MIS 304 Exam 3
What is a computer crime?
"Using a computer to commit an illicit act"
The Systems Development Process
(a) parallel (b) direct (c) phased (d) pilot (single location)
In class, we watched where ___ was/were used to target the nuclear infrastructure of a country.
A computer virus
What are threats to IS security?
Accidents and natural disasters Employees and consultants Links to outside business associates Email attachments with viruses
________ contains spyware that collects information about a person's Web surfing behavior in order to customize Web site banner advertisements.
Adware
Cyberterrorism
Attacks by individuals and organized groups with political, religious, or ideological goals Terrorists have leveraged the internet to coordinate their activities, recruit, and perform fundraising
Managing Information Systems Security Goals
Availability: ensuring users can access the system Integrity: preventing unauthorized manipulations of data and systems Confidentiality: protecting data from unauthorized access Accountability: ensuring that actions can be tracked
Packaged software
Called "off-the-shelf" May or may not require significant configuration Enterprise software often divided into modules Special functionality may require customizing the packaged (or vanilla) version
Performing cost-benefit analyses + comparing competing investments is part of ____
Case arguments based on Fact
Why do companies outsource there IS development?
Costs and quality concerns Supplier pressure Financial factors
________ is the dubious practice of registering a domain name and then trying to sell the name for big bucks to the person, company, or organization most likely to want it.
Cybersquatting
Cyberwar
Cyberwar strategy includes controlling internet-based propaganda Misinformation and political disinformation For example, Russia's involvement in the 2016 U.S. election
Smaller companies may change their business practices to accommodate the ERP software (instead of customizing the ERP software) because:
ERP software is based around best practices
Compliance
ERP systems have built-in control systems Mirror organizational processes Support aggregation of duties Monitor business activities
Access supports exporting data to
Excel
A major disadvantage of ERP is that it does not allow for modular implementation of software. True/False
False
A recommendation for ERP software implementation success is:
Get top-management sponsorship
Hackers vs. crackers?
Hackers who don't damage or steal information belonging to others are called "white-hat hackers." They are mostly interested in penetration testing Individuals who break into computer systems with the intent to commit crime or do damage are called "black-hat hackers
Based on the video we watched in class, Sheldon was stuck in an infinite loop because:
He did not properly interpret and take into account the problem requirements
Enterprise resource planning (ERP) best practices
Identify business process in need of change Future updates are smoother if business change their processes to fit ERP systems
Which of the following statements is an example of a business case argument based on fear?
If we do not implement this system, our competitors could gain a significant advantage over us.
Based on the video watched in class, we concluded ____ is/are critical for amazon's success
Information integration
In our class activity, we used the following formula:=RANK.EQ([@TotalVisitors],[TotalVisitors],0) Which of the following is true about the formula?
It generates a rank after sorting [TotalVisitors] in descending order
Which of the following is true of system effectiveness?
It is the extent to which a system enables the firm to accomplish goals well.
Reasons for IS acquisition
Limited IS staff IS staff having limited skillset IS staff is overworked Issues with IS staff performance
The process of manufacturing goods, either based on forecasts or based on orders
Make-to-stock or Make-to-order
________ refers to the process of identifying, quantifying, and presenting the value provided by a system.
Making a business case
Which of the following IS/are Commonly used as part of a hot backup strategy?
Mirrored (fully replicated) databases
major differences of Customized vs. off-the-shelf software
Open source software is defined as software's with program source code freely available for use or modification Examples: MySQL, Linux, GitHub repos
The process of selling goods or services and collecting revenue for them
Order-to-cash
Phases of software development lifecycle (SDLC)
Phase 1 = Building the business case Phase 2 = Requirements analysis, ER diagrams, data flow diagrams, business process flows Phase 3 = Design UI, databases, UX Phase 4 = Software programming and testing. Also, training, documentation and conversion
Information security control types
Preventive, Detective, Corrective controls
Which of the following is a core business process?
Procure-to-Pay
Other software development methodologies
Prototyping, Agile, DevOps, Kanban
Integration
Replace stand-alone systems ERP modules are based on databases and simple application interfaces
Assessing IS risks
Risk reduction: actively installing countermeasures Risk acceptance: accepting any losses that occur Risk transference: have someone else absorb the risk Risk avoidance: using alternate means, avoiding risky tasks
In our class activity, we wanted to get the number of visitors for each park. Which function did we use for that?
SUMIF()
___ requires companies to maintain financial controls (usually IS-based) and holds senior management responsible for failures.
Sarbanes-Oxley Act
Five basic steps of Achieving ERP Success
Secure executive sponsorship Get help from outside experts Thoroughly train users Take a multidisciplinary approach to implementations Evolve the implementation
External IS acquisition steps
Systems planning and selection Systems analysis Development of a request for proposal Proposal evaluation Vendor selection
Suppose your new Online marketing & Social media initiatives require hiring an employee. This cost is:
Tangible, recurring
What are some reasons for the IT productivity paradox?
Time lags Redistribution
Types of computer crimes?
Unauthorized access: stealing information, stealing computer resources, bypassing access controls information modification: changing data for financial gain (embezzlement), defacing a website Threats: insider threats, computer viruses, DDoS attacks, spyware, spam, cookies, phishing, identity theft
When Shelly downloaded an arcade game from an unknown Internet Web site, an unauthorized connection unknown to Shelly was established with her computer. The arcade game is most likely to be ________.
a Trojan horse
Based on our Tableau assignment, which of the following is true?
a measure refers to numeric data (e.g., number of visitors, temperature)
The Computer Fraud and Abuse Act of 1986
crime to access govt computers or communications a crime to extort money by damaging computer systems
Electronic Communications Privacy Act of 1986
crime to break into any electronic communications service, including telephone services prohibits interception of any type of electronic communications
An internally focused system helps an organization coordinate with its ________.
departments
Outbound logistics activities focus on the ________.
distribution of end products within the order-to-cash business process
According to our tech talk (related to the Data Visualization assignment), good visualization requires:
domain knowledge
A(n) ________ is an integrated suite of business applications for virtually every department, process, and industry, allowing companies to integrate information across operations on a company-wide basis using one large database.
enterprise system
A core component of ERP Software is Supply Chain Management true/false
false
Most companies follow a parallel (old + new) strategy for system implementation as it is both economical & Safe true/false
false
The order-to-cash process entails sub-processes such as price and terms negotiations, issuing of the purchase order, receiving the goods, and receiving and paying the invoice. true/false
false
______ has/have led to an increases in threats such as cyber-bullying and cyber-harassment
increased use of mobile devices
Consider our Assignment on Python. Recall that one of the examples had the following lines of code. What is the result of running those lines of code? x = 5 type(x)
int
A system that communicates across organizational boundaries is also referred to as a(n) ________ system.
interorganizational
The first phase of the systems development life cycle (SDLC) is systems ________.
planning and selection
Which of the following is a core business process?
procure-to-pay
____ monitors user activity on a computer including websites you visit or anything you type (including passwords)
spyware
Traditionally, companies are organized around five distinct functional areas. Which of the following is one of them?
supply chain management
Designing and developing applications that support the primary business activities are a part of the ________ activities.
technology development
Making a business case can be done on faith, fear and/or facts. true/false
true
The term shoulder surfing refers to looking over one's shoulder while the person is keying in access information. true/false
true
The term social engineering refers to misrepresenting oneself to trick others into revealing information. true/false
true
The total cost of ownership is focused on understanding not only the total cost of acquisition, but also all costs associated with ongoing use and maintenance of a system. true/false
true
Which of the following goods are typically produced under a make-to-order approach?
very expensive low-volume goods