Info Systems and Comms

Question 1

What is B2G?

Answer 1

Business to Government

Question 2

What is a master file?

Answer 2

Ledger or subsidiary ledger equivalent that holds accounts and account balance information

Question 3

What is a data mart?

Answer 3

A specialized version of a data warehouse that contains data that is preconfigured to meet the needs of a specific department

Question 4

What is XBRL (Extensible Business Reporting Language)?

Answer 4

A technology specifically designed to exchange financial information over the World Wide Web?

Question 5

What is a back door?

Answer 5

A type of malware designed to let the attacker bypass the normal authentication process and enter the users system

Question 6

What is an EDI system and its benefits?

Answer 6

An Electronic Database Interchange is where electronic business information is exchanged between two or more businesses
Benefits:
Faster transaction processing
Reduction in ordering costs
Reduction in lead time
Assurance of data due to standardized controls

Question 7

What are the steps of IT life cycle development?

Answer 7

Analysis
Design
Build
Test
Implement

(Design=technical architecture specification and a systems model
Development=programmers use the design specifications to develop the program and data files)

Question 8

Is DBMS (database management software) considered middleware?

Answer 8

Yes (and software)

Question 9

What component of a database is responsible for maintaining the referential integrity of the data in the system?

Answer 9

DBMS-Database Management System

Question 10

What is DDL?

Answer 10

Data Definition Language-
Defines the database structure and content by
creating tables and fields of information within the fields
(Data element names, their characteristics, and their relationship to one another)

Question 11

What methods could internet businesses use to prevent unauthorized intruders from accessing proprietary information?

Answer 11

Data encryption
Password management
Digital signatures-(authenticates messages transmitted by determine that they had not been altered)

Question 12

How does public/private key encryption work?

Answer 12

Both the public and private keys can be used to encrypt and decrypt messages

Question 13

What are the characteristics of relational databases?

Answer 13

Flexible and useful for unplanned, ad hoc queries
Maintained on direct access devices
Stores data in table form

Question 14

What are the benefits of a computerized accounting system over a manual system?

Answer 14

Combines functions that would be considered incompatible in a manual system

Question 15

What is program change control?

Answer 15

The practice of authorizing changes, approving test results, and copying development programs to a production library

Question 16

What are the disadvantages of flat file systems?

Answer 16

Program independence

Data redundancy

Question 17

What are the characteristics of online/real-time transaction processing?

Answer 17

Timeliness of information
Records are updated as transactions occur
Random access storage devices are normally required
Network access is required
Errors are detected and corrected as transactions are processed
Online transaction processing provides the most accurate and complete information for decision making

Question 18

Is hardware or software encryption more secure?

Answer 18

Hardware (software is more easily accessed and altered)

Question 19

What activity is top priority in DRP?

Answer 19

Mission critical

Question 20

How can data be prevented from mixing?

Answer 20

Boundary protection

Question 21

What is the makeup of the internet?

Answer 21

Gateways to allow mainframe computers to connect to personal computers

Question 22

What is the responsibility of an APPLICATION programmer when maintaining effective segregation of duties?

Answer 22

Code approved changes to a program

Question 23

What are the CPU components?

Answer 23

ALU
Control unit
RAM

Question 24

What documentation is useful in determining system construction?

Answer 24

Systems documentation

Question 25

What documentation provides instructions on the use of the program including required data files, startup instructions, check points, etc

Answer 25

Operators documentation

Question 26

What’s the most reliable form of electronic authentication?

Answer 26

Digital certificate (a background check is completed to confirm the identity of the requesting entity)

Question 27

What databases use SQL computer language?

Answer 27

Nearly all relational databases

Question 28

What system is likely to include external data?

Answer 28

ESS

Question 29

What are some types of application input controls?

Answer 29

Edit check
Reasonableness test
Batch control totals
Field (format) check (prevents a type of character from being used)
Validity check (comparing inputs to a list of valid items)
Check digit (adding an extra digit to a number and that digit has a mathematical relationship to the other numbers [the numbers may be subjected to an algorithm])

Question 30

Where should copies of system data backup be stored?

Answer 30

Secure, off-site location

Question 31

What is a more efficient backup method than off-site backup files?

Answer 31

Checkpoint/restart controls (reprocess only those transactions that took place after the last valid run)

Question 32

What factor is needed for successful data mining a large data store?

Answer 32

Pattern recognition

Question 33

What is a VAN and its benefit for EDI transactions?

Answer 33

A value added network is a privately owned network that route data transactions between trading partners. The benefit to EDI is the ability to deal with differing data protocols

Question 34

What systems include redundancy of components?

