Itm 6015 Final Exam Practice
Settings
-
+
- 1.Which of the following is a type of control that is used to ensure the development of a high quality, reliable information system?
- A.
Methodology standards
- B.
System testing
- C.
System backup
- D.
All of the above
- 2.Why is it important for a system analyst to document formal as well as informal systems within an organization?
- A.
Informal systems are always less efficient.
- B.
The usage of an informal system by users means that the formal system is deficient in some way and users have designed ways to work around it.
- C.
Informal systems require natural language processing, but formal systems do not.
- D.
All of the above
- 3.System testing only occurs when systems are initially developed.
- A.
True
- B.
False
- 4.
- A.
Component
- B.
Environment
- C.
Storage
- D.
Interface
- 5.Using a sales tracking system as an example, the customer orders and customer returns of goods are examples of which type of system components?
- A.
Outputs
- B.
Inputs
- C.
Storage
- D.
Memory
- 6.Using a payroll system as an example, paychecks and W-2 forms are examples of which of the following system elements?
- A.
Outputs
- B.
Inputs
- C.
Storage
- D.
Memory
- 7.In basic systems terminology, the process of breaking down a system into successive levels of subsystems is called:
- A.
Functional analysis.
- B.
Factoring.
- C.
Interfacing.
- D.
Hierarchical decomposition.
- 8.A numerical digit based on the other digits within a numerical identifier is referred to as a:
- A.
ITIL rule.
- B.
Check digit.
- C.
Lottery number.
- D.
None of the above
- 9.Which of the following is an example of a goal of hierarchical decomposition?
- A.
To take advantage of the simplicity of a system
- B.
To analyze or change only part of the system
- C.
To design and build each subsystem at the same time
- D.
To increase the interdependence of the system components
- 10.Which of the following is not an example of a principal method for system decoupling?
- A.
Slack resources to provide alternative paths
- B.
Usage of standards
- C.
Sharing data stores
- D.
Benchmarking
- 11.A physical system description depicts ________ the system operators, while a logical system description depicts ________ the system does.
- A.
How; what
- B.
How; why
- C.
What; how
- D.
Why; what
- 12.
- A.
Functional system description
- B.
Logical system description
- C.
Physical system description
- D.
Network system description
- 13.Which is a basic principle of business process reengineering (BPR) suggested by Hammer ?
- A.
Integrating information processing into the work that produces the information
- B.
Building reengineering efforts around legacy systems
- C.
Developing parallel processes for redundancy
- D.
Escalating decision-making up an organizational hierarchy
- 14.As defined in the textbook, the generic systems development life cycle consists of the following three phases:
- A.
Requirements, design, and implementation.
- B.
Definition, construction, and implementation.
- C.
Specifications, development, and installation.
- D.
Feasibility analysis, testing, and maintenance.
- 15.Which of the following best describes the definition phase of the systems life cycle?
- A.
The system is functionally designed, and then its physical design is specified.
- B.
The new system is installed.
- C.
Business and systems professionals document systems needs and feasibility.
- D.
Data and procedures from the old system are converted.
- 16.
- A.
The system is functionally designed, and then its physical design is specified.
- B.
The new system is installed.
- C.
Business and systems professionals document systems needs and feasibility.
- D.
Data and procedures from the old system are converted.
- 17.Which of the following describes an early step in the implementation phase of the systems life cycle?
- A.
The system is detailed functionally, and then its physical design is specified.
- B.
Programs and computer files are designed.
- C.
Operational feasibility is conducted.
- D.
Data and procedures from the old system are converted.
- 18.Procedural-oriented approaches to systems design first involve the:
- A.
Logical To-Be model.
- B.
As-Is model.
- C.
Physical To-Be model.
- D.
Want-To-Be model.
- 19.When a physical model of a system is depicted with a diagram, cylinders are used to represent:
- A.
Major modules.
- B.
Databases.
- C.
Data flows.
- D.
Processes.
- 20.Which of the following technique is most closely associated with the Logical To-Be model?
- A.
Work process flow diagram
- B.
Context diagram
- C.
Data flow diagram
- D.
Swimming lane diagram
- 21.
- A.
Sender
- B.
Process
- C.
Data flow
- D.
Data store
- 22.When developing a logical data flow diagram, a circle indicates:
- A.
An element in the environment of the system that sends or receives data.
- B.
Data in motion.
- C.
Data at rest.
- D.
A process component.
- 23.When developing a logical data flow diagram, a rectangle (or open rectangle) indicates:
- A.
Data at rest.
- B.
Data in motion.
- C.
An element in the evironment of the system that sends or receives data.
- D.
A process component.
- 24.The most common approach to defining data elements in a DFD is to create a(n):
- A.
Data at rest.
- B.
Data dictionary/directory.
- C.
Process.
- D.
External entity.
- 25.All of the following are tools for representing the Logical To-Be model of an information system except a(n):
- A.
Program chart.
- B.
Data dictionary.
- C.
Entity-relationship diagram.
- D.
Data flow diagram.
- 26.In the object-oriented (O-O) approach to software engineering, the term "encapsulation" refers to:
- A.
Sharing commonalities between classes of objects.
- B.
A relationship between a generalized object class and one or more specialized classes.
- C.
Storing data and related operations together within objects.
- D.
The reusability of objects across a wide variety of applications.
- 27.
- A.
Class diagram
- B.
Context diagram
- C.
Sequence diagram (to capture messages)
- D.
Use Case diagram
- 28.
- A.
Each program is tested individually and in combination with other programs.
- B.
The results from processing typical and atypical inputs are examined.
- C.
Users are involved in the system testing.
- D.
Validation rules and calculations are checked.
- 29.What set of international guidelines includes an extensive set for implementation management practices against which firms can benchmark their own practices?
- A.
CCM
- B.
