CS-507 Introduction To Computing

Update MCQS For Quiz-4 File

Solve By Vu Topper RM
85% To 100% Marks

For More Help Contact What’s app 03224021365

Which of the following controls over the transfer of data over
networks?
A. Database Controls
B. Security Controls
C. Access Controls
D. Communication Controls Page 146

Which of the following systems need a comprehensive definition of the

known and expected behavior of systems?
A. Statistical-based IDS Page 168
B. Firewalls
C. Signature-based IDS
D. Network-based IDS

Which of the following prevents certain users from accessing certain

servers or services?
A. Firewall Page 167
B. Sensors
C. Piggybacking
D. Modem

Which of the following is not phase of risk management?

A. Risk Identification
B. Implementation
C. Assessing Documentation
D. Threat Identificatio

Which of the following involves intercepting communications between

the operating system and the user?
A. Masquerading
B. Eavesdropping
C. Spoofing
D. Piggybacking Page 165

For More Help Contact What’s app 03224021365

Different levels and types of ---------------------- may be required to
address the risks to information
A. None of any options
B. Authenticity
C. Security Page 137
D. Integrity

Which of the following is the process of measuring, or assessing risk

and then developing strategies to manage the risk?
A. None of the given options
B. Risk Management Page 152
C. Audit Trial
D. Executive management

Which of the following works in conjunction with routers and firewalls

by monitoring network usage anomalies?
A. DCS
B. ISD
C. IDS Page 168
D. SDLC

The output of threat identification phase is_____________

A. Threat Definition
B. Threat Resolution
C. Threat Control
D. Threat Measuring

Internet protocol ______________ provide evidence on the delivery of

messages.
A. up to some extent
B. does not Page 164
C. does
D. mostly

For More Help Contact What’s app 03224021365

Management controls are also known as:
A. Technical controls
B. Non-technical controls
C. Logical controls
D. Scientific controls

Under which of the following agreement, two or more organizations

agree to provide backup facilities to each other in case of one suffering
from a disaster.
A. Joint
B. Reciprocal
C. Cooperative
D. Mutual

Which of the following is the process of converting data into codes

(cryptograms)?
A. Decryption
B. Decoding
C. Encryption Page 146
D. Coding

__________ site backup is an appropriate choice for organizations if

fast recovery is critical.
A. Hot Page 162
B. Cool
C. Warm
D. Cold

Which of the following is the combination of hardware and software

that is built using routers, servers and variety of software?
A. Firewall Page 167
B. Modem
C. Sensors
D. Antivirus

For More Help Contact What’s app 03224021365

Which of the following phase determines the adverse impact resulting
from a successful threat exercise of vulnerability?
A. Monitoring threats
B. Risk resilience
C. Impact analysis Page 156
D. Likelihood determination

Which statement is INCORRECT about a BUG?

A. It is an internal malfunctioning of the system.
B. It is an unintentional fault in the program.
C. It can never create a virus in the system.
D. It is caused by improper application of programming logic.

An effective risk management strategy will need to address _______

A. Risk monitoring
B. Business continuity planning
C. All of these
D. Risk avoidance

________ site backup is an appropriate choice for organizations if they

can bear some downtime.
A. Cold
B. Hot
C. Cool
D. Warm

Which of the following is the science and art of transforming data into
secret code for transmission over a public network?
A. Firewall
B. Active Monitors
C. Cryptography
D. Antivirus

For More Help Contact What’s app 03224021365

What would affect the impact’s scope if a risk does occur?
A. Risk scope
B. Risk cost
C. Risk timing
D. Risk resources

PIN is a secret shared between a user and a system that can be used to
authenticate the user to the system. In this context, what does PIN
stands for?
A. Personal Information Node
B. Password Indicating Null
C. Personal Identification Number Page 145
D. Password Indicator Number

Which of the following is in fact the risk mitigation process?

