0% found this document useful (0 votes)

191 views49 pages

CS507 Subjective Questions

The document contains 20 multiple choice questions about various topics related to information systems including components of decision support systems, ethics, stand alone processing, intrusion detection, password security, risk identification, data driven decision support systems, re-engineering, reasons for adopting ERP systems, virus transmission, information in purchase systems, information quality checklists, active monitors, incremental software development models, ethical challenges in information security, benefits of e-commerce, disaster recovery planning, information requirements for medium sized organizations, reasons for securing information systems, and examples of access controls and risk mitigation options.

Uploaded by

Miralkhan003 Miralkhan003

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

191 views49 pages

CS507 Subjective Questions

Uploaded by

Miralkhan003 Miralkhan003

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 49

Question No: 1 ( Marks: 2 ) What are the basic components of DSS?

There are two major components

• DSS data base – is a collection of current and historical data from internal external sources. It can be a
massive data warehouse.

• Decision Support Software system – is the set of software tools used for data analysis.

Question No:2 vuzs ( Marks: 2 ) Define the following:

a) Ethics Ethics are moral choice made by individual in relation to the rest of the community, rules of
governing members and standards of acceptable behaviour.

b) Code of ethics

Code of ethics is collection of rules as guide for the members of the organization.

Question No: 3 ( Marks: 2 ) What is Stand Alone Processing?

Self contained is a micro computer that is not connected to a network. Processing on this computer is
called stand alone processing.

Question No: 4 ( Marks: 2 ) Define intrusion detection?

Intrusion Detection is a process that identifies the attempts to penetrate the system and gain
unauthorized access.

Question No: 5 ( Marks: 3 ) How can we make our password secure?

1: Keep secret

2: Don’t write anywhere

3: Always use the password with combination of letters, numbers, upper and lower cases

4: change password regular basis

Question No: 6( Marks: 3 ) What are some of the things you should keep in mind when identifying
risks?

The network attackers are getting smarter every day. Organizations and people want their data to be
protected. Businesses must operate within a similar risk management culture. A comprehensive risk
based approach starting from identifying risks may be a better solution.

Question No:7 ( Marks: 3 ) What is Data Driven Decision Support System?

Data driven DSS use large pool of data in major organizational systems. They help to extract information
from large quantities of data stored. These systems rely on Data Warehouses created from Transaction
Processing systems.

They use following techniques for data analysis

• Online analytical processing, and

• Data mining

Question No: 8 ( Marks: 3 ) Define Re-engineering?

Re engineering is the fundamental rethinking and redesigning of business process to achieve dramatic
improvement in critical, contemporary measures of performance, such as cost, quality, service and
speed.

Question No: 9 ( Marks: 5 ) List any five reasons that attract organizations to ERP?

Answer:

1. Planning the operations

2. Integrated customer related information – order tracking with customer database, inventory and
shipment at different locations.

3. Standardized HR information – A company with multiple business units will require a comprehensive
and all-encompassing method of locating employees and communicating with them.

4. Integrated financial information and analysis.

5. Monitoring the operations including those of sub-vendors and manufacturers

Question No: 10 vuzs ( Marks: 3 ) How virus and worms can be transmitted into computers? Identify
any three sources?

Answer:

Virus or worms are transmitted easily from the internet by downloading files to computers web
browsers. Other methods of infection occur from files received though online services, computer bulletin
board systems, local area networks. Viruses can be placed in various programs, for instance

1. Free Software – software downloaded from the net

2. Pirated software – cheaper than original versions

3. Games software – wide appeal and high chances

4. Email attachments – quick to spread

5. Portable hard and flash drives – employees take disks home and may work on their own personal PC,
which have not been cleaned or have suitable anti-viruses installed on them.

Question No: 11( Marks: 3 )How the information is kept in the purchase system?

A simple example can be given of a purchase and sales system. In a typical purchase system information
related to purchase of materials is kept, for instance,

● Orders for the purchase of various materials

● Status of deliveries received against specific orders
● Changes in the order quantity, time, day or other information
● Quality inspection reports and whether they need to be communicated to the supplier
● Updated status report of stock
● Issues made out of the stock
Question No: 12 ( Marks: 2 )What is information Quality Checklist?

