IS FINAL Flashcards

Question

What are the major causes of ERP implementation failure?

Answer 1

* Failure to involve affected employees in the planning and development phases and in change management processes * Trying to accomplish too much too fast in the conversion process * Insufficient training in the new work tasks required by the ERP system * Failure to perform proper data conversion and testing for the new system

Answer 2

Vanilla approach Custom approach Best of breed approach

Answer 3

approach, a company implements a standard ERP package, using the package’s built-in configuration options. When the system is implemented in this way, it will deviate only minimally from the package’s standardized settings. The vanilla approach can enable the company to perform the implementation more quickly. However, the extent to which the software is adapted to the organization’s specific processes is lim- ited. Fortunately, a vanilla implementation provides general functions that can support the firm’s common business processes with relative ease, even if they are not a perfect fit for those processes.

Answer 4

In this approach, a company implements a more customized ERP system by developing new ERP functions designed specifically for that firm. Decisions con- cerning the ERP’s degree of customization are specific to each organization. To use the custom approach, the organization must carefully analyze its existing business processes to develop a system that conforms to the organization’s particular characteristics and pro- cesses. Customization is also expensive and risky because computer code must be written and updated every time a new version of the ERP software is released. Going further, if the customization does not perfectly match the organization’s needs, then the system can be very difficult to use.

Answer 5

Modify vanilla approach

Answer 6

Lease ERP software that is cloud-based normally using the vanilla approach

Answer 7

- procurement (need to buy -> send payment - fulfillment process (customer request to buy -> recieve payment) - production process (need to produce -> recieve finished goods)

Answer 8

Warehouse, Purchasing, Accounting

Answer 9

Sales, warehouse, accounting

Answer 10

No, because not all companies produce physical goods

Answer 11

Help multiple firms in an industry coordinate activities such as the production-to-scale of goods and services.

Answer 12

Have the capability to place automatic requests to buy fresh perishable products from suppliers in real-time.

Answer 13

Generate forcasting analyses of product consumption based on critical variables such as geographical area, season, day of the week, and type of customer

Answer 14

Ad hoc (or on-demand) reports: Nonroutine reports that often contain special information that is not included in routine reports.

Answer 15

Reports that compare performances of different business units or times.

Answer 16

A system that integrates existing systems by providing layers of software that connect applications together.

Answer 17

Reports that compare performances of different business units or times.

Answer 18

Reports that show a greater level of details than is included in routine reports.

Answer 19

Reports that include only information that exceeds certain threshold standards.

Answer 20

Reports that summarize the performance of critical activities.

Answer 21

A cross-functional business process that originates when the company receives a customer order, and it concludes when it receives a payment from the customer.

Answer 22

A cross-functional business process that originates when a company needs to acquire goods or services from external sources, and it concludes when the company receives and pays for them.

Answer 23

A cross-functional business process in which a company produces physical goods.

Answer 24

Customer service, oprtating costs

Answer 25

a customer-focused and customer-driven organizational strategy. That is, organizations concentrate on assessing customers’ require- ments for products and services and then provide a high-quality, responsive customer experi- ence.

Answer 26

marketing efforts, through which the organization solicits prospects from a target population of potential customers.

Answer 27

Lifetime Value

Answer 28

Customer churn

Answer 29

(1) The company must identify the many types of customer touch points, and (2) it needs to consolidate data about each customer.

Answer 30

Enterprises with many small customers (i.e. amazon)

Answer 31

Enterprises with a few large customers i.e. bentley

Answer 32

Diverse interactions organizations have with their customers

Answer 33

All touch points may not be in sync

Answer 34

an approach to customers that creates a seamless experience regardless of the chan- nel (or device) used to “touch” the business. Many businesses are now creating omni-channel strategies to drive this cohesive experience for their customers.

Answer 35

•Info. sharing leads to collaborative CRM. •Collaborative CRM systems provide effective and efficient interactive communication with the customer throughout the entire organization. •Collab. CRM integrate communications between the organization and its customers in all aspects of marketing, sales, and customer support.

Answer 36

Modern interconnected systems built around a data watehouse

Answer 37

A 360 degree view of that customer

Answer 38

•A 360° view enhances company’s relationship with its customers and ultimately make more productive and profitable decisions.

Answer 39

The component of CRM that supports the front-office business processes that directly interact with customers (i.e., sales, marketing, and service).

Answer 40

* Efficient, personalized marketing, sales, and service * A 360o view of each customer * The ability of sales and service employees to access a complete history of customer inter- action with the organization, regardless of the touch point

Answer 41

* Improve sales and account management by optimizing the information shared by mul- tiple employees and by streamlining existing processes (e.g., taking orders using mobile devices) * Form individualized relationships with customers, with the aim of improving customer sat- isfaction and maximizing profits * Identify the most profitable customers, and provide them with the highest level of service * Provide employees with the information and processes necessary to know their customers * Understand and identify customer needs, and effectively build relationships among the company, its customer base, and its distribution partners

Answer 42

In customer-facing CRM applications, an organization’s sales, field service, and customer interaction centre representatives interact directly with customers. These applications include customer service and support, salesforce automation, marketing, and campaign management.