A. Risk pliability
B. Control recommendations
C. Control measures
D. Risk determination

Control effectiveness can be checked by____________

A. Threat Definition
B. System characterization
C. High Threat Motivation
D. Availability of Threat

Controls can be technical and non-technical. Which of the following is

an example of non-technical control?
A. Management
B. Software
C. Application Programs
D. Hardware

What could be the first step in any corporate risk strategy?

A. Control implementation
B. Characterization

For More Help Contact What’s app 03224021365

C. Documentation
D. Risk identification

Which of the following apply rules to control the type of networking

traffic flowing in and out?
A. Modem
B. Data analyzers
C. Firewall Page 167
D. Antivirus

Firewalls __________ data packets which are sent between different

physical locations within an organization.
A. restrict
B. Encrypt Page 168
C. facilitate
D. allow

When a customer enters the card and the pin code in an Automatic
Teller Machine (ATM), which of the following controls are exercised
by the system to block unwanted or illegitimate access?
A. Database Controls
B. Communication Controls
C. Input Controls
D. Access Controls Page 146

Which of the following phase determines that a potential vulnerability

could be exercised by a given threat source?
A. Risk resilience
B. Intelligence
C. Impact analysis
D. Likelihood determination Page 156

____________ helps user to establish identity

A. Access control
B. Input control
C. Output control

For More Help Contact What’s app 03224021365

D. Database control

Internet is vulnerable to attacks because of its _____________

A. nature
B. scope
C. global access
D. speed

What type of skills will be needed for logical intrusion?

A. Strong communication
B. Complex & technical
C. Behavioral
D. Simple & easy

Which of the following network attacks involves probing for network

information?
A. Spoofing
B. Active attacks
C. Masquerading
D. Passive attacks Page 164

___________ controls the most vulnerable point between a corporate

network and the internet.
A. Data analyzers
B. Firewall Page 168
C. Spoofing
D. Sensors

An intruder carry out unauthorized activity by impersonating a

legitimate user of the system incase of __________________.
A. Eavesdropping
B. Spoofing
C. Piggybacking
D. Masquerading Page 164

Risk Management does NOT include _________ phase.

For More Help Contact What’s app 03224021365

A. System Characterization
B. Likelihood Determination
C. Understanding Business Process Page 152
D. Control Analysis

Risk impact assessment should focus on consequences affecting

_______
A. Marketing, costing, staffing
B. Planning, resources, cost, schedule
C. Business, technology, process
D. Performance, cost, schedule

Providing independent assurance to management regarding the

appropriateness of the security objectives is the responsibility of
_________.
A. Information systems auditors Page 137
B. Process owners
C. End users
D. Data owners

_________ is the most harmful type of virus

A. Overwriting virus
B. Dropper
C. Trojan horse
D. Boot sector virus

Risk projection attempts to rate risk in two ways

A. Likelihood and size
B. Likelihood and impact
C. Likelihood and mitigation
D. Likelihood and size

_______________ allow users to use the facilities of an operating

system without being subject to the normal controls.
A. Eavesdropping
B. Spoofing
C.

For More Help Contact What’s app 03224021365

Trapdoors Page 165
D. Piggybacking

Impact needs to be measured to

A. Identify threat
B. Define the data criticality
C. Worse scenarios of impact
D. Record thread history

Risks are rated by ______

A. Probability and cost
B. Probability and impact
C. Probability and exposure
D. Probability and size

Which of the following is NOT true about risk management?

