You're developing a customer loyalty app for a small chain of retail stores. The app will need a backend database to maintain customer information. While designing the app, you're conducting a planning meeting with your client to determine the scope of the project and resolve questions she has about the project. Client: What happens if a manager at the store is making changes on the same account that a customer service rep over the phone is also working on? Could a customer end up with double the amount of credit adjustment? You: This is unlikely. We'll incorporate a technique called ___________________ to ensure that only one person can make changes to an account at a time.
Concurrency control
Computer crime is a serious and rapidly growing area of concern requiring management attention. The perpetrator most likely to be the cause of a cyberattack is the _______________. a. cybercriminal b. malicious insider c. hacktivist d. careless insider
D. careless insider
Organizations must take strong measures to ensure secure, private, and reliable computing experiences for their employees, customers, and business partners There are _______________ steps that must be taken to perform a thorough security risk assessment. a. three b. five c. seven d. eight
D.Eight
Computer crimes are committed by a wide variety of people, some who intend harm and some who are careless or themselves the victim of computer crime. The type of perpetrator somewhat indicates the kind of damage that is most likely to result from a particular cyberattack. Identify which type of perpetrator is at work in each scenario. Malicious Employee
Derek uses his old account credentials to sign in to his former employer's network to get information on some of his old clients
An ethical decision-making process and a code of ethics can guide you as you confront the many ethical dilemmas associated with information systems. Acting in an ethical manner and acting in a legal manner will always lead to the same actions. True or False?
False
Identify which major component of the organization is being highlighted in each scenario. Technology
Dr. Baggett checks the Emergency Department's tracking board to determine which patient to see next, according to the criticality of patients' conditions and their current wait time
Identify which major component of the organization is being highlighted in each scenario. People
Dr. Michaels reviews a patient's historical test results before meeting with her to discuss treatment options.
Protecting people's personal data is particularly important because that information could be used to steal from people, ruin their credit, prevent them from getting employment, or cause emotional and mental harm. Considering what's at stake, many laws have been passed to help keep people safe. Identify the law most relevant to each scenario. COPAA
Eli reads over a privacy policy notification on a math tutoring Web site as he's creating a user account for his 10-year old son
Computer crimes are committed by a wide variety of people, some who intend harm and some who are careless or themselves the victim of computer crime. The type of perpetrator somewhat indicates the kind of damage that is most likely to result from a particular cyberattack. Identify which type of perpetrator is at work in each scenario. Cyberterrorist
Erica is late to work because a computer virus shut down the city's bus system
The better the quality of data used in decision making processes, the more confidence users have in the decisions they make, the lower the risk of a poor decision, and the more likely the decision will achieve the desired results. Identify which characteristic of quality data is being compromised in each scenario. Relevant
Estefania found information on average salaries in New England for the job role she's been offered, but she actually needs information on average salaries in the Midwest
You're the HR director for a company that provides payment processing services to small and medium-sized businesses. You're in the process hiring a new accountant, and this requires some background checking. At the same time, you're training Paula, a new HR staff member, on how to manage the hiring process. Paula: What happens if there's something wrong on a person's credit report? Do applicants have a way of checking that information before applying for a job? You: Oh, definitely. The __________ allows you to request a free copy of your credit report from each of the three consumer credit reporting agencies each year. And even if you don't do that ahead of time, the employer must give you a chance to review the report they used if it reflects negatively on you, so you can address any potential errors.
FACTA
You're the HR director for a company that provides payment processing services to small and medium-sized businesses. You're in the process hiring a new accountant, and this requires some background checking. At the same time, you're training Paula, a new HR staff member, on how to manage the hiring process. Paula: I've always heard about background checks when applying for a new job, but I never really understood what that meant. Is that the same thing as checking someone's credit history? You: A credit check can certainly be part of it, especially when hiring a new accountant. The _______requires that we get the person's permission, though, before requesting their credit history.
