COB 204 Final EXAM QUESTIONS AND ANSWERS VERIFIED 100% CORRECT

COB 204 Final EXAM QUESTIONS AND ANSWERS VERIFIED 100% CORRECT As seen in the image below, the "upstream" in supply chain management indicates something flows in the direction from ________ to _________. - ANSWER- customer, supplier Which of the 'flow statements" would be considered upstream in the image below? - ANSWER- End-user to retailer to Apparel Industry to Packaging to Plastic What kinds of things flow downstream in supply chain management? - ANSWER- Products, Services The physical products, raw materials, supplies, etc. that flow along the supply chain are part of the ___________ flow(s). - ANSWER- Material and Reverse In the image below, thread, metal, chemical, plastic, and paper would be considered ______________. - ANSWER- tier-2 suppliers This part of the image outside of the shaded area illustrates a(n) _______________________. - ANSWER- Extranet The computing skills necessary to be a hacker are decreasing for which of the following reasons? - ANSWER- Computer attack programs, called scripts, are available for download from the Internet. A _____ is any danger to which an information resource may be exposed. - ANSWER- threat An information system's _____ is the possibility that the system will be harmed by a threat. - ANSWER- vulnerability You start a new job, and the first thing your new company wants you to do is create a user ID and a password. To remember your password, you write it on a Post It note and put it on your laptop screen. This is an example of ________________. - ANSWER- poor security Employees in which functional areas of the organization pose particularly grave threats to information security? - ANSWER- human resources, management information systems Unintentional threats to information systems include all of the following except ______________. - ANSWER- malicious software _____ involves building an inappropriate trust relationship with employees for the purpose of gaining sensitive information or unauthorized access privileges. - ANSWER- Social Engineering Dumpster diving is ______________ - ANSWER- typically committed for the purpose of identity theft. An organization's e-mail policy has the least impact on which of the following software attacks? - ANSWER- zero-day _____ are segments of computer code that attach to existing computer programs and perform malicious acts. - ANSWER- Viruses _____ are software programs that hide in other computer programs and reveal their designed behavior only when they are activated. - ANSWER- Trojan Horses _____ are segments of computer code embedded within an organization's existing computer programs that activate and perform a destructive action at a certain time or date. - ANSWER- Logic bombs A _____ attack uses deception to fraudulently acquire sensitive personal information by masquerading as an official e-mail. - ANSWER- Phishing In a _____ attack, a coordinated stream of requests is launched against a target system from many compromised computers at the same time. - ANSWER- distributed denial of service The term _____ refers to clandestine software that is installed on your PC through duplicitous channels but is not particularly malicious. - ANSWER- Alien software Which of the following is (are) designed to use your computer as a launch pad for sending unsolicited e-mail to other computers? - ANSWER- Spamware ________ is a deliberate act that involves defacing an organization's web site. - ANSWER- Sabotage When companies attempt to counter _____ by requiring users to accurately select characters in turn from a series of boxes, attackers respond by using _____. - ANSWER- keyloggers, screen scrapers _____ is the process in which an organization assesses the value of each asset being protected, estimates the probability that it will be compromised, and compares the probable costs of an attack with the costs of protecting the asset. - ANSWER- Risk Analysis _____ controls are concerned with user identification, and they restrict unauthorized individuals from using information resources. - ANSWER- Access In a process called _____, a company allows nothing to run unless it is approved, whereas in a process called _____, the company allows everything to run unless it is not approved. - ANSWER- whitelisting, blacklisting You receive an e-mail from your bank informing you that they are updating their records and need your password. Which of the following statements is true? - ANSWER- The message could be a phishing attack. You start a new job, and human resources gives you a ten-page document that outlines the employee responsibilities for information security. Which of the following statements is most likely to be true? - ANSWER- You are expected to read the document, and you could be reprimanded if you don't follow its guidelines. The information systems planning process proceeds in which order? - ANSWER- Organization mission - organization strategic plan - IS strategic plan - new IT architecture A company's IT architecture includes all of the following except: - ANSWER- The members of the IT staff Which of the following are disadvantages of the buy option for acquiring IS applications? - ANSWER- - The software may not exactly meet the company's needs. - The software may be impossible to modify. - The company will not have control over software improvements. - The software may not integrate with existing systems. Which of the following systems acquisition methods is time consuming, costly, and may produce excessive documentation? - ANSWER- Systems Development Life Cycle (SDLC) _____ is a method of delivering software in which a vendor hosts the applications and