Question No: 1 ( Marks: 1 ) - Please choose one Information technology can lead to a decrease in the time for decision making

► True ► False Question No: 2 ( Marks: 1 ) - Please choose one Customer touch point is a method of interaction with a customer, such as telephone, email, a customer service or help desk, conventional mail, Web site and store. ► True ► False Question No: 3 ( Marks: 1 ) - Please choose one ---------infrastructure consists of the physical facilities services and management that support all computing resources in an organization ► Information ► Decision ► Management Question No: 4 ( Marks: 1 ) - Please choose one Which of the following refers to the process of identifying attempts to penetrate a system and gain unauthorized access? ► Intrusion detection ► Audit Trial ► Control Trial ► Documentation Question No: 5 ( Marks: 1 ) - Please choose one The departmental structures are --------------- in banking and financial sector. ► Different ► Same ► Mixed Question No: 6 ( Marks: 1 ) - Please choose one

Input controls monitor the initial handshaking procedure of the user with the operating system. ► True ► False Question No: 7 ( Marks: 1 ) - Please choose one Logical intrusion skills needed to exploit logical exposures are more technical and complex as compared to physical exposures. ► True ► False Question No: 8 ( Marks: 1 ) - Please choose one MIS and DSS can be seen as having a systematic approach towards problem solution. ► True ► False Question No: 9 ( Marks: 1 ) - Please choose one The protection of the interests of those relying on information, and the information systems and communications that delivers the information, from harm resulting from failures of availability, confidentiality, and integrity. ► False ► True Question No: 10 ( Marks: 1 ) - Please choose one Which of the following are knowledge workers who facilitate the development of information systems and computer applications by bridging the communications gap that exists between non-technical system users, and System designers and developers? ► System Analysts ► Software Engineers ► System Designers ► Chief Executives Question No: 11 ( Marks: 1 ) - Please choose one ______ is defined as “all elements that exist outside the boundary of the organization.

► Size ► Business Environment ► Business Structure Question No: 12 ( Marks: 1 ) - Please choose one ______ is the set of interconnected structural elements that provide the framework. ► Infrastructure ► System ► Organization Question No: 13 ( Marks: 1 ) - Please choose one Rectangle shape in the flow charts represents___________ ► Decision ► Process ► Terminator Question No: 14 ( Marks: 1 ) - Please choose one Rounded shaped symbol in the flow chart is called ____________ ► Connector ► Arrow ► Process Question No: 15 ( Marks: 1 ) - Please choose one __________ overwrites every program/software/file it infects with itself. Hence the infected file no longer functions. ► Dropper ► Overwriting Viruses ► Boot sector Virus Question No: 16 ( Marks: 1 ) - Please choose one Object oriented analysis focuses on the _________ ► States of objects ► Collaboration of objects ► Implementation of objects

Please choose one Access Control refers to the process of identifying attempts to penetrate a system and gain unauthorized access.Please choose one “M-Commerce” stands for Mobile Commerce.Question No: 17 ( Marks: 1 ) . ► True ► False Question No: 18 ( Marks: 1 ) . ► True ► False Question No: 22 ( Marks: 1 ) . ► Risk ► Threat ► Intrusion Question No: 20 ( Marks: 1 ) .Please choose one An information technology (IT) audit is an Examination of the controls within an entity’s Information technology infrastructure . ► True ► False .Please choose one The two major criteria that are used to analyze risks are Operational Effects and Situational Impacts ► True ► False Question No: 21 ( Marks: 1 ) .Please choose one Web Site monitoring is the process used to view or record both the keystrokes entered by a computer user and the computer's response during an interactive session.Please choose one A _______________ is the possibility of a problem. whereas a problem is a risk that has already occured. ► True ► False Question No: 19 ( Marks: 1 ) .