Answer 43

``` Search and comparison Technical information and services Customized products and services Personalized webpages FAQs Email and automated response Loyalty programs ```

Answer 44

Customer service and support Sales (salesforce automation) Marketing Campaign management

Answer 45

Salesforce automation (SFA) is the component of an oper- ational CRM system that automatically records all of the components in a sales transaction process.

Answer 46

the marketing of additional related products to customers based on a pre- vious purchase.

Answer 47

Bundling is a form of cross-selling in which your business sells a group of products or services together at a lower price and their combined individual prices

Answer 48

Campaign management applications help organizations plan campaigns that send the right messages to the right people through the right channels.

Answer 49

Analytical CRM systems provide business intelligence by analyzing customer behaviour and perceptions

Answer 50

* Designing and executing targeted marketing campaigns * Increasing customer acquisition, cross-selling, and upselling * Providing input into decisions relating to products and services (e.g., pricing and product development) * Providing financial forecasting and customer profitability analysis

Answer 51

Need Operational for analytical

Answer 52

The flow of materials, information, money, and services from raw material suppliers, through factories and warehouses, to the end customers. A supply chain also includes the organizations and processes that create and deliver products, information, and services to the end customers.

Answer 53

Supply chain visibility refers to the ability of all organizations within a supply chain to access or view relevant data on purchased materials as these materials move through their suppliers’ production processes and transportation networks to their receiving docks.

Answer 54

Upstream Internal Downstream

Answer 55

Soucing/procurement from external suppliers occurs Supply chain managers select suppliers to deliver things company needs to produce the final good or service supply chain managers develop the pricing, delivery, and payment processes between a company and its suppliers. Included here are processes for managing inventory, receiving and verifying shipments, transferring goods to manufacturing facilities, and authorizing payments to suppliers.

Answer 56

Packaging, assembly, or manufacturing takes place Supply chain managers schedule the activities necessary for production, testing, packaging, and preparing goods for delivery. They also monitor quality levels, production output, and worker productivity.

Answer 57

Distribution takes place, frequently by external distributors In this segment, supply chain managers coordinate the receipt of orders from custom- ers, develop a network of warehouses, select carriers to deliver products to customers, and implement invoicing systems to receive payments from customers

Answer 58

Tier 3: basic i.e. glass, rubber Tier 2: windshields, tires Tier 1: dashboards, cars

Answer 59

Material, information, financial

Answer 60

To improve the processes a company uses to acquire the raw materials it needs to produce a product or service and then deliver that product or service to its customers

Answer 61

``` Plan Source Make Deliver Return ```

Answer 62

Also known as made-to-stock Starts with a forecast of customer demand Company thenproduces the number of products in the forecast, typically by using mass production, and sells, or “pushes,” those products to consumers. Usually incorrect!

Answer 63

Also known as make to order Begins with an order then is produced Not all companies can use the pull model

Answer 64

Uncertainties The need to coordinate multiple activities, internal units, and business partners Bullwhip effect

Answer 65

erratic shifts in orders up and down the supply chain

Answer 66

Hoarding | Stockpiling

Answer 67

a business strategy in which a company purchases its upstream suppliers to ensure that its essential supplies are available as soon as the company needs them.

Answer 68

Getting inventory right when you need it

Answer 69

supplier, rather than the retailer, manages the entire inventory process for a particular product or group of products

Answer 70

Electronic data interchange Extranets Portals and exchanges

Answer 71

Electronic data interchange (EDI) is a communication standard that enables business partners to exchange routine documents, such as purchasing orders, electronically

Answer 72

Minimizes data entry errors, shorter length of message, message security, reduce the cycle time, increases productivity, enhances customer service, minimizes paper

Answer 73

Business processes and sometimes be restricted to fit idiot requirements, many EDI standards

Answer 74

They link business partners over the Internet by providing them access to certain areas of each other’s corporate Intranets

Answer 75

Procurement portals and distribution portals

Answer 76

Automate the business processes involved in purchasing or procuring products between a single buyer and multiple sellers

Answer 77

Automate The business process involved in selling or distributing products from a single supplier to multiple buyers

Answer 78

A system that connects computers and other devices via communications media so that data and information can be transmitted among them

Answer 79

front-office processes Processes that directly interact with customers; that is, sales, marketing, and service.

Answer 80

The transmission capacity of a network, stated in bits per second

Answer 81

The transmission capacity of a communications medium that is faster than 25 Mbps.

Answer 82

The system administered by the Internet Corporation for Assigned Names and Numbers (ICANN) that assigns names to each site on the Internet.

Answer 83

The name assigned to an Internet site, which consists of multiple parts, separated by dots, that are translated from right to left.

Answer 84

network that connects parts of the intranets of different organizations.

Answer 85

A communications medium consisting of thousands of very thin filaments of glass fibres, surrounded by cladding, that transmit information through pulses of light generated by lasers.

Answer 86

A private network that uses Internet software and TCP/IP protocols

Answer 87

A network that connects communications devices in a limited geographic region, such as a building, so that every user device on the network can communicate with every other device.

Answer 88

Computers that act as exchange points for Internet traffic and determine how traffic is routed.

Answer 89

A type of client/server distributed processing that allows two or more computers to pool their resources, making each computer both a client and a server.

Answer 90

The set of rules and procedures that govern transmission across a network.

Answer 91

A communications processor that routes messages from a LAN to the Internet, across several connected LANs, or across a wide area network such as the Internet.

Answer 92

A file transfer protocol that can send large files of information across sometimes unreliable networks with the assurance that the data will arrive uncorrupted.

Answer 93

The communications standard used to transfer pages across the WWW portion of the Internet; it defines how messages are formulated and transmitted.

Answer 94

MANs are relatively large networks that cover a metropolitan area. MANs fall between LANs and WANs in size.

