IS 240 Final Exam Practice

What is a common tactic hackers use to allow themselves re-access to a system? Keystroke capture Access file Trap door Backdoor Rootkit

Backdoor

You recently noticed that your personal information has been altered on your university web account. You know that you did not make any changes and the registrar's office has no record of their office making changes. What type of unauthorized access are you a victim of? Active Smurfing Recording Spoofing Passive

Active

You recently noticed that your personal information has been altered on your university web account. You know that you did not make any changes and the registrar's office has no record of their office making changes. What type of unauthorized access are you a victim of? Passive Recording Active Smurfing Spoofing

Active

Business process improvement is often called _________________. Compliance Control Business Process Reengineering Enterprise Resource Management Supply Chain Management

Business Process Reengineering

Biometrics are primarily used for one of two things. What are they? Non-repudiation, authentication Fingerprint recognition, iris recognition Authentication, identification Account access, recognition User rights, printing services

Authentication, identification

During process improvement, once business processes are properly modeled, they can be ______________. visible shared defined reviewed analyzed

analyzed

One way to categorize impacts of change is whether they represent changes that __________, __________ or _____________ organizations. automate, informate, transform automate, create, transform change, recreate, redirect add, modify, delete update, reorganize, streamline

automate, informate, transform

When registering online for your classes you log onto to a website provided by your university. The computer and web browser that you are using acts as a _________, while the university computer acts as a ___________. client, server server, client computer, server browser, client client, application

client, server

___________ are processes that request services from servers. clients servers middleware Software as a Service computers

clients

What Web 2.0 technology allows several individuals to contribute to and share stored data and documents and includes controls to avoid two users from changing a document simultaneously? mashups BYOD Really Simple Syndication Web conferencing collaborative content

collaborative content

The best way for someone to protect themselves from identity theft is to follow basic security guidelines and __________________. laws ethics rules common sense definitions

common sense

__________ refers to mass collaboration of information to solve a problem. crowdsourcing social networking collaborative content Web 3.0 Really Simple Syndication

crowdsourcing

In February of 2011 the Internet Assigned Number Authority (IANA) assigned the last block of IPv4 addresses. What is the new address standard? IPv6 IPv5 MAC address DARPA virtual address

IPv6

Which of the following allows companies to pass the operation of their computer systems to another company? BPaaS SaaS PaaS Virtualization IaaS

IaaS

During which phase of the SDLC is the system made operational in a production environment? Requirements Design Development Implementation Maintenance

Implementation

In the SDLC, users will be notified of the rollout during the __________ phase. Requirements Design Development Implementation Maintenance

Implementation

___________ involves making sure that data are consistent and complete. Integrity Availability Confidentiality Authenticity Non-repudiation

Integrity

IoT leads to increased security threats due to which of the following A higher demand for hackers A lack of backups Risk of natural disasters Interconnectivity creating more opportunities Less corrective controls

Interconnectivity creating more opportunities

The COVID-19 pandemic caused a huge disruption in the world of education. Thankfully, the ____________ allowed universities to transition to online learning. World Wide Web corporate network DARPA-net Web 2.0 Internet

Internet

IoT stands for _______ ___ ________. Interconnectedness of Technology Internet of Things Initiation of Things Inclusion of Tasks Infrastructure of Technology

Internet of Things

What emerging technology capitalizes on the ever-increasing number of household and everyday objects connecting to the Internet? Internet2 Web 3.0 Web 2.0 Web conferencing Internet of Things

Internet of Things

Which of the following represents the "L" in the PLUS ethical decision-making process? Losses Looseness Latency Literal Laws

Laws

What does LAN stand for? Local Access Network Local Area Navigation Lost Address Network Local Area Network Last Address Known

Local Area Network

The design phase typically includes a ____________, which is an abstract model of what the system is intended to do. Logical system design System shall statements Parallel operations Prototype Feasibility analysis

Logical system design

Which phase of SDLC involves fixing any problems that are uncovered and may involve modifying the program to meet new needs? Planning Requirements Maintenance Development Implementation