Answer: The information can also be ranked in accordance with the qualities it has in it. The experts
have devised certain criteria to evaluate the quality of information. Those some points which are used to
evaluate the quality are known as quality checks.

Question No: 13 ( Marks: 2 ) What are Active monitors? Define.

Answer: This software serves the concurrent monitoring as the system is being used. They act as a guard
against viruses while the operating system is performing various functions e.g connected to internet,
transferring data, etc.

Question No: 14 (Marks: 3 Briefly describe Incremental Model.

Answer: In incremental models, software is built not written. Software is constructed step by step in the
same way a building is constructed. The product is designed, implemented, integrated and tested as a
series of incremental builds, where a build consists of code pieces from various modules interacting
together to provide a specific functional capability and testable as a whole.

Question No: 15 ( Marks: 3 ) Information system security association of USA has listed many ethical
challenges, identify any three of them?

Answer:

1. Misrepresentation of certifications, skills

2. Abuse of privileges

3. Inappropriate monitoring

Question No: 16 ( Marks: 5 ) What do you think what are the key benefits of Ecommerce to
organizations?
Answer: Advantages of E-Commerce to the Online Business

•E-Commerce helps to Increase the sales revenue to the business

• Business people can spend less money and earn high profits with e-commerce

• Easily we can track the segment of customers who are happy with purchasing goods through online

• Instantaneous global sales presence in quick time

• We can Operate the business in 24 *7 basis

• Easily we can increase our business customers

• We set up shop anywhere in the world, self-governing of geographical locations

• Inexpensive way to turn your Web site into a revenue center

• Reduce Customer Support costs via e-mail marketing & customary newsletters

• We can create customized mailing list

• Easily we can drive free traffic to the website

• We can easily promote our business website by using various promotional activities such as Search
Engine Optimization, Pay Per Click Management, Email Marketing, Social Media Optimization, Online
Banner Advertisement, Online Branding and Affiliate Management.

Question No: 17 ( Marks: 5 ) What do you understand by Disaster Recovery Planning?

A disaster recovery plan is a comprehensive statement of consistent actions to be taken before, during
and after a disaster. The plan should be documented and tested to ensure the continuity of operations
and availability of critical resources in the event of a disaster.

This typically details the process IT personnel will use to restore the computer systems. Disaster recovery
plans may be included in the business continuity plan or as a separate document all together. Business
continuity plan may not be comprehensively available in a non-critical environment but Disaster
Recovery Plan should be there at least to manage and help organization to recover from disasters. A
subcomponent of business continuity plan is the IT disaster recovery plan. IS processing is one operation
of many that

keep the organization not only alive but also successful, which makes it of strategic importance.

Question No: 18 ( Marks: 2 ) List information Requirements for Medium sizes organizations.

Answer:

Planning for required Information

Monitoring of information of planning.

Question No: 19 ( Marks: 2 ) Why we need to secure information systems?

Sound security is fundamental to achieving this assurance. Furthermore, there is a need for organizations
to protect themselves against the risks inherent with the use of information systems while
simultaneously recognizing the benefits that can accrue from having secure information systems. Thus,
as dependence on information systems increases, security is universally recognized as a pervasive,
critically needed, quality.

Question No: 20 ( Marks: 3 ) What is access control? Give example

Answer: Access Controls

These controls establish the interface between the would-be user of the computer system and the
computer itself. These controls monitor the initial handshaking procedure of the user with the operating
system. For example when a customer enter the card and the pin code in an automatic

teller machine (ATM), the access controls are exercised by the system to block unwanted or illegitimate
access.

Question No: 21 ( Marks: 3 )

Risk mitigation is a process that takes place after the process of risk assessment has been completed.
Discuss briefly various risk mitigation options?

Answer:

• Risk assumption: To accept the potential risk and continue operating the IT system or to implement
controls to lower the risk to an acceptable level.

• Risk Avoidance: To avoid the risk by eliminating the risk cause and e.g. forgo certain functions of the
system or shut down the system when risks are identified.