COSO
- C.
ITIL
- D.
None of the above
- 30.Controls for the validity of data entered into an application program (such as ensuring that only numbers are entered into a numeric field) are referred to as:
- A.
Batch totals.
- B.
Encryption rules.
- C.
Access privileges.
- D.
Edit rules.
- 31.Security measures that are concerned with whether or not users can run an application, read a file, or change data in a database, or can change who can access to data that others have created are referred to as:
- A.
Logical access controls.
- B.
Physical access controls.
- C.
Backup procedures.
- D.
Audit trails.
- 32.One of the fundamental principles of systems analysis and design (SA&D) is that the logical system should be described before the physical system.
- A.
True
- B.
False
- 33.In general, the term "system" is defined as a set of interrelated components that must work together to achieve some common purpose.
- A.
True
- B.
False
- 34.The SDLC phase that typically requires the greatest percentage of the total cost for a custom development project is the ________ phase.
- A.
Definition
- B.
Construction
- C.
Implementation
- D.
Final
- 35.During the feasibility analysis phase of the SDLC, which of the following types of feasibility is not assessed?
- A.
Economic
- B.
Operational
- C.
Time-driven
- D.
Technical
- 36.
- A.
End user
- B.
Business manager
- C.
IS analyst
- D.
Both B and C
- 37.The ________ approach to systems development has often been referred to as the "waterfall" model.
- A.
SDLC
- B.
Prototyping
- C.
RAD
- D.
XP
- 38.Deciding what hardware and systems software will be used to operate the system and defining the processing modules that will comprise the system are part of which SDLC step?
- A.
System building
- B.
Requirements definition
- C.
System design
- D.
Feasibility analysis
- 39.Testing a new custom system before implementation is the responsibility of:
- A.
Both users and IS analysts.
- B.
Users only.
- C.
IS analysts only.
- D.
Independent third parties.
- 40.Which of the following accurately describes the order in which a system is tested?
- A.
Module testing, subsystem testing, integration testing, acceptance testing
- B.
Subsystem testing, acceptance testing, integration testing, module testing
- C.
Acceptance testing, integration testing, subsystem testing, module testing
- D.
Module testing, integration testing, subsystem testing, acceptance testing
- 41.A conversion strategy whereby an organization continues to operate the old system together with the new one for one or more cycles, until the new system is working properly and the old system can be discontinued, is called a:
- A.
Pilot strategy.
- B.
Phased strategy.
- C.
Cutover strategy.
- D.
Parallel strategy.
- 42.A conversion strategy whereby the new system is first implemented in only part of the organization to solve any problems before implemented in the rest of the organization is called a:
- A.
Pilot strategy.
- B.
Phased strategy.
- C.
Cutover strategy.
- D.
Parallel strategy.
- 43.
![]()
The following diagram depicts which of the following conversion strategies?- A.
Parallel strategy
- B.
Phased strategy
- C.
Pilot strategy
- D.
Entrepreneurial strategy
- 44.
![]()
The following diagram depicts a cutover conversion strategy. Which of the following best characterizes this type of conversion strategies?- A.
Costly
- B.
Time consuming
- C.
Risky
- D.
All of the above
- 45.The percentage of resources devoted to the maintenance of a system:
- A.
Generally increases over time.
- B.
Generally decreases over time.
- C.
Generally stays about the same over time.
- D.
Is variable depending on the system.
- 46.Which of the following is not typically the responsibility of an IT project manager?
- A.
Approve funds for the project
- B.
Oversee multiple project phases
- C.
Determine how long each development task will take
- D.
Form a project team with appropriate knowledge and skills
- 47.Which of the following best describes a responsibility of a systems analyst?
- A.
Ensure the promised benefits of a system are achieved
- B.
Develop detailed system requirements
- C.
Train users
- D.
All of the above
- 48.
- A.
Develop initial prototype
- B.
Use prototype and note desired changes
- C.
Revise and enhance prototype
- D.
Assist with converting the prototype to an operational system
- 49.
- A.
Only basic system requirements are needed at the front-end of the project.
- B.
End-prototype typically has more security and control features than a system developed with an SDLC process.
- C.
Strong top-down commitment may be less necessary at the outset of the project.
- D.
User acceptance is likely to be higher than with a system developed using an SDLC process.
- 50.
- A.
Firms use the approach to explore the use of newer technologies.
- B.
Documentation is less complete than with traditional systems development approaches.
- C.
Less security and control features are incorporated than with traditional SDLC approach.
- D.
All of the above
- 51.When prototyping is incorporated into a traditional SDLC approach, it is most commonly included as part of which of the following steps?
- A.
Requirements definition
- B.
Feasibility analysis
- C.
System design
- D.
System building
- 52.
- A.
To establish and demonstrate basic concepts of the new system and to get buy-in from key stakeholders
- B.
To demonstrate the technical feasibility of the new system
- C.
To test a complex system
- D.
Both A and B
- 53.
- A.
RAD
- B.
Piloting
- C.
JAD
- D.
CASE
- 54.A software tool used to automate one or more steps of a software development methodology is referred to as:
- A.
RAD.
- B.
Piloting.
- C.
JAD.
- D.
CASE.
- 55.All of the following are considered advantages to using RAD methodology, except:
- A.
Dramatic savings in development time.
- B.
System quality much higher than with SDLC.
- C.
Focuses on essential system requirements.
- D.
Ability to rapidly change system design at user request.
- 56.
- A.
The system requirements do not have to be explained to an IS analyst.
- B.
If the system is a high priority for a business unit, it does not have to compete with other business units for IS personnel to work on it.
- C.
Business managers have more control over the development costs for the application.
- D.
All of the above
- 57.
- A.
A similar application may already exist in another business unit, so it could be a redundant effort.
- B.