Maintenance

What does Business Process reengineering begin with? Analysis of the organization's strategic goals Clear vision of the goal of the redesign Identification of organizational cost centers Hiring of an outside consulting firm An immediate spending freeze

Clear vision of the goal of the redesign

What type of hidden collection approach tracks online browsing behavior? Cookies Key logger Spyware Trojan Horse Clickstream data

Clickstream data

Which of the following is NOT a step in the ethical decision-making process described in the text? Identify alternatives Define the problem Evaluate the decision Minimize the impact of the decision Make the decision

Minimize the impact of the decision

The fastest transmission speeds on cables for a wired network are ______________, while ___________ are the slowest. fiber, copper coaxial, fiber copper, coaxial copper, fiber fiber, coaxial

fiber, copper

When you shop online, what is an indication that the transaction is secure? http:// smtp ftp:// POP3 https://

https://

What is the main difference between the initial set of web applications and Web 2.0? speed bandwidth requirements software requirements technology interactivity

interactivity

What is one of the core characteristics of the Internet that has contributed to its rapid growth? addressing Internet Protocol IPv4 fiber optics interoperability

interoperability

The bottom line of process modeling is to: use front office systems to track processes understand the various processes that occur at different organizational levels develop network infrastructure identify file management systems connect to influential people that can advise strategic plans

understand the various processes that occur at different organizational levels

What allows one physical device such as a server or computer to operate as if it was several machines? virtualization Software as a Service Service Oriented Architecture Web 2.0 Web 3.0

virtualization

Cloud computing allows organizations to rent computing resources from providers instead of having their own locally managed __________ and __________. hardware, human resources network, software hardware, software Web 2.0, Web 3.0 websites, servers

websites, servers

In order for you to enter the server room at your office you must have a key to the room, and then you must have a proper user name and password to access the server. All of the student files on the server are encrypted. What is this called? Layered security Defense in depth Overkill Organizational policy Information security

Defense in depth

During which phase of the SDLC are the outputs of the design phase converted into the actual information system? Requirements Design Implementation Development Maintenance

Development

What search engine allows you to anonymously search the Internet? Google Bing Yahoo! DuckDuckGo PrivateSearch

DuckDuckGo

A connection that uses encryption and other channels to provide a secured channel over an open wire connection is called a(n): smpt network Bridged network Virtual private network Symmetric network Switched network

Virtual private network

Recognizable bit patterns of a virus are known as what? Zero-day viruses Trojan horses Virus signature Virus fingerprints Stealth viruses

Virus signature

The outputs of one step in the traditional SDLC flow as inputs into the next step. Because of this it is said to follow what type of method? Step Flow Design Absolute Waterfall

Waterfall

You decide to go out for dinner. You use the web browser on your phone to query for restaurants. It suggests restaurants that are near your current location. This is an example of what? Web 3.0 intranet BYOD Internet of Things Web 2.0

Web 3.0

What is the term for a computer or a router that controls access in and out of the organization's networks, applications, and computers? Switch Firewall Bridge Gateway Hub

Firewall

An example of crowdsources is: "Waze" users sharing traffic information with other users A student sharing his test answers with another student An organization sharing office space with a competitor All of the above None of the above

"Waze" users sharing traffic information with other users

Which of the following best describes the systems development life cycle (SDLC)? A disciplined approach to systems development A process to test new applications The documentation an end user follows to operate a system An approach to risk management of developing new software An analysis of industry systems

A disciplined approach to systems development

One of the goals of the planning phase it to establish the ____________ the project. Feasibility of All of the above Goal of Reason for building Scope of

All of the above

What type of information can be stored in cookies? IP address Domain Length of time spent on a webpage Password All of the above

All of the above

__________ is the extent to which the process follows the regulatory or statutory obligations of the organization. Effectiveness Efficiency Internal Control Compliance None of the above

Compliance

___________ involves making sure that information or data can only be accessed by individuals with authorized access. Integrity Availability Authenticity Confidentiality Non-repudiation

Confidentiality

When considering the dimensions of software project development, which dimension considers the resources required to complete the project? Quality Cost Time Resources Documentation

