The information systems$$ organization, ISACA, conducts an annual survey of cybersecurity at firms from around the world. ISACA sends survey questionnaires via email$($SurveyMonkey$)$ to all professionals that hold$$ ISACA's Certified Information Security Manager designation. Over$1,500$ professionals participated in the $2019$ cybersecurity survey. Each was asked whether or not they expect to experience a cyberattack$($e$.$g$.,$ a$$ Malware, hacking, or phishing$$ attack$)$ against their firm in the coming year. About $\%$ of the respondents expect to experience a cyberattack during the year. Complete parts a through d$.$

Question content area bottom

Part $1$

a$.$ Identify the population of interest to ISACA. Choose the correct answer below.

A$.$

All firms that experienced cyberattacks

B$.$

The over$1,500$ professionals who participated in the survey

C$.$

All firms

D$.$

All cybersecurity professionals

Part $2$

b$.$ Identify the$$ data$-$collection method used by ISACA. Are there any potential biases in the method$$ used?

Identify the$$ data$-$collection method used by ISACA. Choose the correct answer below.

A$.$

The data are from a published source.

B$.$

The data are from a designed experiment.

C$.$

The data are from a survey.

D$.$

The data were collected observationally.

Part $3$

Are there any potential biases in the method$$ used? Select all that apply.

A$.$

The method potentially has selection bias due to most cybersecurity professionals not being eligible for the survey.

B$.$

The method potentially has nonresponse bias due to the respondents being able to choose whether or not to respond.

C$.$

The method potentially has measurement error due to ambiguous or leading questions.

D$.$

There are no potential biases.

Part $4$

c$.$ Describe the variable measured in the ISACA survey. Is it quantitative or$$ qualitative?

A$.$

The variable measured is the number of respondents to the survey. This is a quantitative variable.

B$.$

The variable measured is whether the respondent expects a cyberattack during the year. This is a qualitative variable.

C$.$

The variable measured is the percentage of firms that experienced a cyberattack during the year. This is a qualitative variable.

D$.$

The variable measured is the number of respondents that expect a cyberattack during the year. This is a quantitative variable.

Part $5$

d$.$ What inference can be made from the study$$ result?

A$.$

Most cybersecurity professionals expect to experience a cyberattack during the year.

B$.$

Most firms are not expecting cyberattacks during the year.

C$.$

Most cybersecurity professionals have experienced cyberattacks during the year.

D$.$

All firms are prepared for cyberattacks during the year.