The term ________ is commonly used to refer to a collection of companies and processes involved in moving a product from the suppliers of raw materials to the customer.

Which of the following statements about just-in-time strategies is true?

Companies using this strategy are trying to optimize their ordering quantities such that parts or raw material arrive just when they are needed for production

Altrix Corp., an Indonesian firm, recently faced an unanticipated decline in the demand for its product. This dented the company's financial strength not only through loss of sales, but also because it ended up with a substantial inventory of raw materials that the company wasn't able to use. As a result, Altrix has been rethinking its approach to inventory management. Some of its board members are suggesting that they use the just-in-time (JIT) system to avoid such situations in the future. Which of the following, if true, could undermine the argument in favor of JIT?

A) Some of the raw materials Altrix requires are perishable in nature.

________ is a business model in which the suppliers to a manufacturer manage the manufacturer's

inventory levels based on preestablished service levels.

Vendor-managed inventory

5) Which of the following statements about vendor-management inventory (VMI) is true?

To make VMI possible, the manufacturer allows the supplier to monitor stock levels and ongoing sales data.

One major problem affecting supply chains are ripple effects referred to as the ________.

bullwhip effect

 Computer maker, Dell, realized the problems with keeping large inventories, especially because of the fast rate of obsolescence of electronics components. Dell now keeps only about two hours of inventory in its factories. The company is most likely using a ________.

just-in-time inventory management system

MaxSteel Inc., has been supplying steel to a well known car manufacturer, Agis Corp., for the past 3 years. Concerned employees at Max can directly access Agis Corp.'s inventory and sales information via electronic data interchange.This allows MaxSteel to monitor Agis Corp.'s inventory levels on a real-time basis. The system has worked well for both companies so far and there has never been any delay in the supply of steel. Which of the following, if true, would most strengthen Agis' supply chain strategy?

Agis Corp., is taking measures to add wholesalers and retailers into their supply chain.

9) Fen-phen was an anti-obesity medication that consisted of two drugs: fenfluramine and phentermine. Fenfluramine was initially marketed by American Home Products, but was shown to cause potentially fatal pulmonary hypertension and heart valve problems. This eventually led to the withdrawal of the drug and legal damages of over $13 billion. This is an example of

a product recall

La Belle Inc. introduced a new line of accessories for teenaged girls last season. Following its immense popularity with the targeted group, the company anticipated high sales this season. It ordered raw materials accordingly, and even ensured that they had sufficient inventory to meet excess demand, if any. However, the success of the new line turned out to be a fad, as the teens soon turned to other products offered by competing brands, and La Belle's sales declined. This caused a huge discrepancy in the amount of raw materials they needed and the amount of inventory they had piled up in anticipation of good sales. This is an example of ________.

the bullwhip effect

Which of the following is the main objective of information systems that focus on improving supply

 chains?

accelerating product development and innovation

Which of the following is the key use of distribution planning module of supply chain management?

to optimize the allocation of available supply to meet demand

The key use of order promising module of supply chain management is to ________.

work with partners across the supply network to improve accuracy of demand forecasts, reduce

inventory buffers, and improve customer service

The key use of manufacturing execution module of supply chain management is to ________.

support production processes taking into account capacity and material constraints

________ involves the development of various resource plans to support the efficient and effective production of goods and services.

Supply chain planning

Supply chain planning begins with ________.

product demand planning and forecasting

Demand planning and forecasting leads to the development of the overall ________.

D) expected demand

________ focuses on delivering products or services to consumers as well as warehousing, delivering, invoicing, and payment collection.

Distribution planning

Distribution planning leads to the development of the overall ________.

transportation schedule

Production scheduling ________.

focuses on the coordination of all activities needed to create the product or service

Using analytical tools to optimally utilize labor, materials, and equipment is a part of the ________ step of supply chain planning.