Answer 34

Fault tolerant systems

Question 35

What are the minimum functions that should be segregated in computer systems?

Answer 35

Programming
Operating
Library functions

Question 36

What controls are found in batch processing systems?

Answer 36

Check digits
Financial control totals
Limit checks

Question 37

What input control is associated with online real-time systems?

Answer 37

Closed loop verification

Question 38

What is the primary function of the DBMS?

Answer 38

Create and modify the database

Question 39

Why are computer input controls designed?

Answer 39

Ensure that data received for processing are properly authorized and converted to machine readable form

Question 40

What is a VPN?

Answer 40

A virtual private network is a secure way to create an encrypted communication tunnel to allow remote users secure access to the internet. The VPN uses authentication to identify users and encryption to prevent unauthorized users from intercepting data

Question 41

What does it mean to use a batch processing method and a detailed posting type for transactions?

Answer 41

Transactions are assigned to groups before posting, and each transaction had its own line entry in the appropriate ledger

Question 42

What is the first step of a disaster recovery plan?

Answer 42

Prepare a statement of responsibilities for the tasks included in a disaster recovery plan

Question 43

What are the characteristics of intranets?

Answer 43

Intranets are implemented using internet protocols

Training time for intranet based apps are lower than programs using LANs

Intranets connect LANs from various locations within a company

Question 44

What is the function of an accounting system header?

Answer 44

Identify data records

Used in conjunction with magnetic tape will likely prevent errors by the computer operator

Question 45

What is included in a disaster recovery plan?

Answer 45

Alternate processing site
Backup and off-site storage procedures
Identification of critical applications
Test of the plan
(names and vendor locations, current hardware configurations, names of team members, etc.)

Question 46

What is the three-tiered architectural layers of most client/server applications?

Answer 46

Desktop client
Application
Database

Question 47

What machine-language program results from the translation of a symbolic-language (source) program (readable by humans)

Answer 47

Object program (machine readable)

Question 48

How can proof of unauthorized transactions be uncovered?

Answer 48

Transaction logs

Question 49

What is a Trojan horse?

Answer 49

A seemingly legitimate program that contains an unauthorized code that performs malicious activities when the program is run. They often provide a back door to the victims system, enabling the hacker to gain access

Question 50

What increases password strength?

Answer 50

Length
Numbers
Letters (upper and lower)
Special characters

Question 51

What are the categories of computer software?

Answer 51

Application software
System software
Programming languages

Question 52

What is the responsibility of a network administrator?

Answer 52

Maintaining the hardware and software aspects of a computer network (including remote access).

Question 53

What is the multi-location system structure that is sometimes called the “goldilocks” solution because it seeks to balance design tradeoffs?

Answer 53

Distributed (a compromise between centralized and decentralized computing)

Question 54

What type of area network uses dedicated lines?

Answer 54

LAN (local area network)

Question 55

What type of transmission media and protocol is cellphone to earpiece communication?

Answer 55

Bluetooth (designed for short-range, low power communication)

Question 56

What are some ETF transaction?

Answer 56

Direct deposit
ATM
POS terminal payment

Question 57

What practices are needed for small business computing?

Answer 57

Backup procedures
Additional computing supervision
Independent third-party review

Question 58

What are the characteristics of a VAN?

Answer 58

Value added networks-
Costly
Increase security
Eliminated numerous point to point connections
Reduce communication and data protocol problems

Question 59

What are the types of disaster recovery plans?

Answer 59

Hot site (location equipped with redundant hardware and software configurations)
Cold site
Reciprocal agreement (two org agree to aid each other)

Question 60

What functions should an application programmer have to maintain segregation of duties?

Answer 60

Code approved changes to a program

Question 61

What method allows customers to pay for goods or services from a website while maintaining privacy?

Answer 61

E-cash

The payer is not identified by the method of payment

Question 62

What is mirroring?

Answer 62

Mirroring is a high-cost, high reliability approach to backup that is common in e-commerce applications. It provides continuous duplication of data in a different location

Question 62

How could programmer fraud be detected?

Answer 62

Periodic compiling of programs from documented source files, and comparison with the programs already in use

Question 62

What critical accounting function is most likely absent in a small business computing environment?

Answer 62

Authorization, there is a great need for third-party review and testing within the small business computing environment

( spreadsheets should be reviewed and tested by an independent third party)

Question 63

What is the most critical item to include in a systems specification document for a financial report?

Answer 63

Data elements needed

Question 64

Today’s organizations use microcomputers for data presentation over mainframe for what reason?