Users typically pay more attention to system controls for ensuring data quality and security, and therefore development costs are higher.
- C.
It is common for user developers to change jobs.
- D.
User-developed systems are frequently less well documented.
- 58.What three characteristics should be evaluated by organizations when choosing whether or not to have a non-IS professional develop a new application?
- A.
Application, development tool, and telecommunications characteristics
- B.
Training classes attended by user, IS professional certifications, security issues
- C.
Application, development tool, and developer characteristics
- D.
Number of years developer has been in the organization, the application size, and the cost of the development tool
- 59.
- A.
The number of users of the application
- B.
The potential impact on operations or decisions based on the application
- C.
The average age of the developer
- D.
Both A and B
- 60.A common shortcoming of user-developed applications is:
- A.
Inadequate system testing.
- B.
Inadequate knowledge of the business problem.
- C.
The usage of a prototyping methodology.
- D.
Too much time spent on documenting the system.
- 61.Which of the following is not a characteristic of eXtreme Programming (XP)?
- A.
It is a one type of so-called agile approaches to systems development
- B.
Programmers write code in pairs and test their own code
- C.
Both definition and construction tasks are accomplished together
- D.
It works best when developing large-scale, complex transaction processing systems
- 62.The agile method that emphasizes independent project teams, coordination and communication between and within teams with lots of team meetings, iterative and continuous monitoring of work, team ownership of the final product is called:
- A.
XML.
- B.
RAD.
- C.
Scrum.
- D.
JAD.
- 63.
- A.
Communicate frequently
- B.
Closely monitor and manage the work of the outsourcer's staff
- C.
Create a centralized project management office
- D.
Hire offshore legal expertise for writing contracts
- 64.The parallel strategy of installing a new system is the riskiest method of installation because the old system is abandoned as soon as the new system is implemented.
- A.
True
- B.
False
- 65.The Construction phase of the SDLC involves installation and operations of the new system.
- A.
True
- B.
False
- 66.The SDLC methodology is the best methodology when an application needs to be quickly developed.
- A.
True
- B.
False
- 67.Agile methodologies are especially useful for developing smaller systems rather than largescale transaction processing applications.
- A.
True
- B.
False
- 68.A type of testing where the objective is to make sure that the system performs reliably and does what it is supposed to do in a user environment is referred to as user acceptance testing.
- A.
True
- B.
False
- 69.When a change made to one part of a system results in unexpected changes to another part of the system, it is commonly referred to as a ripple effect.
- A.
True
- B.
False
- 70.Some consultants have claimed that up to one-third of all spreadsheets contain errors, which can include mechanical errors (typos), errors in logic, as well as errors in omission.
- A.
True
- B.
False
- 71.When considering the purchase of a major software application, managers need to also consider the following potential downside:
- A.
It is typically more expensive than custom development.
- B.
The package seldom totally fits the company's needs.
- C.
It takes much longer to implement because of the software's complexity.
- D.
There is no documentation.
- 72.Which statement is not true about using an ASP purchasing option?
- A.
The purchasing organization does not purchase software licenses or install the software on its own equipment.
- B.
A 3rd-party organization delivers the software functionality via the Internet.
- C.
The purchasing organization typically pays to the ASP the up-front costs for the software licenses for all potential users.
- D.
Because the software is typically already installed on the ASP's host computer, the implementation is typically faster.
- 73.If an organization purchases a software package and does not modify or add to the package in-house, the construction phase then is often limited to which step?
- A.
System design
- B.
System building
- C.
System testing
- D.
Feasibility analysis
- 74.When comparing a traditional SDLC and a purchasing life cycle methodology, which step is found in a modified SDLC approach but not in a traditional SDLC?
- A.
Feasibility analysis
- B.
Requirements definition
- C.
Establish evaluation criteria
- D.
System testing
- 75.When purchasing a software package, a successful definition phase ends with a(n):
- A.
System testing plan.
- B.
Vendor contract.
- C.
System design.
- D.
RFP.
- 76.Being an Alpha site usually means that the client company:
- A.
Does not need to create a requirements definition.
- B.
Plays a significant role in user acceptance testing for the vendor.
- C.
Performs all necessary maintenance on the package.
- D.
Plays a significant role in determining the functionality of the package.
- 77.Being a Beta site usually means that the company:
- A.
Does not need to create a requirements definition.
- B.
Plays a significant role in user acceptance testing for the vendor.
- C.
Performs all necessary maintenance on the package.
- D.
Plays a significant role in determining the functionality of the package.
- 78.The requirements definition for a purchased system is ________ detailed than the requirements used to build a prototype, and ________ detailed than the requirements needed to design a custom system.
- A.
More, less
- B.
Less, more
- C.
More, more
- D.
Less, less
- 79.
- A.
Functional capabilities of the packaged system
- B.
Technical requirements the software must satisfy
- C.
Business characteristics of the vendor firm
- D.
All of the above
- 80.The acronym RFP stands for:
- A.
Request for proposal.
- B.
Requirement for program.
- C.
Review of product.
- D.
Request for product.
- 81.In addition to evaluating the vendors' responses from the formal RFP process, what other type of data collection for a leading candidate package is recommended?
- A.
Software demonstration of the package
- B.
References from users of the software package in other companies
- C.
In-house user acceptance test results
- D.
Both A and B
- 82.When matching a company's needs with the capabilities of a software package, an alternative to address a mismatch is:
- A.
Modify the software package.
- B.
Change business procedures to match the software.
- C.
Both A and B
- D.
None of the above
- 83.Which of the following statements about choosing alternative packages is false?
- A.
It is likely that there will be discrepancies between the organization's needs and the package's capabilities.
- B.
If modifications are made to a package, it will not impact what modifications may need to be made when the vendor releases an upgraded version of the package.
- C.
Procedural assumptions incorporated into a package may be better ways of doing things than the company's current procedures.