B) production scheduling

Inventory and safety stock planning ________.

focuses on the development of inventory estimates

Inventory and safety stock planning leads to the development of a(n) ________.

sourcing plan

Supply chain execution ________.

involves the management of information flow

Which of the following statements is true about product flow, a key element of supply chain?

It refers to the movement of goods from the supplier to production, from production to distribution, and from distribution to the consumer.

Which of the following statements is true about information flow, a key element of supply chain

execution?

The key element to the information flow is the complete removal of paper documents.

Which of the following key elements of a supply chain includes information related to payment schedules, consignment, and ownership of products and materials?

financial flow

________ refers not only to the ability to track products as they move through the supply chain but also to foresee external events.

Supply chain visibility

) ________ refers to the use of key performance indicators to monitor performance of the entire supply chain, including sourcing, planning, production, and distribution.

Supply chain analytics

________ is the extent to which a company's supply chain is focusing on minimizing procurement, production, and transportation costs, sometimes by sacrificing excellent customer service.

Supply chain efficiency

________ is the extent to which a company's supply chain is focusing on maximizing customer service regardless of procurement, production, and transportation costs.

Supply chain effectiveness

Which of the following is an example of supply chain efficiency?

Apple sources its raw materials in a way to keep costs low.

________ is a data presentation standard first specified by the World Wide Web Consortium, an international consortium of companies whose purpose is to develop open standards for the Web.

Extensible Markup Language

________ allow(s) designers of Web documents to create their own customized tags, enabling the definition, transmission, validation, and interpretation of data between applications and between organizations.

Extensible Markup Language

Which of the following statements is true about XML?

XML instructs systems as to how information should be interpreted and used.

________ is an XML-based specification for publishing financial information.

Extensible Business Reporting Language

________ includes tags for data such as annual and quarterly reports, Securities and Exchange Commission filings, general ledger information, and net revenue and accounting schedules.

Extensible Business Reporting Language

Lee's department store uses the every day low prices strategy. This strategy hinges upon the store's ability to obtain consumer goods at the cheapest possible price and pass these savings on to consumers. Lee's store also developed its own distribution network for supplying its retail outlets with consumer goods. This distribution network allowed them to cut out external suppliers and middlemen, further driving down business costs. This implies that the competitive strategy used by this store would most likely focus on ________.

supply chain efficiency

Comptel, a world leader in computer hardware, differentiates itself from its customers by providing excellent after-sales service. This implies that the competitive strategy used by Comptel would most likely focus on ________.

supply chain effectiveness

________ uses the electromagnetic energy to transmit information between a reader (transceiver) and a processing device.

Radio frequency identification

________ can be used just about anywhere a unique identification system might be needed, such as on clothing, pets, cars, keys, missiles, or manufactured parts.

RFID tags

Which of the following statements is true about RFID systems?

RFID scanning can be done at greater distances than bar code scanning.

 Which of the following statements about an RFID passive tag is true?

They are small and inexpensive

Which of the following statements about an RFID active tag is true?

They have an internal battery source.

Which of the following is a main objective of customer relationship management applications focusing on downstream information flows?

to portray a positive corporate image

Which of the following portrays the individualized service benefit of a CRM system?

Learning how each customer defines product and service quality so that customized product, pricing, and services can be designed or developed collaboratively.

47) Which of the following rightly explains improved product development on using a CRM system?

Tracking customer behavior over time that helps to identify future opportunities for product and service offerings.

Which of the following examples portray the 24/7/365 operation of a CRM system?

Web-based interfaces that provide product information, sales status, support information, issue

tracking, and so on.

Which of the following rightly explains improved planning on using a CRM system?

Providing mechanisms for managing and scheduling sales follow-ups to assess satisfaction, repurchase probabilities, time frames, and frequencies.

________ includes the systems used to enable customer interaction and service.

Operational CRM

________ help create the mass e-mail marketing campaigns wherein each consumer receives an individualized e-mail based on their prior purchase history.

