Info Systems and Comms Flashcards
(137 cards)
1
Q
What is B2G?
A
Business to Government
2
Q
What is a master file?
A
Ledger or subsidiary ledger equivalent that holds accounts and account balance information
3
Q
What is a data mart?
A
A specialized version of a data warehouse that contains data that is preconfigured to meet the needs of a specific department
4
Q
What is XBRL (Extensible Business Reporting Language)?
A
A technology specifically designed to exchange financial information over the World Wide Web?
5
Q
What is a back door?
A
A type of malware designed to let the attacker bypass the normal authentication process and enter the users system
6
Q
What is an EDI system and its benefits?
A
An Electronic Database Interchange is where electronic business information is exchanged between two or more businesses
Benefits:
Faster transaction processing
Reduction in ordering costs
Reduction in lead time
Assurance of data due to standardized controls
7
Q
What are the steps of IT life cycle development?
A
Analysis Design Build Test Implement
(Design=technical architecture specification and a systems model
Development=programmers use the design specifications to develop the program and data files)
8
Q
Is DBMS (database management software) considered middleware?
A
Yes (and software)
9
Q
What component of a database is responsible for maintaining the referential integrity of the data in the system?
A
DBMS-Database Management System
10
Q
What is DDL?
A
Data Definition Language-
Defines the database structure and content by
creating tables and fields of information within the fields
(Data element names, their characteristics, and their relationship to one another)
11
Q
What methods could internet businesses use to prevent unauthorized intruders from accessing proprietary information?
A
Data encryption
Password management
Digital signatures-(authenticates messages transmitted by determine that they had not been altered)
12
Q
How does public/private key encryption work?
A
Both the public and private keys can be used to encrypt and decrypt messages
13
Q
What are the characteristics of relational databases?
A
Flexible and useful for unplanned, ad hoc queries
Maintained on direct access devices
Stores data in table form
14
Q
What are the benefits of a computerized accounting system over a manual system?
A
Combines functions that would be considered incompatible in a manual system
15
Q
What is program change control?
A
The practice of authorizing changes, approving test results, and copying development programs to a production library
16
Q
What are the disadvantages of flat file systems?
A
Program independence
Data redundancy
17
Q
What are the characteristics of online/real-time transaction processing?
A
Timeliness of information
Records are updated as transactions occur
Random access storage devices are normally required
Network access is required
Errors are detected and corrected as transactions are processed
Online transaction processing provides the most accurate and complete information for decision making
18
Q
Is hardware or software encryption more secure?
A
Hardware (software is more easily accessed and altered)
19
Q
What activity is top priority in DRP?
A
Mission critical
20
Q
How can data be prevented from mixing?
A
Boundary protection
21
Q
What is the makeup of the internet?
A
Gateways to allow mainframe computers to connect to personal computers
22
Q
What is the responsibility of an APPLICATION programmer when maintaining effective segregation of duties?
A
Code approved changes to a program
23
Q
What are the CPU components?
A
ALU
Control unit
RAM
24
Q
What documentation is useful in determining system construction?
A
Systems documentation
25
What documentation provides instructions on the use of the program including required data files, startup instructions, check points, etc
Operators documentation
26
What's the most reliable form of electronic authentication?
Digital certificate (a background check is completed to confirm the identity of the requesting entity)
27
What databases use SQL computer language?
Nearly all relational databases
28
What system is likely to include external data?
ESS
29
What are some types of application input controls?
Edit check
Reasonableness test
Batch control totals
Field (format) check (prevents a type of character from being used)
Validity check (comparing inputs to a list of valid items)
Check digit (adding an extra digit to a number and that digit has a mathematical relationship to the other numbers [the numbers may be subjected to an algorithm])
30
Where should copies of system data backup be stored?
Secure, off-site location
31
What is a more efficient backup method than off-site backup files?
Checkpoint/restart controls (reprocess only those transactions that took place after the last valid run)
32
What factor is needed for successful data mining a large data store?