FCRA
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used. Three subject areas where federal statutes have been implemented to protect the personal data of U.S. citizens include financial data, children's personal data, and __________ information
Health
Computer crimes are committed by a wide variety of people, some who intend harm and some who are careless or themselves the victim of computer crime. The type of perpetrator somewhat indicates the kind of damage that is most likely to result from a particular cyberattack. Identify which type of perpetrator is at work in each scenario. Hacktivist
Jeffrey steals emails from one of his state's political candidates and posts the emails anonymously online
After entering data into a relational database, users can make inquiries, analyze the data, and organize the data. Identify which data process is being used in each scenario. Join
Karla needs a list of all orders placed by two customers over the past year
Organizations must take strong measures to ensure secure, private, and reliable computing experiences for their employees, customers, and business partners Computer forensics is a discipline that combines elements of ___________ and computer science
Law
Computer crimes are committed by a wide variety of people, some who intend harm and some who are careless or themselves the victim of computer crime. The type of perpetrator somewhat indicates the kind of damage that is most likely to result from a particular cyberattack. Identify which type of perpetrator is at work in each scenario. Careless Insider
Malissa uses her laptop to sign onto her company's database server from an open Wi-Fi connection at a local coffee shop
Organizations must take strong measures to ensure secure, private, and reliable computing experiences for their employees, customers, and business partners An organization that monitors, manages, and maintains computer and network security for other organizations is called a __________________ service provider
Managed Security Service Provider (MSSP)
You're helping to on-board a new employee who will be spending some time working from home as well as traveling twice a month for meetings with clients. Employee: That's good to hear. Will you have to make any changes to it before I can use it for work? You: We'll scan it for any security vulnerabilities and apply the necessary ___________ to close those gaps
Patches
Protecting people's personal data is particularly important because that information could be used to steal from people, ruin their credit, prevent them from getting employment, or cause emotional and mental harm. Considering what's at stake, many laws have been passed to help keep people safe. Identify the law most relevant to each scenario. HITECH
Scott receives a call from his insurance company informing him that their database was hacked last month, and some how sensitivity information of his was possibly exposed
Your CEO arrives at work on Monday morning and is acting more stressed and irritable than usual. You're a little nervous when you're called in for a meeting with him, but you soon find out the cause of his distress. Over the weekend, he met up with a friend of his from college, who is also a CEO. The friend's company was recently hacked, resulting in a severe data breach. Their company is potentially facing a class action lawsuit and possible bankruptcy. CEO: So this would tell us where our security weaknesses are. Any idea how much it will cost to eliminate those vulnerabilities? You: Unfortunately, we can never eliminate all vulnerabilities unless we just stop doing business. Once we get the report, we can determine how much investment is needed to reach a level of _______________________ that balances security costs with a level of risk we're comfortable with.
Reasonable Assurance
Identify the type of information system most relevant to each scenario. Personal Information System
Reginald relies on an online video library to research how to perform maintenance and troubleshooting tasks on networking equipment his company recently installed in their data center.
The impact of a successful cyberattack can be serious and long lasting. After the obvious, direct impact on the valuable assets that were damaged, stolen, or compromised, long-term damage in other areas of the business's processes and information systems can bring the overall cost of the attack far beyond initial losses. You work for a retail chain that recently experienced a data breach, resulting in the exposure of customers' email addresses, mailing addresses, and even some credit card numbers. Identify the type of impact on the business identified in each consequence of this data breach. Reputation Damage
Sales activity for the quarter drops by 22%, a tough hit in the middle of holiday shopping season.
Your CEO arrives at work on Monday morning and is acting more stressed and irritable than usual. You're a little nervous when you're called in for a meeting with him, but you soon find out the cause of his distress. Over the weekend, he met up with a friend of his from college, who is also a CEO. The friend's company was recently hacked, resulting in a severe data breach. Their company is potentially facing a class action lawsuit and possible bankruptcy. CEO: This report might give us a good picture of where we are right now, but what about in the future? How can we track ongoing concerns to make sure gaps in our security coverage don't open up later? You: It's good to do a risk assessment every year. In the meantime, we can use a ________________ to help track key performance indicators tied to our security strategies.
Security Dashboard
Identify the type of information system most relevant to each scenario. Enterprise Information System
Shanna helps to manage updates for her company's mobile time tracking apps that employees use to report their hours worked.
The impact of a successful cyberattack can be serious and long lasting. After the obvious, direct impact on the valuable assets that were damaged, stolen, or compromised, long-term damage in other areas of the business's processes and information systems can bring the overall cost of the attack far beyond initial losses. You work for a retail chain that recently experienced a data breach, resulting in the exposure of customers' email addresses, mailing addresses, and even some credit card numbers. Identify the type of impact on the business identified in each consequence of this data breach. Direct Impact
Shareholders experienced a 19% drop in share value in the 24 hours after the breach was publicized.