Operational CRM systems

Which of the following is a component of the operational CRM system?

sales force automation

Which of the following is a component of the analytical CRM system?

data mining and visualization

Which of the following is a component of the collaborative CRM system?

technologies to facilitate communication

________ is the first component of an operational customer relationship management that supports a broad range of business processes, including account and contact management, territory management, and order processing and tracking.

Customer service and support

Which of the following best explains improved morale of sales personnel due to sales force management systems?

Customer contact information being recorded using e-forms that automatically provide known customer data.

________ refers to systems that automate complaints, product returns, and information requests, among others.

Customer service and support

Which of the following advantages accruing to sales personnel can be attributed to sales force management?

improved scheduling

Which of the following best explains improved information for sales managers on account of sales force management systems?

sales performance data automatically tabulated and presented in easy-to-understand tables, charts, and graphs

________ refers to using multiple communication channels to support the communication preferences of users, such as the Web, the company's Facebook page, industry blogs, telephone and so on.

Enterprise marketing management

________ tools help a company in the execution of the CRM strategy by improving the management of promotional campaigns.

Enterprise marketing management

________ focuses on studying customer behavior and perceptions in order to provide the business intelligence necessary to identify new opportunities and to provide superior customer service

Analytical CRM

Organizations that effectively utilize ________ can more easily customize marketing campaigns from the segment level to even the individual customer.

analytical CRM

Which of the following business processes can be enhanced by the analytical CRM system?

price, quality, and satisfaction analysis of competitors

________ refers to systems for providing effective and efficient communication with the customer from the entire organization.

Collaborative CRM

________ facilitate the sharing of information across the various departments of an organization in order to increase customer satisfaction and loyalty.

Collaborative CRM systems

Which of the following statements best describes the productivity paradox for technology investment?

While it is easy to quantify the costs associated with developing an information system, it is often difficult to quantify tangible productivity gains from its use.

System efficiency is the extent to which a system ________.

enables people to do things faster or at lower cost

Which of the following is true for system effectiveness?

It is the extent to which a system enables the firm to accomplish goals well.

Which of the following scenarios demonstrates system efficiency?

The new information system at Barker's helped employees work faster, with less effort.

BelAir Tech replaced its outdated information system with a newer version. As a result, its employees reported a significant increase in work speed. Which of the following is most similar to BelAir's situation?

At Sterling Inc, the average number of application forms processed in an hour rose from 4 to 6 as a result of the new system.

B&Z Inc. implemented a new information system two months ago but there have been no concrete increases in productivity as a result of the system. A similar system has been in place at the company headquarters for the past two years, and this system has resulted in significant, quantifiable benefits. Which of the following reasons is the most likely explanation for the lack of results?

It can take years from the first implementation of this new system before the magnitude of benefits is felt by the organization.

Business case arguments based on ________ focus on beliefs about organizational strategy, competitive advantage, industry forces, customer perceptions, market share, and so on.

faith

Business case arguments based on fear are based on ________.

the notion that if the system is not implemented, the firm will lose out to the competition or go out of business

Business case arguments based on data, quantitative analysis, and/or indisputable factors are known as arguments based on ________.

facts

Which of the following is an example of a business case argument based on fear?

If we do not implement this system, our competitors could gain a significant advantage over us.

The total cost of ownership of a system refers to ________.

the total cost of acquisition and all costs associated with use and maintenance of a system

Which of the following is an example of a recurring cost associated with an information system?

employee salaries

Which of the following is an example of an intangible cost for a system?

cost of losing customers

BelAir Tech is conducting a cost-benefit analysis for its IS department. In this, the salary of an employee is an example of a(n) ________.

tangible and recurring cost

Which of the following is true for tangible costs?

They are relatively easy to quantify.

BelAir Tech implements a new information system and sees a 5 percent increase in monthly sales after implementation. This is a(n) ________ of the system.