Answer 95

``` PAN LAN MAN WAN Internet ```

Answer 96

File server or network server

Answer 97

A wide area network (WAN) is a network that covers a large geographical area. WANs typically connect multiple LANs. They are generally provided by common carriers such as tele- phone companies and the international networks of global communications services providers.

Answer 98

Interconnected networks with multiple lans and wans

Answer 99

Are high-speed central networks to which multiple smaller networks (such as LANs and smaller WANs) connect

Answer 100

A pathway to communicate data. It is made up of two types of media: cable (twisted- pair wire, coaxial cable, or fibre-optic cable) and broadcast (microwave, satellite, radio, or infrared).

Answer 101

Wireline media or cable media use physical wires or cables to transmit data and infor- mation

Answer 102

most prevalent form of communications wiring— twisted-pair wire—is used for almost all business telephone wiring. As the name suggests, it consists of strands of copper wire twisted in pairs

Answer 103

(1) It manages the movement of data packets (see further on) between computers by establishing a connection between the computers, (2) it sequences the transfer of packets, and (3) it acknowledges the packets that have been transmitted

Answer 104

The Internet Protocol (IP) is responsible for disassembling, delivering, and reassembling the data during transmission.

Answer 105

Application Transport Internet Network interface

Answer 106

Packet switching

Answer 107

The main reason is to achieve reliable end-to- end message transmission over sometimes-unreliable networks that may have short-acting or long-acting problems.

Answer 108

application layer enables client application programs to access the other lay- ers, and it defines the protocols that applications use to exchange data. One of these application protocols is the Hypertext Transfer Protocol (HTTP), which defines how messages are formulated and how they are interpreted by their receivers.

Answer 109

transport layer provides the application layer with communication and packet services. This layer includes TCP and other protocols.

Answer 110

Internet layer is responsible for addressing, rout- ing, and packaging data packets. The IP is one of the protocols in this layer.

Answer 111

the network interface layer places packets on, and receives them from, the network medium, which can be any networking technology.

Answer 112

- divides work processing work among 2 or more computers - enables computers in different locations to communicate w/ one another through telecommunication links - Common type is client/server computer

Answer 113

Client/server computing links two or more computers in an arrangement in which some machines, called servers, provide computing services for user PCs, called clients - Fat Client: Large storage + Processing power - Thin Client: No local storage + Limited processing power ( of little value when network not functioning)

Answer 114

1. Accesses unused CPU power among network computers (open source projects) 2. Real-time, person to person collab (google docs) 3. Advanced search and file sharing (like bit torrent)

Answer 115

The Internet (“the Net”) is a global WAN that connects approximately 1 million organizational computer networks in more than 200 countries on all continents.

Answer 116

``` Dial-up DSL (broadband through phone company) Cable modem (cable tv) Satellite (radio wave satellite network) Wireless (WIFI) Fibre to the home (broadband via fibre optic) ```

Answer 117

Exchange points for internet traffic that determine how it’s routed

Answer 118

IPv4: most widely used, 32 bits (135.32.456.74) IPv6: developed cause we ran out of IPv4. 32 bits.

Answer 119

Www = sub-domain McGill = second-level domain Ca - top level domain

Answer 120

Unified communications (UC) simplifies and integrates all forms of communications— voice, voice mail, fax, chat, email, instant messaging, short message service, presence (location) services, and videoconferencing—on a common hardware and software platform

Answer 121

One type of collaboration is crowdsourcing, in which an organization outsources a task to an undefined, generally large group of people in the form of an open call

Answer 122

- fast and low cost to explore probs - wider range of talent - firsthand insight into customers - looks into global world of ideas

Answer 123

High bandwidth | Relatively inexpensive

Answer 124

1. They are small enough to easily carry or wear. 2. They have sufficient computing power to perform productive tasks. 3. They can communicate wirelessly with the Internet and other devices.

Answer 125

Microwave Sattelite Radio

Answer 126

Microwave transmission systems transmit data through electromagnetic waves. These systems are used for high-volume, long-distance, line-of-sight communication. Line-of-sight means that the transmitter and receiver are in view of each other.

Answer 127

Unobstructed line of sught | Susceptible to environmental interference

Answer 128

High bandwidth | Large coverage area

Answer 129

Expensive Must have clear line of sight Signals experience propagation delay Must use encryption for security

Answer 130

High bandwidth | Signals pass through walls Inexpensive and easy to install

Answer 131

Creates electrical interference problems Susceptible to snooping unless encrypted

Answer 132

Satellite transmission systems make use of communication satellites. Currently, there are three types of satellites circling Earth: geostationary-earth-orbit (GEO), medium-earth-orbit (MEO), and low-earth-orbit (LEO). Each type has a different orbit, with GEO being farthest from Earth and LEO being the closest

Answer 133

TV SIGNAL Satellites stationary relative to point on Earth Few satellites needed for global coverage Transmission delay (approximately 0.25 second) Most expensive to build and launch Longest orbital life (many years)

Answer 134

GPS Satellites move relative to point on Earth Moderate number needed for global coverage Requires medium-powered transmitters Negligible transmission delay Less expensive to build and launch Moderate orbital life (6 to 12 years)

Answer 135

TELEPHONE Satellites move rapidly relative to point on Earth Large number needed for global coverage Requires only low-power transmitters Negligible transmission delay Least expensive to build and launch Shortest orbital life (as low as 5 years) Satellites move rapidly relative to point on Earth Large number needed for global coverage Requires only low-power transmitters Negligible transmission delay Least expensive to build and launch Shortest orbital life (as low as 5 years)

Answer 136

It uses radio wave frequencies (longest wavelengths) to send data directly between transmitters and receivers, can travel through walls

Answer 137

Bluetooth Ultra wideband (UWB) Near field communications (NFC)

Answer 138

industry specification used to cre- ate small personal area networks. A personal area network is a computer network used for communication among computer devices (e.g., telephones, personal digital assistants, smart- phones) located close to one person. Bluetooth uses low-power, radio-based communication.

