MIS Exam One

True
T/F
All organizations should have a business continuity plan.
Hot site
The most expensive backup strategy is:
True
T/F
With correct business – IT alignment, the IT department directly supports the business objectives of the organization.
False
T/F The majority of companies have excellent business – IT alignment.
Increasing, increasingly
In today’s business environment, competition is ___ and customers are becoming ___ powerful.
True
T/F
The production of a large quantity of items, customized to each customer is called mass customization.
All of these
Information systems:

A) Help organizations make sense of a complex business environment

B) Provide competitive advantage

C) Help organizations respond to business pressures

D) All of these

A business process
Related activities that create a product or service are called:
BPR
The radical redesign of business practices to reduce costs and increase quality is called:
BPM
___ is a less radical, less disruptive approach to redesigning business processes.
True
T/F
Communications controls secure the movement of data across a network.
False
T/F
Whitelisting is more restrictive than blacklisting.
True
T/F
Encryption is the process of converting an original message into a form that cannot be read by anyone except the intended receiver.
True
T/F
Browsers usually provide a visual confirmation of a secure connection.
True
T/F
Any information system can be strategic.
High, low
Threat of entry of new competitors is ___ when it is easy to enter a market and ___ when significant barriers to entry exist.
Procurement
Which of the following is not a primary activity?
False
T/F
Support activities add value directly to a company’s products and services.
True
T/F
Selection of a particular strategy involves trade-offs.
False
T/F
Companies must stick to only one strategy for success.
True
T/F
Competitive intelligence is legal, where industrial espionage is illegal.
False
T/F
There are comparatively few ways in which you can have your identity stolen.
Phishing
___ attacks use deception to acquire sensitive information by masquerading as official e-mails.
Distributed denial-of-service attack
Zombies and botnets are associated with:
True
T/F
SCADA systems provide link the physical and electronic worlds.
True
T/F
SCADA attacks can cause severe damage to a nation’s physical infrastructure, such as its power grid.
False
T/F
If someone acts unethically, then that person must be acting illegally.
Responsibility
___ means that you accept the consequences of your actions.
False
T/F
IT decreases the number of employees who can report to a single manager.
True
T/F
IT means that managers have less time to make decisions.
True
T/F
The competitive advantage of replacing people with computers is increasing rapidly.
True
T/F
IT can both improve and decrease our quality of life.
False
T/F
Robots are being used in a decreasing number of everyday tasks.
False
T/F
Authorization must precede authentication.
Something you are
Your fingerprint is an example of:
Auditing around the computer
Verifying processing by checking for known outputs using specific inputs is:
Auditing with the computer
Using live data is associated most closely with:
Vulnerability
A(n) ___ is the possibility that a system will be harmed by a threat.
Decreasing
Today, the skills needed to become a hacker are:
False
T/F
Information technology impacts individuals and organizations, but has little impact on our planet.
Static
Which of the following is not a characteristic of today’s business environment?
Knowledge
___ consists of information that has been processed to convey expertise as it applies to a business problem.
False
T/F
Process and procedures are important but not critical to the effective use of computer based information systems.
True
T/F
The public’s right to know is superior to our right to privacy.
False
T/F
The opt-out model is stricter than the opt-in model.
False
T/F
MIS and HR employees pose little threat to information security in a firm.
Social Engineering
In a(n) ___ attack, the perpetrator tricks an employee into divulging confidential information.
True
T/F
A student majoring in MIS can follow a more technical track or a more business-oriented track.
False
T/F
Business-oriented MIS majors typically find jobs as programmer/analysts.
True
T/F
Business analysts act as “interpreters” between the user community and technical specialists.
Risk Analysis
Organizations perform ___ to ensure that their security programs are cost effective:
Risk transference
Buying insurance would be a form of:
True
T/F
One of the main reasons for being an informed user is that you will have more effective interactions with your IT department.
True
T/F
IT offers excellent career opportunities.
True
T/F
One of the most dangerous (in terms of their unethical violation of privacy) aspects of Web sites such as WikiLeaks is that their activities cannot be regulated or criminalized because they do not fall under the jurisdiction of any one nation.
The Sarbanes-Oxley Act
Major scandals at Enron, WorldCom, and Tyco led to the passage of which law in 2002?
False
T/F
Tagging your friends’ pictures on Facebook will not compromise their privacy as long as you obtain their permission.
Liability
The legal concept that gives individuals the right to recover damages done to them by other individuals, organizations, or systems is known as:
False
T/F
Using apps on your smart phones that broadcast your location to others is a harmless act.
False
T/F
If your employer clearly states in the employee handbook that work email addresses should be used for official business only and then proceeds to read all the emails you send and receive, he or she is guilty of a legal violation.
Freedom of speech, national security
Two major conflicting issues related to privacy are ___ and ___.
Sharing proprietary data with friends and colleagues.
Terry Childs was accused of all of the following except:

A) Creating passwords that granted him exclusive access to the system.

