CS507 MCQ

CS507_Finalterm_Session 3_Objective 2011
1. Which of the following usually contain records describing system events,

application events, or user events
An event-oriented log pg 149
A record of every keystroke
Option a and b
None of these
2. Which of the following is an object that exists and is distinguishable from other
objects?
Entity pg 113
Attribute
Object
Instance
3. A Protocol is an agreed-upon set of conventions that defines the rules of

communication.
True pg 128
False
4. The organization refers to a organizational structure with few or no levels of
intervening management between staff and managers is called-----------------
Hierarchical organization
Flat Organization pg 10
Pyramid Organization
5. ERP s major objective is to tightly integrate the functional areas of the

organization and to enable seamless information flows across the functional areas.
True
False
6. Threat capacity is an input source for Likelihood determination.
False
True pg 156
7. Buying and selling of products, services and information via computer networks,
primarily the Internet is :
E-Commerce page 172
E-Business
Web Surfing
BPR
8. Which of the following refers to the process of identifying attempts to penetrate a

system and gain unauthorized access?
Threat Identification
Intrusion detection (page 150)
Access Control
All of above
9. Which of the following likelihood level is true for the following?
"The threat source lacks motivation or capability or controls are in place to prevent
or at Least significantly impede the vulnerability from being exercised."
High
Low (page 156)
Medium
None of these
10. The flowchart helps in locating and correcting errors also called debugging.
True (page 105)
False
11. The purpose of data flow diagrams is to provide a --------- between users and
systems developers
Linking bridge (page 106)
Empty Space
Data Flows
Options a and b
12. Active Attack is one of the types of Web Security information systems.
True
False
13. Accounts should have a control over various recording points in the entire
process from procurement to finished good store room.
False
True page 55
14. Commentaries are the example of _________ sources.
Primary
Tertiary
Secondary page 3
15. One of the methods of integrating different business information systems is:
► Supply Chain management software pg18
► Interface reconciliation software
► Message passing
► None of the given options
16.__________ overwrites every program/software/file it infects with itself. Hence

the infected file no longer functions.
► Dropper
► Overwriting Viruses
► Boot sector Virus
17.Object oriented analysis focuses on the _________
► States of objects
► Collaboration of objects
► Implementation of objects
18. In drawing a proper flowchart, all necessary steps that are a part of process
should be listed out in ---------------------- order.
► Logical
► Physical
► Random
► Top to Bottom
19.Which of the following is not the type of CSF?
► Industry CSFs
► Environmental CSFs
► Technical CSFs
► Temporal CSFs
20. According to “Booch”, object has following three components
► State, Behaviour, Identity
► State, Behaviour, Interface

► State, Interface, methods
► State, Variables, Methods
21.__________ is known as father of warehouse.
► Stephen hawking
► Bill gates
► Bill Inmon
22. Every decision we take in daily life requires some sort of information about the
alternatives available.
► True
► False
23. Collaborative commerce is one of the types of B2B.
True
False
24. Maintaining and eventually institutionalizing the change is called Unfreezing.
► True
► False
25 to 30mcqs were new

CS507_Finalterm_Session 3_Subjective 2011
1. What is the concept of IS Audit? (5 marks)
Information systems include accounting and finance function as a critical part of the
entire system.
Hence, these days audit of information systems as whole incisively focuses on finance
and accounting aspect as well. For example, all banks and financial institutions have soft
wares supporting interest computations. During the audit of IS, the integrity of the source
code/program instructions have to be checked and assurance obtained that these have not
been tampered with or altered in any manner.
An information technology (IT) audit or information systems (IS) audit is an examination

of the controls within an entity's Information technology infrastructure. When
transactions are executed and recorded through computers, the lack of physical audit trail
requires implementation of controls with the Information systems so as to give the same
result as controls are implemented in a manual information system IS audit focuses more
on examining the integrity of controls and ensuring whether they are properly working.
Obtained evidence evaluation can ensure whether the organization's information systems
safeguard assets, maintains data integrity, and is operating effectively and efficiently to
achieve the organization's goals or objectives.
2. What are the aspects of Privacy issue is dealt with? (5 marks)
Following aspects should be covered when privacy is dealt with.

