1. Going through your garbage can or a communal dumpster or trash bin to obtain copies of your checks, credit card or bank statements, or other records that typically have your name, address, and telephone number

a. Dumpster diving

b. Smishing

c. Shoulder surfing

d. Phishing scams

2. Is a set of moral principles or values

a. Ethical Issues

b. Privacy

c. Cookie

d. Ethics

3. Employees who experience guilt or remorse from their crimes, or who fear discovery, often express these feelings in unusual behavior

a. Lifestyle Changes

b. Unreasonable Anomalies

c. Accounting Irregularities

d. Behavioral Changes

4. Smashing is a similar scam using text messages on cell phones.

True

False

5. ACFE, a global network of professional firms providing audit, tax, and advisory services, conducts surveys on fraud and business integrity.

True

False

6. External control weakness is a control procedures are often absent, weak, or ignored in computer fraud

True

False

7. Perhaps the most important clue to computer fraud is the presence of many odd or unusual anomalies that somehow go unchallenged

a. Lifestyle Changes

b. Behavioral Changes

c. Accounting Irregularities

d. Unreasonable Anomalies

8. Many people respond to unsolicited email that promises some benefit but requests identifying data, which criminals use to apply for loans, credit cards, fraudulent withdrawals from bank accounts, or other goods

a. Spam and other emails

b. Key logging software

c. Shoulder surfing

d. Applications for ''preapproved'' credit cards

9. A strict definition of computer crime must be found in the law.

True

False

10. Is an especially important problem for banks because hackers often create bogus websites that trick bank customers into revealing their account numbers and passwords

a. Spam and other emails

b. Key logging software

c. Smishing

d. Phishing

11. It is an ethical issue allowing unauthorized individuals to view private informationfor example, financial data on a mortgage loan application or the results of diagnostic medical tests stored in the files of local area networks

a. Protecting Confidential Information

b. Honesty

c. Protecting Computer Systems

d. Social Responsibility

12. Computer abuse involves the manipulation of a computer or computer data, by whatever method, to dishonestly obtain money, property, or some other advantage of value.

True

False

13. Refers to an act in which someone wrongfully obtains and uses another person's personal data for fraud or deception

a. Identity theft

b. Smishing

c. Phishing scams

d. Shoulder surfing

14. The Computer Security Institute (CSI) conducts an annual survey to help determine the scope of computer crime in the United States.

True

False

15. Thieves steal identities in a number of ways including shoulder surfing (stealing personal information from garbage cans), taking delivered or outgoing mail from house mail boxes, or telephone solicitations that ask for personal information.

True

False

16. Employees who miraculously solve pressing financial problems or suddenly begin living extravagant lifestyles are sometimes merely broadcasting fraud

a. Unreasonable Anomalies

b. Behavioral Changes

c. Accounting Irregularities

d. Lifestyle Changes

17. Social responsibility conflicts with other organizational goals.

True

False

18. The absence of good computer-crime statistics does not detract from the importance of computer crime and abuse on accounting information systems.

True

False

19. A small text file that stores information about your browsing habits and interests, as well as other information that you may supply by logging onto the site.

a. Cookie

b. Privacy policy

c. Value cards

d. Privacy

20. In contrast, computer crime means the unauthorized use of a computer for purposes contrary to the wishes of the computer's owner's.

True

False

21. Validating Processing Results is the validity, accuracy, and completeness of computerized output in AISs can be established through the preparation of activity listings that document processing activity. Statement 2: Software controls prevent and detect errors while transaction data are processed.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

22. Statement I: A Cold site that also includes up-to-date backup data is called a flying-start site because it can assume full data processing operations within a matter of seconds or minutes. Statement II: A Hot site is a location where power and environmentally controlled space are available to install processing equipment on short notice.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

23. Statement I: The purpose of file security controls is to protect computer files from either accidental or intentional abuse. Statement II: General controls begin with a security policy, a comprehensive plan that helps protect an enterprise from external threats.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

24. STATEMENT I: The basic objective of each remote computer was to meet the specific processing needs of the remote location and communicate summary results to the centralized (host) computer. STATEMENT II: A current trend in security practice is to merge physical security and logical security across an organization.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

25. The following are examples of logical security EXCEPT;

a. Biometrics

b. application-level firewalls

c. shred sensitive documents

d. smart cards

26. If a control total were to be computed on each of the following data items, which would best be identified as a hash total for a payroll IT application?