• Risk Limitation: To limit the risk by implementing controls that minimize the adverse impact of a
threat’s exercising a vulnerability e.g. use of supporting preventive and detective controls.

• Risk Planning: To manage risk by developing a risk mitigation plant that predicts implements and
maintains controls.

• Research and acknowledgement: To lower the risk of loss by acknowledging vulnerability or flaw and
researching controls to correct the vulnerability.

• Risk Transference: To transfer the risk by using other options to compensate loss such as purchasing
insurance.

Question No:22 ( Marks: 3 ) Differentiate CRM from ERP ?

Answer: ERP & CRM

Customer has become of critical importance in the modern day business. Early on, organizations used to
focus more on how much has been sold what has been produced. But now the focus is quite different.
Focus has been placed on the requirements of the customer, providing quality service and quickness of
response to customer queries. Analysis of the customer data from their personal habits to spending
one’s have become a crucial element of doing a successful business. ERP has this unique potential to
improve the quality of customer handling.

Question No: 21 ( Marks: 5 ) Differentiate Impact analysis from Risk determination?

This phase relates to analyzing how much the information assets are exposed to various threats
identified and thus quantifying the loss caused to the asset through this threat.

This phase relates to analysis of both physical and logical threats. It measures level of risk is to determine
the adverse impact resulting into a successful exercise of vulnerability. The information can be obtained
from existing organizational documentation, such as the mission impact analysis report or asset criticality
assessment report. A business impact analysis report or asset criticality assessment report. The adverse
impact of a security event can be described in terms of loss or delay of any or all of the three security
goals. Confidentiality, integrity, availability.

Question No: 22 ( Marks: 2 ) What are the physical threats for Information System.

Answer: Physical threats

The risks of physical damage render the computer hardware becomes useless due to the damage caused
to it by natural disasters (Fire, earth quake, flood), pollution-Dust, energy Variations. Reasonable
measures should be taken to avoid undesirable consequences.

Question No: 23 ( Marks: 2 ) List any two types of information that can be used as input for
vulnerability. Following information is used as an input

2. Any audit comments

3. Security requirements

Question No: 24 ( Marks: 2 ) List down different types of SUPPLY CHAIN.

Types of Supply Chains

Supply chain may exist in various forms depending on the need of the business:

1. Made to Store

2. Continuous Replenishment

3. Built to order
Question No: 25 ( Marks: 3) What do u know about Key stroke Monitoring? (3)

Answer : A record of every keystroke---- often called keystroke monitoring. Keystroke monitoring is the
process used to view or record both the keystrokes entered by a computer user and the computer's
response during an interactive session. Keystroke monitoring is usually considered a special case of audit
trails.

Question No: 26 ( Marks: 3 ) Identify roles and responsibilities of any three professionals in an
organization.

Answer: 1-Data Owners — responsible for determining sensitivity or classification levels of the data as
well as maintaining accuracy and integrity of the data resident on the information system;

2-Process Owners — responsible for ensuring that appropriate security, consistent with the
organization’s security policy, is embedded in their information systems;

3-Technology providers — responsible for assisting with the implementation of information security

Question No: 27 Classify E-Commerce into different classes. (5)

The most prevalent of E-Commerce models can be classified as under:

1. Business to Consumer (B2C)

2. Business to Business (B2B),

3. Business to Employee (B2E),

4. Consumer to Consumer (C2C) and

5. E-Government

• Government to Citizens/Customers (G2C)

• Government to Business (G2B)

• Government to Government (G2G

Question No: 28 ( Marks: 5 ) Incorporate Risk management SDLC? identify its phases?

For each phase of SDLC, the process of risk management is no different. Rather it is iterative process
which can be performed at each major phase. Every step of development has its own risks which need to
be handled and addressed separately. Hence managing risk in SDLC means managing risk of each phase
of life cycle.

Phases of Risk Management

Following are various phases of SDLC

• System Characterization

• Threat Identification

• Vulnerability Identification

• Control Analysis

• Likelihood Determination

• Impact Analysis

• Risk Identification

• Control Recommendation

• Results Documentation

• Implementation

• Monitoring

Question No: 29 ( Marks: 2 ) What do you understand by OLAP?