Answer 139

high-bandwidth wireless technology with transmission speeds in excess of 100 Mbps

Answer 140

has the smallest range of any short-range wireless network. It is designed to be embedded in mobile devices such as cell phones and credit cards. I.E. Tap, apple pay

Answer 141

``` They are WLANs Wi-Fi Wifi-Direct (hotspot) MiFi (portable router) LiFi (plane) ```

Answer 142

``` Cellular radio Wireless broadband (wimax) ```

Answer 143

1st Generation of networks (voice only – using analog signals) 2nd Generation (digital signals – voice communications + data – text and smiles) 3G (digital + video, web, instant messaging, higher bandwidth) uses packet switching 4G is the 4th Generation of broadband cellular network technology Secure mobile broadband, gaming services, high-definition mobile TV, video conferencing,... basically a hand-held computer

Answer 144

- peak capacity of 5G UWB sector is in gbps compared to 4G in mbps - latency, or the time that passes from the moment information is sent from a device until it is used by a receiver, will be greatly reduced on 5G networks, allowing for faster upload and download speeds. - bandwidth size: 5G should be able to support many more devices of the future, in addition to the network demands of connected vehicles and other devices in the Internet of Things.

Answer 145

Worldwide Interoperability for Microwave Access, popularly known as WiMAX • has a wireless access range of up to 50 kilometres, compared with 100 metres for Wi-Fi • has a data-transfer rate of up to 75 Mbps • a secure system, offers features such as voice and video • antennas can transmit broadband Internet connections to antennas on homes and businesses several kilometres away • provides long-distance broadband wireless access to rural areas and other locations that are not currently being served

Answer 146

1. Rogue access point: unauthorized access point to a WLAN 2. Evil twin attack: an imposter with a computer connects to your computer, pretending to be your normal (or other) access point 3. War driving : walking around to find unsecure WLANs to connect to 4. Eavesdropping: efforts by unauthorized users to try to access data traveling over wireless networks. 5. RF (Radio frequency) jamming: a person or a device intentionally or unintentionally interferes with your wireless network transmissions.

Answer 147

information security refers to all of the processes and policies designed to protect an organization’s information and information systems (IS) from unauthorized access, use, disclosure, disruption, modification, or destruction

Answer 148

Security can be defined as the degree of protection against criminal activity, danger, damage, or loss.

Answer 149

A threat to an information resource is any danger to which a system may be exposed.

Answer 150

The exposure of an information resource is the harm, loss, or damage that can result if a threat compromises that resource.

Answer 151

An information resource’s vulnerability is the possibility that a threat will harm that resource.

Answer 152

1. Today’s interconnected, interdependent, wirelessly networked business environment 2. Smaller, faster, inexpensive computers and storage devices 3. Decreasing skills necessary to be a computer hacker 4. International organized crime taking over cybercrime 5. Lack of management support

Answer 153

Unintentional and deliberate

Answer 154

* Carelessness with laptops and other computing devices * Opening questionable e-mails * Careless Internet surfing * Poor password selection and use * Carelessness with one’s office * Carelessness using unmanaged devices * Carelessness with discarded equipment * Careless monitoring of environmental hazards

Answer 155

Social engineering is an attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords. The most common example of social engineering occurs when the attacker impersonates someone else on the telephone, such as a company manager or an IS employee

Answer 156

Impersonation Tailgating Shoulder surfing

Answer 157

1. Espionage/trespass 2. Theft of equipment/info 3. Identity theft 4. Software attacks

Answer 158

Espionage or trespass occurs when an unauthorized individual attempts to gain illegal access to organizational information.

Answer 159

1. Competitive intelligence: legal info gathering techniques (i.e. studying a company’s Web site > Hiring page > new projects) 2. Industrial espionage: crosses legal boundary (i.e. theft of confidential data)

Answer 160

1. Virus: Segment code that performs malicious actions by attaching to another computer program. 2. Worm: Segment of code that performs malicious actions and will replicate by itself (without requiring another computer program). 3. Phishing attack: Uses deception to acquire sensitive personal information by masquerading as official looking emails or instant messages. 4. Spear phishing Targets large groups of people. The perpetrators find out as much information as they can about an individual, tailoring their phishing attacks to improve the chances that they will obtain sensitive, personal information.

Answer 161

1. Denial-of-service attack An attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes (ceases to function). 2. Distributed denial-of-service attack An attacker first takes over many computers, typ- ically by using malicious software. These com- puters are called zombies or bots. The attacker uses these bots—which form a botnet—to deliver a coordinated stream of information requests to a target computer, causing it to crash.

Answer 162

1. Trojan horse Software programs that hide in other computer programs and reveal their designed behaviour only when they are activated. 2. Back door Typically a password, known only to the attacker, that allows them to access a computer system at will, without having to go through any security procedures (also called a trap door). 3. Logic bomb A segment of computer code that is embedded within an organization’s existing computer pro- grams and is designed to activate and perform a destructive action under specific conditions, such as at a certain time or date.

Answer 163

Malicious software that blocks access to a computer system or encrypts an org.’s data until the organization pays a sum of money.

Answer 164

Any internet-connected device

Answer 165

Some ransomware developers distribute ransomware to any hacker who wants to use it. This process is called ransomware-as-a-service. the original creators publish the software on the Dark Web, allowing other criminals to use the code in return for receiving 40-50% of each ransom paid.