Please choose one Which of the following scans the operating system and application software for any virus based on the viruses they contain.Please choose one Which of the following activity consists of the discovery.Question No: 23 ( Marks: 1 ) .Please choose one Organizational Development is one of the types of Change. There has to be a relationship between two entities ► Value Sets ► Cardinality ► Relationships . specification and evaluation of requirements? ► Development ► Design ► Requirement ► Implementation Question No: 26 ( Marks: 1 ) . modeling. ► True ► False Question No: 24 ( Marks: 1 ) .Please choose one __________ is an association among entities. ► Antivirus ► Scanners ► Active Monitors ► Firewall Question No: 27 ( Marks: 1 ) .Please choose one Preparing a situation for change by disconfirming existing attitudes and behaviors is called Unfreezing. ► True ► False Question No: 25 ( Marks: 1 ) .

► True ► False Question No: 30 ( Marks: 1 ) .Please choose one A dropper is a program not a virus. ► BPR ► CSF ► SPR ► MIS Question No: 31 ( Marks: 2 ) What is cryptography? Question No: 32 ( Marks: 2 ) What do you understand by Intrusion Detection Systems? Question No: 33 ( Marks: 2 ) List information Requirements for Medium sizes organizations. Question No: 34 ( Marks: 2 ) Define Dropper and Trojan horse ? Question No: 35 ( Marks: 3 ) Designing file or database is a major component of system designing.Please choose one ________________helps organization in gaining competitive advantage in the use of processes. effectiveness and efficiency. ► True ► False Question No: 29 ( Marks: 1 ) .Question No: 28 ( Marks: 1 ) . Identify its basic purposes. .Please choose one Every decision we take in daily life requires some sort of data about the alternatives available.

Question No: 36 ( Marks: 3 ) What is the responsibility of the management of the organization to ensure the security of information systems? Question No: 37 ( Marks: 3 ) Identify the information that is required before conducting an impact analysis? Question No: 38 ( Marks: 3 ) Define Reengineering? Question No: 39 ( Marks: 5 ) Briefly discuss Risk Determination ? Question No: 40 ( Marks: 5 ) Discuss Technical Limitations of Ecommerce in comparison with Non-Technical Limitations in organizations ? CS507 Paper Total Questions: 53 Multiple Choice Questions : 48 Subjective Questions : 05 ·Write two takeover defenses techniques (3 Marks) Find Net Income from the following data (3 Marks) (EBIT = 50.000 and Tax Rate = 35% · Write a note on Structure of Organization and Cost of Capital (05 Marks) · Difference b/w Declaration Date and Ex-Dividend Date (05 Marks) · Advantages of Financial Lease from point view of Lessee (05 Marks) . Amount of Debt = 20. Fraction of Debt in Capital Structure = 20. Return on Debt = 10%.000.

Question No: 1 ( Marks: 1 ) .Please choose one Medium Sized organizations are normally a family ownership run by ► Father & Sons ► Brothers ► Father.Please choose one Small organizations usually have complex management structure.Please choose one Which of the following functions provide such data as sales prospect and contact information. product configurations and sales quotes? ► Sales force automation (SFA) ► CRM ► ERP ► MIS . product information. Sons and Brothers ► None of the given Question No: 2 ( Marks: 1 ) . ► True ► False Question No: 3 ( Marks: 1 ) .

Please choose one Which of the following works in conjunction with routers and firewalls by monitoring network usage anomalies to protect a company’s information systems resources from external as well as internal misuse? ► Encryption ► Intrusion Detection Systems ► Firewall ► All of above Question No: 6 ( Marks: 1 ) .Please choose one Passive Attack is one of the types of Web Security Threats ► True .Please choose one Closed system is dependent on the internal resources and data. ► True ► False Question No: 5 ( Marks: 1 ) .Question No: 4 ( Marks: 1 ) .

cold sites backup might be appropriate.Please choose one The out put of Threat Identification phase is a threat statement identifying and defining threats.► False Question No: 7 ( Marks: 1 ) .Please choose one Which of the following includes assessment of controls already been implemented or planned. ► True ► False Question No: 8 ( Marks: 1 ) . ► True . probability that they can be broken.Please choose one If an organization can tolerate some downtime. assessment of potential loss despite such controls existing? ► Control Analysis ► Vulnerability Assessment ► Risk Management ► All of above Question No: 9 ( Marks: 1 ) .