- D.
None of the above
- 84.A contract with a vendor usually does not include:
- A.
Number of licenses.
- B.
Payment schedule.
- C.
Feasibility analysis.
- D.
Software specifications.
- 85.With a cost-reimbursement type of contract, the greatest risk is assumed by:
- A.
The purchasing company.
- B.
The vendor.
- C.
Both the purchasing company and the vendor.
- D.
Neither the purchasing company nor the vendor.
- 86.With a fixed-price contract, the greatest risk is typically assumed by:
- A.
The purchasing company.
- B.
The vendor.
- C.
Both the purchasing company and the vendor.
- D.
Neither the purchasing company nor the vendor.
- 87.Options for modifying the code of a purchased package include:
- A.
A contract with the vendor.
- B.
A contract with a third party.
- C.
Obtaining the source code from the vendor.
- D.
All of the above
- 88.Which of the following is a factor that can affect the success of the installation plan for a purchased package?
- A.
Vendor support before the installation
- B.
Vendor support after Go Live
- C.
The number of different business units implementing the software and their locations
- D.
All of the above
- 89.A change management program as part of an IT project is used to:
- A.
Convert data to useable form.
- B.
avoid resistance by business users to a new system being implemented.
- C.
Help with personnel shifts in a company.
- D.
Negotiate a contract.
- 90.
- A.
Installation planning
- B.
Data cleanup
- C.
Acceptance testing
- D.
User Training
- 91.
- A.
The vendor may go out of business before the client wishes to stop using the system.
- B.
Vendors continue to support all prior versions of a package.
- C.
New versions of a system may include undesired changes.
- D.
A well-designed contract with a vendor can result in considerable cost avoidance over the life of the system.
- 92.
- A.
Business unit representatives who will use the system
- B.
Attorneys
- C.
Purchasing specialists
- D.
All of the above
- 93.If extensive changes in business processes and procedures are needed to effectively implement the purchased software, business managers are typically asked to take the role of:
- A.
Attorney.
- B.
Project manager.
- C.
Purchasing specialist.
- D.
All of the above
- 94.Successful implementation of a purchased software package typically depends upon:
- A.
How much the package costs.
- B.
Being a Beta site for the vendor.
- C.
How well the Definition phase was conducted.
- D.
All of the above
- 95.A primary advantage of purchasing an existing software package rather than developing a custom application is:
- A.
Being the first to test the system.
- B.
Less time needed for the implementation phase.
- C.
An application that takes into account unique organizational needs.
- D.
IS people resources can be dedicated to projects for systems that can't be purchased.
- 96.
- A.
Infusion of external expertise
- B.
IS resources freed up for other projects
- C.
Higher application quality
- D.
Both A and C
- 97.Which is not a potential disadvantage of purchasing packaged systems?
- A.
Costs more than if custom developed (in-house or contractor)
- B.
) IS and business personnel's lack of detailed knowledge about how the package works
- C.
Dependence on an external vendor
- D.
Dependence on an external vendor
- 98.Which of the following statements about purchasing enterprise system packages is false?
- A.
ERP systems require training on how to write interfaces and queries.
- B.
A risk of purchasing ERP systems is the dependence on a single vendor for all core business processes.
- C.
ERP systems typically involve a lot of custom interfaces to legacy systems.
- D.
ERP systems are very expensive to purchase.
- 99.
- A.
Project leaders should have prior experience with large scale systems.
- B.
Third party consultants should transfer their knowledge, not just implement.
- C.
Top management should be engaged in the project to ensure managerial buy-in.
- D.
The ERP system should be customized to match current business processes.
- 100.
- A.
Complete documentation for the software is freely available.
- B.
The acquisition cost is the same for one copy or thousands of copies.
- C.
The source code can be modified to add new features.
- D.
The organization is not dependent on one vendor or proprietary code.
- 101.An RFP should be sent to as many vendors as possible.
- A.
True
- B.
False
- 102.When there are discrepancies between a package's capabilities and a company's needs, the only way to deal with the discrepancies is by modifying the package.
- A.
True
- B.
False
- 103.Employee training is part of the installation step of the SDLC.
- A.
True
- B.
False
- 104.Choosing between building a custom application and purchasing a software package is called a make-or-buy decision.
- A.
True
- B.
False
- 105.For large enterprise system packages, it is common for companies to contract with a consulting firm, called a third-party implementation partner, to provide installation and maintenance support.
- A.
True
- B.
False
- 106.A company that elects to use a "hosted" application rather than to purchase the software application and host it on its own equipment, is making use of a(n) application service provider (or ASP).
- A.
True
- B.
False
- 107.Open source software is well-suited for very specialized applications and business processes.
- A.
True
- B.
False
- 108.
- A.
Conflict management
- B.
Managing project communications
- C.
Risk management
- D.
Integration management
- 109.Applying knowledge, skills, tools, and techniques to a broad range of activities in order to meet the requirement of a particular project is called:
- A.
Project management.
- B.
Life-cycle management.
- C.
Change management.
- D.
Program management.
- 110.
- A.
Scope
- B.
Time
- C.
Procurement (including contract management)
- D.
Cost
- 111.A key deliverable for the initiation phase of a project is the:
- A.
Technical feasibility study.
- B.
Project charter.
- C.
Gantt chart.
- D.
Work breakdown analysis.
- 112.The organizational unit responsible for ensuring that standard approaches to project management are utilized across projects is called the:
- A.
Program Management Office.
- B.
PMI.
- C.
Portfolio Management Team.
- D.
Project Oversight Committee.
- 113.Using the scheme proposed by Denis et al (2004) for prioritizing systems projects, which statement is true?
- A.
Absolute Must and Highly Desired/Business-Critical projects are typically funded in the year submitted.
- B.