Answer 166

Cyberterrorism and cyberwarfare refer to malicious acts in which attackers use a target’s computer systems, particularly via the Internet, to cause physical real-world harm or sever disruption, usually to carry out a political agenda

Answer 167

risk analysis, risk mitigation, and controls evaluation.

Answer 168

The goal of risk management is to identify, control, and minimize the impact of threats. In other words, risk management seeks to reduce risk to acceptable levels

Answer 169

Risk analysis involves three steps: (1) assessing the value of each asset being protected, (2) estimating the probability that each asset will be compromised, and (3) comparing the prob- able costs of the asset’s being compromised with the costs of protecting that asset. The organi- zation then considers how to mitigate the risk.

Answer 170

In risk mitigation, the organization takes concrete actions against risks. Risk mitigation has two functions: (1) implementing controls to prevent identified threats from occurring, and (2) developing a means of recovery if the threat becomes a reality

Answer 171

1. Risk acceptance: Accept the potential risk, continue operating with no controls, and absorb any damages that occur. 2. Risk limitation: Limit the risk by implementing controls that minimize the impact of the threat. 3. Risk transference: Transfer the risk by using other means to compensate for the loss, such as by purchasing insurance.

Answer 172

in controls evaluation, the organization identifies security deficiencies and calcu- lates the costs of implementing adequate control measures to compare against the value of those control measures. If the costs of implementing a control are greater than the value of the asset being protected, the control is not cost effective.

Answer 173

The purpose of controls or defence mechanisms (also called countermeasures) is to safe- guard assets, optimize the use of the organization’s resources, and prevent or detect errors or fraud.

Answer 174

Physical controls: Stop unauthorized individuals from accessing company facilities. (doors, locks, badges, guards, alarm systems, pressure sensors, and motion detectors.)

Answer 175

General controls apply to more than one functional area. For example, passwords are general controls.

Answer 176

Controls specific to one application, such as payroll, are application controls.

Answer 177

Physical Access Communications

Answer 178

Physical control

Answer 179

Access controls restrict unauthorized individuals from using information resources. Access controls can be physical controls or logical controls.

Answer 180

Logical controls are implemented by software. For example, access control programs limit users to acceptable login times and acceptable login locations.

Answer 181

1. Authentication: confirms the identity of the person requiring access. After the person is authenticated (identified), the next step is authorization. 2. Authorization determines which actions, rights, or privileges the person has, based on their verified identity. Good control systems limit authoriza- tion to tasks needed to accomplish a person’s job.

Answer 182

Communication/network controls: can data securely move across your network? A system (either hardware, software, or a combination of both) that prevents a specific type of information from moving between untrusted networks, such as the Internet, and private networks, such as your company’s network. firewalls, anti-malware systems, whitelisting and blacklisting, encryption, VPNs, transport layer security (TLS), and employee monitoring systems.

Answer 183

Physical and access

Answer 184

Encryption is the process of converting an original message into a form that cannot be read by anyone except the intended receiver.

Answer 185

key, which is the code that scrambles and then decodes the messages.

Answer 186

Encryption algorithms which use the same key for both encryption and decryption

Answer 187

use a pair of keys (keypair) a public key and a private key. Public keys are used for encryption or signature verification; Private keys decrypt and sign.

Answer 188

Internet-> external firewall -> servers (demilitarized zone) -> internal firewall -> corporate LAN intranet

Answer 189

Internet -> internet service provider -> broadband connection (dsl, cable modem, 4g, 5G) -> home computer (software firewall)

Answer 190

Receiver: ``` 1. 2. 3. 4. 5. Harrison creates the pair of keys Harrison sends the public key to Hannah Hannah uses the Public key to encrypt the message and sends it over Harrison uses his private key to decrypt the message It STARTS with the receiver. ```

Answer 191

A digital certificate is an electronic document attached to a file that cer- tifies that the file is from the organization it claims to be from and has not been modified from its original format

Answer 192

issues digital certificates | verifies the integrity of the certificates.

Answer 193

Input controls: to edit input data for errors] Processing controls: to monitor operation of an application. Output controls: to edit output data for errors and that output goes to the intended

Answer 194

The chain of events linking planning to protection to recovery.

Answer 195

To provide guidance to people who keep the business operating after a disaster happen To restore the business to normal operations as quickly as possible after an attack. To ensure that business functions continue

Answer 196

hot sites: a fully-configured computer facility... a duplication of key resources, warm sites: It includes computing equipment (e.g., servers) but not all actual applications and user workstations. cold sites: only rudimentary services and facilities like a building or a room off-site data and program storage: a duplicate of company data and its software programs to be transferred to another computer elsewhere

Answer 197

type of computing that delivers convenient, on-demand, pay-as-you-go access for multiple customers to a shared pool of configurable computing resources (e.g., servers, networks, storage, applications, and services) that can be rapidly and easily accessed over the Internet

Answer 198

they own their IT infrastructure (their software, hard- ware, networks, and data management) and maintain it in their data centres.

Answer 199

New needs, new investment in new systems. On-premise computing can actually inhibit an organization’s ability to respond quickly and appropriately to today’s rapidly changing business environments.

Answer 200

IT components and IT services

Answer 201

Hardware software database network

Answer 202

developing information systems, managing security and risk, and managing data

Answer 203

Cloud Computing Provides On-Demand Self- Service (access needed computing resources automatically: elasticity and flexibility) Cloud Computing Encompasses the Characteristics of Grid Computing Cloud Computing Encompasses the Characteristics of Utility Computing Cloud Computing Uses Broad Network Access Cloud Computing Pools Computing Resources Cloud Computing Often Occurs on Virtualized Servers

Answer 204

Grid computing pools various hardware and software components to create a single IT envi- ronment with shared resources. Grid computing shares the processing resources of many geo- graphically dispersed computers across a network.