1. What kind of surveillance should be used by an employer on an employee?
2. What things can keep to themselves and not be forced to reveal to others?
3. What information about individuals should be kept in database and how secure is
the information there – Issues of Data Protection
4. What can be revealed to others about oneself if one is required to do so?
3. Differentiate Bugs from viruses? (5 marks)
Virus vs. Bug
Bug is an internal malfunction of the software. It is an unintentional fault in a program. It

is an incorrect functioning of a particular procedure in a program. This is caused by
improper application of programming logic. For example, free trial versions of soft wares
are available on line. These beta versions are not tested fully and often contain bugs that
can disrupt the system.
Incorrect definition of a formula or linkage can give incorrect results. Virtually all
complex programs contain virus. Incorrect/ invalidated / unedited data entry is not a
programming fault or a bug. The process of removing bugs from software is termed as
debugging. Virus is the external threat which is not a malfunction of the software.
However, a bug in the software can create a virus.
4. Define Object Oriented Analysis and Design (OOAD)? (2 marks)

The concept of object oriented analysis and design focuses on problems in terms of
classes and objects. This concept combines aspects of both entity relationship diagram
and data flow diagrams.
5. Define Computer Aided Manufacturing (CAM)? (2 marks)
Computer-aided manufacturing (CAM) is a form of automation where computers

communicate work instructions directly to the manufacturing machinery.
6. Define Dropper and Trojan horse? (2 marks)
Dropper
A dropper is a program not a virus. It installs a virus on the PC while performing another
function.
Trojan horse
A Trojan horse is a malicious program that is disguised as or embedded within legitimate

software. They may look useful or interesting (or at the very least harmless) to an
unsuspecting user, but are actually harmful when executed.
7. What are the objectives of ERP? (2 marks)

• ERP applications address the complete business process.
• ERP applications are modular generally covering all aspects of the business as
each aspect is dependant upon the other.
• ERP is extended to the enterprise level, encompassing not only the organization
but also the entities external to organization i.e. suppliers and customer.
8. Define ERP? (2 marks)
“ERP (enterprise resource planning) is an industry term for the broad set of activities
supported by multi-module application software that helps a manufacturer or other
business manage the important parts of its business, including product planning, parts
purchasing, maintaining inventories, interacting with suppliers, providing customer
service, and tracking orders.”
9. Briefly define hackers? (3 marks)
Hackers
A hacker is a person who attempts to invade the privacy of the system. In fact he attempts
to gain unauthorized entry to a computer system by circumventing the system’s access
controls. Hackers are normally skilled programmers, and have been known to crack
system passwords, with quite an ease. Initially hackers used to aim at simply copying the
desired information from the system. But now the trend has been to corrupt the desired
information.
10. Discuss Technical Limitations of Ecommerce in business? (Marks: 3)
Technological Limitations
1. Lack of universal standards for quality, security, and reliability
2. The telecommunications bandwidth is insufficient, especially for m-commerce
(electronic commerce via mobile phones).
3. Difficulty in integrating e-commerce infrastructure with current organizational IT
systems - Many companies use IT systems, which are old (i.e. legacy systems).
These were developed to support different needs and different kinds of software
and applications. These systems contain valuable business information but have to
be integrated with new ones. In many occasions this is extremely difficult. When
it comes to full integration with back-office operations, for example, the cost of
integrating legacy systems with modern ones may be greater than that of actually
scrapping them completely
11. What are three challenges faced by security association of USA?(3 marks)
Information system security association of USA has listed down following ethical
challenges
1. Misrepresentation of certifications, skills
2. Abuse of privileges
3. Inappropriate monitoring
12. Briefly describe SDLC? (3 marks)
The Systems Life Cycle (SLC) is a type of methodology used to describe the process for
building information systems, intended to develop information systems in a very
deliberate, structured and methodical way, reiterating each stage of the life cycle.
A Systems Development Life Cycle (SDLC) adheres to important phases that are
essential for developers, such as planning, analysis, design, and implementation.
13. What should be kept in mind while identifying the risk? (3 marks)
Read more: CS507 Final Term Paper Fall 2010 Feb 2011 - Virtual University of Pakistan
http://vustudents.ning.com/group/cs507informationsystems/forum/topics/cs507-final-
term-paper-fall#ixzz1L5fYJv00
Final term paper
1. What are information assets? ( 2 marks)

2. What are the challenges faced by security association of USA?
3. Why organization attracts towards implementation of ERP?
4. Who are change agents?
5. Define MRP?
6. What is digital certificates?
7. What is the purpose of audit log?
8. What are the methods to avoid internet attack?
9. What are web security threat?
10. what is risk mitigation?
11. What are the components of BCP?
12. Describe logical intrusion?
13. What are antivirus software?
14. Write down types of threats?
15. Define intrusion?
Read more: CS507 Current Final Term Papers Fall 2010 (11~26 Feb 2011) - Virtual
University of Pakistan
http://vustudents.ning.com/group/cs507informationsystems/forum/topics/cs507-current-
final-term#ixzz1L5fyuKMf
CS507 on 12/02/2011, Final Term Paper
Time: 120 minutes
Total Questions: 45
Total Marks: 75
Distribution:
MCQs: 30
Questions having 2 marks: 06
Questions having 2 marks each are:

• Why we use Flow charts and DFD in system design?
• Define impact analysis with its output
• Define E-Business
• What is CRM?
• Define Logical intrusion
• ……….6th question yaad nahi aa raha
Questions having 3 marks each are:
•
•
What are the different types of threats?