Please choose one Input controls monitor the initial handshaking procedure of the user with the operating system. . ► True ► False Question No: 11 ( Marks: 1 ) .Please choose one Audit Trials can be used together with controls trials to identify and provide information about users suspected of improper modification of data.Please choose one Automated data are less susceptible to destruction and misuse than paper data.► False Question No: 10 ( Marks: 1 ) . ► True ► False Question No: 13 ( Marks: 1 ) .Please choose one The purpose of a class is to specify a classification of objects and to specify the features that characterize the structure and behavior of those objects. ► True ► False Question No: 12 ( Marks: 1 ) .

► Logical ► Physical ► Random ► Top to Bottom Question No: 15 ( Marks: 1 ) .► True ► False Question No: 14 ( Marks: 1 ) . ► Infrastructure .Please choose one Targeting advertising to customers to increase the probability. all necessary steps that are a part of process should be listed out in ---------------------.order. that an offer is accepted.Please choose one ___________ is related to defining the information needs and how these will be obtained.Please choose one In drawing a proper flowchart. ► True ► False Question No: 16 ( Marks: 1 ) .

► True ► False Question No: 18 ( Marks: 1 ) .Please choose one .► Architecture ► System Question No: 17 ( Marks: 1 ) .Please choose one Rectangle shape in the flow charts represents___________ ► Decision ► Process ► Terminator Question No: 19 ( Marks: 1 ) .Please choose one __________ is an object that exists and is distinguishable from other objects.Please choose one The spiral lifecycle model is a combination of the classic water Fall model and aspects of risk analysis. ► Value Sets ► Entity ► Relationships Question No: 20 ( Marks: 1 ) .

Please choose one Administrative Consol is one of the components of Intrusion Detection System (IDS).Please choose one Which of the following is not considered during OO Design? ► Concurrency factor ► Usability factor ► Distribution factor Question No: 22 ( Marks: 1 ) . ► True ► False Question No: 23 ( Marks: 1 ) .Please choose one Maintaining and eventually institutionalizing the change is called Unfreezing. ► True ► False .Object oriented analysis generates _________ ► Implementation constraints ► System Interfaces ► Conceptual model of Information Question No: 21 ( Marks: 1 ) .

Question No: 24 ( Marks: 1 ) .Please choose one .Please choose one Intrabusiness is same as intraorganizational Business.Please choose one Which of the following is some action or event that can lead to a loss? ► Threat ► Damage ► Accident ► None of the above Question No: 26 ( Marks: 1 ) .Please choose one Which of the following is the characteristic of being able to assign a different meaning or usage to something in different contexts . ► True ► False Question No: 27 ( Marks: 1 ) .specifically? ► OOP ► Polymorphism ► Encapsulation ► Inheritance Question No: 25 ( Marks: 1 ) .

► True ► False Question No: 30 ( Marks: 1 ) .Please choose one . awareness ► Cut time. There has to be a relationship between two entities ► Value Sets ► Cardinality ► Relationships Question No: 29 ( Marks: 1 ) . cost ► None of them Question No: 28 ( Marks: 1 ) . confusion ► Increase productivity. ► Waste of time.Please choose one A denial-of-service attack floods a Web site with so many requests for services that it slows down or crashes.Distributing common information to every one may result ---------.and ---------.Please choose one __________ is an association among entities.