Online Analytical Processing Decision support software that allows the user to quickly analyze
information that has been summarized into multidimensional views and hierarchies. The term online
refers to the interactive querying facility provided to the user to minimize response time

Question No: 30 ( Marks: 2 ) How threats are identified?

Threats can be identified on the basis of nature of Threat which can either be accidental-natural
occurrences/force major, or deliberate-intentional act of harm or on the basis of sources of threat which
can either be internal-threat caused within the organization, or external-threat from some one outside
the organization.

Question No: 31 ( Marks: 2 ) List down the inputs to Risk Determination phase ?

Likelihood of threat exploitation

Magnitude of impact

Adequacy of planned and current controls

Question No: 32 ( Marks: 2 ) Identify components of Intrusion detection system ?

Sensors that are responsible for collecting data. The data can be in the form of network
packets, log files, system call, traces, etc. Analyzers that receive input from sensors and determine
intrusive activity An administrative console – it contains intrusion definitions applied by the analyzers.A
user interface

Question No: 33 ( Marks: 3 )

What are the challenges to organizations for launching Ecommerce? Identify any three.

Security is the biggest challenge to for launching Ecommerce There is a consensus that the issue of
computer and data security is the biggest hurdle in the growth of ecommerce. Web servers also face this
security threat. Some other problems with launching e-commerce business is lack of trust of customers,
culture and languages problems.

lengthy procedure of payment and receipt of products or services.

Question No: 34 ( Marks: 3 )

Designing file or database is a major component of system designing. Identify its basic purposes.

Designing file or database has the following purposes.

1. Data convenience is ensured to the user as and when it is required.

2. Data updates in master file will mechanically keep posted the data in the whole system.

3. Data is professionally processed & stored.

4. Data reliability that is Correctness of data is ensured.

Question No: 35 ( Marks: 3 )What is the responsibility of the management of the organization to
ensure the security of information systems?

Executive or senior management take the responsibility to provide safe and secure information system
environment to their employees and user of information system. Due to it employees will feel no harm
or fear and can easily do the work with secure information system of an organization.

Question No: 36 ( Marks: 3 )

Discuss various steps in threat identification ? Give any example of threat sources and threat actions .

Following are steps in threat identification.

1. Threat source identification

2. Motivation and threat actions
For example a hacker can hack a system and can delete or get any personal data or information.

Question No: 37 ( Marks: 5 ) Can you classify E-Commerce into different classes? Idetify any five.
E-Commerce models can be classified as

Business to Business (B2B),

Business to Consumer (B2C)

Consumer to Consumer (C2C)

Business to Employee (B2E),

E-Government

Question No: 38 ( Marks: 5 ) How Audit trails are technical mechanism that helps managers to
maintain individual accountability?

In Audit trails are technical mechanism Users are recognized by the record being retain. Users are
informed of what the password allows them to do and why it should be kept secure and confidential.
Audit trails also help to give alternative from normal behavior which can guide to illegal usage of
resources.

Audit trails can be used together with access controls to identify and provide information about users
alleged of inappropriate modification of data.

Question No: 39 ( Marks: 2 )

What is the basic purpose of setting up systems and procedures. Give your own opinion.

Answer: The basic purpose of setting up system and procedures is to make available information when it
is required.

Question No: 40 ( Marks: 2 ) Define threat and identify its types.

Answer: Threat is an act or event which can cause loss. Threats are of two types logical threats and
physical threats.

Question No: 41 ( Marks: 2 )

List any two types of information that can be used as input for vulnerability?

Answer:

1- Any audit comments

2- Security requirements

Question No: 42 ( Marks: 2 ) Identify leading ERP software vendors ?

Answer:
1-SAP

2-Oracale

3-QAD

4-PeopleSoft

5-Sag

Question No: 43 ( Marks: 3 ) Define Risk Determination. Identify its inputs and outputs.

Answer: Risk determination phase assesses the risk and level of risk to IT system.

