ACC300

PART ONE (60 MARKS) Question I (30 marks) Information Security determines as the process of protecting information and information assets, to preserving confidentiality, integrity, and availability of information (ISO17799, 2004). It is a major issue for businesses, their clients and the public. From 1997 to 2001, U.S. organizations spent over $2.5 trillion on information technology, nearly double the amount than the previous five years. Write a report on Information security to be raised to your manager, in no more than 1000 words, you should cover the following issues: 1- What is Information security. 2- The goal of information security management 3- Describe the risks and attacks related to information security and systems integrity. 4- Distinguish between the concepts of encryption and authentication. 5- Common computer frauds. (Credit will be given to the answers that include examples from practice. You may rely on your research or / and work experience to support your answers). Question 2 (30 marks) Consider the following narrative describing the process of filling a customers order at Second Cup branch: A Second Cup customer entered the drive-through lane and stopped to review the menu. He then ordered Brewed Coffee and a Blueberry Bran Muffin from the barista. The barista recorded the order in the cash register. While the customer drove to the window, the barista filled a cup with Brewed Coffee, put a lid on it, and retrieved the Blueberry Bran Muffin from the pastry case and placed it in a bag. The barista handed the bag with the muffin and the hot coffee to the customer. The customer has an option to pay with cash, credit card, or Second Cup gift card. The customer paid with a gift card. The barista recorded the payment and returned the card along with the receipt to the customer. Use BPMN to model Second Cup process of taking a customer order using the following independent assumptions: A. No additional assumptions. Identify the start and end events and the tasks that the barista performs. Include any gateways whenever there are alternative tasks. (10 Marks) B. The barista prepares each item in the order before delivering the order to the customer. Model the process to include a looping task. (10 Marks) C. The coffee needs time to brew and isnt immediately available. The barista asks the customer if he wants to wait. If the customer waits, 5 minutes will pass, and then the coffee can be prepared. Model the process to include an intermediate error event and an intermediate timer event. (10 Marks) PART TWO (40 marks) Question 1: (10 marks) Refer to this diagram to answer questions 1 through 10. 1. Which of the following best describes the meaning of the multiplicities next to the number 1 in the preceding diagram? A. Stocks are traded in only one exchange. B. Stocks are traded in a minimum of zero exchanges. C. Stocks are traded in a maximum of many exchanges. D. Both "Stocks are traded in a minimum of zero exchanges" and "Stocks are traded in a maximum of many exchanges" are correct. 2. Which of the following best describes the meaning of the multiplicities next to the number 2 in the preceding diagram? A. Each exchange trades at least one stock. B. Each exchange trades a minimum of zero stocks. C. Each exchange trades a maximum of many stocks. D. Both "Each exchange trades at least one stock" and "Each exchange trades a maximum of many stocks" are correct. 3. Which of the following is true to implement the Stock Exchanges and Stocks classes and the association between them in the preceding UML class diagram in a database? A. The primary key of Stocks is a foreign key in Stock Exchanges. B. The primary key of Stock Exchanges is a foreign key in Stocks. C. The association between Stocks and Stock Exchanges is implemented as a linking table. D. Both "The primary key of Stocks is a foreign key in Stock Exchanges" and "The primary key of Stock Exchanges is a foreign key in Stocks" are true. E. None of these is true. 4. Which of the following best describes the meaning of the multiplicities next to the number 3 in the preceding diagram? A. Each transaction involves at least one stock. B. Each transaction involves only one stock. C. Each transaction involves a minimum of zero stocks. D. Each transaction involves a maximum of many stocks. E. Both "Each transaction involves at least one stock" and "Each transaction involves only one stock" are correct. 5. Which of the following best describes the meaning of the multiplicities next to the number 4 in the preceding diagram? A. Each stock is bought/sold at least once. B. Each stock is bought/sold only once. C. Each stock is bought/sold a maximum of many times. D. Each stock is bought/sold a minimum of many times. E. Both "Each stock is bought/sold at least once" and "Each stock is bought/sold a maximum of many times" are correct. 6. Which of the following is true to implement the Buy/Sell Transactions and Stocks classes and the association between them in the preceding UML class diagram in a database? A. The primary key of Stocks is a foreign key in Buy/Sell Transactions. B. The primary key of Buy/Sell Transactions is a foreign key in Stocks. C. The association between Stocks and Buy/Sell Transactions is implemented as a linking table. D. Both "The primary key of Stocks is a foreign key in Buy/Sell Transactions" and "The primary key of Buy/Sell Transactions is a foreign key in Stocks" are true. E. None of these is true. 7. Which of the following best describes the meaning of the multiplicities next to the number 5 in the preceding diagram? rev: 10_25_2017_QC_CS-106840 A. Each Broker is involved in one Buy/Sell Transaction. B. Each Broker is involved in many Buy/Sell Transactions. C. Each Broker is involved in a minimum of one Buy/Sell Transaction. D. Each Broker is involved in a minimum of zero Buy/Sell Transactions. E. Both "Each Broker is involved in a maximum of many Buy/Sell Transactions" and "Each Broker is involved in a minimum of zero Buy/Sell Transactions" are correct. 8. Which of the following best describes the meaning of the multiplicities next to the number 6 in the preceding diagram? A. Each Buy/Sell Transaction involves one Broker. B. Each Buy/Sell Transaction involves many Brokers. C. Each Buy/Sell Transaction involves a minimum of zero Brokers. D. Each Buy/Sell Transaction involves a maximum of many Brokers. E. Both "Each Buy/Sell Transaction involves one Broker" and "Each Buy/Sell Transaction involves a maximum of many Brokers" are correct. 9. Which of the following is true to implement the Buy/Sell Transactions and Brokers classes and the association between them in the preceding UML class diagram in a database? A. The primary key of Brokers is a foreign key in Buy/Sell Transactions. B. The primary key of Buy/Sell Transactions is a foreign key in Brokers. C. The association between Brokers and Buy/Sell Transactions is implemented as a linking table. D. Both "The primary key of Brokers is a foreign key in Buy/Sell Transactions" and "The primary key of Buy/Sell Transactions is a foreign key in Brokers" are true. E. None of these is true. 10. Which of the following is true to implement the Stock Exchanges and Brokers classes in the preceding UML class diagram in a database? A. The primary key of Brokers is a foreign key in Stock Exchanges. B. The primary key of Stock Exchanges is a foreign key in Brokers. C. The association between Brokers and Stock Exchanges is implemented as a linking table. D. Both "The primary key of Brokers is a foreign key in Stock Exchanges" and "The primary key of Stock Exchanges is a foreign key in Brokers" are true. E. None of these is true. Question 2 (30 marks) You are working on the BB audit and have been asked to help your manager understand What is Blockchain?, What are the challenges associated with auditing their use of Blockchain technology. Without having a detailed understanding of how BB uses Blockchain: A. Educate your manager on the general issues and challenges for auditors with Blockchain technology. (20 marks) B. Show how audit and assurance might evolve with Blockchain (10 marks)