Pattern recognition
33
What is a VAN and its benefit for EDI transactions?
A value added network is a privately owned network that route data transactions between trading partners. The benefit to EDI is the ability to deal with differing data protocols
34
What systems include redundancy of components?
Fault tolerant systems
35
What are the minimum functions that should be segregated in computer systems?
Programming
Operating
Library functions
36
What controls are found in batch processing systems?
Check digits
Financial control totals
Limit checks
37
What input control is associated with online real-time systems?
Closed loop verification
38
What is the primary function of the DBMS?
Create and modify the database
39
Why are computer input controls designed?
Ensure that data received for processing are properly authorized and converted to machine readable form
40
What is a VPN?
A virtual private network is a secure way to create an encrypted communication tunnel to allow remote users secure access to the internet. The VPN uses authentication to identify users and encryption to prevent unauthorized users from intercepting data
41
What does it mean to use a batch processing method and a detailed posting type for transactions?
Transactions are assigned to groups before posting, and each transaction had its own line entry in the appropriate ledger
42
What is the first step of a disaster recovery plan?
Prepare a statement of responsibilities for the tasks included in a disaster recovery plan
43
What are the characteristics of intranets?
Intranets are implemented using internet protocols
Training time for intranet based apps are lower than programs using LANs
Intranets connect LANs from various locations within a company
44
What is the function of an accounting system header?
Identify data records
| Used in conjunction with magnetic tape will likely prevent errors by the computer operator
45
What is included in a disaster recovery plan?
```
Alternate processing site
Backup and off-site storage procedures
Identification of critical applications
Test of the plan
(names and vendor locations, current hardware configurations, names of team members, etc.)
```
46
What is the three-tiered architectural layers of most client/server applications?
Desktop client
Application
Database
47
What machine-language program results from the translation of a symbolic-language (source) program (readable by humans)
Object program (machine readable)
48
How can proof of unauthorized transactions be uncovered?
Transaction logs
49
What is a Trojan horse?
A seemingly legitimate program that contains an unauthorized code that performs malicious activities when the program is run. They often provide a back door to the victims system, enabling the hacker to gain access
50
What increases password strength?
Length
Numbers
Letters (upper and lower)
Special characters
51
What are the categories of computer software?
Application software
System software
Programming languages
52
What is the responsibility of a network administrator?
Maintaining the hardware and software aspects of a computer network (including remote access).
53
What is the multi-location system structure that is sometimes called the "goldilocks" solution because it seeks to balance design tradeoffs?
Distributed (a compromise between centralized and decentralized computing)
54
What type of area network uses dedicated lines?
LAN (local area network)
55
What type of transmission media and protocol is cellphone to earpiece communication?
Bluetooth (designed for short-range, low power communication)
56
What are some ETF transaction?
Direct deposit
ATM
POS terminal payment
57
What practices are needed for small business computing?
Backup procedures
Additional computing supervision
Independent third-party review
58
What are the characteristics of a VAN?
Value added networks-
Costly
Increase security
Eliminated numerous point to point connections
Reduce communication and data protocol problems
59
What are the types of disaster recovery plans?
```
Hot site (location equipped with redundant hardware and software configurations)
Cold site
Reciprocal agreement (two org agree to aid each other)
```
60
What functions should an application programmer have to maintain segregation of duties?
Code approved changes to a program
61
What method allows customers to pay for goods or services from a website while maintaining privacy?
E-cash
The payer is not identified by the method of payment
62
What is mirroring?
Mirroring is a high-cost, high reliability approach to backup that is common in e-commerce applications. It provides continuous duplication of data in a different location
62
How could programmer fraud be detected?
Periodic compiling of programs from documented source files, and comparison with the programs already in use
62
What critical accounting function is most likely absent in a small business computing environment?