The inputs of to this phase are

1. Likelihood of threat exploitation

2. Magnitude of impact

3. Adequacy of planned and current controls

The output is the determination of risk and associated risk levels.

Question No: 44 ( Marks: 3 ) What are the types of threats?

Answer: There are three types of threats.

1-Physical threats: It refers to damage caused to the physical infrastructure of information system. For
example:

1-Fire

2-Water

3-Intrusion

4-Energy variation

5-Pollution

6-Structural damage

2-Logical Threat: It refers to damage caused to the information system without any physical presence.

1-Worms and viruses

2-Logical intrusion
Question No: 45 ( Marks: 3 )

Differentiate between Incremental and iterative models with the help of one example each.

Answer: Incremental vs. Iterative

These sound similar, and sometimes are equated but there is a subtle difference:

• Incremental: add to the product at each phase

• Iterative: re-do the product at each phase

Example:

Building a House

• Incremental: Starts with a modest house, keep adding rooms and upgrades to it.

• Iterative: The design/construction map.

Question No:46 ( Marks: 3 )

Identify any six factors that should be considered in order for change to be successful?

Answer:

Following factors should be considered in order for change to be successful:

• What are the implications and barriers to successful implementation?

• What processes will we need to change/introduce?

• Who will feel threatened by the change?

• How do we change people's behavior?

• How will success be measured and what value will success

Have for the business and individual?

•Is the proposed change aligned with the strategic plan?

Question No: 47 ( Marks: 5 )

Define the following:

a) EC (E commerce)
Electronic Commerce (e-commerce or EC) describes the buying, selling, and exchanging of products,
services, and information via computer network, primarily the internet. Some people view the term
commerce as describing transactions conducted between business partners.

b) EB (E business)

E-business means using the internet and online technologies to create operating efficiencies, and
therefore increase value to the customer. It is internally focused. All e-commerce is part of e-business.
Not all e-business is e-commerce.

Question No: 48 ( Marks: 5 )

Identify and define the types of active attacks ?

Answer: After getting proper information about system in passive attacks intruder will obtain
unauthorized access to modify data or programs, causing a denial of service, escalating privileges,
accessing other systems. They affect the integrity, availability and authentication attributes of network
security.

Types of Active attacks

Common form of active attacks may include the following:

• Masquerading – involves carrying out unauthorized activity by impersonating a legitimate user of the
system.

• Piggybacking – involves intercepting communications between the operating system and the user and
modifying them or substituting new messages.

• Spoofing – A penetrator fools users into thinking they are interacting with the operating system. He
duplicates logon procedure and captures pass word.

• Backdoors/trapdoors – it allows user to employ the facilities of the operating system without being
subject to the normal controls.(vuzs)

• Trojan Horse – Users execute the program written by the penetrator. The program undertakes
unauthorized activities e.g. a copy of the sensitive data

Question No: 49 ( Marks: 2 )

What are the information requirements of the service sector?

Answer:

Information requirements of Service Sector

• Quality of service provided.

• Mode of delivery

• Customer Satisfaction

• Time Scheduling

• Resource Management

Question No: 50 ( Marks: 2 )

Define Business Continuity Planning (BCP) ?

Answer: Business Continuity Planning (BCP) is a methodology used to create a plan for how an
organization will resume partially or completely interrupted critical functions within a predetermined
time after a disaster or disruption.”

Question No: 51 ( Marks: 2 )

Identify different types of Information assets ?

1- Security Policy

2- Security Program

Question No: 52 ( Marks: 2 )

Identify components of Intrusion detection system ?

Answer: Components of IDS

An IDS comprises on the following:

• Sensors that are responsible for collecting data. The data can be in the form of network packets, log
files, system call traces, etc.

• Analyzers that receive input from sensors and determines intrusive activity.

• An administration

Question No: 53 ( Marks: 3 )

What is the necessary information needed to begin impact analysis?

Answer: Before beginning the impact analysis, it is necessary to obtain the following necessary
information.

• System mission

• System and data criticality

• System and data sensitivity

http://vuzs.net/

Question No: 54 ( Marks: 3 ) Define Active attacks?