) tangible benefit

"Increased customer reach of the new Web-based system will result in at least a modest increase in sales." This statement represents ________ for the company.

an intangible benefit

Which of the following is an example of an intangible benefit for a firm?

improved customer perceptions of the firm

A break-even analysis ________.

identifies at what point tangible benefits equal tangible costs

A method for deciding among different IS investments or when considering alternative designs for a given system is ________.

weighted multicriteria analysis

________ are alternative measures of outcomes that can help clarify what the impact of a change will be for a firm.

Proxy variables

Which of the following is the main advantage of customizable software over off-the-shelf software?

problem specificity

The first phase of the systems development life cycle is ________.

systems planning and selection

During the first phase of the systems development life cycle, organizations ________.

identify, plan, and select a development project from all possible projects that could be performed

The final phase of the systems development life cycle is ________.

systems maintenance

Requirements collection takes place during the ________ phase of the systems development life cycle.

systems analysis

________ is the process of gathering and organizing information from users, managers, customers, business processes, and documents to understand how a proposed information system should function.

Requirements collection

 ________ is a group meeting-based process for requirements collection.

Joint application design

) ________ represent(s) the movement of data through an organization or within an information system.

Data flows

________ represents the way in which data are transformed.

Processing logic

Processing logic is often expressed in ________, which is independent of the actual programming language being used.

pseudocode

After systems analysis, the next phase in the systems development life cycle is ________.

systems design

In an information system, a ________ is the point of contact between a system and users.

human–computer interface

A ________ is a business document containing some predefined data, often including some areas where additional data can be filled in.

form

A ________ is a business document containing only predefined data for online viewing or printing.

report

The processing and logic operations of an information system refer(s) to ________.

the procedures that transform raw data inputs into new or modified information

Software programming and testing takes place during the ________ stage of the systems development process.

systems implementation

Which of the following best describes developmental testing?

testing the correctness of individual modules and the integration of multiple modules

 ________ testing is testing of the overall system to see whether it meets design requirements.

Alpha

 Jason has just made some changes to the information system at BelAir Tech and wants to check if the system is working correctly. He wants to conduct a beta test of the system. Which of the following should he do to achieve this?

He should ask users of the system to test it using actual data.

________ testing involves testing of the capabilities of the system in the user environment with actual data.

 Beta

) Developmental testing of an information system is performed by ________.

programmers

________ testing is performed by actual users of the system.

Beta

Which of the following can be considered beta testing?

System users at URP feed data into a new information system to test its capability.

Programming is the process of ________.

transforming the system design into a working computer system

 ________ is the process of decommissioning the current way of doing things and installing the new system in the organization.

System conversion

Which of the following is true for patch management?

It helps in testing the correctness of individual modules and the integration of multiple modules of a system.

________ use the Internet to check the software vendor's Web site for available fixes for problems. The application downloads and installs these in order to fix software flaws.

Patch management systems

The process of making changes to an information system to repair flaws in design, coding, or implementation is known as ________.

corrective maintenance

The process of making changes to an information system to evolve its functionality, to accommodate changing business needs, or to migrate it to a different operating environment is known as ________.

adaptive maintenance

Which of the following types of system maintenance involves making enhancements to improve processing performance or interface usability?

perfective maintenance

Preventive maintenance of a system involves ________.

making changes to a system to reduce the chance of future system failure

BelAir Tech has a five-member team in charge of the development and maintenance of its information systems. An information system is in place, and the team performs routine maintenance to keep it running smoothly. Which of the following scenarios is an example of perfective maintenance?

Justin works on the system to make the user interface more user-friendly.

BelAir Tech has a five-member team in charge of development and maintenance of its information systems. An information system is in place, and the team performs routine maintenance to keep it running smoothly. Which of the following scenarios is an example of adaptive maintenance?

Sara knows that the company is migrating to a new operating environment in the next month, and makes the appropriate changes to the system.

Which of the following is true for prototyping?