A. Process of developing strategies to manage risk
B. Process of measuring risk
C. Process of assessing risk
D. Process of logical intrusion

Impact Analysis in control of threat does not depend on__________

A. Vulnerability Analysis
B. System Mission
C. System Criticality
D. Data Criticality

Threat identification can be verified using

A. Threat action plan
B. Threat statement
C. Threat impact analysis
D. Threat source

Entity represents sources of data received by the system or destinations

of the

For More Help Contact What’s app 03224021365

data produced by the system.
Select correct option:
True Page No. 116
False
The interface is implemented by _______
Select correct option:
Methods
Classes

The main focus of Object-Oriented analysis is to study the ____________ of

objects.
Select correct option:
Collaboration
State

Inheritance can be defined in terms of _______

Select correct option:
Is similar to
Is kind of

Object oriented analysis generates

Select correct option:
Conceptual model of Information
System Interfaces

Damage caused to the software without physical presence is the outcome of

_______________ threat.
Select correct option:

For More Help Contact What’s app 03224021365

Physical
Logical

Both software objects and real time objects have ________

Select correct option:
Identity and behavior
Identity and state
Identity, state and behavior
State and behavior

An association among entities is called Relation.

Select correct option:
True 114
False

Rectangle shape in the flow charts represents___________

Select correct option:
Decision
Process
Terminator
Relationship

_______ is usually identified by the phrase "is a kind of.”

Select correct option:
Inheritance 131
Class
Object
Instance

For More Help Contact What’s app 03224021365

Which of the following carry characteristics of specialization?
Select correct option:
Sub classes
Sub Interfaces
Sub objects
Super set

______________helps organization in gaining competitive advantage in the use

of processes, effectiveness and efficiency.
Select correct option:
BPR Page No. 134
CSF
MIS
SPR

Object oriented analysis focuses on the _________

Select correct option:
Implementation of objects
States of objects
Identity of objects
Collaboration of objects

Data processing capability of distributed environment is ________

Select correct option:
Flexible Page No. 137
Limited
Centralized

For More Help Contact What’s app 03224021365

Integrated

The Internet's technological success does not depend on its principal

communication tools, the Transmission Control Protocol (TCP) and the Internet
Protocol (IP).
Select correct option:
True
False Page No. 138

A security program is a series of ongoing regular periodic reviews conducted to

ensure that assets associated with the information systems function are
safeguarded adequately.
Select correct option:
True Page No. 141
False

The requirement of protecting information from improper modification is termed

as system and data ___________.
Select correct option:
Privacy
Consistency
Integrity
Reliability

The flowchart helps in locating and correcting errors also called debugging.
Select correct option:
True Page No. 115
False

For More Help Contact What’s app 03224021365

According to “Brooch”, object has following three components
Select correct option:
State, Behavior, Identity Page No. 128
State, Behavior, Interface
State, Interface, methods
State, Variables, Methods

Operations are usually called via ______

Select correct option:
Methods
Functions
Signatures
Interfaces

__________ is an association among entities. There has to be a relationship

between two entities
Select correct option:
Value Sets
Cardinality
Relationships Page No. 124
Domain

Due to unauthorized changes in data, it ___________ is lost.

Select correct option:
Sharing
Consistency

For More Help Contact What’s app 03224021365

Integrity Page No. 144
Redundancy

Object oriented analysis focuses on the _________

Select correct option:
States of objects
Collaboration of objects
Implementation of objects
Instance of object

Which of the following is considered during OO Analysis?

Select correct option:
System behavior
Concurrency
Distribution
Redundancy

Characteristics of object are called ________

Select correct option:
Methods Page No. 131
Status
Attributes
Instances

The protection of the interests of those relying on information, and the

information systems and communications that delivers the information, from

For More Help Contact What’s app 03224021365

harm resulting from failures of availability, confidentiality, and integrity.
Select correct option:
True Page No. 139
False

Which of the following model places emphasis on documentation?