Answer: Active attacks may include obtaining unauthorized access to modify data or programs, causing a
denial of service, escalating privileges, accessing other systems. They affect the integrity, availability and
authentication attributes of network security.

Question No: 55 ( Marks: 3 )

Why is it needed for Accounting information system (AIS) to be linked with all other information
systems in an organization?

Answer: Accounting information system (AIS) is linked to all the information systems in an organization.
This is important because the data required for proper book keeping and generation of transactional
reports is extracted from all over the organization. For instance sales information can be sought only
from marketing information system and stock information is available in manufacturing information
system.

Question No: 56 ( Marks: 3 )

Identify any six factors that should be considered in order for change to be successful?

Answer:

Following factors should be considered in order for change to be successful:

• What are the implications and barriers to successful implementation?

• What processes will we need to change/introduce?

• Who will feel threatened by the change?

• How do we change people's behavior?

• How will success be measured and what value will success

Have for the business and individual?

•Is the proposed change aligned with the strategic plan?

Question No: 57 ( Marks: 5 )

What do you understand by Privacy? How can privacy be protected? List threats to Privacy.

Answer:
Privacy means the quality or condition of being secluded from the presence or view of others, the state
of being free from unsanctioned intrusion: a person's right to privacy, the state of being concealed;
secrecy. Privacy is quite a subjective/relative concept.

Protecting Privacy

The rights of privacy must be balanced against the needs of the society. Every society has to decide
somewhere on the gray area between hiding all and knowing all extremes. Public’s rights to know is
superior to the individual’s rights of privacy. Usually public and individual’s rights stand in conflict with
each other. Since government agencies have their concerns in priority e.g. criminal investigation,
undesirable social activities. Various aspects can be seen as a threat to privacy.

Threats to Privacy

• Electronic surveillance

• Data Profiling

• Online Privacy

• Workplace monitoring

• Location tracking

• Background checks

• Financial privacy

• Medical record and genetic profiling

• Digital right

• Intellectual property rights

• Taxation Issues

Question No: 58 ( Marks: 5 )

Give any two examples to prove that Audit trails help to provide variants from normal behavior which
may lead to unauthorized usage of resources.

Answer: Audit trails help to provide variants from normal behavior which may lead to unauthorized
usage of resources. For example

• Audit trails can be used together with access controls to identify and provide information about users
suspected of improper modification of data (e.g., introducing

errors into a database).

• An audit trail may record "before" and "after" images, also called snapshots of records.

Question No: 59 ( Marks: 3 ) What are hackers?

Answer:

A hacker is a person who attempts to invade the privacy of the system. In fact he attempts to gain
unauthorized entry to a computer system by circumventing the system’s access controls. Hackers are
normally skilled programmers, and have been known to crack system passwords, with quite an ease.
Initially hackers used to aim at simply copying the desired information from the system. But now the
trend has been to corrupt the desired information.

Question No: 60 ( Marks: 1 ) Define Risk Mitigation.

Answer: Risk mitigation is a process that takes place after the process of risk assessment has been
completed. Systematic reduction in the extent of exposure to a risk and/or the likelihood of its
occurrence. Also called risk reduction.

Question No: 61 ( Marks: 1 ) What are the value sets?

Answer: Each attribute has a Value Set (domain) i.e. defined parameters or the range in which value of
the attribute may fall.

Question No: 62 ( Marks: 2 ) What are the purposes of the Objects?

Answer: An object can be defined as “A concept, abstraction, or thing with crisp boundaries and
meaning of the problem at hand. Objects serve two purposes, they promote understanding of the real
world and provide a practical basis for computer implementation.”

Question No: 63 ( Marks: 1 ) What is the purpose of line symbol in the Entity Relationship Diagram?

Answer: Lines link attributes to entity sets, entity sets to relationship sets (also represent roles).

Question No: 64 ( Marks: 1 ) What are the logical threats to the information systems?

Answer: This refers to damage caused to the software and data without physical presence. Examples are
viruses and worms, logical intrusion commonly referred to as hacking

Question No: 65 ( Marks: 2 ) What is cryptography?