B) Collecting pages of user names and passwords so he could use their network login information.

C) Downloading city data to a personal encrypted storage device.

D) Sharing proprietary data with friends and colleagues.

False
T/F
Ethics deals strictly with legal interpretations of what is right and wrong.
True
T/F
Ethics is a branch of philosophy that deals with what is considered to be right and wrong.
False
T/F
Backup and recovery procedures are recommended only to safeguard against hardware/software failures.
Vulnerability, threat, exposure
An information system’s ____ is the likelihood that the system or resource will be compromised by a ____ that will result in its ____ to further attacks.
Larger and cheaper storage
Which of the following factors that make information resources more vulnerable to attack can be most easily remedied?

A) Interconnected/dependent business environments

B) Larger and cheaper storage

C) Organized cyber crime

D) Decrease skill level of hackers

E) Lack of management control

F) None – all of the factors are exogenous

Selecting a weak password
Which of the following can be classified as unintentional threats to information systems caused by human errors?
Social engineering
An unintentional attack in which the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information is known as:
copyright, piracy
Making and distributing information goods to which you do not own the ___ is referred to as ____.
remote attacks requiring user action, remote attacks requiring no user action
Whereas phishing attacks are ____ , denial of service attacks are ____.
Hackers using key loggers.
Computer programs like CAPTCHA are used to counter
transference, acceptance
Buying health insurance is an example of risk ____, whereas going without is an example of risk _____.
Risk mitigation.
Implementing controls to prevent threats from occurring and developing a recovery plan should the threats occur are two broad functions of
authentication, authorization
Access controls consist of ____, which confirms user identity, and ____, which determines user access levels.
Passphrases
_____ can be used to create strong passwords that are easy to remember.
False
T/F
Ethics deals strictly with legal interpretations of what is right and wrong.
True
T/F
Ethics is a branch of philosophy that deals with what is considered to be right and wrong.
All of the above
Ethical issues may be categorized into which of the following types?

A) Privacy

B) Accuracy

C) Property

D) Accessibility

E) All of the above

utilitarian approach
The _________ approach to ethics maintains that an ethical action is the one that provides the most good or does the least harm:
An act can be unethical but still be legal
The relationship between ethics and legality can best be described in which of the following statements?
Accountability
_______________ is the tenet of ethics that refers to determining who is responsible for actions that were taken.
False
T/F
The law basically does not support an employer’s right to read electronic mail and other electronic documents.
False
T/F
Privacy regulations are basically the same from country to country around the world.
opt-in model
Which type of privacy policy restricts an organization from collecting personal information until the customer specifically authorizes it?
EU laws
When comparing data protection laws internationally, which laws are stricter?
increasing, human
The threats to information security are _____, and the greatest threat is _____.
False
T/F
The emergence of the Internet has decreased the threats to information security.
True
T/F
If you have copied a software package (computer program) from a friend without paying for it, you are guilty of software piracy.
False
T/F
Low level employees pose the greatest threat to information security.
IS employees
Which of the following employees typically poses the most significant threat to information security?
Careless internet surfing
Which of the following is not a social engineering technique

A) None of the choices are social engineering techniques

B) Tailgating

C) Shoulder Surfing

D) Careless internet surfing

E) All of the choices are social engineering techniques

True
T/F
You should regularly delete any spyware that might be residing on your computer, because it may be dangerous.
denial-of service attack
Which type of remote software attack does not require user action?
Spamware
Which type of alien software uses your computer to send emails that look like they came from you to all the people in your address book?
Computer viruses are introduced into the electrical company’s systems resulting in a shutdown of the power plant.
Which of the following would be an example of a SCADA attack?
True
Risk management identifies, controls, and minimizes the impact of threats to the organization’s information security.
Risk analysis
Which if the following is not a common risk mitigation strategy?
Access
A password system on a computer network is an example of which type of information security control?
Multifactor authentication systems are more reliable and more expensive than single-factor.
Which of the following statements is true?

A) Multifactor authentication systems are less reliable and less expensive than single-factor.

B) Multifactor authentication systems are more reliable and less expensive than single-factor.