Answer 205

Grid computing enables organizations to use their computing resources more efficiently. Grid computing provides fault tolerance and redundancy, meaning that there is no single point of failure, so the failure of one computer will not stop an application from executing. Grid computing makes it easy to scale up—that is, to access increased computing resources (i.e., add more servers)—to meet the processing demands of complex applications. Grid computing makes it easy to scale down (remove computers) if extensive processing is not needed.

Answer 206

A service provider makes computing resources and infrastructure management available to a customer as needed. The provider then charges the customer for its specific usage rather than a flat rate. Utility computing enables companies to efficiently meet fluctuating demands for computing power by lowering the costs of owning the hardware infrastructure.

Answer 207

Server virtualization uses software-based partitions to create multiple virtual servers— called virtual machines—on a single physical server

Answer 208

each server no longer has to be dedicated to a particular task

Answer 209

First, they do not have to buy additional servers to meet peak demand. •Second, they reduce their utility costs because they are using less energy.

Answer 210

Public Private Hybrid

Answer 211

Public clouds are shared, easily accessible, multicustomer IT infrastructures that are available nonexclusively to any entity in the general public (individuals, groups, and organizations). Public cloud vendors provide applications, storage, and other computing resources as services over the Internet. These services may be free or offered on a pay-per-usage model.

Answer 212

Private clouds/internal clouds/corporate clouds IT infrastructures that can be accessed only by a single entity or by an exclusive group of related entities that share the same purpose and requirements, such as all of the business units within a single organization. Private clouds provide IT activities and applications as a service over an intranet within an enterprise. Enterprises adopt private clouds to ensure system and data security. For this reason, these systems are implemented behind the corporate firewall.

Answer 213

Hybrid clouds are composed of public and private clouds that remain unique entities, but are nevertheless tightly integrated.

Answer 214

Multiple deployment models

Answer 215

security requirements, the mission-critical nature of the applications, and other company-established policies.

Answer 216

customers may need to maintain some of their data in a private cloud for security and privacy reasons while storing other, less-sensitive data in a public cloud because it is less expensive.

Answer 217

A vertical cloud is a set of cloud computing services optimized for use in a particular industry.

Answer 218

Construction business, •finance, or | •insurance businesses.

Answer 219

infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and software-as-a-service (SaaS).

Answer 220

Infrastructure to run software and store data With the IaaS model, cloud computing providers offer remotely accessible servers, networks, and storage capacity. They supply these resources on demand from their large resource pools, which are located in their data centres.

Answer 221

Platforms to develop applications

Answer 222

Software applications to process their data

Answer 223

IaaS customers are often technology companies with IT expertise. These companies want access to computing power, but they do not want to be responsible for installing or maintaining it. Companies use the infrastructure to run software or simply to store data. Think Shopify (www.shopify.ca) or Amazon

Answer 224

run existing applications and to develop and test new applications.

Answer 225

Underlying computing and storage resources automatically scale to match application demand. Operating system features can be upgraded frequently. Geographically distributed development teams can work together on software development projects. PaaS services can be provided by diverse sources located throughout the world. Initial and ongoing costs can be reduced by the use of infrastructure services from a single vendor rather than maintaining multiple hardware facilities that often perform duplicate functions or suffer from incompatibility problems.

Answer 226

Widely used, broad range

Answer 227

applications can run on as many servers as is necessary to meet changing demands.

Answer 228

Cloud computing has a positive impact on employees Cloud computing can save money Cloud computing can improve organizational flexibility and competitiveness

Answer 229

Legacy IT Systems: These systems cannot easily be transferred to the cloud because they must first be untangled and simplified. Reliability Privacy Security The Regulatory and Legal Environment European Union prohibits consumer data from being transferred to nonmember countries without the consumers’ prior consent and approval. Criminal Use of Cloud Computing The huge amount of information stored in the cloud makes it an attractive target for data thieves. Also, the distributed nature of cloud computing makes it very difficult to catch criminals.

Answer 230

Web services are applications delivered over the Internet (the cloud) that MIS profession- als can select and combine through almost any device, from personal computers to mobile phones

Answer 231

different systems to “talk” with one another | share data and services

Answer 232

service-oriented architecture (SOA).

Answer 233

* The organization can use the existing Internet infrastructure without having to implement any new technologies. * Organizational personnel can access remote or local data without having to understand the complexities of this process. * The organization can create new applications quickly and easily.

Answer 234

They can be employed in a variety of environments: over the Internet, on an intranet inside a corporate firewall, or on an extranet set up by business partners.

Answer 235

XML, SOAP, WSDL, and UDDI

Answer 236

Extensible markup language (XML): a computer language that makes it easier to exchange data among a variety of applications and to validate and interpret these data. Where HTML is limited to describing how data should be presented in the form of web pages, XML can present, communicate, and store data

Answer 237

HTML is a page-descrip- tion language for specifying how text, graphics, video, and sound are placed on a web page document.

Answer 238

Hypertext markup language

Answer 239

Simple object access protocol (SOAP) is a set of rules that define how messages can be exchanged among different network systems and applications through the use of XML. These rules essentially establish a common protocol that allows different web services to interoperate

Answer 240

The web services description language (WSDL) is used to create the XML document that describes the tasks performed by the various web services.