Why AIS (Accounting Information System) needed to be linked with all IS in an
organization?
What are the components of IDS?
Define risk determination. Identify its inputs and output.
List any three ethical challenges given by IS security association of USA.
•
•
•
And
Questions having 5 marks are:
• What is vulnerability Assessment? Discuss its output and inputs.
• Discuss different types of unintentional threats using any example.
• Benefits of E-Commerce to society and Customers.
final-term#ixzz1L5g74Ctq
Subjective question
1. Parameter of audit trail and risk based audit approach

2. Five factor that attract ERP
3. Security measure are adopted in IS
4. SCM
5. Scope of Security
6. Business process re-engineering
7. To understand the ESS
8. any six type of impacts
9. to launching the e-commerce
10. Risk management
11. to understand the iterative system
12. logical threat of is
13. object
14. digital certification
final-term#ixzz1L5gDAfbD
short Qs which i have in my memory were
Define data and information------ 2 marks

attributes of ERP, eaplain______ 5 marks
what are the change agents, explain their role in change------- 3 marks
what factors are helpful for the successful implementation of cahnge.-------------- 3marks
property issues regarding privacy------------ 3 marks
what is ethics and code of ethics---------------------3 marks
what are physical threats-------------- 3 marks
the role of audit in MIS----------------- 3 marks
input of risk determination--------------------- 2 marks
risk variance ---------- 2 marks
final-term#ixzz1L5gIRa67
Q7:Discuss various steps in threat identification.Give any example of threat sources and
threat actions?3marks
Q8:what are the challenges to organization for launching E commerce. identify any
three?3marks
Q9:how can we make our password secure?3marks
Q10; Define Trojan horse?2marks
Q11:Difine e-business?2marks
Q12:why we need to secure information system?2marks
Q13:why input/output symbol are used in the flow chart?2marks

Q14:What is an office automation system?2marks
Q15;What is the difference between C2C EC and Intrabusiness EC?2marks
final-term#ixzz1L5gMi6c5
Q1: Discuss why firewall is the primary method for keeping a computer secure from
intruder? 5 marks
Q2 :why access control are necessary for the system?5marks
Q3 ;discuss supply chain problems and elaborate methods
to solve these problems?5marks
Q4: what is reusable software?3marks
Q5:Give any two reason for having a system in an organization?3marks
Q6:Differentiate CRM from ERP?3marks
final-term#ixzz1L5gQJslL
( Marks: 2 )What is an entity?
( Marks: 2 ) Why we need to secure information systems?
( Marks: 2 ) Identify types of change management.
( Marks: 2 ) What is CRM?
( Marks: 2 )Briefly discuss Risk Determination ?
( Marks: 3 ) What are hackers?
( Marks: 3 )Discuss Technical Limitations of Ecommerce in business?
(Marks: 3 ) Identify roles and responsibilities
( Marks: 3 ) Differentiate CRM from ERP
(Marks: 3)Briefly describe Incremental Model?
( Marks: 3) What do u know about Key stroke Monitoring?
( Marks: 5 ) Identify tangible or intangible in splay Chan management?
( Marks: 5 ) What are the sources of critical success factor?

final-term#ixzz1L5gUC65j
MCQs mostly related from symbols and some related from past chapters ( 1- 23)
Q1 . 2 Figures thein un k bary mein likhna tha.
Q2 1 Q related from supply chain management
Q3 Stand alone
Q4 . An event oriented log
Q5. Types of threats
Q6. How to secure our computer from virus?
Q7. Write down the steps or order of EC fulfillment esa kch tha
final-term#ixzz1L5gXukws
1)what is monitoring?
2) what is firewall?
3)what r da challenges facing an organisation launching E-Commerce?
4)give example of entusion?
5)Difference between logical entusion & phlysical entusion?
6)Dscribe trojon and dropper
7)how firewall works? how u protect from hackers?
final-term#ixzz1L5gbTLgT
Question # 1 of 10 ( Start time: 07:58:13 PM ) Total Marks: 1
Management controls are also known as:
Select correct option:
Technical controls
Non-technical controls
Scientific controls
Logical controls

Bug is caused by improper application of programming logic.
True
False
3 of 10 ( Start time: 08:00:34 PM ) Total Marks: 1