Select correct option:
Waterfall PAGE 83
Spiral
Incremental
Rapid prototyping

Which of the following is the process of quickly putting together a working model
in order to test various aspects of the design for gathering early user feedback?
Select correct option:
Interviews
Iteration
Prototyping PAGE 89
Questionnaires

Which of the following lifecycle model is very appropriate for large and complex
information systems?
Select correct option:
Spiral PAGE 88
Prototyping
Incremental
Waterfall

For More Help Contact What’s app 03224021365

Which of the following lifecycle model is a combination of classic waterfall
model and aspects of risk analysis?
Select correct option:
Prototyping
Waterfall
Spiral PAGE 88
Incremental

Which of the following process begins with stratifying system users and then
identifying their needs?
Select correct option:
Structuring
QA
Exploration
Design PAGE 81

In which of the following models, the development approach is based on

producing deliverables frequently/ repetitively.
Select correct option:
Incremental
Waterfall
Iterative PAGE 86
XP

Trying to fit people and organizations into information systems has been major
reason for ____________.
Select correct option:
success

For More Help Contact What’s app 03224021365

efficiency
increased productivity
Failure PAGE 76

Employees might be unwilling to accept the high level of responsibility if

organization is dominated by _____________and the culture is ____________.
Select correct option:
Workers, autocratic
top management, autocratic PAGE 77
top management, democratic
Middle level management, democratic

Which of the following view gives a quick understanding of the business

processes and flows?
Select correct option:
Procedural
Abstract
Internal
Diagrammatic PAGE 96

Which of the following provides a structured means of addressing the impact of

technologies on an organization?
Select correct option:
Business planning
IT planning PAGE 67
Requirements planning
Configuration planning

For More Help Contact What’s app 03224021365

In which of the following models the phases are in a cascading manner linking the
output of one to the input of next phase.
Select correct option:
Rapid prototyping
Spiral
Waterfall PAGE 83
Extreme programming

If a flow chart become complex it is better to use connector symbols to reduce to

number of flow lines.
Select correct option:
True PAGE 98
False

Which of the following addresses the availability of sufficient technology to

support the proposed project?
Select correct option:
Operational feasibility
Economic feasibility
Tactical feasibility
Technical feasibility PAGE 73

Which of the following process is concluded by recommending a monitoring and

control mechanism?
Select correct option:
Designing
Analyzing
Planning PAGE 67

For More Help Contact What’s app 03224021365

Implementation

Which of the following model can lead to scope creep due to user feedback after
each phase?
Select correct option:
Iterative PAGE 71
XP
Rapid prototyping
Waterfall

In ____________ model, software is constructed step by step in the same way a

building is constructed.
Select correct option:
Spiral
Incremental PAGE 69
Extreme programming
Waterfall

Which of the following is the core product which usually addresses the basic
requirements of the system?
Select correct option:
First increment PAGE 85
Second increment
Last increment
Final increment

Which of the following enunciate business goals and the actions that need to be
initiated to achieve those goals including related benefits, resources and

For More Help Contact What’s app 03224021365

timeframes?
Select correct option:
Organizing
Monitoring
Plans PAGE 67
Implementation

Which of the following defines the operations of the system in layman’s terms?
Select correct option:
User manual PAGE 82
Technical manual
Procedural manual
Testing manual

Which of the following view gives a quick understanding of the business

processes and flows?
Select correct option:
Procedural
Abstract
Internal
Diagrammatic PAGE 96

Which of the following model can lead to scope creep due to user feedback after
each phase?
Iterative page no 97
XP

The study of business problem domain is used to recommend improvements and

For More Help Contact What’s app 03224021365

specify the business requirements for the solution.
True page no 102
False

Which of the following are knowledge workers who facilitate the development of
information systems and computer applications by bridging the communications
gap that exists between non-technical system users, and System designers and
developers?
System Analysts

Which of the following ensures the correctness of data in the database?