You're an HR director meeting with your CEO to discuss plans for a new application that will allow employees to track their own hours and earned vacation time. There are several pieces and parts that need to be coordinated, and the two of you are trying to decide which employees to bring on board for the project. CEO:I like the idea of developing this app in-house. Let's talk about who we want to assign to the team for this project. You've got the HR expertise. But who should take charge of converting your ideas into a workable design? You: I'm thinking Natalie can take point on this. She's got a ___________ background and helped with this kind of thing at her prior company where she developed the initial design for some bookkeeping software.
System analyst
The better the quality of data used in decision making processes, the more confidence users have in the decisions they make, the lower the risk of a poor decision, and the more likely the decision will achieve the desired results. Identify which characteristic of quality data is being compromised in each scenario. Reliable
Tyrone asked his assistant for information on a complex routing concept, and the assistant printed out a few Wikipedia articles.
The impact of a successful cyberattack can be serious and long lasting. After the obvious, direct impact on the valuable assets that were damaged, stolen, or compromised, long-term damage in other areas of the business's processes and information systems can bring the overall cost of the attack far beyond initial losses. You work for a retail chain that recently experienced a data breach, resulting in the exposure of customers' email addresses, mailing addresses, and even some credit card numbers. Identify the type of impact on the business identified in each consequence of this data breach. Legal Consequences
The company offers one year of consumer credit monitoring for customers whose credit information was compromised
An ethical decision-making process and a code of ethics can guide you as you confront the many ethical dilemmas associated with information systems. The primary intent of a code of ethics is to define desired behavior. True or False?
True
Managers have an essential role to play in the successful implementation and use of information systems— that role changes depending on which type of information system is being implemented The contemporary view of information systems is that they are often so intimately involved in an organization's value chain that they are part of the process itself. True or False?
True
Organizations must take strong measures to ensure secure, private, and reliable computing experiences for their employees, customers, and business partners Each user should conduct a security self-assessment test. True or False?
True
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used The NSA is required to obtain permission from the Foreign Intelligence Surveillance Court (FISC) to access the telephone metadata records of U.S. citizens, which are now held by telecommunication companies rather than by the government. True or False?
True
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used. One means of ensuring that you are interacting with a secure Web site is to look for a Web address beginning with https. True or False?
True
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used. There is a concern by some people who belong to a particular ethnic, religious, or social group that surveillance data collected by the government could be used to identify and target them and their associates. True or False?
True
After entering data into a relational database, users can make inquiries, analyze the data, and organize the data. Identify which data process is being used in each scenario. Select
Xiao needs a list of all customers living in Mexico
The impact of a successful cyberattack can be serious and long lasting. After the obvious, direct impact on the valuable assets that were damaged, stolen, or compromised, long-term damage in other areas of the business's processes and information systems can bring the overall cost of the attack far beyond initial losses. You work for a retail chain that recently experienced a data breach, resulting in the exposure of customers' email addresses, mailing addresses, and even some credit card numbers. Identify the type of impact on the business identified in each consequence of this data breach. Recovery Cost
Your company's customer service is line is slammed with phone calls from angry customers wanting to know if their data is included in the breach.
You're helping to on-board a new employee who will be spending some time working from home as well as traveling twice a month for meetings with clients. Employee: Does that mean my tablet will be safe going forward? You: Not necessarily. For example, a(n) _____________ could take advantage of a newly discovered vulnerability before it's patched.
