mis 300 possible test questions

In a management support system, why is it is important to keep lines of communication open?

It ensures key decision makers are involved in designing the MSS.

Which of the following websites likely poses the most fraud and security risk? a. A file sharing website b. A social media website c. Your school's website d. Your personal website

a. A file sharing website

_____ is a type of data encryption that enables users of the Internet to securely and privately exchange data through the use of a pair of keys that is obtained from a trusted authority and shared through that authority. a. A public key infrastructure b. Secret key encryption c. A private key infrastructure d. Open key encryption

a. A public key infrastructure

How does the U.S. Justice Department define computer fraud?

a. As an illegal act in which knowledge of computer technology is essential

_____ involves semistructured decisions. a. Budget preparation b. Research and development c. Hiring and firing d. Record keeping

a. Budget preparation

Which geographic object of a geographic information system (GIS) is most likely used to show a street or a river? a. Lines b. Regions c. Points d. Areas

a. Lines

Which type of access control is used to protect systems from unauthorized access? a. Passwords b. Identification badges c. Electronic trackers d. Firewalls

a. Passwords

What is the primary difference between fraud and errors in financial statement reporting? a. The intent to deceive b. The type of transaction effected c. The level of management involved d. The materiality of the misstatement

a. The intent to deceive

Zeus is an example of a a. Trojan horse b. virus. c. war dialing. d. worm.

a. Trojan horse

Lapping is best described as the process of a. applying cash receipts to a different customer's account in an attempt to conceal previous thefts of cash receipts b. increasing expenses to conceal that an asset was stolen. c. stealing small amounts of cash, many times over a period of time. d. inflating bank balances by transferring money among different bank accounts.

a. applying cash receipts to a different customer's account in an attempt to conceal previous thefts of cash receipts

Individuals who control an army of malware-infected zombie computers are referred to as a. botnet owners. b. bad actors. c. malware owners. d. malware writers.

a. botnet owners.

Which of the following is not a way to reduce fraud losses? a. conduct periodic external and internal audits. b. Use software to monitor system activity. c. Store backup copies of program and data files. d. Maintain adequate insurance.

a. conduct periodic external and internal audits.

In the context of intentional computer and network threats, a _____ floods a network or server with service requests to prevent legitimate users' access to a. denial-of-service attack b. blended threat c. keystroke logging attack d. backdoor threat

a. denial-of-service attack

Asynchronous software enables team members to work together at _____. a. different times b. a location in which a server computer is present c. an agreed-upon location d. the same time

a. different times

A(n) _____ system is a branch of decision support systems (DSSs) that gives managers easy access to internal and external data and typically includes drill-down features and a digital dashboard for examining and analyzing information. a. executive information b. geographic information c. group support d. electronic meeting

a. executive information

When planning a comprehensive security system, the first step is designing _____, which use a combination of hardware and software for improving reliability, a way of ensuring availability in case of a system failure. a. fault-tolerant systems b. database-resilient systems c. vulnerability-evade systems d. primary-defense systems

a. fault-tolerant systems

While designing a management support system, it's important to remember that executives' main concern is _____. a. getting the information they need in the simplest way b. getting support from all employees c. getting the information they need in the most technically advanced way d. identifying unquantifiable benefits

a. getting the information they need in the simplest way

Sabotage is an example of a(n) ________ threat. a. intentional acts (computer crimes) b. natural and political disasters c. software errors and equipment d. malfunctions unintentional acts

a. intentional acts (computer crimes)