It uses a trial-and-error approach for discovering how a system should operate.

BelAir Tech needs a new information system to manage increasing customer orders and changing demands. The company's five-member IS team is competent and capable of developing a new system, but BelAir decides against developing a system in-house. Which of the following, if true, would most weaken BelAir's decision?

The company's IS team is short-staffed and is finding it difficult to cope with increased work.

Which of the following steps takes place in an organization during both in-house systems development as well as external acquisition?

systems analysis

BelAir has decided to buy an information system from an external vendor. The company has made a list of its requirements and asked prospective vendors to submit proposals for the system. Which of the following is the next step in the company's external acquisition process?

proposal evaluation

Which of the following statements is true for a request for proposal?

It is a list of user requirements sent to prospective vendors.

________ is the use of standardized performance tests to facilitate comparison between systems.

Systems benchmarking

 BelAir has submitted a request for proposal to a number of vendors. It must now evaluate the proposals it has received. Which of the following methods can it use to compare the different systems?

systems benchmarking

________ licenses are activated as soon as the packaging of the software has been removed.

Shrink-wrap

A(n) ________ license refers to a license primarily used for downloaded software that requires computer users to choose "I accept"before installing the software.

click- wrap

An enterprise license is also known as a(n) ________ license.

volume

Which of the following is true for software as a service?

It allows clients to access services on an as-needed basis.

BelAir Tech has developed and run its own information system for the past ten years. However, the company has now decided to outsource its IS function to a service provider. Which of the following, if true, will strengthen BelAir's decision?

BelAir has seen a fall in company revenue over the last year.

Which of the following is an example of a basic relationship between an outsourcing vendor and client?

 BelAir sets its system preferences according to STS products.

A group of inexperienced computer operators cause the loss of valuable information. This information loss can be classified as one caused due to ________.

accidents

Which of the following is the most complete definition of a computer crime?

the act of using a computer to commit an illegal act

3) Which of the following is one of the main federal laws in the United States against computer crimes?

Electronic Communications Privacy Act of 1986

The Computer Fraud and Abuse Act of 1986 prohibits ________.

threatening to damage computer systems in order to extort money or other valuables

Which of the following US laws amended the Computer Fraud and Abuse Act to allow investigators access to voice-related communications?

the Computer Abuse Amendments Act

Which of the following acts have made it a crime to break into any electronic communications service, including telephone services?

the Electronic Communications Privacy Act

Violating data belonging to banks or other financial institutions is a crime in the United States. Which of the following legislations prohibit such violations?

the Computer Fraud and Abuse Act

Some violations of state and federal computer crime laws are punishable by fines and by not more than one year in prison. Such violations are charged as ________.

misdemeanors

Some computer criminals attempt to break into systems or deface Web sites to promote political or ideological goals. They are called ________.

hacktivists

Today, people who break into computer systems with the intention of doing damage or committing a crime are usually called ________.

crackers

WikiLeaks is a famous not-for-profit whistle-blowing Web site. MasterCard and Visa stopped payments to WikiLeaks after a series of leaks by the site. An anonymous group attacked the Web sites of both MasterCard and Visa reacting to this. These attackers, who tried to protect WikiLeaks, can be called ________.

 hacktivists

Employees steal time on company computers to do personal business. This can be considered an example of ________.

unauthorized access

) A(n) ________ is a destructive program that disrupts the normal functioning of computer systems.

virus

In May 2000, a malware email with "I LOVE YOU"in the subject field, spread to numerous computers in the world. The program replicated itself to everyone in the user's Outlook address book and then destroyed local files. This love email forced several organizations to shut down their e-mail systems. The malware discussed here is an example of a ________.

computer virus

Ronald downloads a movie from the Internet. During this process, his system gets affected by malicious software. The file does nothing initially and his system functions as usual for a few days. Later the file reproduces itself and starts to slow down his system. In a month's time his system is fully affected by the malware. Which of the following is most similar to the situation described here?