Zero-day attack
Gregory's company is planning to release a new series of athletic shoes specifically targeted to hobbyist athletes who train for personal reasons such as self-improvement and socializing. Members of the target market are not generally competitive in their athletic pursuits and are more interested in characteristics such as comfort, durability, and affordability. Gregory's company has developed shoes to target these characteristics along with unusual designs, colors, and features. His team is now responsible for positioning the shoes in the market and spreading the word through social media. What information does Gregory's team need to have on hand as they're setting prices for each item in their company's new line of shoes? Choose all that apply. a. Current level of the market's familiarity and preference for his company's brand b. Perceived value of differentiating factors for his company's shoes c. Competitors' prices on similar items d. Payment systems currently available at retailer locations
a. Current level of the market's familiarity and preference for his company's brand b. Perceived value of differentiating factors for his company's shoes c. Competitors' prices on similar items
You're the office manager for a large veterinary clinic that primarily works with household pets. Your office protocols cover eventualities such as making sure pets are claimed only by their owners and protecting the confidentiality of customers' financial information, such as credit cards. However, lately you've received a few complaints about a pet's medical information being released to a family friend, neighbor, or another customer. While this information is not covered by federal laws such as HIPAA, pet owners are angry and frustrated that information they consider private is released without their consent. Who would be best to consult to determine possible solutions to this problem? Choose two. a. Office staff at your own clinic b. Office staff at competing veterinary clinics c. Office staff at a nearby medical clinic d. The clinic's lawyer
a. Office staff at your own clinic & d. The clinic's lawyer
You're the office manager for a large veterinary clinic that primarily works with household pets. Your office protocols cover eventualities such as making sure pets are claimed only by their owners and protecting the confidentiality of customers' financial information, such as credit cards. However, lately you've received a few complaints about a pet's medical information being released to a family friend, neighbor, or another customer. While this information is not covered by federal laws such as HIPAA, pet owners are angry and frustrated that information they consider private is released without their consent. Which of the following provides the clearest problem statement to guide your efforts toward a solution without attempting to define the solution itself? a. Our current office protocols do not adequately define privacy standards for our animal patients' medical information, resulting in angry customers and decreased trust with our clientele. b. We should treat animal patients' medical information with the same level of confidentiality that a doctor's office would for human patients. c. Other veterinary clinics are more attractive to our customers because they have protocols in place to protect animal patients' medical information. d. Our customers are angry that we shared their pets' information with unauthorized individuals.
a. Our current office protocols do not adequately define privacy standards for our animal patients' medical information, resulting in angry customers and decreased trust with our clientele.
You're the office manager for a large veterinary clinic that primarily works with household pets. Your office protocols cover eventualities such as making sure pets are claimed only by their owners and protecting the confidentiality of customers' financial information, such as credit cards. However, lately you've received a few complaints about a pet's medical information being released to a family friend, neighbor, or another customer. While this information is not covered by federal laws such as HIPAA, pet owners are angry and frustrated that information they consider private is released without their consent. Who should you talk with to get more information about all perspectives of this problem? Choose two. a. Pet owners b. The people who received the private information c. Office staff d. Animal patients
a. Pet owners & c. Office staff
The use of technology requires balancing the needs of those who use the information that is collected against the rights of those whose information is being used. A key difference between the U.S. and EU fair information practices is that _______________. a. although numerous laws have been implemented over time, no single overarching national data privacy policy has been developed in the United States b. U.S. federal statutes impose substantial monetary fines for data abuses by corporations c. the GDPR does not place obligations on organizations to obtain the consent of people they collect information about and to better manage this data d. in the United States, organizations found to be in violation of fair data practices are subject to fines of up to 2 percent of their global revenue
a. although numerous laws have been implemented over time, no single overarching national data privacy policy has been developed in the United States
An ethical decision-making process and a code of ethics can guide you as you confront the many ethical dilemmas associated with information systems. The _______________ step in the ethical decision-making process is considered the most critical. a. develop a problem statement b. identify alternatives c. choose alternative d. implement the decision
a. develop a problem statement
The information system worker functions at the intersection of business and technology and designs, builds, and implements solutions that allow organizations to effectively leverage information technology systems. Two potential benefits of obtaining a certification in an IS subject area are: a. new career possibilities and a potential increase in salary b. automatic pay increase and promotion c. movement from a technical career ladder to a management career ladder and salary increase d. receipt of certificate of certification which never expires and more rapid career advancement
a. new career possibilities and a potential increase in salary