Authorization, there is a great need for third-party review and testing within the small business computing environment
( spreadsheets should be reviewed and tested by an independent third party)
63
What is the most critical item to include in a systems specification document for a financial report?
Data elements needed
64
Today's organizations use microcomputers for data presentation over mainframe for what reason?
Cost effective
65
What increases the security of E-commerce business?
Successful use of a firewall will help assure the security of a firm's computer system
66
What is a TPS?
Transaction Processing Systems support the day to day activities of the business (purchases, sales, cash collection, payroll, etc)
67
How does batch processing occur?
Transactions are gathered together in a group and then keyed into a transaction file. Periodically, the transaction file is edited, sorted, and then the transactions are used to update the master file
68
What is an example of Online Analytical Processing?
A data warehouse (storage comprised mostly of historical operational data)
69
What IT functions should be segregated?
Data entry
| Application programming
70
What is a system where the end user is responsible for development and execution of the computer application used?
End-user computing
71
When computer program controls detect errors, the error report should be reviewed and followed up by who?
The control group should handle that internal audit function
72
What enhances controls of a computer operations dept?
Mandatory vacations
Periodic rotation of operators
Controlled access to the facility
Segregation of personnel who are responsible for controlling input and output
73
What is the data control protocol used to control transmission on the internet?
TCP/IP (transmission control protocol/internet protocol)
74
At what stage does data conversion occur?
Implementation (the process of moving from the old system to the new system)
75
What areas of responsibility are normally assigned to a SYSTEM programmer in a computer system environment?
Maintaining system software such as:
Operating systems
Compilers
76
What is the difference between SaaS and PaaS?
SaaS (the use of the cloud to access software and programs)
PaaS (the use of the cloud to create software and programs)
77
How does a denial of service attack work?
A web server is overwhelmed with a sudden surge of false requests that causes the server to crash
78
Adding and updating documentation items in the data dictionary should be restricted to who?
Database administrators
79
What are the risks of e-commerce?
Authentication
Integrity
Security and confidentiality
80
What is the ascending hierarchy of data in a system?
Character
Field
Record
File
81
In a client/server environment, who is usually the client?
Computers of various users (computer or workstation of the individual user)
82
What system most resembles a managerial accounting, budgeting system?
MIS (takes planning information data and compares it to actual results in periodic management reports)
83
Data control language used in relational database is most likely to include commands used to control what?
Which users have various privileges relating to a database
84
What language is related to the maintenance and querying of a database?
Data manipulation language
85
What is the benefit of a single integrated database information system?
Increased data accessibility
86
In COBIT, the process of reviewing system response time logs falls within what control process domain?
Monitor and evaluate (monitor the processes "M1" activity)
87
What are ERPs?
Enterprise resource management systems are integrated packages that provide transaction processing, management support, and decision making support. They avoid many problems related to merging information from different departments, regions, or divisions
88
Why is securing client/server systems complex?
Number of access points
Concurrent operation of multiple user sessions
Widespread data access and update capabilities
89
What a major purpose of COBIT?
Guide managers, users, and auditors to adopt best practices related to the management of IT.
90
What plan help ensure a timely recovery of business operations after a disaster?
BCM (Business Continuity Management)
| The third step of BCM is determine business continuity strategies
91
The management of changes to an application is part of what?
SPLMS (source program library management system)
92
What are the system analyst responsibilities?
Designs the computer system (system goal and means to achieve them) based on the nature of the business and its information needs
Outlines the data processing system for the computer programmer with system flow charts
93
What artificial intelligent systems can learn from experiences?
Intelligent agents
Neural networks
Case-based reasoning systems
94
How are internal disk labels read?
Software
95
Who is responsible for managing the flow of documents and reports in and out of the computer operations department?
Data control clerk
96
What provides the most security for sensitive data stored on a personal computer?
Encrypting data files on the computer
97
What should a fire suppression system in a computer facility avoid?
Halon chemicals (they are environmental hazards)
98
When is a distributed processing environment beneficial?
