CH6

Question 1

Analysis provides the starting point for _______

Answer 1

design

Question 2

Design provides the starting point for __________

Answer 2

implementation

Question 3

T/F: Analysis and design results are documented to
coordinate the work.

Answer 3

T

Question 4

Objective of (design/analysis/implentation) is to define, organize, and structure the components of the final solution to serve as a blue print for construction.

Answer 4

design

Question 5

T/F: Design is a graph building activity.

Answer 5

F, model.

Question 6

The _________ of the project will dictate the type, complexity, and depth of models.

Answer 6

formality

Question 7

T/F: Agile/iteration projects typically build a lot of models.

Answer 7

F, they build fewer models, but models are still created.

Question 8

Jumping to programming without ________ often causes less than optimum solutions and may require rework.

Answer 8

design

Question 9

T/F: Design activities correspond to components of the new system.

Answer 9

T, such as describing the enviorment, designing the application components, the user interface, the database, and the software classes and method.

Question 10

During the ‘Describe the enviorment’ design activity, there are two key elements in the enviroment: Communications with _________ systems, and conforming to an existing ______________.

Answer 10

External, Technology Architecture

Question 11

T/F: Communications with the external system during the ‘Describe the enviroment’ design activity, include: message formats, web and networks, communication protocols, security methods, error detection and recovery.

Answer 11

T

Question 12

What are the system design activities?

Answer 12

describing the enviroment
defining the application components
designing the user interface
designing the database
designing the software classes and methods

Question 13

__________ is a well-defined unit of software that performs some function(s).

Answer 13

Application component

Question 14

Name the issues that involve how to package components?

Answer 14

1. Scope and size,
2. Programming language,
3. Build or buy.

Question 15

Package diagram, Component Diagram, and Deployment diagram are all typical models for which design activity?

Answer 15

defining application components

Question 16

T/F: To the system designer, the User Interface is the system.

Answer 16

F, the User Interface is the system for the user

Question 17

T/F: The user interface has large impact of user productivity.

Answer 17

T

Question 18

T/F: Designing the User Interface includes both Analysis and Design tasks.

Answer 18

T

Question 19

T/F: Designing the User Interface doesn’t require a lot of user involvement.

Answer 19

F, it requires heavy involvement

Question 20

T/F: Current needs require multiple user interfaces.

Answer 20

T, as there are many different devices and enviroments

Question 21

Storyboards, System Sequence diagrams, and small screen menu prototype are all typical models for?

Answer 21

User Interface design

Question 22

By definition, an Information System requires data – usually in a ______________.

Answer 22

database

Question 23

T/F: Current technology frequently use Relational Database Management Systems (RDBMS)

Answer 23

T

Question 24

Designing the database, Requires converting the data model to a _______________.

Answer 24

relational database

Question 25

Designing the database, Requires addressing of many other technical issues such as _______________, and ___________.

Answer 25

Throughput and response time, Security.

Question 26

Which design activity is also known as Detailed Design?

Answer 26

Designing the software classes and methods

Question 27

T/F: Designing the software classes and methods is a model building activity.

Answer 27

T

Question 28

Design class diagram, sequence diagrams, and state-machine diagrams are all models for which design activity?

Answer 28

Designing software classes and methods

Question 29

System controls and security include __________ controls and ________ controls.

Answer 29

Integrity, Security

Question 30

____________ Controls are Controls that maintain integrity of inputs, outputs and data and programs.

Answer 30

Integrity

Question 31

_________ Controls are Controls that protect the assets from threats, internal and external.

Answer 31

Security

Question 32

Which design activity is integrated into application programs and DBMS?

Answer 32

Designing the system controls and security (integrity controls)

Question 33

Ensuring that only appropriate and correct business transactions are accepted, is an objective of (security/integrity) controls.

Answer 33

integrity

Question 34

Ensuring that transactions are recorded and processed correctly is an objective of (security/integrity) controls.

Answer 34

integrity

Question 35

T/F: To protect and safeguard assets such as the database is an objective of integrity controls.

Answer 35

T

Question 36

_________ Controls prevent invalid or erroneous data from entering the system.

Answer 36

Input

Question 37

Value limit controls, Completeness Controls, Data validation controls, and Field Combination controls are all (Input/Output) Controls.

Answer 37

Input

Question 38

Name the Input Control: Checks the range of inputs for reasonableness.

Answer 38

Value Limit Controls

Question 39

Name the Input Control: Ensures all the data has been entered.

Answer 39

Completenesss Controls

Question 40

Name the input control: Ensures that specific data values are correct.

Answer 40

Data Validation Controls

Question 41

Name the input control: Ensurse data is correct based on relationships between fields.