Anderson receives a malware file through email. On January 1st, the malware alters the name of his local files and displays funny names.

 A(n) ________ is a variation of a virus that is targeted at networks and takes advantage of security holes in operating systems and other software to replicate endlessly across the Internet. This causes servers to crash and denies service to Internet users.

worm

The official Web site of the Iranian government was made unreachable by foreign activists seeking to help the opposition parties during the 2009 Iranian election protests. Web sites belonging to many Iranian news agencies were also made unreachable by the activists. This cyber protest is an example of a(n) ________ attack.

denial of service

________ refers to any software that covertly gathers information about a user through an Internet connection without the user's knowledge.

Spyware

Which of the following terms represents junk newsgroup postings used for the purpose of advertising for some product or service?

spam

Robert receives a mail which says he has won an online lottery worth $50 Billion. Robert was wondering how he could win it without even buying the lottery. It was a spam mail intended to obtain the bank account details and the credit card number of Robert. Such attempts to trick financial account and credit card holders are called ________.

phishing

Phishing refers to the ________.

attempts to trick financial account and credit card holders into giving away their authorization information

Which of the following is a message passed to a Web browser on a user's computer by a Web server?

cookie

When using Yahoo Messenger, you get an unsolicited advertisement from a company. This advertisement contained a link to connect to the merchant's Web site. Which of the following is the best way of classifying this advertisement?

Cookie

Which of the following is the most accurate definition of a botnet?

destructive software robots, working together on a collection of zombie computers via the Internet

A hacker takes an individual's social security number, credit card number, and other personal information for the purpose of using the victim's credit rating to borrow money, buy merchandise, and otherwise run up debts that are never repaid. This practice is called ________.

identity theft

________ are false messages often circulated online about new viruses, earthquakes ; kids in trouble; cancer causes; or any other topic of public interest.

Internet hoaxes

Arbitron consultants, a leading software consulting firm in the United States, decide to launch ERP an ERP Solution. The company chooses the brand name ArbitEnterprise for the new solution. However, when the company attempted to register the domain name, it found that the domain name was registered to an unknown firm. The small firm is now attempting to sell the domain name to Arbitron. Which of the following terms refers to this practice of buying a domain name only to sell it for big bucks?

cybersquatting

Identify the term that represents the dubious practice of registering a domain name and then trying to sell the name for big bucks to the person, company, or organization most likely to want it.

cybersquatting

Cyber criminals gain information on a victim by monitoring online activities, accessing databases, and so on and make false accusations that damage the reputation of the victim on blogs, Web sites, chat rooms, or e-commerce sites. Such acts are called ________.

 cyberstalking

Which of the following refers to the practice of deliberately causing emotional distress in the victim?

 cyberbullying

Which of the following creations typically obtain patent rather than copyright?

material inventions

An organized attempt by a country's military to disrupt or destroy the information and communication systems of another country.Which of the following terms best represents such attacks by a country?

cyberwar

Independent citizens or supporters of a country that perpetrate attacks on perceived or real enemies are called ________.

patriot hackers

Jester is a famous hacker who describes himself as a "hacktivist for good." He launches attacks on terrorist sites that pose threats to nations. Jester claims that he is obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, oppressive regimes and other general bad guys. Jester can be called a(n) ________.

patriot hacker

________ is the use of computer and networking technologies, by individuals and organized groups, against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals.

Cyberterrorism

A mass cyber attack occurred in a country when it took severe actions against a group of citizens who protested the country's policies. The attack involved a denial-of-service in which selected sites were bombarded with traffic to force them offline. This is an example of

cyberterrorism

________ refers to the use of the vast amount of information available on the Internet regarding virtually any topic for planning, recruitment, and numerous other endeavors.

) Data mining

Which of the following is a significant disadvantage to using acts of cyberterrorism as a weapon?