Wanted projects with an ROI greater than 12 months are never funded.
- C.
Nice to Have projects are typically outsourced.
- D.
All of the above
- 114.
- A.
Expected business benefits
- B.
Initial development costs
- C.
Ongoing costs for operations and maintenance
- D.
All of the above
- 115.What major component belongs to project planning?
- A.
Project scheduling
- B.
Project budgeting
- C.
Project staffing
- D.
All of the above
- 116.A project sponsor usually participates in which of the following activities associated with a new project?
- A.
Development of the initial project proposal
- B.
An assessment of the detailed system design
- C.
Ensuring resources are available for the project team
- D.
Both A and C
- 117.The function of the project champion is usually held by:
- A.
The company's CIO.
- B.
An influential business manager in the company.
- C.
The company's CSO.
- D.
An outside consultant.
- 118.The process of identifying the phases and sequence of tasks that need to be accomplished to meet a project's goals is known as:
- A.
Timeboxing.
- B.
Work breakdown analysis.
- C.
Project scheduling.
- D.
Milestone analysis.
- 119.A common pitfall in developing a master schedule for a project is a failure to:
- A.
Understand the interdependencies among project tasks and subtasks.
- B.
Identify all of the project tasks and subtasks.
- C.
Correctly estimate the number of resources needed to complete the tasks.
- D.
Correctly estimate the total time needed to complete all tasks.
- 120.
- A.
Cost elements are estimated only at the lowest task level.
- B.
Cost elements are estimated using the last project after adjusting for inflation.
- C.
Cost elements are aggregated from subordinate tasks.
- D.
None of the above
- 121.According to Frame (1994), which of the following is not a trap that inexperienced cost estimators fall into?
- A.
They are too optimistic about what is needed to do the job.
- B.
They tend to leave components out that should be estimated.
- C.
They do not use a consistent estimation methodology.
- D.
They do not rely on historical project costs.
- 122.According to Frame (1994), which of the following is not a trap that inexperienced cost estimators fall into?
- A.
They are too optimistic about what is needed to do the job.
- B.
They tend to leave components out that should be estimated.
- C.
They do not use a consistent estimation methodology.
- D.
They do not rely on historical project costs.
- 123.When planning projects, what is a recommended practice?
- A.
Conservative estimates
- B.
Control mechanisms focused on greatest project uncertainties
- C.
Control mechanisms focused on organizational vulnerabilities
- D.
All of the above
- 124.A project charter describes:
- A.
The project's broad objectives, but not its intended scope.
- B.
Any unknown constraints.
- C.
The estimated project benefits.
- D.
All of the above
- 125.The project management chart that graphically models the sequence of project tasks and their interrelationships using a flowchart diagrams is called a:
- A.
Gantt chart.
- B.
PERT chart.
- C.
Work breakdown.
- D.
Project charter.
- 126.
- A.
Gantt chart
- B.
PERT chart
- C.
Work breakdown
- D.
Project charter
- 127.According to Kappelman et al. (2006), which is one of the people-related early warning signs of IT project failure?
- A.
Inadequate business stakeholder involvement or participation in the project
- B.
Subject matter experts (SMEs) in the business are overscheduled
- C.
Both A and B
- D.
None of the above
- 128.Which of the following is a risk management task?
- A.
Risk identification
- B.
Risk assessment
- C.
Risk monitoring
- D.
All of the above
- 129.The highest level of project risk typically occurs at what stage of a project's life?
- A.
During the beginning of a project
- B.
After the planning stage
- C.
During the execution and control stage
- D.
None of the above
- 130.
- A.
Assigning the best human resources available to reduce a specific type of project risk
- B.
Choosing an alternative technical approach to avoid risk exposure
- C.
Subcontracting a specific deliverable to a third-party
- D.
All of the above
- 131.According to Keil and Robey (1999), a common pitfall in monitoring the risks of a project already underway is:
- A.
Relying too heavily on the use of consultants.
- B.
Failing to increase the resources working on the project.
- C.
Ignoring negative feedback.
- D.
All of the above
- 132.According to Markus (1983), resistance to the implementation of a new information system is commonly due to:
- A.
The complexity of the new system.
- B.
The selected hardware.
- C.
Changes in the managerial power structure due to the new system.
- D.
Fear of computers.
- 133.Which of the following is not one of the three stages of the Lewin/Schein change model?
- A.
Unfreezing stage
- B.
Moving stage
- C.
Refreezing stage
- D.
Transitioning stage
- 134.
- A.
Who did something wrong?
- B.
What went wrong on this project, not what went right?
- C.
What could the project leaders have done differently?
- D.
All of the above
- 135.Which of the following is a major change management activity associated with successful IT projects?
- A.
Communications about the project to all affected employees
- B.
Training on the system and process changes
- C.
The need for incentives to key team members
- D.
All of the above
- 136.Virtual teamwork introduces IT project risk due to which of the following factors?
- A.
Differences in communication norms across working groups
- B.
Unfamiliarity with a team member's culture
- C.
Lack of trusting relationships across team members
- D.
All of the above
- 137.The project champion is a business manager who has high credibility as an organizational spokesperson among the user community, and is successful at communicating the business vision and project benefits.
- A.
True
- B.
False
- 138.A PERT (or CPM) chart graphically depicts the estimated times for each project task against a horizontal time line, for displaying a project schedule and for tracking the progress of a set of tasks against the project plan.
- A.
True
- B.
False
- 139.Additional project management skills are needed when using offsite and offshore resources for new application development.
- A.
True
- B.
False
- 140.Greater changes in business processes are associated with "vanilla" implementations of software packages.
- A.
True
- B.
False
- 141.Some organizations have found the use of red-yellow-green (traffic light) symbols effective in communicating problem areas to project oversight committees.
- A.
True
- B.
False
- 142.