Answer 41

Field Combination Control

Question 42

_________ Controls ensure that output arrives at proper destination (for authorized eyes) and is accurate, current, and complete.

Answer 42

Output

Question 43

Physical access to printers and display devices is an example of _________ controls.

Answer 43

Output

Question 44

T/F: Labels on printed and electronic output to correctly identify source of data is an example of input controls.

Answer 44

F, Output Controls

Question 45

T/F: Discarded data – protect from “dumpster diving” is an example on input controls.

Answer 45

F, Output controls.

Question 46

_______________ Protect data and systems from catastrophes.

Answer 46

Redundancy, Backup and Recovery

Question 47

T/F: Redundancy, Backup and Recovery is to have On-site versus off-site copies.

Answer 47

T

Question 48

___________________ is critical to prevent internal fraud, embezzlement, or loss

Answer 48

Fraud Prevention | **important will come in test

Question 49

The fraud triangle consists of: _________, __________, and _____________.

Answer 49

Opportunity, Motive, Rationalization | **important will come in test

Question 50

T/F: Separation of duties is a technique for risk reduction.

Answer 50

F, it is a factor affecting fraud risk

Question 51

Records and audit trails are factors affecting _________.

Answer 51

fraud risk

Question 52

T/F: Monitoring, Asset control reconciliation, and security are all factors affecting fraud risk.

Answer 52

T

Question 53

T/F: One of the objectives of security control design is to Protect information and transactions during transmission across networks and Internet.

Answer 53

T

Question 54

T/F: One of the objectives of Security Control Design is to protect and maintain a stable, functioning operating environment 24/7 (equipment, operating systems, DBMSs)

Answer 54

T

Question 55

_________ Controls limit a person’s ability to access servers, files, data, applications

Answer 55

Access

Question 56

_______________ is for identifying users.

Answer 56

Authentication

Question 57

______________ is a list of valid users.

Answer 57

Access Control List

Question 58

______________ is an authenticated user’s list of permission level for each resource.

Answer 58

Authorization

Question 59

___________ Users are those users with authorization

Answer 59

Registered

Question 60

_____________ Users are anyone not registered.

Answer 60

Unauthorized

Question 61

_________ Users are those that maintain lists and systems.

Answer 61

Privileged

Question 62

Identify the type of user: Hackers and former employees are _______ users.

Answer 62

Unauthorized

Question 63

Identify the type of user: Internet customers and employees are _______ users.

Answer 63

Registered

Question 64

Identify the type of user: Managers and System administrators are _______ users.

Answer 64

privileged

Question 65

Identify the type of user: Suppliers and System Developers are _______ users.

Answer 65

Registered

Question 66

______________ is a method to secure data (stored or in transmission).

Answer 66

Data Encryption

Question 67

______________ alters data so it is unrecognizable.

Answer 67

Encryption

Question 68

______________ is the converted encrypted data back to readable format.

Answer 68

Decryption

Question 69

_______________ is the mathematical transformation of the data.

Answer 69

Encryption Algorithm

Question 70

______________ is a long data string that allows the same algorithm to produce unique encryptions.

Answer 70

Encryption Key

Question 71

______________ Encryption is an encryption method that uses the same key to encrypt and decrypt.

Answer 71

Symmetric Key

Question 72

_______________ Encryption is an encryption method that uses different keys to encrypt and decrypt.

Answer 72

Asymmetric Key

Question 73

(Asymmertic/Symmertic) Key Encryption is also known as the Public Key Encryption.

Answer 73

Asymmetric

Question 74

_____________________ is a technique where a document is encrypted using a private key.

Answer 74

Digital Signature

Question 75

T/F: A Digital Signature Document is encrypted with private key, but then can only be decrypted with correct private key.

Answer 75

False, decrypted with the correct public not private key.

Question 76

__________________ is an organizations name and public that is encrypted and certified by an authorized third party.

Answer 76

Digital Certificate

Question 77

In a Digital Certificate, the _____________ is the authorized third party.

Answer 77

Certifying Authority

Question 77

T/F: Digital Certificates are widely known and accepted and built into Web browsers.

Answer 77

T

Question 78

_____________ is the standard set of protocols for authentication and authorization.

Answer 78

Secure Sockets Layer (SSL)

Question 79

_________________ is an Internet standard equivalent to SSL.

Answer 79

Transport Layer Security (TLS)

Question 80

___________________ is the internet security protocol at a low-level transmission.

Answer 80

IP Security (IPSec)

Question 81

_____________ is the internet standard to transmit Web pages.

Answer 81

Hypertext Transfer Protocol Secure (HTTPS)