. It is used in complement with firewall. Question No: 32 ( Marks: 2 ) What do you understand by Intrusion Detection Systems? It is a system used to secure networks. 1. Moreover the information is to be transmitted through network which should be secured. Research and development Question No: 34 ( Marks: 2 ) Why we need to secure information systems? Information systems must be secured because of existence of external and internal threats. sales 3. It protects the company’s data from external as well as internal threats and misuse. These threats are present in every network and place. Competitor information 8. receivables and payables 5.An IDS can help even if incorrectness or scope limitation in the manner threats are defined. Cash management 4. Market information 7. It is used in conjunction with routers. firewalls by monitoring network usage anomalies. Question No: 33 ( Marks: 2 ) List information Requirements for Medium sizes organizations. Day to day transaction 2. Customer profiles 6. ► True ► False Question No: 31 ( Marks: 2 ) What is cryptography? It is conversion of data in secret code so that it can be transmitted safely.

Risk planning: It means the risk should be managed and planned. In this model software are built not written. In this model system is designed. then less chances of a threat. it includes product planning. if a person enters a pin code in ATM machine. where a build consists of code pieces of various modules which work as a whole to form a testable system. Question No: 37 ( Marks: 3 ) Briefly describe Incremental Model. defining access controls which limit the access to certain risky areas of the system. access control which is run by the system helps in blocking illegitimate access. if mitigation plan is always there. As clear from the name it is a step by step process. It is just like constructing a building step by step. Risk limitation: risk can be minimized by limiting the factor which may cause the risk e. maintaining inventories.Question No: 35 ( Marks: 3 ) What is access control? Give example This control establish interface between the attempting user and the computer. Question No: 38 ( Marks: 3 ) Differentiate CRM from ERP ? Enterprise Resource Planning (ERP) is a software package used to perform a wide range of functions for business planning. Risk assumption: it means to accept the potential risk and keep using the system or implement such controls which minimize the risk to a certain level. close a program which is causing the risk during its use. Discuss briefly various risk mitigation options? Risk Avoidance: this option means to avoid the risk by avoiding the cause of the risk e. Question No: 36 ( Marks: 3 ) Risk mitigation is a process that takes place after the process of risk assessment has been completed. It monitors the initial handshaking procedure with the operating system e. While Customer Relationship Management is a method used to maintain relationships with customers by keeping customers profiles. parts planning. Research and acknowledgement: a risk can be minimized by continuous research and acknowledgment through which methods can be find to control and minimize the risk. implemented and tested in series of incremental builds. contacts and other related data to be used . providing customer service and tracking orders.g.g.g. interacting with suppliers.

Statistical Based: It uses comprehensive details of detected and expected behaviors of systems which can detect possible threats. Signature-based 2.e. It protects the company’s data from external as well as internal threats and misuse.in time. It is used in complement with firewall. For this first we need information like. it quantifies the loss. 2. It may not detect all the threat. There are three types of Intrusion Detection Systems 1. May be some time it detects some events as a threat for one system which are normal operations of that system . Neutral network 1. Signature based: This type of IDS only detects the predefined and detected intrusion pattern. Statistical based 3. Risk Determination: Whereas risk determination measures the how much assets are exposed to the potential threat i. Question No: 40 ( Marks: 5 ) Discuss Intrusion detection Systems and also explain its components ? It is a system used to secure networks. assets critically analysis report etc. It is used in conjunction with routers. this analysis helps to define the potential risk by comparing with the goals like loss of integrity. firewalls by monitoring network usage anomalies. identifies the risk while other quantifies the loss. Question No: 39 ( Marks: 5 ) Differentiate Impact analysis from Risk determination ? Impact analysis: This is a step which measures the level of risk in case of a successful attack. how reliable they are? • What is the probability of occurrence of threats against that controls • How much loss can occur if threat is successful? It shows the main difference between Impact analysis and risk determination is former. loss of availability and loss of confidentiality. It analyses both physical and logical threats by using four steps • Whether or not physical or logical controls are in place? • If they are present. • System mission • System and data criticality • Sensitivity This information is available in company documents such as system mission report.