A. Gross wages earned.

B. Employee numbers.

C. Total hours worked.

D. Total debit amounts and total credit amounts

27. DPPS can be used to prevent a company's competitors from electronically monitoring confidential data transmissions. *

True

False

28. Statement I: Logical security uses technology to limit access to the organization's systems and information to only authorized individuals. Statement II: Physical security refers to any measures that an organization uses to protect its facilities, resources, or its proprietary data that are stored on physical media.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

29. The following are example of physical security EXCEPT;

a. application-level firewalls

b. alarm systems

c. guards

d. surveillance systems

30.When desktop computers became economically feasible, firms began placing them through-out the organization and linked them to a centralized computer to form a DISTRIBUTED DATA PROCESSING (DDP) SYSTEM.

A. EAVESDROPING

B. CONTROL FOR PERSONAL COMPUTER

C. CONTROL FOR NETWORKS

D. ROUTING VERIFICATION

31. DATA ENCRYPTION controls apply to all information systems. Accordingly, the controls at this level are critical for reliance on application controls. *

True

False

31. Statement 1: Input Control examine selected fields of input data and reject those transactions whose data fields do not meet the preestablished standards of data quality. Statement 2: Output controls focus on detecting errors after processing is completed rather than preventing errors prior to processing

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

32. The following are some computer facility controls that prevent both unintentional and intentional physical harm EXCEPT;

a. Locate Data Processing Centers in Safe Places

b. Unlimited Employee Access

c. Limit Employee Access

d. Buy Insurance

33. Examine selected fields of input data and reject those transactions (or other types of data input) whose data fields do not meet the pre-established standards of data quality.

A. Validating Processing Result

B. Additional Input Controls

C. Edit Test

D. Processing Controls

34. Ensures the output's validity. Includes validation of processing results and regulating the distribution and use of printed output.

A. Input Controls

B. Control Totals

C. Processing Controls

D. Output Controls

35. STATEMENT I: Message acknowledgment procedures are useful in preventing the loss of part or all of a transaction or message on a computer network system. STATEMENT II: Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

36. Ensure the validity, accuracy, and completeness of the data entered into an AIS.

A. Input Controls

B. Output Controls

C. Processing Controls

D. Validating Processing Result

37. STATEMENT I: Header Label procedures help to ensure that no transactions or messages are routed to the wrong computer network system address. STATEMENT II: Regulating who is permitted logical access to computers and files is an important general control in terms of safeguarding sensitive organizational data and software.

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

38. Statement 1: The purpose of Additional Input Controls application controls is to prevent, detect, and correct errors and irregularities in processing transactions. Statement 2: Control totals focus on the manipulation of accounting data after they are input to the computer system

A. TRUE, TRUE

B. FALSE, FALSE

C. TRUE, FALSE

D. FALSE, TRUE

39. A simple diagram that shows estimated completion times versus actual completion times for the various activities in a systems implementation project is a(n): *

A. E-R diagram

B. PERT chart

C. Data flow diagram

D. Gantt chart

40. STATEMENT 1: Choosing a system requires evaluating system performance capabilities, costs and benefits, system maintainability, system compatibility with other systems, and vendor support. STATEMENT 2: Preliminary investigation of the system in question and advises the steering committee of its findings. One important part of this work is to separate symptoms from causes. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

41. In a PERT network diagram, the amount of delay time that can occur in a non-critical activity and still not delay the estimated completion time of a systems implementation project is called: *

A. Slack time

B. Noncritical time

C. Critical time

D. none of the above

42. STATEMENT 1: Systems do not meet users' needs, causing employee frustration, resistance, and even sabotage. Systems are difficult and costly to maintain. STATEMENT 2: In large organizations, system redesigns or new development work typically involve millions of dollars, making mistakes very costly. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statements are correct