- A.
876,000
- B.
4.2 million
- C.
16.7 million
- D.
1 billion
- 143.When a web site mimics a legitimate site for the purpose of misleading or defrauding an Internet user, it is called:
- A.
Identity theft.
- B.
Illegal spam e-mail
- C.
Spoofing.
- D.
Phishing.
- 144.Hackers can be differentiated from crackers by:
- A.
The types of targets they select.
- B.
The tools that they use.
- C.
Their level of malicious intent.
- D.
Whether they are internal or external to the target organization.
- 145.
- A.
Business managers
- B.
Managers who only work on IT applications
- C.
The CSO
- D.
None of the above
- 146.Research has shown that an organization's inability to return to normal business activities after a major disruption is a key predictor of:
- A.
Business survival.
- B.
Business renewal.
- C.
Business growth.
- D.
Business start.
- 147.
- A.
The organization's computing resources (hardware, software, network services) are company property.
- B.
An employee does not have privacy rights to their usage of these computing resources.
- C.
Specific types of computing behavior are prohibited by federal or state laws.
- D.
All of the above.
- 148.What is just beginning to be addressed in organizations' acceptable-use policies?
- A.
Usage of social media
- B.
Usage of emails
- C.
Usage of external websites
- D.
None of the above
- 149.
- A.
Assign a person or persons to be responsible for HIPAA compliance
- B.
Decide whether or not to comply with HIPAA
- C.
Take out HIPAA compliance insurance
- D.
All of the above
- 150.
- A.
Cyber terrorists
- B.
Computer felons
- C.
Hackers
- D.
Crackers
- 151.Why is it difficult for companies to manage their e-mail on their own private subnets?
- A.
Individuals within organizations can make copies and save them.
- B.
Individuals can forward copies to others.
- C.
Individuals do not completely remove them from their storage devices.
- D.
All of the above
- 152.Determining a Return Benefit for a specific security action is based on which of the following?
- A.
Annualized Expected Losses and Annualized Cost of Actions
- B.
Benefits of remote PC access
- C.
Electronic records management
- D.
None of the above
- 153.What are sources to use to calculate a single loss expectancy as part of a risk assessment?
- A.
Historical experiences of the organization
- B.
Industry averages
- C.
Recent incidents only (typically the past 6 months)
- D.
Both A and B
- 154.
- A.
The CEO
- B.
The CFO
- C.
The CSO
- D.
The CIO
- 155.
- A.
Risk Assessment
- B.
Monitoring
- C.
Control Environment.
- D.
All of the above
- 156.
- A.
Financial Privacy Rule
- B.
Credit Information Rule
- C.
Safeguards Rule
- D.
None of the above
- 157.
- A.
Significantly strengthens
- B.
Significantly weakens
- C.
Has no effect
- D.
None of the above
- 158.What are some of the benefits to organizations with written privacy policies?
- A.
Justification for quickly removing employees who behave improperly.
- B.
Compliance with one part of SOX.
- C.
Better ability to be insured.
- D.
All of the above
- 159.
- A.
Access Control Policies (e.g., password controls)
- B.
External Access Policies (e.g., accessing the Web and Internet)
- C.
Usage of Social Security Number Policies. (e.g., whether it is an identifier)
- D.
Acceptable Use Policies (e.g., usage of organization's computer resources)
- 160.Putting plans in place to ensure that employees and business processes can continue when faced with any major unanticipated disruption is called:
- A.
Business Contingency Planning.
- B.
Disaster Recovery Planning.
- C.
Business Continuance Planning.
- D.
Business Continuity Planning.
- 161.
- A.
Managers must determine what their real information assets are and assign values and priorities for them.
- B.
Managers must determine how long the organization can function without a specific information asset.
- C.
Departmental managers and the owners of the information assets need to develop and implement the security procedures to protect all major information assets.
- D.
All of the above
- 162.
- A.
CSO or CISO
- B.
CEO
- C.
COSO
- D.
All of the above
- 163.
- A.
Crackers have successfully used hacking techniques to wipe out hard drives, steal information, and disrupt government activities.
- B.
Hackers have helped to point out security vulnerabilities in computer software.
- C.
Data and application encryption are not considered robust security approaches.
- D.
Common civilian targets include power grids and financial networks.
- 164.
- A.
Defining what constitutes an electronic transaction
- B.
Classifying specific records based upon their importance, regulatory requirements, and duration.
- C.
Formulating and managing SOX compliance
- D.
All of the above
- 165.BCP shortcomings recently identified during crises include:
- A.
Backup IT sites are too close to data centers
- B.
Plans are needed for alternative workplaces for human resources
- C.
Evacuation plans should be practiced
- D.
All of the above
- 166.The Sarbanes-Oxley act requires officers of publicly traded companies in the U.S. to certify that:
- A.
The organization has a CIO.
- B.
They are responsible for establishing and maintaining internal financial controls.
- C.
The organization has a CSO.
- D.
All email over one year old has been securely deleted.
- 167.Creating a BCP in the U.S. requires:
- A.
Inventorying all desktop PCs, but not laptops.
- B.
Keeping files on magnetic tape.
- C.
Identifying interdependencies between critical business processes and business units.
- D.
Following Federal Rules of Civil Procedure.
- 168.
- A.
Hardcopy distributions to all employees, not just new employees
- B.
Email distributions
- C.
Posting the policy on the organization's intranet
- D.
All of the above
- 169.A denial of service attack is implemented by simultaneously sending a large number of messages to a target computer to create a computer or communications overload, so that legitimate users cannot obtain access.
- A.
True
- B.
False
- 170.A worm is a virus that has the ability to copy itself from machine to machine, usually over a network.
- A.
True
- B.
False
- 171.Due to several recent laws regarding information security, it is a good practice to provide existing civil and criminal laws rather than have a company-specific information security policy.