Answer 241

Universal description, discovery, and integration (UDDI) allows MIS professionals to search for needed web services by creating public or private searchable directories of these services.

Answer 242

A page-description language that makes it possible to embed images, audio, and video directly into a document without add-ons. Also makes it easier for web pages to function across different display devices, including mobile devices as well as desktops. It supports the storage of data offline.

Answer 243

Massive data centres, which may contain hundreds of thousands of networked computer servers.

Answer 244

Build machines that mimic human intelligence

Answer 245

Man and computer both pretend to be human and interviewer has to find real one

Answer 246

Hypothetical AI that matches or exceed human intelligence

Answer 247

NI: Perishable from an organizational point of view AI: Permanent

Answer 248

NI: Difficult, expensive, takes time AI: Easy, fast, and inexpensive

Answer 249

NI: Can be erratic and inconsistent, incomplete at times AI: Consistent and thorough

Answer 250

NI: Difficult, expensive AI: Fairly easy, inexpensive

Answer 251

NI: Can be very high AI: low, uninspired

Answer 252

NI: Direct and rich in possibilities AI: Must be interpreted first; limited

Answer 253

NI: Fast, easy to explain AI: Machine learning still not as good as people in most cases, but in some cases better than people

Answer 254

NI: Makes use of wide context of experiences AI: Good only in narrow, focused, and stable domains

Answer 255

performs a useful and specific function that once required human intelligence to perform, and does so at human levels or better (for example, character recognition, speech recognition, machine vision, robotics, data mining, medical informatics, automated investing, and many other functions).

Answer 256

- Advancements in chip technology - Big data - The internet and cloud computing - Improved algorithms

Answer 257

Recommendation systems, i.e. next up on youtube

Answer 258

Analyze data that traditional companies have collected and labeled in the past

Answer 259

Analyze additional data from smart devices and sensors

Answer 260

Integrate 1-3 and enable machines to sense and respond to the world around them i.e. autonomous cars

Answer 261

Expert systems (ESs) are computer systems that attempt to mimic human experts by apply- ing expertise in a specific domain. Expert systems can either support decision makers or com- pletely replace them.

Answer 262

- transferring domain expertise from human experts to expert system can be hard because humans can’t always explain how they know/what they know (not always aware of complete reasoning process) - even if domain experts can explain the reasoning process, automating it may not be possible (difficult to program all the possible decision paths in an expert system) - in some contexts, potential liability from use of expert systems, i.e. medical treatment

Answer 263

machine learning (ML) is the ability to accurately perform new, unseen tasks, built on known properties learned from training or historical data that are labelled.

Answer 264

Machine Learning

Answer 265

Deep learning is a subset of machine learning in which the system discovers new patterns without being exposed to labelled historical or training data

Answer 266

speech recognition, image recognition, natural language processing, drug discovery and toxicology, and customer relationship management.

Answer 267

A neural network is a set of virtual neurons or central processing units (CPUs) that work in par- allel in an attempt to simulate the way the human brain works, although in a greatly simplified form. The neural network assigns numerical values, or weights, to connections between the neurons.

Answer 268

1. Each layer of the neural network manages a different level of abstraction. 2. To process an image, the first layer is fed with raw images. 3. That layer notes aspects of the images such as the brightness and colors of individual pixels, and how those properties are distributed across the image. 4. The next layer analyzes the first layer’s observations into more abstract categories, such as identifying edges, shadows, and so on. 5. The next layer analyzes those edges and shadows, looking for combinations that signify features such as eyes, lips, and ears. 6. The final layer combines these observations into a representation of a face

Answer 269

DL automates much of the feature extraction piece of the process. Eliminates some of the manual human intervention. Enables the use of large data sets

Answer 270

Inputs, weights, bias/threshold, output

Answer 271

1. the first layer of processors learns the smallest unit of speech sound, called a phoneme. 2. The next layer finds combinations of sound waves that occur more often than they would by chance alone. 3. The next layer looks for combinations of speech sounds such as words, 4. and the final layer can recognize complete segments of speech.

Answer 272

Computer vision refers to the ability of information systems to identify objects, scenes, and activities in images. Computer vision applications are designed to operate in unconstrained environments.

Answer 273

Natural language processing refers to the ability of information systems to work with text the way that humans do. For example, these systems can extract the meaning from text and can generate text that is readable, stylistically natural, and grammatically correct.

Answer 274

Speech recognition focuses on automatically and accurately transcribing human speech. This technology must manage diverse accents, dialects, and background noise.

Answer 275

An intelligent agent is a software program that assists you, or acts on your behalf, in per- forming repetitive computer-related tasks. three types of agents: information agents, monitoring and surveillance agents, and user or personal agents.

Answer 276

Information agents search for information and display it to users. The best-known information agents are buyer agents. A buyer agent, also called a shop- ping bot, helps customers find the products and services they need on a website I.e. • The information agents for Amazon.com display lists of books and other products that customers might like, based on past purchases.

Answer 277

Monitoring and surveillance agents, also called predictive agents, constantly observe and report on some item of interest. I.e. • Monitoring and surveillance agents can watch your competitors and notify you of price changes and special offers

Answer 278

User agents, also called personal agents, take action on your behalf. I.e. • Check your email, sort it according to your priority rules, and alert you when high-value emails appear in your inbox.