Data integrity page no 104
Data accessibility

System analysis creates the understanding and lays out the necessary relationships
that will assist in defining a solution to the problem or the design of the proposed
software that will meet the user needs.
True page no 102
False

The purpose of ___________ is to obtain a commitment to change and evaluate

whether cost effective solutions are available to address the problem that has been
identified.
planning
usage scenarios
feasibility study page no 79
testing

For More Help Contact What’s app 03224021365

Which of the following refers to the ways data is stored in partitions and
sequences?
Structure page no 91
Design

Which of the following is a problem-solving technique that re-assembles a

system’s components back into a complete system?
System analysis
System design page no103
System check
System configuration

Which of the following model is preferred for its simplicity and more disciplined
approach?
Incremental
Waterfall page no 93
Spiral

Which of the following addresses compliance and adjustability with the way
organization works with attitude to change or chains of command?
Operational feasibility page no 83
Technical feasibility
Tactical feasibility
Economic feasibility

A problem-solving technique that decomposes a system into its component pieces

for the purpose of studying, how well those component parts work and interact to
accomplish their purpose can be one of the definitions of System development.

For More Help Contact What’s app 03224021365

True page no 102
False

The study of business problem domain used to recommend improvements and

specify the business Requirements for the solution is called:
System Analysis page no 102
System Design
Risk Management
Risk Analysis

A well-designed system also helps in early detection of problems in critical areas.

True page no 106
False

Apart from the value to cost ratio, modules are also selected on the basis of
___________requirements and needs.
programmer
designer
customer page no 95
system analyst

Which of the following problems posses multiple solutions with fewer parameters
being less manipulate able?
Unstructured
Partially structured
Semi structured

Which of the following is the core product, which usually addresses the basic

For More Help Contact What’s app 03224021365

requirements of the system?
First increment page no 95
Second increment
Last increment
Final increment

In ____________ model, software is constructed step by step in the same way a

building is constructed.
· Spiral
Incremental page no 79
Extreme programming
Waterfall

Which of the following addresses the availability of sufficient technology to

support the proposed project?
Tactical feasibility
Technical feasibility page no 8

Trying to fit people and organizations into information systems has been major
reason for ____________.
success
efficiency
increased productivity
failure page no 86

In drawing a proper flowchart, all necessary steps that are a part of process should
be listed out in ________________ order.
Logical page no 109

For More Help Contact What’s app 03224021365

Physical
Top to Bottom

In which of the following model, the system development is broken into many
mini development projects.
Spiral
Incremental page no 95
Iterative
Waterfall

Which of the following are knowledge workers who facilitate the development of
information systems and computer applications by bridging the communications
gap that exists between non-technical system users, and System designers and
developers?
System Analysts page no 103
Software Engineers

Which of the following is a project management technique which divides complex

projects into smaller and more easily managed segments?
SDLC page no 78
System programming

Apart from the value to cost ratio, modules are also selected on the basis of
___________requirements and needs.
programmer
designer
customer
system analyst

Which of the following ensures the correctness of data in the database?

For More Help Contact What’s app 03224021365

Data integrity page no 104
Data accessibility

Which of the following may be of low fidelity and dismissed as toys?

Select correct option:
Interfaces
Inference engines
Early prototypes Page No. 101

Which of the following refers to the structuring of hardware and software to

achieve the effective and efficient processing of information?
Select correct option:
Operational planning
System development Page No. 78

Which of the following allows manufacturers to rapidly and inexpensively test the
parts of the design which are most likely to have problems?
Select correct option:
Prototype Page No. 100
Trial version

Which of the following are knowledge workers who facilitate the development of
information systems and computer applications by bridging the communications
gap that exists between non-technical system users, and System designers and
developers?
Select correct option:
System Analysts Page No. 103
Software Engineers

For More Help Contact What’s app 03224021365

System Designers

Which of the following provides a structured means of addressing the impact of

technologies on an organization?
Select correct option:
Business planning
IT planning Page No. 67

Employees might be unwilling to accept the high level of responsibility if

organization is dominated by _____________and the culture is ____________.
Select correct option:
Workers, autocratic
top management, autocratic Page No. 87

In which of the following environments, duplication of clerical work is generally

observed.
Select correct option:
Manual Page No. 102
Semi-computerized

A well-designed system also helps in early detection of problems in critical areas.