C) Multifactor authentication systems are more reliable and more expensive than single-factor.

D) Multifactor and single-factor authentications have the same degree of reliability.

TLS
____________ is an encryption standard used for secure transactions such as credit card processing and online banking.
True
T/F
One of the big advantages of being an informed user and consumer of IT is that it enables you to anticipate future innovations and their potential applications.
All of these
Global outsourcing helps an organization to:

A) Find the best person for the job

B) Find more economical resources

C) Implement spatial and temporal flexibility

D) All of these

Both of the following are correct: the systems are very expensive to acquire, operate, and maintain; and the systems are critical to the organization’s operations.
Managing information systems in a modern organization is challenging because:
False
Process and procedures are important but not critical to the effective use of computer based information systems.
High-speed calculations, quick access to information, and staging and processing of large amounts of data
The core capabilities of computer-based information systems include (check all that apply):
Functional area information systems
HR information systems, POM information systems, CRM information systems, and marketing information systems are usually classified as:
True
T/F
One impact of IT will be to decrease the numbers of managers employed in organizations.
Business Intelligence Applications
While information systems, such as transaction processing systems, generate more information for managers to process, other information systems, such as ___, help them analyze this information to make better-informed decisions.
Global outsourcing
Telepresence systems can help make ___________ a more popular choice for small and medium enterprises.
Simulation environments
Which of the following is a useful, cost-effective, hands-on, and safe teaching tool in the medical field?
False
T/F
All business processes must be owned by one and only one functional area in any organization.
Business process
A(n) _____ is a collection of related activities that produce a product or a service of value to an organization.
Increase productivity

Optimize operations

Increase customer satisfaction

Reduce waste

The goals of business process reengineering are to (check all that apply):

Reduce waste.

Increase productivity.

Optimize operations.

Increase cycle time.

Increase customer satisfaction.

Reduce waste.

True
T/F
Business process management includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.
True
T/F
Organizations depend on IT to facilitate their transition to the globalization of their operations.
Technological pressures
In today’s business environment, it is rare for a company not to have a significant Web presence. This trend can be attributed primarily to:
True
T/F
The Internet reduces the barriers of entry for new competitors in an established industry.
True
T/F
The Internet can both reduce and increase the bargaining power of suppliers, depending on the specific circumstances.
Increased the threat of substitute products and increased the threat of new entrants.
In recent years, companies such as Walmart and Amazon.com have offered streaming videos for rent on their Web sites. This is another example of how new technology has (check all that apply):
False
T/F
Selecting and adhering to a single competitive strategy is sufficient to counter all of Porter’s five forces and be successful in the long term.
Business objectives
Business-IT alignment refers to the synchronization of a company’s IT operations with its:
True
T/F
According to McKinsey & Co, the root cause of companies’ inability to align their IT and their business goals is the lack of knowledge and communication.
True
T/F
Career Opportunities are strong in IS and are projected to remain strong for the next 10 years.
True
T/F
Over the years, the MIS function has changed to a partnership between the MIS department and the end users?
All of these
Which of the following is an IT job within an organization?
Software and Database.
What are 2 IT components in CBIS?
False
T/F
TPS stands for Transfer Processing Systems?
Promotion analysis and site analysis
Sales and marketing professionals use IT for which of the following functions?
True
T/F
An App (Application) is a computer program designed to support a specific task?
increasing their productivity.
IT affects middle managers by _______________.
It can place employees on constant call.
Which of the following is a negative societal effect associated with the increased use of information technology?
False
T/F
A Network is a connecting system that can only be wireless?
True
T/F
“Business Process” is defined as an ongoing collection of related activities that create a product/service to an organization?
All of these
Which of the following are examples of Business Processes?

A) Processing bills of material.

B) Managing cash receipts.

C) Collecting sales tax.

D) Applying healthcare benefits.

E) None of these.

F) All of these

False
T/F
BPR stands for Business Process Recovery?
Political changes
Business environment pressures can come from which of the following?
False
T/F
Thomas Friedman defines four eras of globalization.
Individuals who have access to information and communication technologies and those who do not.
The term “digital divide” refers to the gap between:
Michael Porter’s competitive forces model.
The best known framework for analyzing competitiveness is?
True
T/F
Cost Leadership Strategy is one strategy to gain a competitive advantage?
Customer-Orientation and Operational Effective Strategy.
Two strategies that a company can use to gain a competitive advantage are?
True
T/F
There are six (6) characteristics of effective Business-IT Alignment.
False
T/F 85% of Business and IT executives agree that their companies have adequate alignment between IT and their business.