- A.
True
- B.
False
- 172.Primary sources of thefts of intellectual property rights, trade secrets, and research and development knowledge are employees.
- A.
True
- B.
False
- 173.The goal of the IS manager responsible for information security is to eliminate all information risk.
- A.
True
- B.
False
- 174.Electronic Records management (ERM) practices became a more important information security management issue in the U.S. in 2006 when new legislation established new rules for timely information gathering in response to potential litigation.
- A.
True
- B.
False
- 175.
- A.
The theft of personal information
- B.
Increased potential for exploitation of children (child pornography)
- C.
Theft of an organization's intellectual property
- D.
Difficulties in connecting with people in other regions of the world
- 176.
- A.
Technology changes very quickly.
- B.
Those who create laws generally have little expertise with complex IT issues.
- C.
The existing laws can easily be reinterpreted to apply to new technologies.
- D.
Laws are difficult to create in an Internet age when it is difficult to determine which country has legal jurisdiction.
- 177.) Ethical problems associated with the use of IT may affect all of the following except:
- A.
Managers.
- B.
Stockholders.
- C.
Customers.
- D.
All of the above
- 178.Approximately what percentage of the U.S. public is quite sensitive to the loss of privacy of their personal information?
- A.
5%
- B.
10%
- C.
25%
- D.
50%
- 179.
- A.
DoubleClick
- B.
ClickTrack
- C.
AdClick
- D.
Google
- 180.
- A.
IT is having a growing impact on people's lives.
- B.
Managers are making decisions about how IT is being used within an organization and with suppliers and customers.
- C.
None of the above
- D.
Both A and B
- 181.According to the textbook, which of the following is also an ethical behavior that is recognized by most world religions?
- A.
Do no harm
- B.
Treat others as you would like them to treat you
- C.
Forbid killing
- D.
No stealing
- 182.In the context of developing and using IT, what is the common flaw in ethical reasoning?
- A.
Ignoring the developers
- B.
Ignoring members of your organization
- C.
Ignoring members of your segment of society
- D.
Ignoring some affected parties
- 183.Sending an e-mail that falsely claims to be a legitimate enterprise in an attempt to scam the user into providing private information is called:
- A.
Spoofing.
- B.
Cracking.
- C.
Hacking.
- D.
Phishing.
- 184.
- A.
The number of Americans affected is on the increase
- B.
Financial losses due to identity theft of Americans is on the increase
- C.
Losses by credit card companies have increased because these companies absorb the cost if your credit card is misused
- D.
None of the above
- 185.
- A.
Banks don't pursue all potential cases because of the high cost of investigating.
- B.
Police don't vigorously pursue cases even though money has been taken from the victim.
- C.
It is a U.S. federal crime.
- D.
Both A and C
- 186.Which statement is true concerning privacy in the U.S.?
- A.
A great deal of legislation that purports to offer some privacy protection
- B.
There are not laws concerning legal rights to privacy
- C.
A government agency is allowed to gather information for one purpose and use it for another purpose
- D.
The federal protection of private healthcare information is not a concern of the government because of the need to learn more about the effectiveness of pharmaceuticals
- 187.Which of the following is not a characteristic of intellectual property (IP)?
- A.
It can be shared without losing it
- B.
What IP can be owned differs from one society to another
- C.
IP ownership rights are generally limited by time
- D.
Sharing IP has become more difficult over the years
- 188.When a customer wants to "opt-out" from a U.S. company sharing his or her information with third parties:
- A.
The financial institution has no obligation to comply with this request.
- B.
It often takes a lot of effort and time for customers to understand how to accomplish it.
- C.
A written request from a government official is required.
- D.
All of the above
- 189.The U.S. position on privacy can be characterized as being favorable toward:
- A.
A restricted flow of data among companies.
- B.
Consumer data are primarily viewed as a saleable, usable asset that belongs to the corporation that collected the data.
- C.
Having its citizens be in control of their personal data.
- D.
A more protective position of personal rights with respect to data about individuals than the European position.
- 190.According to the Federal Trade Commission, "someone appropriating your personal information without your knowledge to commit fraud or theft" is called:
- A.
An identity theft.
- B.
A credit information theft.
- C.
An intellectual property theft.
- D.
Internet file sharing.
- 191.Advances in artificial intelligence can raise social and ethical issues because:
- A.
Computers can sift through mountains of data better than humans.
- B.
Computers can be programmed to replace human experts in the workplace.
- C.
The degree to which a robot acts ethically depends on how it is programmed.
- D.
All of the above
- 192.A "cookie" is:
- A.
A small record stored on the user's computer that identifies the user to a Web site.
- B.
A worm.
- C.
Always harmful to your personal computer.
- D.
All of the above
- 193.In the U.S., the only federal law that limits employer surveillance of its workers is related to:
- A.
Eavesdropping on spoken personal conversation.
- B.
Reading employees e-mails.
- C.
Videotaping workers.
- D.
Recording employee phone calls.
- 194.Which of the following regions has the lowest rate of software piracy?
- A.
North America
- B.
Western Europe
- C.
Asia/Pacific
- D.
Latin America
- 195.
- A.
North America
- B.
Western Europe
- C.
Asia/Pacific
- D.
Latin America
- 196.
- A.
Patents.
- B.
Copyrights.
- C.
All of the above
- D.
None of the above
- 197.What type of impact on the software industry from awarding a large number of patents to IT industry giants such as Microsoft has been documented?
- A.
The overall number of infringement lawsuits is decreased
- B.
) it accelerates innovations among smaller firms
- C.
The growth of small software firms is inhibited
- D.
None of the above
- 198.Software piracy:
- A.
Has caused the software industry to become unprofitable.
- B.
Is fairly consistent across countries throughout the world.
- C.