Answer:

In truthful conditions, cryptography means science of coded writing. It is a security defend to make
information incomprehensible if unlawful persons cut off the transmission. When the information is to
be used, it can be decoded. “The exchange of data into a secret code for the secure transmission over a
public network is called cryptography.”
Question No: 66 ( Marks: 2 )

What do you understand by Intrusion Detection Systems?

Answer:

Another element to securing networks is an intrusion detection system (IDS). IDS is used in balance to
firewalls. An IDS works in combination with routers and firewalls and it monitor network that how much
it used and It protects a company’s information systems resources from external as well as internal
mistreatment.

Question No: 67 ( Marks: 2 )

List information Requirements for Medium sizes organizations.

Answer:

Planning for required

Information

Monitoring of information of planning.

Question No: 68 ( Marks: 2 )

Define Dropper and Trojan horse ?

Answer:

Trojan horse is like it executes by user the program written by the penetrate. The program undertakes
illegal actions e.g. a copy of the sensitive data and files.

A dropper is a program not a virus. It installs a virus on the PC while performing another function.

Question No: 69 ( Marks: 3 )

Designing file or database is a major component of system designing. Identify its basic purposes.

Answer: Purposes of Designing file or database

Data is well processed

Data is stores carefully

Data bring up to date carefully as it update in master file, master file automatically update whole data
Data accessibility is ensured when a customer or user need data

Data integrity is confirmed.

Question No:70 ( Marks: 3 )

What is the responsibility of the management of the organization to ensure the security of information
systems?

Answer:

The responsibility of the management of the organization to ensure the security of information system
that Security must be sponsored by senior management. Management has a responsibility to ensure
that the organization provides all secure information systems environment for users or customers. This
will make users of information systems that are they feel secure and the importance of secure
information environment.

Question No: 71 ( Marks: 3 )

Identify the information that is required before conducting an impact analysis?

Answer:

Information that is required before conduction an impact analysis are that Analyze the Mission of the
system analyze the System and data criticality analyze System and data sensitivity.

Question No: 72 ( Marks: 3 ) Define Reengineering?

Answer:

This is known as company transformation or business transformation. It

is the more essential form of change management, since it works for all the elements of

Processes or structures that have evolved over time.

Question No: 72 ( Marks: 5 )

Briefly discuss Risk Determination ?

Answer: Risk Determination:

Risk determination means that phase of analyzing how much the information assets are uncovered to
various threats known and thus count the loss cause to the asset through this threat. This phase relates
to analysis of both physical and logical threats and comprises of four steps. Four steps are usually
followed while analyzing the exposure.

The main reason of this step is to assess the level of risk to the IT system. The determination of exacting
threat can be spoken as a meaning of

1 The likelihood of a given threat-source’s attempting to exercise a given weakness.

2. The magnitude of the impact should a threat source successfully exercise a susceptibility

3. The competence of planned or existing security controls for reducing or minimizing risk.

Question No: 73 ( Marks: 5 )

Discuss Technical Limitations of Ecommerce in comparison with Non-Technical Limitations in

organizations ?

Answer:

Technical Limitations of Ecommerce in comparison with Non-Technical limitation in organization are that
more cost to use for softwares and technology,reliability for certain processes.in sufficient
communications the reason is that people don’t know about it. Software tools are not fixed and used in
regular manner.people has No enough access of internet and they have difficulty to adopt e-commerce
infrastructure instead of organizational systems

Question No: 74 ( Marks: 1 )

Give a brief definition of ERP.

Answer: “ERP (enterprise resource planning) is an industry term for the broad set of activities
supported by multi-module application software that helps a manufacturer or other business manage
the important parts of its business, including product planning, parts purchasing,
maintaining inventories, interacting with suppliers, providing customer service, and tracking orders.”

Question No: 75 ( Marks: 1 )

Why is a "risk matrix" necessary?

Answer: A problem when you have a number of possible risks is to decide which ones are worthy of
further attention. The Risk Matrix is a simple tool to help prioritize risks.

Question No: 76 ( Marks: 2 )

Define threat and identify its types.