Dropper is an example of Trojans
True
False

Measuring technical assessment of a computing system is known as:
security plan
security measures
security audit
security lapse

Access control helps user to establish identity
True
False

Bug is an internal malfunction of the software.
True
False

The out put of Threat Identification phase is a threat statement
identifying and defining threats.
True
False

Traversing of a record of every keystroke, often called
Physical Key Monitoring

Logical Key Monitoring
Keystroke Monitoring
Primary Key Monitoring

Software that is developed through OOAD is easy to test due to the use
of _________.
Real time modeling

Usability features
Modular approach
Procedural approach

Cryptography primarily consists of Two basic processes.
True
False

Which of the following phase determines the adverse impact resulting
from a successful threat exercise of vulnerability?
Risk resilience
Monitoring threats
Likelihood determination
Impact analysis

Which of the following assigns overall responsibility for the security
of information?
Security Professionals
Executive Management
Data Owners
Option a and b

In the context of information security, data cannot be modified without
authorization is known as _______.
user’s rights
privileges
integrity
privacy

_______ refer to the sudden increase in power supply.
Sags
Brown outs
Spikes
Black out
_______ has no way to replicate automatically
Virus
Worm
Bug
Trojan horse

Which one of the following is not classified as biometrics?
Digital Password
Sound of your voice
Blood vessels in the retina of your eye
Finger Prints

There are typically ______________ kinds of audit records
Three
Four
Five
Two

We have to secure our systems in such fashion that possibilities of
having bugs are reduced
True
False

Information elicitation can be achieved via
HR department
Press release
Corporate level facilitator
On site interviews
Which of the following controls have gained critical importance in the

modern computing age for two significant reasons.
Access
Communication
Data Base
Output
Mid term
Total Question are 26

20 mcqs and 6 others
My current paper is
1- Define OLAP
2- Define prototype brifly
3- Describe IT planning in your own words
4- Define Expert system brifly
▶ Reply
• Message
Permalink Reply by M.Tariq Malik on December 2, 2010 at 11:38am

Total Question 26
MCQ's 20
Short Question 06
MCQ's were easy & carried from past papers
Short Questions were as under
1) Practical example od Description Model ( 2 marks )

2) Use of Prototype ( 2 marks )
3) Objective of MRP ( 3 marks )
4) Difference b/w Incremental & Iterative Model ( 3 marks )
5) Difference b/w ( 5 marks )
Neural network vs Expert system
ESS vs DSS
6) Explain System Design & Identify its steps ( 5 marks )
▶ Reply
• Message
Total Question 26
MCQ's 20
Short Question 06

ESS vs DSS
▶ Reply
• Message

What do you understand by OLAP? (2)
Why AIS is necessary to be linked with all other information systems in an

organization? (2)
Importance of designing file/database. (3)
Choice phase of decision making process. (3)
Explain system analysis in the light of following:

1. a technique to map the system under study.
2. to drill down into the various aspects of the business process without losing
sight of the complete system. (5)
give one daily life example of each: structured prob, unstructured prob and semi
structured prob. (5)
•
▶ Reply
• Message

Cs507 current paper on 1/12/10 at 3:30
Here is papers outline
There were 20 mcqz among them 18 from past papers

Descriptive quizzes are
Define MIS (2)

Define Technical feasibility (2)
what are DSS models (3)
Need of documentation in processing(didn't understand & forgot ) (3)
Define different types of SDLC models (5)
Benefits of MRP II (5)
▶ Reply
• Message

TODAYS PAPER (CS 507)
1)- Incremental Model

2)- What are the conglomerate organizations?
3)- Feasibility
4)- RAID model
5)- waterfall model
6)- system analyst
7)- Computer Integrated Manufacturing
8)- Define different models of SDLC?
9)- Spiral Model.
10) physical design
11) Office automastion sytem
THESE ARE THE TOPICS RELATED TO PAPER WHOLE PAPER

REVOLVES AROUND THEM.
Read more: CS507 Mid Term Papers Fall 2010 ( 01~12 December 2010 ) All in One
Discussion - Virtual University of Pakistan
http://vustudents.ning.com/group/cs507informationsystems/forum/topics/cs507-mid-
term-papers-fall#ixzz1L5i1IaKi
Total Question are 26
20 mcqs and 6 others
My current paper is
1- Define OLAP
2- Define prototype brifly
3- Describe IT planning in your own words
4- Define Expert system brifly
▶ Reply
• Message