Select correct option:
True page no 106
False

Which of the following is used to test the function of the new design before
starting production of a product?
Select correct option:

For More Help Contact What’s app 03224021365

Trial version
Prototype page no100

Which of the following is the core product which usually addresses the basic
requirements of the system?
Select correct option:
First increment page no 95
Second increment

In drawing a proper flowchart, all necessary steps that are a part of process should
be listed out in ________________ order.
Select correct option:
Logical page no 109
Physical
Customer touch point is a method of interaction with a customer, such as
telephone, e-mail, a customer service or help desk, conventional mail, Web site
and store.
True
False

One of the methods of integrating different business information systems is :

Supply Chain management software
Interface reconciliation software
Message passing
None of the given options

The bullwhip effect refers to erratic shifts in orders up and down the supply chain
because of poor demand forecasting, price fluctuation, order batching, and

For More Help Contact What’s app 03224021365

rationing within the chain.
True
False

“M-Commerce” stands for

E-Commerce
None of given options
Mobile Commerce

The comparison of actual system with expected system is done with the help of
control mechanism.
False
True

Organizations sell products to other organizations electronically is an example of:

Ecommerce
EBusiness
BPR
BPRE

Which of the following refers to the process of identifying attempts to penetrate a

system and gain unauthorized access?
Threat Identification
Intrusion detection
Access Control
All of above

A ________ is an agreed-upon set of conventions that defines the rules of

For More Help Contact What’s app 03224021365

communication.
Protocol
Interconnection Medium
Data Packet
Message
The term OIS views organization as a combination of process oriented groups
whose information needs are related but Independent.
False
True

In case of logical intrusion, the intruder might be trying to have an unauthorized

access to the system.
True
False

Which one of the following computer systems uses duplication of components

and data to cope with systems failures?
Fault-tolerant systems
Expert System
MIS
OIS

Data travels across the internet through several levels of networks until it reaches
its middle point.
True
False

_______ have usually simple management structure.

For More Help Contact What’s app 03224021365

Small Organization
Medium organization
Large Organization

__________ is an object that exists and is distinguishable from other objects.

Value Sets
Entity
Relationships

Object oriented analysis generates _________

Implementation constraints
System Interfaces
Conceptual model of Information

Inheritance can be defined in terms of _________

Has kind of
Is based on
Is kind of

An IDS with the neural network feature monitors the general patterns of activity
and traffic on the network and creates a database.
True
False

M-Commerce (mobile commerce) refers to the conduct of e-commerce via

wireless devices.
True
False

For More Help Contact What’s app 03224021365

ERP Systems control all major business processes with a single software
architecture in real time.
True
False

Preparing a situation for change by disconfirming existing attitudes and

behaviors is called Unfreezing
True
False

Ethics is a branch of science that deals with what is considered to be right and
wrong.
True
False

Buying and selling of products, services and information via computer networks,
primarily through Internet is:
E-Commerce
E-Business
Web Surfing
BPR

In which of the following decisions the problems are non routine, critical and
novel in nature, require individual judgment, evaluation and insight varying on
case-to-case basis.
Semi-Structured decisions
Unstructured decision

For More Help Contact What’s app 03224021365

Which of the following view gives a quick understanding of the business
processes and flows?
Select correct option:
Procedural
Abstract
Internal
Diagrammatic PAGE 96

Which of the following is the process of quickly putting together a working model
in order to test various aspects of the design for gathering early user feedback?
Select correct option:
Interviews
Iteration
Prototyping PAGE 89
Questionnaires

Which of the following lifecycle model is very appropriate for large and complex
information systems?
Select correct option:
Spiral PAGE 88
Prototyping
Incremental
Waterfall

Which of the following lifecycle model is a combination of classic waterfall model

and aspects of risk analysis?
Select correct option:
Prototyping
Waterfall
Spiral PAGE 88
Incremental

For More Help Contact What’s app 03224021365

Which of the following process begins with stratifying system users and then
identifying their needs?
Select correct option:
Structuring
QA
Exploration
Design PAGE 81

Which of the following view gives a quick understanding of the business

processes and flows?
Select correct option:
Procedural
Abstract
Internal
Diagrammatic PAGE 96

Which of the following provides a structured means of addressing the impact of

technologies on an organization?
Select correct option:
Business planning
IT planning PAGE 67
Requirements planning
Configuration planning

Cryptography primarily consists of Two basic processes.