D. Both statement are incorrect

43. STATEMENT 1: The steering committee can ask the computer vendors to submit bid proposals for such a complete system, or alternatively, can ask each vendor to provide separate bids for hardware and software. STATEMENT 2: Operational feasibility requires the design team to estimate how long it will take a new or revised system to become operational and to communicate this information to the steering committee. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

44. In developing and implementing IT, the study team and steering committee must consider organizational goals. These include: *

A. General, technical, and top management goals

B. General, operating management, and technical goals

C. Top management, operating management, and economic goals

D. Top management, operating management, and general systems goals

45. STATEMENT 1: A preliminary investigation of a current system is conducted by the steering committee; Implementation, follow-up, and maintenance of IT includes acquiring resources for the new systems. STATEMENT 2: In designing an AIS, the design team will begin with outputs; The more work done during planning and analysis, the less likely the new system will fail. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

46. A complete, ready-to-go system of computer hardware and software is also sometimes called a(n): *

A. Turnkey system

B. Canned system

C. Kitchen-sink system D All-in-one system

D. All-in-one system

47. STATEMENT 1: System maintenance continues the tasks created by the initial follow up study, except that experts from the company's IT subsystem now perform the modifications exclusively. STATEMENT 2: Detailed systems design begins with the design of outputs, and then inputs and processes. Designers may choose a prototyping approach to create the new system. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

48. Requires the design team to estimate how long it will take a new or revised system to become operational and to communicate this information to the steering committee. *

A. Schedule Feasibility

B. Legal Feasibility

C. Economic Feasibility

D. Operational Feasibility

49. STATEMENT 1: Face-to-face interviews allow the study team to gather system information in the greatest depth and sometimes reveal surprises. STATEMENT 2: Systems implementation is often called the action phase of a systems study because the recommended changes from the prior analysis, design, and development work are now put into operation. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

50. Apply to most organization's information systems and help an AIS contribute to an efficient and effective organization. *

A. Top management systems goals

B. General systems goals

C. Operating management goals

D. Economic goals

51. STATEMENT 1: Prototyping means developing a simplified model of a proposed information system. A prototype is a scaled down, experimental version of a nonexistent information system that a design team can develop cheaply and quickly for user evaluation purposes. STATEMENT 2: The accountants on the design team will analyze the costs of every vendor's proposed system in relation to the system's anticipated performance benefits. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

52. STATEMENT 1: Systems do not meet users needs, causing employee frustration, resistance, and even sabotage. STATEMENT 2: The time required to complete the new system vastly exceeds the development schedule often by years. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

53. STATEMENT 1: Implementation, Follow-up, and Maintenance an organization designs changes that eliminate or minimize the current system's weak points while preserving its strengths. STATEMENT 2: Analysis involves performing a preliminary investigation of the existing system, organizing a systems study team, and developing strategic plans for the remainder of the study. *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

54. Is to enable the study team to obtain a more complete understanding of the company's current operational information system and its environment. *

A. Data Gathering

B. Systems Survey

C. Data Analysis

D. Systems Analysis

55. An intensive investigation of a company's present information system in order to discover systems weaknesses is termed a: *

A. Systems study

B. Systems design

C. Systems follow-up

D. Systems survey

56. STATEMENT 1: Systems analysis work necessarily takes longer than a preliminary investigation, typically months. STATEMENT 2: Operational feasibility analysis is mostly a human relations study because it is strongly oriented toward people problems *

A. First statement is correct; the second statement is incorrect

B. The first statement is incorrect; the second statement is correct

C. Both statement are correct

D. Both statement are incorrect

57. Which of these is not a phase in the life cycle of an information system? *

A. Planning

B. Analysis

C. Control

D. Implementation

58. Which one of the four stages in the Systems Development Life Cycle is likely to be the most costly for a new system? *

A. Planning and Investigation

B. Analysis

C. Design

D. Implementation, Follow-up, & Maintenance