Unstructured decisions are often used in _____. a. introducing a new product b. capital acquisition analysis c. record-keeping d. simple inventory

a. introducing a new product

When designing an MSS, designers should keep the ____ consistent. a. look and feel b. data points c. results d. objectives

a. look and feel

In a decision support system (DSS) environment, a _____ is the liaison between users and designers. a. model builder b. database builder c. system architect d. managerial designer

a. model builder

Which of the following is not a human trait social engineers take advantage of to entice people to reveal information they should keep confidential? a. Sloth b. Authority c. Compassion d. Sex Appeal

b. Authority

_____ is a collection of applications that supports decision makers by providing access to a shared environment and information. a. Firmware b. Collaboration software c. Databaseware d. Geographic information software

b. Collaboration software

In the context of defining the objectives and benefits of a management support system (MSS), which is an intangible benefit? a. Increasing demand b. Improving customer service c. Increasing profits d. Improving the organization's revenue

b. Improving customer service

LOLer was chatting online with l33ter. "I can't believe how lame some people are! :) I can get into any system by checking out the company website to see how user names are defined and who is on the employee directory. Then, all it takes is brute force to find the password." LOLer is a ________, and the fraud he is describing is ________. a. phreaker; the salami technique b. hacker; password cracking c. phreaker; dumpster diving d. hacker; social engineering

b. hacker; password cracking

In the context of computer crimes and attacks, the difference between phishing and spear phishing is that: a. spear phishing involves collecting sensitive information via phone calls. b. in spear phishing, the attack is targeted toward a specific person or a group. c. in spear phishing, hackers capture and record network traffic. d. spear phishing involves monitoring and recording keystrokes.

b. in spear phishing, the attack is targeted toward a specific person or a group.

Which system performs tasks similar to a database management system (DBMS)? a. decision support b. model base management c. electronic meeting d. geographic information

b. model base management

In the decision support system (DSS) environment, a _____ is responsible for supplying information on what a model does, what data inputs it accepts, how the model's output should be interpreted, and what assumptions go into creating and using the model. a. database builder b. model builder c. model designer d. managerial designer

b. model builder

Terrorists are an example of a(n) ________ threat. a. intentional acts (computer crimes) b. natural and political disasters c. software errors and equipment malfunctions d. unintentional acts

b. natural and political disasters

While designing a management support system, it's important to remember that executives do not care about _____. a. communication options b. sales figures c. choice of platform d. support from the top

b. sales figures

John downloaded Alten Cleaner, a program that poses as a computer registry cleaner, on his computer. Once he installed the program on his computer, the program illegitimately gained access to John's passwords and credit card information. In this scenario, it is evident that John was a victim of _____. a. baiting b. spoofing c. phishing d. pharming

b. spoofing

In the context of organizational decisions at the strategic management level, _____ decisions are often used in deciding the plant location of an organization. a. unstructured b. structured c. semistructured d. pseudo structured

b. structured

Misappropriation of assets is a fraudulent act that involves a. using computer technology to perpetrate a crime. b. theft of company property. c. dishonest conduct by those in power. d. misrepresenting facts to promote an investment.

b. theft of company property.

In the context of executive information systems (EISs), _____ allows managers to flag data that is unusual or out of normal boundaries. a. text mining b. variance reporting c. forecasting d. data reporting

b. variance reporting

Which geographic object of a geographic information system (GIS) is most likely used to show a particular zip code or a large tourist attraction? a. Lines b. Intersections c. Areas d. Points

c. Areas

_____ uses a public key known to everyone and a private key known only to the recipient. a. Symmetric encryption b. Remote key encryption c. Asymmetric encryption d. Secret key encryption

c. Asymmetric encryption

_______ enables decision makers in different locations to communicate in real time. a. E-mail software b.Task management software c. Communication software d. Geographic information system software

c. Communication software

_____ is one of the most popular password managers. a. CounterSpy b. STOPzilla c. Dashlane d. FilePro

c. Dashlane

_____ uses a geographic information system (GIS) application to dispatch personnel and equipment to crime and fire locations. a. Insurance b. Transportation and logistics c. Government d. Urban planning

c. Government

_____ is a computer crime that involves destroying or disrupting computer services. a. Bombing b. Keystroke logging c. Sabotage d. Dumpster diving

c. Sabotage

_____ decisions are vaguely defined by standard operating procedures but include a structured aspect that benefits from information retrieval, analytical models, and information systems technology. a. Pseudostructured b. Unstructured c. Semistructured d. Structured

c. Semistructured

_____ can interfere with users' control of their computers, through such methods as installing additional software and redirecting Web browsers. a. Script loggers b. Keystroke loggers c. Spyware d. Firmware

c. Spyware

Identify one difference between task management software and project management software. a. Task management apps focus on teams that are widely dispersed. b. Project management apps focus on smaller projects. c. Task management apps emphasize improving the productivity of each team member. d. Project management apps emphasize improving the productivity of each team member.

c. Task management apps emphasize improving the productivity of each team member.