Select correct option:
True
False

System Characterization is not one of the phases of Risk Management.

True

For More Help Contact What’s app 03224021365

False

Determining classification levels along with maintaining accuracy and integrity of

the data in the information system is the responsibility of _________.
Select correct option:
System auditors
Data owners Page 137 ok
Process owners
End users

Which of the following may attack executable programs?

Select correct option:
Viruses
Worms
Trojans
Sniffers

A denial-of-service attack floods a Web site with so many requests for services
that it slows down or crashes
Select correct option:
True
False

The output of Threat Identification phase is a threat statement identifying and

defining threats.
Select correct option:
True
False

Which of the following focuses on detecting potentially abnormal behavior in

function of operating system or request made by application software?
Select correct option:

For More Help Contact What’s app 03224021365

Behavior blockers
Active Monitors
Anti-Virus
Scanners

Which of the following may also detect outbound traffic to guard against spy
ware, which could be sending your surfing habits to a Web site?
Select correct option:
Personal Firewall
Password
PIN
ID

Which of the following are normally skilled programmers, and have been known
to crack system passwords, with ease?
Select correct option:
Hackers
Crackers
Hacktivists
Intruders

Audit Control is a logical record of computer activities, usage, processing

pertaining to an operating or application system or user activities
Select correct option:
True
False

Audit Control is a logical record of computer activities, usage, processing

pertaining to an operating or application system or user activities
Select correct option:
True
False

For More Help Contact What’s app 03224021365

Which of the following is a logical record of computer activities, usage,
processing pertaining to an operating or application system or user activities?
Select correct option:
Audit Trial
Control Log
Control Trial
Audit Control

Cryptography primarily consists of Two basic processes.

Select correct option:
True
False

There are typically ________________ kinds of audit records

Select correct option:
Three
Four
Five
Two

Which of the following skills needed to exploit logical exposures are more
technical and complex as compared to physical exposures.
Select correct option:
Logical Intrusion
Active Monitors
Behavior Blockers
Scanners

Which of the following is a program not a virus but it installs a virus on the PC
while performing another function?
Dropper

For More Help Contact What’s app 03224021365

Trojans
worm
None of above options

Logical Intrusion skills needed to exploit logical exposures are more technical
and complex as compared to physical exposures.
True Page 143
False

Which of the following is the secret character string that is required to log onto a
computer system?
ID
PIN
PASSWORD Page 144
none of these

Which of the following refers to damage caused to the software and data without
any physical damage to the computers?
Logical Threat Page 139
Physical Threat
Option a and b
None of above options

Which one of the following is not classified as biometrics?

Digital Password
Sound of your voice
Blood vessels in the retina of your eye
Finger Prints

Risk Management is the process of measuring, or assessing risk and then

developing strategies to manage the risk.
True

For More Help Contact What’s app 03224021365

False

Processing instructions carried out by the Operating system and application

software should be monitored by implementation of controls.
True Page 148
False

_________ refer to the sudden increase in power supply.

Sags
Brown outs
Spikes Page 138 ok
Black out

_________ refer to the sudden decrease in power supply.

Sags Page 138
Surges
Spikes
Black out

Which of the following controls over transporting data safely through local area
networks (LAN’s) or wide area networks (WAN’s).
Communication Controls Page 147
Access Controls
Security Controls
Data Base Controls

A personal identification number (PIN) is a secret shared between a user and a

system that can be used to authenticate the user to the system.
True Page 145
False