Large volumes of data are generated at many locations and fast access is required
99
What compensating control may detect/stop segregated functions from being performed by one person?
Computer logs
100
When should OLRT or batch processing be used?
Online Real Time-transactions are continuous and interdependent
Batch Processing-periodic and independent
101
What system uses checkpoints?
Batch because checkpoint and restart is an important backup procedure
102
Who is responsible for an organization's computer help desk function
Computer Prrstion Unut
103
What strategy is important to managing security for mobile systems?
View-only access (which is a useful control on the ability of mobile devices to make changes in data
104
What type of network is often used for EDI?
VAN
105
Name a low cost, low quality wired transmission medium?
Twisted pair
106
What role does OLAP and OLTP play in an ERP?
Online Analytical Processing incorporates data warehouse capabilities
Online Transaction Processing records daily operational transactions and makes them more visible in the system
107
Who determines machine language for a specific computer?
The engineers who designed the computer
| A programmer can not change the computer's machine language
108
What are the advantages of decentralized/distributed systems?
More responsive to end user needs
Reduced data transmission costs
Avoids input/output bottlenecks of high traffic periods
109
What type of storage is best for a large volume of data that is unlikely to change often?
CD-ROM
110
What are some of the five principles of COBIT 5?
Meeting stakeholder needs
Covering the enterprise end-to-end
Separating governance from management
111
Who is responsible for the overall program logic and functionality?
Lead Systems Analyst
112
What is a hardware control?
Echo check (checks for accuracy in data transmission)
113
What are the characteristics of a WAN?
Inexpensive
| Wide geographic coverage
114
What is an EES?
Executive Support System that is a subset of DDS (decision support system) with emphasis on external data
115
What are some characteristics of firewalls?
Include hardware and software components
Screen and block data packets from the system
Application firewalls control the execution of programs
116
Who handles a source program after changes have been made and verified?
Production
| operators handle programs that are already in use
117
What is the difference between a hot site and a cold site?
A hot site has data and information processing capabilities in place before a disaster
(A cold site is a backup site that has not been stocked with equipment)
118
What is the fiction of a physical access control?
Restricts access of hardware, programs, and data files to authorized individuals
119
What is the benefit of a computer based transaction processing system over a manual one?
Efficiency of producing financial statements
120
What is used to connect dissimilar networks?
Gateway (translates between two or more different protocol families)
121
What controls are included in a disaster recovery plan that prevents interrupted information systems operation?
Backups and downtime controls
122
What is the benefit of using EFT for international cash transactions?
Reduction in the frequency of data entry errors (electronic funds transfer minimize the need for entry of information)
123
How could a small company increase its internal control effectiveness?
Engage the owner in direct participation in the activities, including financial record-keeping, of the business (it's an important compensating control for small businesses)
124
What are some secondary storage devices?
Flash drives
Magnetic disk
Optical disc (burns data onto a surface)
125
What controls should be considered when designing the layout of a data processing center?
Access controls
Adequate power supply with surge protection
Risks related to other uses of electricity in the area
126
What does encrypt and decrypt mean?
Encrypt=run the encryption algorithm forward
| Decrypt=run the encryption algorithm backward
127
What is an effective control related to person computing in small businesses?
Locking doors when offices are open and removing storage devices to secure locations
128
What is a type of output control?
Distribution of reports
129
What type of control is IT faculty controls?
General
130
What implementation approach has been described as sink or swim?
Cold turkey (aka the plunge or Big Bang approach) drops the old and begins the new all at once
131
What is a parity check?
It is designed to detect errors in data transmission
132
What is data control language?
Commands used to control a database (who is able to read from and write to database sections)
133
What is another name for a field?
Attribute
134
What is a hash total?
A meaningless sum which normally has no use other than to prove completeness of the processed information)
135
Why should computer operators not have access to detailed program listings?
They have the opportunity to modify the programs