It is compliment to the firewall. An Administrative Console: this console is used for maintaining the configuration of the whole IDS and only be used by the system designer or administrator. Components of IDS: Sensors: sensors collect the data and keep the log of the data in the system Analyzer: It analysis the data received from the sensors. management and use of all resources of the organization? ► ERP ► CRM ► ESS ► OIS Question No: 2 ( Marks: 1 ) . FINALTERM EXAMINATION Spring 2010 CS507. User interface: this component is for the general users and provide them access to the IDS.Please choose one Which of the following integrate the planning. It detects unauthorized access on the local network as well as remote attempts of unauthorized access to the system by using special host base IDS Biometrics.3. It maintains a log of the attempts successful or not. An IDS is used as part of network. or sometime it can also be used as a software in the system only. Neutral Network: It monitors general patterns of the activity on the system and keeps a database of these activities. It does not block these attempts for blocking Intrusion Prevention System is used.Information Systems Time: 90 min Marks: 60 Question No: 1 ( Marks: 1 ) . It is located between the firewall and the system. it can also be used before firewall.Please choose one . It can be used a combination of software and hardware.

► True ► False .Please choose one Every system comprises of basic components which in a co-ordination formulate a system.Leading ERP software vendors include SAP (SAP R/3). Oracle and PeopleSoft. ► True ► False Question No: 3 ( Marks: 1 ) .Please choose one Knowledge-Discovery in Databases and Data mining are known as thing.Please choose one ERP or enterprise systems control all major business processes with a single software architecture in real time. ► True ► False Question No: 5 ( Marks: 1 ) . ► False ► True Question No: 4 ( Marks: 1 ) .

Please choose one Which of the following likelihood level is true for the following statement: "The threat source is highly motivated and sufficiently capable and controls to prevent the vulnerability from being exercised are ineffective " ► None of these ► Medium ► High ► Low Question No: 8 ( Marks: 1 ) .Please choose one Which of the following refers to the process of identifying attempts to penetrate a system .Question No: 6 ( Marks: 1 ) .Please choose one The identification of risks should start with: ► Description of the internal and external risks ► A brainstorming session with risk management experts and a program profile ► A good understanding of the program and a brainstorming session with key stakeholders ► Definitions of likelihood and impact Question No: 7 ( Marks: 1 ) .

► False ► True Question No: 10 ( Marks: 1 ) .Please choose one Accounts should have a control over various recording points in the entire process from procurement to finished good store room.Please choose one Which of the following refers to damage caused to the software and data without any physical damage to the computers? ► Logical Threat ► Physical Threat ► Both a and b .and gain unauthorized access? ► Intrusion detection ► Audit Trial ► Control Trial ► Documentation Question No: 9 ( Marks: 1 ) .

► True ► False Question No: 14 ( Marks: 1 ) .Please choose one The purpose of a class is to specify a classification of objects and to specify the features that characterize the structure and behavior of those objects. ► True ► False Question No: 12 ( Marks: 1 ) . ► True ► False Question No: 13 ( Marks: 1 ) .Please choose one The First increment in incremental model is usually the core product which addresses the basic requirements of the system.Please choose one Object orientation helps in increasing abstraction and event-driven programming.► None of these Question No: 11 ( Marks: 1 ) .Please choose one .

Please choose one _________ is a malicious program that is disguised as or embedded within legitimate software.A schematic representation of a sequence of operations as in a manufacturing process or computer program is called __________ ► Algorithm. ► True ► False Question No: 17 ( Marks: 1 ) . ► Entity Relationship Diagram ► Flowchart Question No: 15 ( Marks: 1 ) .Please choose one In assessing risks for an IT system. . _______________ is the first step.Please choose one There are typically two kinds of audit records. ► Trojan horse ► Dropper ► Overwriting Viruses Question No: 16 ( Marks: 1 ) . ► To define the scope of the effort.