Answer 64

Cost effective

Question 65

What increases the security of E-commerce business?

Answer 65

Successful use of a firewall will help assure the security of a firm’s computer system

Question 66

What is a TPS?

Answer 66

Transaction Processing Systems support the day to day activities of the business (purchases, sales, cash collection, payroll, etc)

Question 67

How does batch processing occur?

Answer 67

Transactions are gathered together in a group and then keyed into a transaction file. Periodically, the transaction file is edited, sorted, and then the transactions are used to update the master file

Question 68

What is an example of Online Analytical Processing?

Answer 68

A data warehouse (storage comprised mostly of historical operational data)

Question 69

What IT functions should be segregated?

Answer 69

Data entry

Application programming

Question 70

What is a system where the end user is responsible for development and execution of the computer application used?

Answer 70

End-user computing

Question 71

When computer program controls detect errors, the error report should be reviewed and followed up by who?

Answer 71

The control group should handle that internal audit function

Question 72

What enhances controls of a computer operations dept?

Answer 72

Mandatory vacations
Periodic rotation of operators
Controlled access to the facility
Segregation of personnel who are responsible for controlling input and output

Question 73

What is the data control protocol used to control transmission on the internet?

Answer 73

TCP/IP (transmission control protocol/internet protocol)

Question 74

At what stage does data conversion occur?

Answer 74

Implementation (the process of moving from the old system to the new system)

Question 75

What areas of responsibility are normally assigned to a SYSTEM programmer in a computer system environment?

Answer 75

Maintaining system software such as:
Operating systems
Compilers

Question 76

What is the difference between SaaS and PaaS?

Answer 76

SaaS (the use of the cloud to access software and programs)

PaaS (the use of the cloud to create software and programs)

Question 77

How does a denial of service attack work?

Answer 77

A web server is overwhelmed with a sudden surge of false requests that causes the server to crash

Question 78

Adding and updating documentation items in the data dictionary should be restricted to who?

Answer 78

Database administrators

Question 79

What are the risks of e-commerce?

Answer 79

Authentication
Integrity
Security and confidentiality

Question 80

What is the ascending hierarchy of data in a system?

Answer 80

Character
Field
Record
File

Question 81

In a client/server environment, who is usually the client?

Answer 81

Computers of various users (computer or workstation of the individual user)

Question 82

What system most resembles a managerial accounting, budgeting system?

Answer 82

MIS (takes planning information data and compares it to actual results in periodic management reports)

Question 83

Data control language used in relational database is most likely to include commands used to control what?

Answer 83

Which users have various privileges relating to a database

Question 84

What language is related to the maintenance and querying of a database?

Answer 84

Data manipulation language

Question 85

What is the benefit of a single integrated database information system?

Answer 85

Increased data accessibility

Question 86

In COBIT, the process of reviewing system response time logs falls within what control process domain?

Answer 86

Monitor and evaluate (monitor the processes “M1” activity)

Question 87

What are ERPs?

Answer 87

Enterprise resource management systems are integrated packages that provide transaction processing, management support, and decision making support. They avoid many problems related to merging information from different departments, regions, or divisions

Question 88

Why is securing client/server systems complex?

Answer 88

Number of access points
Concurrent operation of multiple user sessions
Widespread data access and update capabilities

Question 89

What a major purpose of COBIT?

Answer 89

Guide managers, users, and auditors to adopt best practices related to the management of IT.

Question 90

What plan help ensure a timely recovery of business operations after a disaster?

Answer 90

BCM (Business Continuity Management)

The third step of BCM is determine business continuity strategies

Question 91

The management of changes to an application is part of what?

Answer 91

SPLMS (source program library management system)

Question 92

What are the system analyst responsibilities?

Answer 92

Designs the computer system (system goal and means to achieve them) based on the nature of the business and its information needs
Outlines the data processing system for the computer programmer with system flow charts

Question 93

What artificial intelligent systems can learn from experiences?

Answer 93

Intelligent agents
Neural networks
Case-based reasoning systems

Question 94

How are internal disk labels read?

Answer 94

Software

Question 95

Who is responsible for managing the flow of documents and reports in and out of the computer operations department?

Answer 95

Data control clerk

Question 96

What provides the most security for sensitive data stored on a personal computer?

Answer 96

Encrypting data files on the computer

Question 97

What should a fire suppression system in a computer facility avoid?

Answer 97

Halon chemicals (they are environmental hazards)

Question 98

When is a distributed processing environment beneficial?

Answer 98

Large volumes of data are generated at many locations and fast access is required

Question 99

What compensating control may detect/stop segregated functions from being performed by one person?

