28) There are a number of risks that may be associated with ERP implantation. Which of the following is not a risk in this process? a implementing companies have found that staff members, employed by ERP Consulting firms, do not have sufficient experience in implementing new systems b. Implementing firms fail to select systems that properly support their business activities c. The selected system does not adequately meet the adopting firm's economic growth d. ERP's are too large, complex, and generic for them to be well integrated into most company cultures 29) Auditors of ERP systems a. Need not be concemned about segregation of duties because these systems possess strong computer controls b. Are concerned that managers fail to exercise adequate care in assigning permissions c. Do not see the data warehouse as an audit or control issue because financial records are not store there d. Need not review access levels granted to users because these are determined when the system is configured 30) Which of the following is correct? a. Only one individual can be assigned to a role b. A role is a formal technique for grouping together users according to the system resources they need to perform their assigned tasks C. RBAC assigns specific access privileges to individuals d. Because of the use of roles, access security concerns are essentially eliminated in ERP environments 31) Which of the following is a service within the doud computing spectrum? a. Software as a Service (SaaS) b. Performance as a Service (PaaS) c. Internet as a Service (laas) d. All of the above 32) Which of the following is an example of virtualization? a. An attack focused on current traffic confirmed with a ping and echo process b. Multiple network drives appearing as one drive c. Files containing user information that are created by the web server of the site being visited d. A network covering a wide area 33) Which of the following is not a seal granting organization? a. TRUST b. Verisign c. Caesar Cipher Systems d. ICSA