► True ► False Question No: 20 ( Marks: 1 ) . ► True ► False .Please choose one Likelihood Determination phase sometimes determines that a potential vulnerability could not be exercised by a given threat-source.Please choose one “M-Commerce” stands for Mobile Commerce.► Vulnerability Assesment ► threat identification Question No: 18 ( Marks: 1 ) . ► True ► False Question No: 19 ( Marks: 1 ) .Please choose one M-Commerce (mobile commerce) refers to the conduct of e-commerce via wireless devices.

and data for a computer system to satisfy specified requirements? ► Systems Design ► Systems Requirement ► Coding . modules.Please choose one Customer feedback on any product is required for ________ ► Quality check ► Money factors ► Strategic relationship ► Intellectual capital Question No: 23 ( Marks: 1 ) . components.Question No: 21 ( Marks: 1 ) . interfaces.Please choose one Which of the following is the process or art of defining the hardware and software architecture.Please choose one Which of the following is not the type of CSF? ► Industry CSFs ► Environmental CSFs ► Technical CSFs ► Temporal CSFs Question No: 22 ( Marks: 1 ) .

► True ► False Question No: 26 ( Marks: 1 ) .Please choose one .► Requirement Question No: 24 ( Marks: 1 ) . ► TRUE ► FALSE Question No: 27 ( Marks: 1 ) .Please choose one Intrabusiness is same as intraorganizational Business.Please choose one Which of the following is the characteristic of being able to assign a different meaning or usage to something in different contexts .specifically? ► OOP ► Polymorphism ► Encapsulation ► Inheritance Question No: 25 ( Marks: 1 ) .Please choose one Decision support systems are designed to be ad hoc and quick-response systems which are initiated and controlled by decision makers.

problem is recurring and repetitive ► Unstructured ► Structured ► Semi-Structured Question No: 29 ( Marks: 1 ) . There has to be a relationship between two entities ► Value Sets ► Cardinality ► Relationships Question No: 28 ( Marks: 1 ) .Please choose one To accept the potential risk and continue operating the IT system or to implement controls to lower the risk to an acceptable level is called as ---------------.Please choose one In _____ decisions.Please choose one .__________ is an association among entities. ► Risk Planning ► Risk Assumption ► Risk Limitation ► None of the above Question No: 30 ( Marks: 1 ) .

Which of the following are the examples of secondary sources? ► Commentaries. Question No: 32 ( Marks: 2 ) Identify the purpose of Feasibility study. manuals. Chronologies ► Interviews. Question No: 33 ( Marks: 2 ) What do you understand by E-Business? Question No: 34 ( Marks: 2 ) List down the inputs to Risk Determination phase ? Question No: 35 ( Marks: 3 ) . review articles and literature reviews ► Guidebooks. surveys and fieldwork ► None of them Question No: 31 ( Marks: 2 ) Define threat and identify its types.

(3) . Question No: 38 ( Marks: 3 ) List down components of an Intrusion Detection System ? Question No: 39 ( Marks: 5 ) Identify any five phase of SDLC ? Question No: 40 ( Marks: 5 ) Discuss Technical Limitations of Ecommerce in comparison with Non-Technical Limitations in organizations ? List the information required for medium size organization (2) ¨ What are the physical threats for Information System (2) ¨ List any two types of information that can be used as input for vulnerability.What is critical success factor? Give examples Question No: 36 ( Marks: 3 ) Briefly describe SDLC? Question No: 37 ( Marks: 3 ) Discuss various steps in threat identification ? Give any example of threat sources and threat actions . (2) ¨ List down different types of SUPPLY CHAIN. (2) ¨ How the information is kept in purchase department.