Typically is not rigorously deterred by governments in less developed countries.
- D.
Has a very low rate in former communist countries.
- 199.Which of the following is true of patents?
- A.
Provides effective protection against software piracy
- B.
Makes it illegal to copy software and use it without the software vendor's permission
- C.
Gives the creator the exclusive right to the manufacture and uses what has been patented for a limited period of time
- D.
All of the above
- 200.Recent piracy rates for music CDs were highest in:
- A.
African countries.
- B.
Indonesia and Paraguay.
- C.
Western Europe.
- D.
United States.
- 201.Swapping or sharing music on the Internet:
- A.
First gained widespread popularity with the advent of Napster.
- B.
Was upheld by U.S. courts, which meant Napster was able to remain in business.
- C.
Was first made possible with the use of B2C files.
- D.
Cannot be traced so people cannot be prosecuted.
- 202.In 2007, Microsoft asserted that 235 company patents were infringed upon by open source programs. What effect did this announcement have?
- A.
IBM also filed dozens of lawsuits to enforce these patents
- B.
Open source organizations filed lawsuits alleging that Microsoft is infringing upon their patents
- C.
It slowed down the growth of open source communities.
- D.
Public backlash caused Microsoft to withdraw the statements
- 203.Which of the following is true regarding personal financial credit reports?
- A.
They rarely contain inaccurate data
- B.
Inaccuracies are not usually spotted because many individuals do not review their reports regularly
- C.
There are no laws that govern them
- D.
They are easily corrected if found inaccurate
- 204.In a recent survey, what percentage of students studying in a sample of U.S. colleges and universities said it is always wrong to pirate music and movies?
- A.
10%
- B.
More than 10% but less than 25%
- C.
About 50%
- D.
90%
- 205.Amazon.com settled a lawsuit with Barnes and Noble in March 2002 that centered on the infringement of what patent?
- A.
The personalization of content on an e-commerce site
- B.
The use of cookies to track patterns across visits
- C.
Its "one-click-ordering" process
- D.
The "buy it now" feature
- 206.The U.S. has much stronger privacy laws and practices than Europe.
- A.
True
- B.
False
- 207.U.S. copyright laws make it illegal to copy software and use it without the software vendor's permission.
- A.
True
- B.
False
- 208.A patent gives its creator the exclusive right to the manufacture and use of a new design or method for a limited period of time.
- A.
True
- B.
False
- 209.Some ethical issues are viewed differently depending upon the culture in which they arise.
- A.
True
- B.
False
- 210.According to the Federal Trade Commission (FTC), identify theft is "someone appropriating your personal information without your knowledge to commit fraud or theft."
- A.
True
- B.
False
- 211.During the feasibility analysis phase of the SDLC, which of the following types of feasibility is not assesed?
- A.
Economic
- B.
Operational
- C.
Technical
- D.
Integration
- E.
None of the above
- 212.
- A.
Module testing, acceptance testing, subsystem testing, integration testing
- B.
Module testing, subsystem testing, integration testing, acceptance testing,
- C.
Subsystem testing, acceptance testing, integration testing, module testing,
- D.
Acceptance testing, integration testing, subsystem testing, module testing
- E.
Module testing, integration testing, subsystem testing, acceptance testing
- 213.When prototyping is incorporated into a traditional SDLC approach, it is most commonly included as part of which of the following steps?
- A.
Systems definition
- B.
Feasibility analysis
- C.
System design
- D.
System building
- E.
None of the above
- 214.All of the following are potential advantages of having an application developed by a business user, rather than an IS professional, except:
- A.
Thet system requirements do not have to be explained to an IS analyst
- B.
If the system is a high priority for a business unit, it does not have to compete with other business units for IS personnel to work on it.
- C.
It is common for user developers to change jobs.
- D.
Business managers have more control over the developement costs for the application.
- E.
All of the above
- 215.
- A.
Application, development tool, and telecommunications characteristics
- B.
Application, development tool, and developer characteristics
- C.
Training classes attended by user, IS professional certifications, security issues
- D.
Application, training tools, and organization characteristics
- E.
Number of years developer had been in the organization, the application size, and the cost of the developement tool
- 216.The SDLC phase that typically requires the greatest percentage of the total cost for a custom development project is the implementation phase.
- A.
True
- B.
False
- 217.
- A.
Time and cost management
- B.
Managing project communications
- C.
Risk management
- D.
Integration management
- E.
Conflict management
- 218.
- A.
Expected business benefits
- B.
Initial development costs
- C.
Ongoing costs for operations and maintenance
- D.
Review an initial return on investment (ROI) analysis
- E.
All fo the above are part of a business case for a new systems project
- 219.A common pitfall in developing a master schedule for a project is a failure to:
- A.
Identify all of the project tasks and subtasks
- B.
Estimating task completion times based on a level of expertise associated with an experienced worker
- C.
Correctly estimate the number of resources needed to complete the tasks.
- D.
Correctly estimate the total time needed to complete all tasks.
- E.
None of the above
- 220.All the following are common risks of avoidance and mitigation strategies except:
- A.
Assigning the best human resources available to reduce a specific type of project risk
- B.
Choosing an alternative technical approach to avoid risk exposure
- C.
More will be lost if things go wrong so just ignore negative feedback
- D.
Subcontracting a specific deliverable to a third-party
- E.
None of the above
- 221.Virtual teamwork can introduce new IT project risk due to all of the following except:
- A.
Differences in communication norms across working groups
- B.
Unfamiliarity with a team member's culture
- C.
Lack of trusting relationships across team members
- D.
Team members are not collocated and then cannot meet face-to-face regularly
- E.
None of the above
- 222.The project managment chart that graphically models the sequence of project tasks and their interrelationships using a flowchart diagram is called a Gantt Chart.
- A.
True
- B.
False
Back to top