____ is a method of access control that prevents unauthorized users from using an unattended computer to access the network and data. a. Direct digital synthesis b. Distance-vector routing c. Terminal resource security d. Link-state routing

c. Terminal resource security

A(n) _____contains code intended to disrupt a computer, network, or Web site and is usually hidden inside a popular program. a. PageRank b. withdrawal suite c. Trojan program d. exit application

c. Trojan program

_____, a biometric security measure, translates words into digital patterns, which are recorded and examined for tone and pitch. a. Keyword identification b. Audio manipulation c. Voice recognition d. Word exhibition

c. Voice recognition

Which of the following is not an example of one of the basic types of fraud? a. An executive devised and implemented a plan to accelerate revenue recognition on a long-term contract, which will allow the company to forestall filing for bankruptcy. The executive does not own any stock, stock options or grants, and will not receive a bonus or perk because of the overstated revenue. b. A purchasing agent places a large order at higher-than-normal unit prices with a vendor that gave the agent tickets to several football games. c. While straightening the store at the end of the day, a shoe store employee finds and keeps an expensive pair of sunglasses left by a customer. d. A salesperson approves a large sales discount on an order from a company owned partially by the salesperson's sister

c. While straightening the store at the end of the day, a shoe store employee finds and keeps an expensive pair of sunglasses left by a customer.

Decisions related to _____ are considered structured decisions at the operational management level of an organization. a. sales forecast b. payroll c. accounts receivable d. setting queue priorities

c. accounts receivable

Pretexting is best described as a social engineering technique that uses a. text messages to gain sensitive information. b. impersonation of somebody you know to gain sensitive information. c. an invented scenario to gain sensitive information. d. threat of physical force to gain sensitive information.

c. an invented scenario to gain sensitive information.

In the context of computer and network security, _____ means a quick recovery in the event of a system failure or disaster. a. integrity b. validity c. availability d. confidentiality

c. availability

In the context of intentional computer and network threats, a _____ is a programming routine built into a system by its designer or programmer to bypass system security and sneak back into the system later to access programs or files. a. proxy server b. firewall c. backdoor d. logic bomb

c. backdoor

In a management support system, it's important to examine the ____ that executives use. a. technical jargon b. computer platform c. decision-making process d. audio-visual equipment

c. decision-making process

Which feature of an executive information system (EIS) enables users to examine and analyze information? a. intelligent agent b. digital dashboard c. ease of use d. secure login

c. ease of use

A(n) _____ is a combination of hardware and software that acts as a filter or barrier between a private network and external computers or networks. a. electronic tracker b. intrusion detection system c. firewall d. rootkit

c. firewall

A(n) _____ system uses spatial and nonspatial data and specialized techniques for storing coordinates of networks of lines (roads, rivers, streets) and reporting zones (zip codes, cities, counties, states). a. group support b. electronic meeting c. geographic information d. executive information

c. geographic information

In _____, a geographic information system (GIS) is used to make the best use of personnel and equipment while dealing with a tight budget and maintaining crime statistics. a. marketing operations b. logistics c. government d. real estate businesses

c. government

"Cooking the books" is typically accomplished by all the following except a. overstating inventory. b. accelerating recognition of revenue. c. inflating accounts payable. d. delaying recording of expenses.

c. inflating accounts payable.