 Cyberattacks cause more emotions in the public than the actual material destruction caused. 

________ refers to precautions taken to keep all aspects of information systems safe from destruction, manipulation, or unauthorized use or access.

Information systems security

Which of the following is a process in which you assess the value of the assets being protected, determine their likelihood of being compromised, and compare the probable costs of their being compromised with the estimated costs of whatever protection you might have to take?

risk analysis

An organization takes active countermeasures to protect its systems, such as installing firewalls. This approach is ________.

risk reduction

 An organization does not implement countermeasures against information threats; instead it simply absorbs the damages that occur. This approach is called ________.

risk acceptance

Ciscon Telecom is a mobile operator in the European Union. The company provides personalized services to its customers and its databases contain valuable information about its customers. The loss of customer information used to decide services would be extremely harmful to the organization. Which of the following strategies used by Ciscon is an example of risk transference?

The company insures any possible data loss for a large sum.

RBS Publishing is a leading media company in France. The company handles sensitive information and often finds it susceptible to information threats. As a counter measure the company installs strong firewalls and protective software. These steps are a part of ________ strategy.

risk reduction

An organization is using physical access restrictions to safeguard information systems when it uses ________.

 passwords

Your company uses a fingerprint recognition system instead of an access card. This helps the company prevent unauthorized physical access. Which of the following technologies is used for restriction here?

biometrics

An organization is using biometrics when it uses ________ to identify employees.

fingerprints

________ software allows computer users access only to those files related to their work.

Access-control

An attacker accesses a network, intercepts data from it, and uses network services and sends attack instructions to it without entering the home, office, or organization that owns the network. This new form of attack is known as ________ attack.

drive-by hacking

Albitrex Systems is an Asian software consulting firm which develops solutions for companies in the United States and Europe. The company is heavily dependent on Internet for transporting data. The company wants to ensure that only authorized users access the data and that the data cannot be intercepted and compromised. Which of the following would be most helpful to the company in achieving this goal?

 tunneling

Which of the following is a part of a computer system designed to detect intrusion and prevent unauthorized access to or from a private network?

firewall

Which of the following is a valid observation about encryption?

Encrypted messages cannot be deciphered without the decoding key.

Implementing encryption on a large scale, such as on a busy Web site, requires a third party, called a(n) ________.

certificate authority

________ software is used to keep track of computer activity so that inspectors can spot suspicious activity and take action.

Audit-control

A cold backup site is a(n) ________.

empty warehouse with all necessary connections for power and communication

An organization builds a fully equipped backup facility, having everything from office chairs to a one-to-one replication of the most current data. This facility is called a(n) ________ backup site.

hot

Some data centers rent server space to multiple customers and provide necessary infrastructure in terms of power, backups, connectivity, and security. Such data centers are called ________.

collocation facilities

Which of the following terms refers to a computer, data, or network site that is designed to be enticing to crackers so as to detect, deflect, or counteract illegal activity?

honeypot

The ________ policy explains technical controls on all organizational computer systems, such as access limitations, audit-control software, firewalls, and so on.

security

Identify the policy that lists procedures for adding new users to systems and removing users who have left the organization.

account management policy

Which of the following types of plans describes how a business resumes operation after a disaster?

business continuity plan

 Recovery point objectives of a recovery plan specify ________.

the maximum time allowed to recover from a catastrophic event

Controls that are used to assess whether anything went wrong, such as unauthorized access attempts are called ________ controls.

detective

Organizations periodically have an external entity review the controls so as to uncover any potential problems in the controls. This process is called ________.

an information systems audit

Which of the following laws makes it mandatory for organizations to demonstrate that there are controls in place to prevent misuse or fraud, controls to detect any potential problems, and effective measures to correct any problems?

Sarbanes-Oxley Act

Which of the following types of control is used to define the aims and objectives of an organization?

 policies

Which of the following is an example of organization and management control?

policies about incident reporting