Answer 279

Ethics refers to the principles of right and wrong that individuals use to make choices that guide their behaviour

Answer 280

``` Utilitarian Rights Fairness Common good Deontology ```

Answer 281

an ethical action is the one that provides the most good or does the least harm

Answer 282

an ethical action is the one that best protects and respects the moral rights of the affected parties. (who has what right? Can we list them all and agree upon them?)

Answer 283

ethical actions treat all humans equally, or if unequally, then fairly, based on some defensible standard (all humans are equal)

Answer 284

respect and compassion for all others is the basis for ethical actions. (welfare for everyone, free education for all)

Answer 285

morality of an action is based on whether that action itself is right or wrong under a series of rules - not based on consequences of the action (forget about self-defense)

Answer 286

* Responsibility means that you accept the consequences of your decisions and actions. * Accountability refers to determining who is responsible for actions that were taken. * Liability is a legal concept that gives individuals the right to recover the damages done to them by other individuals, organizations, or systems

Answer 287

1. Recognize an ethical issue • Could this decision or situation damage someone or some group? • Does this decision involve a choice between a good and a bad alternative? • Is this issue about more than what is legal? If so, how? 2. Get the facts • What are the relevant facts of the situation? • Do I know enough to make a decision? • Which individuals and/or groups have an important stake in the outcome? • Have I consulted all relevant persons and groups? 3. Evaluate alternative actions • Which option will produce the most good and do the least harm? (the utilitarian approach) • Which option best respects the rights of all stakeholders? (the rights approach) • Which option treats people equally or proportionately? (the fairness approach) • Which option best serves the community as a whole, and not just some members? (the common good approach) 4. Make a decision and test it • Considering all the approaches, which option best addresses the situation? • Act and reflect on the outcome of your decision • How can I implement my decision with the greatest care and attention to the concerns of all stakeholders? • How did my decision turn out, and what did I learn from this specific situation?

Answer 288

1. Identify an ethical issue • What are the different issues that give rise to this ethical issue? • What are the values of the individuals or organizations underlying this ethical issue? • Is there a possibility of action to resolve the ethical issue? 2. Purpose and choice • What personal choices do you have in reacting to this ethical issue? • What is your most appropriate professional choice, being guided by professional rules, and what would be a “good” choice? 3. Stakeholder analysis • Who is affected by the ethical issue? • How are they affected, considering if I do give voice to resolving the issue? • How are they affected, considering if I do not give voice to resolving the issue? • How can I connect with the stakeholders to best deal with the ethical issue? 4. Powerful response • Who is my audience? • What types of things could I say to provide a response to the ethical issue? • What are some inhibiting arguments that would prevent me from acting? • What could I say in response to the inhibiting arguments (called an enabling argument)? • What external arguments (called levers) support my enabling arguments? • What external research supports or refutes my arguments? 5. Scripting and coaching • What words (script) could I use when talking about the ethical issue? (consider both positive and negative responses) • Who can I practise with? • How would I approach my audience to provide the best opportunity for discussing the ethical issue?

Answer 289

Privacy issues involve collecting, storing, and disseminating information about individuals. 2. Accuracy issues involve the authenticity, fidelity, and correctness of information that is col- lected and processed. 3. Property issues involve the ownership and value of information. 4. Accessibility issues revolve around who should have access to information and whether they should pay a fee for this access.

Answer 290

What information about oneself should an individual be required to reveal to others? What kinds of surveillance can an employer use on its employees? What types of personal information can people keep to themselves and not be forced to reveal to others? What information about individuals should be kept in databases, and how secure is the information there?

Answer 291

Who is responsible for the authenticity, integrity, and accuracy of the information collected? How can we ensure that the information will be processed properly and presented accurately to users? How can we ensure that errors in databases, data transmissions, and data processing are accidental and not intentional? Who is to be held accountable for errors in information, and how should the injured parties be com- pensated?

Answer 292

Who owns the information? What are the just and fair prices for its exchange? How should we handle software piracy (illegally copying copyrighted software)? Under what circumstances can one use proprietary databases? Can corporate computers be used for private purposes? How should experts who contribute their knowledge to create expert systems be compensated? How should access to information channels be allocated?

Answer 293

Who is allowed to access information? How much should companies charge for permitting access to information? How can access to computers be provided for employees with disabilities? Who will be provided with the equipment needed for accessing information? What information does a person or an organization have a right to obtain, under what conditions, and with what safeguards?

Answer 294

privacy is the right to be left alone and to be free of unreasonable personal intru- sions

Answer 295

Information privacy is the right to determine when, and to what extent, information about you can be gathered or communicated to others.

Answer 296

a collection of principles that are intended to guide decision making by members of an organization.

Answer 297

individuals, groups, and institutions.

Answer 298

Right of privacy is not absolute. Your privacy must be balanced against the needs of society. Public’s right to know supersedes the individual’s right of privacy.

Answer 299

an electronic profile of you and your habits.

Answer 300

The process of forming a digital dossier

Answer 301

Using technology to monitor individuals as they go about their daily routines

Answer 302

Process of gathering data and presenting it in a h | summarized format.

Answer 303

Privacy policies or privacy codes are an organization’s guidelines for protecting the privacy of its customers, clients, and employees.

Answer 304

The opt-out model of informed consent permits the company to collect personal information until the customer specifically requests that the data not be collected.

Answer 305

Privacy advocates prefer the opt-in model of informed consent, which prohibits an organization from collecting any personal information unless the customer specifically authorizes it.

Answer 306

Data Aggregators collect public and non-public data (e.g. social insurance numbers and financial data) then integrate these data to form digital dossiers on most adults in North America.

Answer 307

Data collection Data accuracy Data confidentiality

Answer 308

Codify requirements for employees Provide a standard set of procedures Protect organizations from litigation Can be used as a measurement tool if disciplinary action is required

IS FINAL Flashcards

(347 cards)