A typical executive information system (EIS) offers which of the following capabilities? a. messaging b. collaboration c. slice-and-dice d. video conferencing

c. slice-and-dice

In the context of e-commerce transaction security measures, authentication is a critical factor because it ensures that: a. a system can easily be restored to operational status. b. a system quickly recovers in the event of a system failure or disaster. c. the person using a credit card number is the card's legitimate owner. d. the accuracy of information resources within an organization is maintained.

c. the person using a credit card number is the card's legitimate owner.

Fraud perpetrators are often referred to as a. bad actors. b. blue-collar criminals. c. white-collar criminals. d. outlaws.

c. white-collar criminals.

Ashley Baker has been the webmaster for Berryhill Finance only ten days when Berryhill's website was scheduled for a routine security patch update. Unbeknown to Ashley, cybercrooks found out the timing of the patch update and launched attacks right before Berryhill's update from a remote location miles away. As a result of the attack, Berryhill lost a significant amount of clients' private information. Berryhill Finance suffered from a a. cyber-extortion attack. b. hacking attack. c. zero-day attack. d. identity theft attack.

c. zero-day attack.

The different types of information systems that have been developed to support certain aspects and types of decisions are collectively called _____ systems. a. geographic information b. supply chain management c. electronic meeting d. management support

d. management support

1. The main function of Cyber Incident Response Capability (CIRC) is to _____. a. restrict access controls to unauthorized personnel b. provide level 1 security c. create backdoors to bypass protocols d. provide information on security incidents

d. provide information on security incidents

In a typical organization, _____ decisions are often used in capital acquisition analysis. a. unstructured b. structured c. pseudo structured d. semistructured

d. semistructured

Managers use executive information systems (EISs) to: a. track inventories. b. communicate via videoconferences. c. work in groups. d. spot trends.

d. spot trends

Offering a free website, then charging the phone bills of the individuals who signed up for the free website is known as a. e-scraping. b. snarfing. c. podpounding. d. web cramming.

d. web cramming.

Google Apps for Work, Confluence, and Samepage are examples of ____ software. a. decision support system b. document management c. GIS d. communication

b. document management

What is a denial of service attack? a. It is an attack when the perpetrator uses software to guess company's addresses, send employees blank e-mails, and add unreturned messages to spammer e-mail list. b. It is an attacked when the perpetrator sends hundreds of messages from randomly generated false addresses, overloading an Internet service provider's e-mail server. c. It is an attack when the perpetrator is inputting so much data that the input buffer overflows. The overflow contains code that takes control of the company's computer. d. It is an attack when the perpetrator is inserting malicious query in input such that it is passed to and executed by an application program.

b. It is an attacked when the perpetrator sends hundreds of messages from randomly generated false addresses, overloading an Internet service provider's e-mail server.

In the context of the common intentional security threats, which statement best describes a worm? a. It is a programming routine built into a system by its designer to bypass system security and sneak back into the system later to access data. b. It travels from computer to computer in a network, but it does not usually erase data. c. It floods a network or server with service requests to prevent legitimate users' access to the system. d. It attaches itself to a host program to spread to other files in a computer.

b. It travels from computer to computer in a network, but it does not usually erase data.

Lauren wants to open a floral shop in a downtown business district. She doesn't have funds enough to purchase inventory and pay six months' rent up front. Lauren approaches a good friend, Jamie, to discuss the possibility of Jamie investing funds and becoming a 25% partner in the business. After a lengthy discussion, Jamie agrees to invest. Eight months later, Jamie discovered that Lauren has not be honest with her regarding some aspects of the business financial operation. In order for Jamie to sue Lauren for fraud, all the following must be true except a. Jamie has suffered a substantial loss in her investment because of Lauren's deception. b. Jamie found Lauren dishonest because she does not always reconcile the business cash account on a timely basis. c. Jamie trusted and relied on Lauren's representation of the business financial operation. d. Jamie's decision to invest was primarily based on Lauren's assertion that she had prior floral retail experience.

b. Jamie found Lauren dishonest because she does not always reconcile the business cash account on a timely basis.