Cost

_______________ software is built from scratch using few commercially-obtained components. Hybrid Open source Custom-built COTS Developed

Custom-built

Increasing __________ is reducing the average time it takes for the process to be completed. Effectiveness Efficiency Internal Control Compliance None of the above

Efficiency

A faculty member receives a phone call from the parent of a student. The parent inquires about the grade of the student on the last exam. If the instructor discloses any information, that instructor would violate what privacy act? CIPA FERPA COPPA HIPAA GLBA

FERPA

_______________ refers to data being used for other functions beyond those purposes for which they were collected. Scope creep Opt-out Function creep Privacy Cookies

Function creep

The university has a requirement that students must be allowed to view course offerings and register for classes that have empty seats. What type of requirement is this? Non-functional Required Functional Initiation Analysis

Functional

What type of requirements describe how a system should interact with users and other systems? Non-functional Documented Functional Use Case Input

Functional

What is outsourcing? Hiring new management Creating a new system for use Merging with another organization Adopting a new vision Going to an outside organization to provide services

Going to an outside organization to provide services

What government privacy act protects your medical records from others? CIPA COPPA FERPA HIPAA GLBA

HIPAA

__________ refers to hackers that try to find information that, if revealed, will advance human causes. Hactivism Anonymous Black-hat hacker Political hacking Government-sponsored hacking

Hactivism

What is the main focus of the design phase of the SDLC? Desired level of performance Construction of the system Placing the system in production Integration How the system will satisfy requirements

How the system will satisfy requirements

A Web merchant wants to ensure that people cannot deny that they entered into a transaction, so they starting using digital signatures and encryption as part of their transaction processing. This is an example of what? Integrity Authenticity Non-repudiation Availability Confidentiality

Non-repudiation

What is identity theft? One uses another person's account to communicate. Attempt by industry leaders to self-police themselves. One uses another person's personal information for fraudulent activities. Inaccuracy in personal data. Restricted access to personal information

One uses another person's personal information for fraudulent activities

______________ software is software that allows users to access the underlying source code for an application. COTS Custom-built Developed Hybrid Open source

Open source

You are asked to provide your location and email address when downloading iTunes from the Apple site. You are also prompted to check a box if you would like any Apple News updates. This checkbox allows you to do what? Create account Opt-in Opt-out Enable cookie manager Identify data collection threat

Opt-in

Who usually perpetrates unauthorized access? Government agencies Organization insiders Customers Students A hacker

Organization insiders

When planning a project, it is determined that the proposed project does not line up with existing strategies and practices. Which feasibility issue is this related to? Organizational Economic Ethical Technical Legal

Organizational

Which of the provides a cloud-based platform for running websites and databases and executing programming languages? BPaaS SaaS IaaS PaaS Virtualization

PaaS

If the integration plan is to implement a new system while the existing system is still running, what type of integration plan would you be following? Parallel Operation Direct Changeover Phased implementation Use Case Pilot Operation

Parallel Operation

What type of unauthorized access consists of simply accessing records or listening to transmissions on a network? Hacking Active Modifying Passive Illegal

Passive

The systems development committee has chosen to implement the new system in a limited number of sites based on location. What type of integration plan is being implemented here? Direct Changeover Parallel Operation Pilot Operation Use Case Phased implementation

Phased implementation

You have received an email from your university IT department stressing that the IT department will NEVER ask you for your username and password to your email account. What type of scheme is the university most likely trying to protect you from? Security holes Break-ins Phishing Smurfing Spoofing

Phishing

Which of the following represents the "P" in the PLUS ethical decision-making process? Privacy Public Policies Personal Probable

Policies

Websites often request information about you. You have a choice as to whether or not you provide this to them. What aspect of PAPA is being implemented? Privacy Accuracy Property Accessibility Reliability

Privacy

What tools and techniques, rather than technologies, are available to protect you online? Cookie managers Privacy policy and seals Cookies Spyware Surveillance

Privacy policy and seals

A local university contracted with IBM to implement a new database system, which the university would then administer and run. This is an example of what type of outsourcing? Application Personnel Process-based Consultant Project-based