Please choose one Past court decisions have stated that privacy must be balanced against the needs of society. ► True ► False Question No: 2 ( Marks: 1 ) . (5) Define Piggybacking? Identify Physical threats to Information System? (2 marks) (2 marks) Differentiate between CBIS from Manual Information System? (2 marks) Differentiate Changing and Unfreezing? (2 marks) How Viruses and Worms can be transmitted into computers? Identify any three sources.¨ What do u know about Key stork Monitoring? (3) ¨ Identify roles and responsibilities of any three professionals in an organization. (5) ¨ Classify E-Commerce into different classes. identify any three of them? (3 marks) List down different methods used to gather information on the IT system within its operational boundary? (5 marks) Discuss Intrusion system and its components? (5 marks) Question No: 1 ( Marks: 1 ) . (3) ¨ Give two examples to prove that audit trials helps to provide variants from normal behavior which may lead to unauthorized usage of sources. (3 marks) List any three Dimensions in MKIS? Define Trojan Horse? (3 marks) (3 marks) Information system security association of USA has listed many ethical challenges.Please choose one . (3) ¨ Draw backs of ESP system.

Please choose one Closed system is dependent on the internal resources and data.Please choose one The turnaround time from the input of the transaction to the production for the output must be a few -------------------► Minutes or less ► Hours or less ► Seconds or less Question No: 7 ( Marks: 1 ) . ► True ► False Question No: 5 ( Marks: 1 ) . ► True ► False Question No: 4 ( Marks: 1 ) .Please choose one Which of the following refers to the process of identifying attempts to penetrate a system and gain unauthorized access? ► Threat Identification ► Intrusion detection ► Access Control ► All of above .Please choose one In which of the following there is a direct interaction facilitated by auctions. and bartering? ► EGovernment ► MCommerce ► Consumer-to-consumer EC ► Intrabusiness EC Question No: 6 ( Marks: 1 ) . classifieds.Please choose one Every system comprises of basic components which in a co-ordination formulate a system.Which of the following Customer Relationship Management (CRM) is an enterprisewide effort to acquire and retain customers? ► ERP ► CRM ► MIS ► ESS Question No: 3 ( Marks: 1 ) .

evaluation. user manuals etc.Please choose one Threat capacity is an input source for Likelihood determination. and insights into the problem definition would be characterized as: ► Structured . technical manuals.Please choose one Which of the following is a weakness that can be accidentally triggered or intentionally exploited? ► Audit Trial ► Likelihood Identification ► Threat Identification ► Vulnerability Question No: 11 ( Marks: 1 ) .Question No: 8 ( Marks: 1 ) .Please choose one Documentation may include program code of application softwares.Please choose one There are typically ________________ kinds of audit records ► One ► Two ► Three ► Four Question No: 12 ( Marks: 1 ) . ► False ► True Question No: 10 ( Marks: 1 ) .Please choose one Decisions in which the decision maker must provide judgment.Please choose one The Internet Protocol is designed solely for the addressing and routing of data packets across a network ► True ► False Question No: 9 ( Marks: 1 ) . ► True ► False Question No: 13 ( Marks: 1 ) .

► True ► False Question No: 15 ( Marks: 1 ) .Please choose one Rounded shaped symbol in the flow chart is called ____________ . methods ► State. Behavior. Variables. Behavior. object has following three components ► State.Please choose one Null value may or may not be called zero value.► Semi Structured ► Unstructured Question No: 14 ( Marks: 1 ) .Please choose one __________ is known as father of warehouse.Please choose one According to “Booch”.Please choose one Organizations are distinguished on the basis of __________ ► Attributes ► Policy ► Management Question No: 18 ( Marks: 1 ) . Methods Question No: 16 ( Marks: 1 ) . ► True ► False Question No: 17 ( Marks: 1 ) . Interface ► State.Please choose one Automated data are less susceptible to destruction and misuse than paper data. Identity ► State. ► Stephen hawking ► Bill gates ► Bill Inmon Question No: 19 ( Marks: 1 ) . Interface.