Answer 99

Computer logs

Question 100

When should OLRT or batch processing be used?

Answer 100

Online Real Time-transactions are continuous and interdependent
Batch Processing-periodic and independent

Question 101

What system uses checkpoints?

Answer 101

Batch because checkpoint and restart is an important backup procedure

Question 102

Who is responsible for an organization’s computer help desk function

Answer 102

Computer Prrstion Unut

Question 103

What strategy is important to managing security for mobile systems?

Answer 103

View-only access (which is a useful control on the ability of mobile devices to make changes in data

Question 104

What type of network is often used for EDI?

Answer 104

VAN

Question 105

Name a low cost, low quality wired transmission medium?

Answer 105

Twisted pair

Question 106

What role does OLAP and OLTP play in an ERP?

Answer 106

Online Analytical Processing incorporates data warehouse capabilities
Online Transaction Processing records daily operational transactions and makes them more visible in the system

Question 107

Who determines machine language for a specific computer?

Answer 107

The engineers who designed the computer

A programmer can not change the computer’s machine language

Question 108

What are the advantages of decentralized/distributed systems?

Answer 108

More responsive to end user needs
Reduced data transmission costs
Avoids input/output bottlenecks of high traffic periods

Question 109

What type of storage is best for a large volume of data that is unlikely to change often?

Answer 109

CD-ROM

Question 110

What are some of the five principles of COBIT 5?

Answer 110

Meeting stakeholder needs
Covering the enterprise end-to-end
Separating governance from management

Question 111

Who is responsible for the overall program logic and functionality?

Answer 111

Lead Systems Analyst

Question 112

What is a hardware control?

Answer 112

Echo check (checks for accuracy in data transmission)

Question 113

What are the characteristics of a WAN?

Answer 113

Inexpensive

Wide geographic coverage

Question 114

What is an EES?

Answer 114

Executive Support System that is a subset of DDS (decision support system) with emphasis on external data

Question 115

What are some characteristics of firewalls?

Answer 115

Include hardware and software components
Screen and block data packets from the system
Application firewalls control the execution of programs

Question 116

Who handles a source program after changes have been made and verified?

Answer 116

Production

operators handle programs that are already in use

Question 117

What is the difference between a hot site and a cold site?

Answer 117

A hot site has data and information processing capabilities in place before a disaster
(A cold site is a backup site that has not been stocked with equipment)

Question 118

What is the fiction of a physical access control?

Answer 118

Restricts access of hardware, programs, and data files to authorized individuals

Question 119

What is the benefit of a computer based transaction processing system over a manual one?

Answer 119

Efficiency of producing financial statements

Question 120

What is used to connect dissimilar networks?

Answer 120

Gateway (translates between two or more different protocol families)

Question 121

What controls are included in a disaster recovery plan that prevents interrupted information systems operation?

Answer 121

Backups and downtime controls

Question 122

What is the benefit of using EFT for international cash transactions?

Answer 122

Reduction in the frequency of data entry errors (electronic funds transfer minimize the need for entry of information)

Question 123

How could a small company increase its internal control effectiveness?

Answer 123

Engage the owner in direct participation in the activities, including financial record-keeping, of the business (it’s an important compensating control for small businesses)

Question 124

What are some secondary storage devices?

Answer 124

Flash drives
Magnetic disk
Optical disc (burns data onto a surface)

Question 125

What controls should be considered when designing the layout of a data processing center?

Answer 125

Access controls
Adequate power supply with surge protection
Risks related to other uses of electricity in the area

Question 126

What does encrypt and decrypt mean?

Answer 126

Encrypt=run the encryption algorithm forward

Decrypt=run the encryption algorithm backward

Question 127

What is an effective control related to person computing in small businesses?

Answer 127

Locking doors when offices are open and removing storage devices to secure locations

Question 128

What is a type of output control?

Answer 128

Distribution of reports

Question 129

What type of control is IT faculty controls?

Answer 129

General

Question 130

What implementation approach has been described as sink or swim?

Answer 130

Cold turkey (aka the plunge or Big Bang approach) drops the old and begins the new all at once

Question 131

What is a parity check?

Answer 131

It is designed to detect errors in data transmission

Question 132

What is data control language?

Answer 132

Commands used to control a database (who is able to read from and write to database sections)

Question 133

What is another name for a field?

Answer 133

Attribute

Question 134

What is a hash total?

Answer 134

A meaningless sum which normally has no use other than to prove completeness of the processed information)

Question 135

Why should computer operators not have access to detailed program listings?

Answer 135

They have the opportunity to modify the programs