Project-based

Auto makers spend a significant amount of time and money developing new automobiles. Often these auto makers create a working mock up for display and testing. What methodology are these automakers using? Prototyping DevOps Off the shelf Maintenance Modeling

Prototyping

What is the term for when software is installed on a computer without authorization and encrypts files and demands payments in bitcoin before the password to encrypt the files will be provided? Ransomware Hacking Malicious act Trojan Worm

Ransomware

What is software that allows hackers to have unfettered access to everything on the system, including adding, deleting, and copying files called? Spyware Rootkits Sniffers Backdoors Keystroke capture programs

Rootkits

Which of the following is basically the acquisition of software via a subscription model? BPaaS PaaS SaaS IaaS Virtualization

SaaS

What is software that monitors transmissions, capturing unauthorized data of interest called? Spyware Smurfing software Spoofing software Backdoors Sniffer

Sniffer

What type of architecture can be used in different systems with different technology platforms? peer-to-peer Software as a Service (SaaS) Intranet Service Oriented Architecture VPN

Service Oriented Architecture

What are cookies? Review IP address to track online browsing Small text files that store information Hidden application to record keystrokes Malware designed to slow down your PC Program offered by an organization which post rules

Small text files that store information

What does secondary use of information refer to? The level of control over one person's personal information. The use of data for purposes other than those for which they were originally collected. The proliferation of online sites collecting data, of data sources, and of tools to manipulate these data in today's interconnected society. Data collection threat. Unauthorized individuals having access to one's private data. PreviousNext

The use of data for purposes other than those for which they were originally collected.

After working at the same firm for 3 years, your senior leadership has developed a process that completely reworks how your job is done. What level of change is this? Automate Informate Recreate Abandon Transform

Transform

If a virus is embedded in a legitimate file, they are often called a(n)__________. hack worm Trojan horse theft active content

Trojan horse

What is the main solution used to prevent unauthorized access to systems, data, and applications? Passwords Biometrics Firewalls Anti-virus software User profiles

User profiles

A study published in 2009 shows that ____________ methods for stealing personal information are more popular than _______________ methods. technology driven, low-tech high-tech, social advanced, remedial low-tech, technology-driven natural, fake

low-tech, technology-driven

What Web 2.0 technology refers to users combining data or applications from several sources to create new ways to view data or create new aggregated results? mashups collaborative content BYOD Really Simple Syndication blogs

mashups

Your PC at your office is connected over wired communications. Your PC has a network cable that is plugged into your ________________ so that your PC can be part of the network. network interface card repeater video card hub switch

network interface card

When considering security threats it is very important to consider __________ and __________ of the threat on the organization. prevalence, impact impact, theft repudiation, availability authenticity, availability theft, prevalence

prevalence, impact

Encryption is not only used to protect data transmissions, but it can also be used to: protect data on servers lock out users identify viruses update email take photographs

protect data on servers

When using your cell phone, what type of transmission are you using? infrared Bluetooth radio microwave cable

radio

Most antivirus programs are __________, which means that they detect viruses after an infection. proactive reactive reactionary demonstrative descriptive

reactive

What type of device would you use to retransmit a signal that it receives, regenerating it to increase its strength? repeater switch hub bridge gateway

repeater

A ____________ is an intelligent device that controls the flow or transmissions in and out of a network. bridge switch hub router gateway

router

You have been included on an IT task force for your university. The committee's first priority is wireless access on your campus. The task force chair keeps discussing increasing enrollment numbers. What principle of architecture is the chair most likely alluding to? scalability ease of implementation flexibility control security

scalability

Privacy policies and privacy seals are considered ________________ mechanisms for information privacy. self-regulation legal guideline protection security

self-regulation

Innovators are working on Web 3.0. What type of new technology is expected from Web 3.0? virtualization instant gratification signatures semantics procedures

semantics

One way to classify networks is by baseband or broadband. This is determined by the ____________, _____________ and bandwidth of the network. speed, width frequency, length width, length speed, frequency width, speed

speed, frequency