Please choose one Individuals using their skills to forward a political agenda.► Connector ► Arrow ► Process Question No: 20 ( Marks: 1 ) .Please choose one The two major criteria that are used to analyze risks are Operational Effects and Situational Impacts ► True ► False Question No: 24 ( Marks: 1 ) .Please choose one Which of the following carry characteristics of specialization? ► Sub classes ► Sub Interfaces ► Sub objects Question No: 23 ( Marks: 1 ) . possibly breaking the law in the process. but justifying their actions for political reasons are called ________ ► Hacktivsts ► Crackers ► Hackers Question No: 21 ( Marks: 1 ) .Please choose one Which of the following is not the type of CSF? ► Industry CSFs ► Environmental CSFs ► Technical CSFs ► Temporal CSFs .Please choose one Object oriented analysis focuses on the _________ ► States of objects ► Collaboration of objects ► Implementation of objects Question No: 22 ( Marks: 1 ) .

► True ► False Question No: 26 ( Marks: 1 ) . components.Please choose one Buying and selling of products.Question No: 25 ( Marks: 1 ) .Please choose one Which of the following focus on detecting potentially abnormal behavior in function of operating system or request made by application software? ► Active Monitors ► Scanners ► Antivirus ► Behavior blockers Question No: 28 ( Marks: 1 ) .Please choose one . services and information via computer networks. and data for a computer system to satisfy specified requirements? ► Systems Design ► Systems Requirement ► Coding ► Requirement Question No: 27 ( Marks: 1 ) . interfaces. modules.Please choose one _____________ is one of the component of Intrusion Detection System (IDS).Please choose one The flowchart helps in locating and correcting errors also called debugging.Please choose one Which of the following is the process or art of defining the hardware and software architecture. primarily through Internet is : ► E-Commerce ► E-Business ► Web Surfing ► BPR Question No: 29 ( Marks: 1 ) . ► Log File ► Host ► Administrative Consol ► None of above Question No: 30 ( Marks: 1 ) .

The flow of information in organization can be _______ways. Question No: 36 ( Marks: 3 ) What is access control? Give example Question No: 37 ( Marks: 3 ) Discuss Centralized and Distributed Processing in terms of their comparison ? Question No: 38 ( Marks: 3 ) Identify draw backs of ERP systems ? Question No: 39 ( Marks: 5 ) Differentiate the following 1. ►1 ►2 ►3 ►4 Question No: 31 ( Marks: 2 ) What are Active monitors? Define. Question No: 32 ( Marks: 2 ) What is information Quality Checklist? Question No: 33 ( Marks: 2 ) List any two types of information that can be used as input for vulnerability ? Question No: 34 ( Marks: 2 ) Define CRM ? Question No: 35 ( Marks: 3 ) What are the information requirements for Management level in Accounting & financial Information Systems. Intrusion Detection vs Variance Detection Question No: 40 ( Marks: 5 ) Define the following: a) EC (ECommerce) b) EB (EBusiness) ifferentiation Encrption and decryption? 2 Marks Identify Components of intrusion detection system? 2 Marks What do we mean by cognitive process? 2 Marks What is stand alone processing? 2 Marks .

How can change management phases . Differentiate encryption form decryption 3. What do you understand ESS 9. Define Reengineering 8. How threats are identified? (2 Marks) 2.What do u mean by keystroke monitioring? 3 Marks How virus and worms can be transmitted into computers? identify any three? 3 Marks List down components of an intrusion detection system? 3 Marks Discuss characteristics of flat organization? 3 Marks Discuss various ERP attributes? 5 Marks Incorporate Risk management SDLC? identify its phases? 5 Marks 1. Differentiae data form information in your own words 5. what do you mean by keystroke monetary 7. What is the responsibilities of the management of the organization to ensure the security of information system 6. Define firewall? 4. Identify any phase of SLDC 10.

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer: Get 4 months of Scribd and The New York Times for just $1.87 per week!

Master Your Semester with a Special Offer from Scribd & The New York Times