Total Question 26
MCQ's 20
Short Question 06

ESS vs DSS
▶ Reply
• Message
Total Question 26
MCQ's 20
Short Question 06

ESS vs DSS
▶ Reply
• Message

What do you understand by OLAP? (2)
Why AIS is necessary to be linked with all other information systems in an

organization? (2)
Importance of designing file/database. (3)
Choice phase of decision making process. (3)
Explain system analysis in the light of following:

1. a technique to map the system under study.
2. to drill down into the various aspects of the business process without losing
sight of the complete system. (5)
give one daily life example of each: structured prob, unstructured prob and semi
structured prob. (5)
•
▶ Reply
• Message

Cs507 current paper on 1/12/10 at 3:30
Here is papers outline
There were 20 mcqz among them 18 from past papers

Descriptive quizzes are
Define MIS (2)

Define Technical feasibility (2)
what are DSS models (3)
Need of documentation in processing(didn't understand & forgot ) (3)
Define different types of SDLC models (5)
Benefits of MRP II (5)
▶ Reply
• Message

TODAYS PAPER (CS 507)
1)- Incremental Model

2)- What are the conglomerate organizations?
3)- Feasibility
4)- RAID model
5)- waterfall model
6)- system analyst
7)- Computer Integrated Manufacturing
8)- Define different models of SDLC?
9)- Spiral Model.
10) physical design
11) Office automastion sytem
THESE ARE THE TOPICS RELATED TO PAPER WHOLE PAPER

REVOLVES AROUND THEM.
Read more: CS507 Mid Term Papers Fall 2010 ( 01~12 December 2010 ) All in One
Discussion - Virtual University of Pakistan
http://vustudents.ning.com/group/cs507informationsystems/forum/topics/cs507-mid-
term-papers-fall#ixzz1L5i1IaKi

CS507 MCQ

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

CS507 MCQ

Загружено:

Авторское право:

Доступные форматы

CS507_Finalterm_Session 3_Objective 2011

1. Which of the following usually contain records describing system events,

An event-oriented log pg 149

A record of every keystroke

3. A Protocol is an agreed-upon set of conventions that defines the rules of

5. ERP s major objective is to tightly integrate the functional areas of the

6. Threat capacity is an input source for Likelihood determination.

8. Which of the following refers to the process of identifying attempts to penetrate a

Intrusion detection (page 150)

9. Which of the following likelihood level is true for the following?

Low (page 156)

True (page 105)

Linking bridge (page 106)

14. Commentaries are the example of _________ sources.

► Supply Chain management software pg18

► Interface reconciliation software

► None of the given options

16.__________ overwrites every program/software/file it infects with itself. Hence

17.Object oriented analysis focuses on the _________

19.Which of the following is not the type of CSF?

20. According to “Booch”, object has following three components

► State, Behaviour, Identity

► State, Behaviour, Interface

► State, Variables, Methods

21.__________ is known as father of warehouse.

23. Collaborative commerce is one of the types of B2B.

24. Maintaining and eventually institutionalizing the change is called Unfreezing.

25 to 30mcqs were new

1. What is the concept of IS Audit? (5 marks)

An information technology (IT) audit or information systems (IS) audit is an examination

2. What are the aspects of Privacy issue is dealt with? (5 marks)

Following aspects should be covered when privacy is dealt with.

3. Differentiate Bugs from viruses? (5 marks)

Virus vs. Bug

Bug is an internal malfunction of the software. It is an unintentional fault in a program. It

4. Define Object Oriented Analysis and Design (OOAD)? (2 marks)

5. Define Computer Aided Manufacturing (CAM)? (2 marks)

Computer-aided manufacturing (CAM) is a form of automation where computers

6. Define Dropper and Trojan horse? (2 marks)

A Trojan horse is a malicious program that is disguised as or embedded within legitimate

7. What are the objectives of ERP? (2 marks)

8. Define ERP? (2 marks)

9. Briefly define hackers? (3 marks)

10. Discuss Technical Limitations of Ecommerce in business? (Marks: 3)

1. Misrepresentation of certifications, skills

12. Briefly describe SDLC? (3 marks)

Final term paper

1. What are information assets? ( 2 marks)

Questions having 2 marks each are:

Questions having 3 marks each are:

What are the different types of threats?

1. Parameter of audit trail and risk based audit approach

short Qs which i have in my memory were

Define data and information------ 2 marks

Q9:how can we make our password secure?3marks

Q10; Define Trojan horse?2marks

Q12:why we need to secure information system?2marks

Q13:why input/output symbol are used in the flow chart?2marks

Q15;What is the difference between C2C EC and Intrabusiness EC?2marks

( Marks: 2 ) Why we need to secure information systems?

( Marks: 2 ) Identify types of change management.

( Marks: 2 ) What is CRM?