Software developers must make trade-offs between project schedules, project costs, system reliability, and software quality. The process of building software for safety-critical systems takes much longer and is much more expensive because _______________. a. they are usually being built for the government and there is much red tape and delays b. they usually involve either aircraft or automobiles and must meet additional imposed by the National Transportation and Safety Board c. extreme measures must be taken to identify and remove defects starting at the very earliest stages of software development d. the software must be written in machine or assembly programming languages which are extremely tedious and time consuming to use
c. extreme measures must be taken to identify and remove defects starting at the very earliest stages of software development
Organizations must take strong measures to ensure secure, private, and reliable computing experiences for their employees, customers, and business partners The four levels at which the CIA security triad must be implemented include _______________. a. interorganizational, enterprise, workgroup, and personal b. tier 1, tier 2, tier 3, and tier 4 c. organizational, network, application, and end user d. organization, business unit, department, individual
c. organizational, network, application, and end user
You're the HR director for a company that provides payment processing services to small and medium-sized businesses. You're in the process hiring a new accountant, and this requires some background checking. At the same time, you're training Paula, a new HR staff member, on how to manage the hiring process. Paula: My husband and I are about to make an offer on our first house. Maybe we should check our credit reports for that, too? You: That's probably a good idea. Keep in mind the only official website for requesting these free credit reports is through ____________
annualcreditreport.com
You're part of a team developing an Acceptable Use Policy for employees at your state-funded agency in relation to their use of the organization's computers, mobile devices, servers, and Internet access. This is not a simple process and requires that you abide by relevant laws and guidelines to protect your organization's interests and your employees' rights. While you must be able to look out for the agency's well-being by having access to all business-related material, you also have an obligation to respect employees' right to privacy. What federal law gives citizens the right to expect their private information will be protected from undue investigation? a. 1st Amendment b. 4th Amendment c. USA Patriot Act d. USA Freedom Act
b. 4th Amendment
The strategic planning process for the IS organization and the factors that influence it depend on how the organization is perceived by the rest of the organization Three ways IS organization can be perceived by the rest of the organization that influence IS strategy are _______________. a. flexible, resourceful, and forward-looking b. cost center, business partner, and game changer c. cost-effective, innovative, and creative d. reliable, simple, and timely
b. cost center, business partner, and game changer
Managers have an essential role to play in the successful implementation and use of information systems— that role changes depending on which type of information system is being implemented Managers of the business functions most affected by a new information system have a key responsibility to ensure that _______________. a. only the most current and most advanced technology is employed b. the people, processes, and human structure components are fully addressed c. competitors cannot use a similar information system to gain a competitive advantage d. resources are deployed only against enterprise and interorganizational information systems
b. the people, processes, and human structure components are fully addressed
Managers have an essential role to play in the successful implementation and use of information systems— that role changes depending on which type of information system is being implemented _______________ is a model used to introduce new systems into the workplace in a manner that lowers stress, encourages teamwork, and increases the probability of a successful implementation. a. Strategic planning b. Porter's Five forces model c. Leavitt's Diamond d. Strategic competitive advantage
c. Leavitt's Diamond
An ethical decision-making process and a code of ethics can guide you as you confront the many ethical dilemmas associated with information systems. _______________ is not a benefit of promoting a work environment in which employees are encouraged to act ethically. a. The organization will find it easier to recruit and retain top job candidates. b. Employees will act in a consistent manner so that stakeholders can know what to expect of the organization. c. The employees' tendency to act in a manner that seems ethical to them will be suppressed and instead they will act in a manner that will protect them from punishment. d. The value of its stock and how consumers regard its products and services will be improved.
c. The employees' tendency to act in a manner that seems ethical to them will be suppressed and instead they will act in a manner that will protect them from punishment.
An ethical decision-making process and a code of ethics can guide you as you confront the many ethical dilemmas associated with information systems. The fact that _______________ is not a benefit that can be expected from following a professional code of ethics. a. peers of a professional can use the code for recognition or censure b. adherence to a code of ethics enhances trust and respect for professionals and their profession c. a code can provide an answer to every ethical dilemma d. a code of ethics provides an evaluation benchmark that a professional can use as a means of self-assessment
c. a code can provide an answer to every ethical dilemma
You're helping to upgrade a hospital's perioperative IS, which manages information for patients receiving surgery. You're talking with the hospital's chief surgeon to ensure the surgical staff are aware of how the upgrade work might affect their systems until the process is complete. Doctor: Peoples' lives are at stake here. We don't want this interfering with any of our scheduled surgeries, and we need to know how this might affect any emergency surgeries. You: This software is classified as a _____________, meaning it gets our highest priority attention from our most qualified technicians throughout the upgrade process.
safety-criminal system