On a Friday evening you use a bar's ATM to withdraw $50 from your bank account. However, as you complete your withdrawal, your card gets jammed in the ATM machine. The individual waiting in line behind you approaches you and suggests re-entering your PIN number. You do. However, your card remains jammed. You leave the bar to call your bank to report the incident. However, after you left the individual who offered to help you removed a sleeve he inserted in the ATM to jam your card. He now has your ATM card and PIN number. You just fell victim to a ________ fraud. a. pharming b. Lebanese looping c. tabnapping d. phishing

b. Lebanese looping

_____ primarily control access to computers and networks and include devices for securing computers and peripherals from theft. a. Biometric security measures b. Physical security measures c. Nonbiometric security measures d. Virtual security measures

b. Physical security measures

_____ is an area that involves unstructured decisions. a.Record keeping b. Research and development c. Sales forecasting d. Capital acquisition analysis

b. Research and development

_____ is a commonly used encryption protocol that manages transmission security on the Internet. a. User Datagram Protocol b. Secure Sockets Layer c. Application Layer d. Transmission Control Protocol

b. Secure Sockets Layer

_____ is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information. a. Keystroke logging b. Spoofing c. Phishing d. Pharming

b. Spoofing

_____ decisions can be automated because a well-defined standard operating procedure exists for these types of decisions. a. Semistructured b. Structured c. Pseudostructured d. Unstructured

b. Structured

_____ is also known as secret key encryption. a. Public key cryptography b. Symmetric encryption c. Message authentication d. Auto key generation

b. Symmetric encryption

Which statement is true of application-filtering firewalls? a. They filter viruses less effectively than packet-filtering firewalls. b. They filter faster than packet-filtering firewalls. c. They are less secure than packet-filtering firewalls. d. They are more expensive than packet-filtering firewalls.

b. They filter faster than packet-filtering firewalls.

Which statement is true of firewalls? a. They cause routers to terminate connections with suspicious sources. b. They protect against external access, but they leave networks unprotected from internal intrusions. c. They monitor network traffic and use the “prevent, detect, and react†approach to security. d. They can identify attack signatures, trace patterns, and generate alarms for a network administrator.

b. They protect against external access, but they leave networks unprotected from internal intrusions.

Recall that students used Facebook and VKontakte to identify Russian money laundering mules. What fraud case did these students help foil? a. Zeus b. Trident Breach c. Nigerian Banking d. InfraGard

b. Trident Breach

Another commonly used name for collaborative computing is _____ computing. a. GIS b. analysis c. DSS d. group

b. analysis

In a level 2 security system, _____ must be protected to ensure confidentiality, accuracy, and integrity of data. a. private networks b. back-end systems c. external databases d. front-end servers

b. back-end systems

In the context of intentional computer and network threats, a _____ combines the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks. a. firewall b. blended threat c. backdoor threat d. mirror disk

b. blended threat

Which of the following is an example of input fraud? a. The office manager of a Wall Street law firm sold information to friends and relatives about prospective mergers and acquisitions found in Word files. They made several million dollars trading the securities. b. A fraud perpetrator scanned a company paycheck, used desktop publishing software to erase the payee and amount, and printed fictitious paychecks. c. Two accountants without the appropriate access rights hacked into Cisco's stock option system, transferred over $6.3 million of Cisco stock to their brokerage accounts, and sold the stock. They used part of the funds to support an extravagant lifestyle, including a $52,000 Mercedes-Benz, a $44,000 diamond ring, and a $20,000 Rolex watch. d. A man used desktop publishing to prepare bills for office supplies that were never ordered or delivered and mailed them to local companies. The invoices were for less than $300, an amount that often does not require purchase orders or approvals. A high percentage of the companies paid the bills.

d. A man used desktop publishing to prepare bills for office supplies that were never ordered or delivered and mailed them to local companies. The invoices were for less than $300, an amount that often does not require purchase orders or approvals. A high percentage of the companies paid the bills.