For More Help Contact What’s app 03224021365

Audit Control is a logical record of computer activities, usage, processing
pertaining to an operating or application system or user activities
True
False Page 149

Risk management is a ________ process

Continuous
Tedious
Expensive
Corpora ting

Which of the following is a person who attempts to invade the privacy of the
system.
Hacker Page 144
Cracker
Sniffer
Spammer

A record of every stroke usually contains records describing system events,

application events, or user event
True
False Page 149

Which of the following controls have gained critical importance in the modern
computing age for two significant reasons?
Access Page 146
Communication
Data Base
Output

System Characterization is not one of the phases of Risk Management.

True

For More Help Contact What’s app 03224021365

False Page 152

Which of the following may also detect outbound traffic to guard against spy
ware, which could be sending your surfing habits to a Web site
Personal Firewall Page 145
Password
PIN
ID

Bug is caused by improper application of programming logic.

True Page 140
False
An audit trail may record "before" and "after" images, also called Snapshots of
records.
True Page 149
False

Which of the following refers to individuals using their skills to forward a political
agenda, possibly breaking the law in the process, but justifying their actions for
political reasons?
Hacker
Intruder
Hacktivist Page 144
Cracker

Implementation of controls is a critical security feature of which of the following

systems.
Information
Business
System
Management

Measuring technical assessment of a computing system is known as:

For More Help Contact What’s app 03224021365

security plan
security measures
security audit
security lapse

Tricking people into revealing their password by pretending to be legitimate

users or members of a company in need of information is called
Social Engineering
Snooping
Spoofing
Documentation may include program code of application software’s, technical
manuals, user manuals e
True Page 149
False

The virus or bug being installed to corrupt data or software might create BAD
SECTORS on the hard drive, leading to its preferable removal from the
computer is an example of the following
Logical Threat Page 139
Physical Threat
option a and b
None of above options

Traversing of a record of every keystroke, often called

Physical Key Monitoring
Logical Key Monitoring
Keystroke Monitoring ok
Primary Key Monitoring

Worms can destroy data and programs as well as disrupt or even halt the
operation of computer networks.
True
False

For More Help Contact What’s app 03224021365

Which of the following can be used together with access controls to identify and
provide information about users suspected of improper modification of data.
Audit Trial Page 149
Control Log
Audit control
Control Trial

Which of the following usually contain records describing system events,

application events, or user events?
An event-oriented log Page 149
A record of every keystroke
Option a and b
None of these

Which of the following are responsible for providing independent assurance to

management on the appropriateness of the security objectives?
Information Systems Auditors Page 137
Executive Management
Security Managers
Data owners

Which of is the primary method for keeping a computer secure from intruders.
Anti-Virus
Scanner
Fire Wall Page 155
IDS

Which of the following focuses on detecting potentially abnormal behavior in

function of operating system or request made by application software.
Select correct option:
Behavior blockers
Active Monitors

For More Help Contact What’s app 03224021365

Fire wall is the primary method for keeping a computer secure from intruders.
Select correct option:
True
False

Wireless computing devices are not subject to viruses.

Select correct option:
True
False

Which of the following is an expression of an intention to inflict pain, injury, evil

or punishment, and an indication of impending danger or harm?
Select correct option:
Intrusion
Damage
Threat ok
None of these options

Which of the following may attack executable programs?

Select correct option:
Viruses
Worms
Trojans
Sniffers

A denial-of-service attack floods a Web site with so many requests for services
that it slows down or crashes
Select correct option:
True
False

Security controls focus on the correct identification of the user seeking

permission to access the system.
Select correct option:
True
False

In risk management a corporate level facilitator performs

Select correct option:

For More Help Contact What’s app 03224021365

Information security
Documentation
Risk assessments
Control analysis

Visit My YouTube Channel

For Subjective and More
Important Files
Channel Name = #VuTopperRM

For More Help Contact What’s app 03224021365