_____ is a form of spyware that collects information about a user (without the user's consent) to determine which commercials to display in the user's Web browser. a.Firmware b. Freeware c. Silverware d. Adware

d. Adware

Which is a nonbiometric security measure? a. Signature analysis b. Electronic trackers c. Retinal scanning d. Callback modems

d. Callback modems

Which of the following is not an example of the fraud triangle characteristic concerned with rationalization? a. Sense of entitlement as compensation for receiving a lower than average raise b. Revenge against the company c. Belief that the company won't suffer because an insurance company will reimburse losses d. Intent to repay "borrowed" funds in the future

d. Intent to repay "borrowed" funds in the future

Which of the following statements is true of a worm? a. It enables a system designer to bypass the security of a system and sneak back into the system later to access files. b. It floods a network or server with service requests to prevent legitimate users' access to the system. c. It is usually hidden inside a popular program, but it is not capable of replicating itself. d. It is an independent program that can spread itself without attaching itself to a host program.

d. It is an independent program that can spread itself without attaching itself to a host program.

Which statement is true of symmetric encryption? a. it uses two different keys to encrypt and decrypt a message. b. It is impossible to create digital signatures using symmetric encryption. c. It requires more processing power than asymmetric encryption. d. It is difficult to share a key over the Internet in symmetric encryption.

d. It is difficult to share a key over the Internet in symmetric encryption.

The Committee on National Security Systems (CNSS) proposed a model known as the _____ for evaluating information security. a. Six Sigma model b. SWOT analysis c. Bohr model d. McCumber cube

d. McCumber cube

_____ primarily control access to computers and networks and include devices for securing computers and peripherals from theft. a. Biometric security measures b. Nonbiometric security measures c. Virtual security measures d. Physical security measures

d. Physical security measures

Which of the following is not an example of misappropriation of assets? a. A warehouse employee takes home two units of electronic entertainment inventory each week without authorization. b. The president of the company utilizes the organization's cash to add a floor to her 15,000 square foot house. c. The treasurer of the company makes an unauthorized wire transfer from the organization's bank to a personal account in Grand Cayman. d. The chief financial officer of the company falsely adds $20 million to the accounts receivable and revenue accounts.

d. The chief financial officer of the company falsely adds $20 million to the accounts receivable and revenue accounts.

Which is true of semistructured decisions? a. They require automation. b. They rely excessively on information technologies. c. They involve programmable tasks. d. They involve multiple criteria.

d. They involve multiple criteria.

In the context of intentional security threats, _____ can erase data and wreak havoc on computers and networks but do not replicate themselves a. viruses b. McCumber cubes c. worms d. Trojan programs

d. Trojan programs

What agency did the United States create to use cyber weapons and to defend against cyber-attacks? a. Department of Cyber Defense b. Department of Network Security c. Department of Technology Strategy d. U.S. Cyber Command

d. U.S. Cyber Command

In the context of the roles in the decision support system (DSS) environment, which of the following questions does a managerial designer address? a. What are the assumptions required to create and use a model? b. What type of file structure should be used? c. What are the operations of the model? d. What should the balance between aggregated and disaggregated data be?

d. What should the balance between aggregated and disaggregated data be?

Megan has purchased a brand new laptop about three months ago. Recently, she feels that her computer is operating much more slowly and sluggishly than before. Since purchasing the computer, Megan had been accessing the Internet and had installed a variety of free software. The problem is mostly likely to be a. a zero-day attack. b. a spoof. c. a sluggishness infection. d. a virus.

d. a virus.

Which capability of an executive information system (EIS) is responsible for aggregating data such as sales figures? a. consolidation b. slice-and-dice c. ease of use d. analysis

d. analysis

For a(n) _____ system to be useful, it should collect data related to an organization's critical success factors-issues that make or break a business. a. executive information b. group support c. geographic information d. decision support

d. decision support

During the _____ phase of the decision-making process, the best and most effective course of action is selected. a. intelligence b. design c. choice d. implementation

d. implementation