Answer: “A threat is some action or event that can lead to a loss.”

There are 2 types of threats.

1-Physical threat

2-Logical Threat

Question No: 77 ( Marks: 2 ) Define Firewall.

Answer: Firewall
Firewall is the primary method for keeping a computer secure from intruders. A firewall allows or blocks
traffic into and out of a private network or the user's computer.

Question No: 78 ( Marks: 3 )

In accounting and finance terms, audit is a process which includes an examination of records or
financial accounts to check their accuracy, an adjustment or correction of accounts an examined and
verified account.Discuss the concept of Audit in IS?

Answer: An information technology (IT) audit or information systems (IS) audit is an examination of
the controls within an entity's Information technology infrastructure. IS audit focuses more on
examining the integrity of controls and ensuring whether they are properly working.Obtained
evidence evaluation can ensure whether the organization's information systems safeguard
assets, maintains data integrity, and is operating effectively and efficiently to achieve the
organization's goals or objectives.

Question No: 79 ( Marks: 5 ) Differentiate object from class.

An object is an instance of some class. All objects are instances of some class. Instance also
carries connotations of the class to which the object belongs. For example, computers are the
domain/Class which can be divided into following sub-classes:

• Laptop computer

• Desktop computer

• Palmtop

Question No: 80 ( Marks: 1 )

Define Risk Mitigation.

Question No: 81 ( Marks: 1 )

Define Risk Mitigation.

Question No: 82 ( Marks: 1 ) Identify types of change management.

Answer:
Types of change management:

1- Organizational Development:

2- Re-engineering

Question No: 83 ( Marks: 2 )

Identify what information is needed before conducting an Impact analysis?

Answer: Before beginning the impact analysis, it is necessary to obtain the following necessary
information.

• System mission

• System and data criticality

• System and data sensitivity

Question No:84 ( Marks: 2 )

Why process symbol is used in the Flow charts?

Answer:

Process symbol is used to indicate an activity undertaken or action done.

Question No: 85( Marks: 3 )

What are the objective/purposes of the DFDs?

Answer: The purpose of data flow diagrams is to provide a linking bridge between users and systems
developers. Data flow diagrams facilitate users to understand how the system operate. DFD’s also help
developers to

better understand the system which helps in avoiding delays in proper designing, development, etc. of
projects.

Question No:86 ( Marks: 3 ) What are hackers?

Answer:

Question No: 87 ( Marks: 1 ) What are the value sets?

Answer: Each attribute has a Value Set (domain) i.e. defined parameters or the range in which value of
the attribute may fall.

Question No: 88( Marks: 2 ) What are the purposes of the Objects?

Question No:89 ( Marks: 2 ) What do you understand by Intrusion Detection Systems?

Answer: An element to securing networks is an intrusion detection system (IDS). IDS is used in
complement to firewalls. An IDS works in conjunction with routers and firewalls by monitoring network
usage anomalies. It protects a company’s information systems resources from external as well as internal
misuse

Question No: 90 ( Marks: 3 ) What is the purpose of decision symbol in the flow chart?

Answer:

● The symbol is used when a choice can be made between the options available.
● Such options are mutually exclusive.
● Only one flow line should enter a decision symbol, but two or three flow lines, one for each
possible answer, should leave the decision symbol.
Question No: 91 ( Marks: 1 ) Define Risk Mitigation.

Answer: Risk mitigation is a process that takes place after the process of risk assessment has been
completed.

Question No: 92 ( Marks: 1 ) Identify types of change management.

Answer:

Types of change management:

1- Organizational Development:

2- Reengineering

Question No: 93 ( Marks: 2 ) Identify what information is needed before conducting an Impact
analysis?

Answer: Before beginning the impact analysis, it is necessary to obtain the following

necessary information.

• System mission
• System and data criticality

• System and data sensitivity

Question No: 94 ( Marks: 2 ) Why process symbol is used in the Flow charts?

Answer:

Process symbol is used to indicate a activity undertaken or action done.

Question No: 95 ( Marks: 3 ) What are the objective/purposes of the DFDs?

better understand the system which helps in avoiding delays in proper designing, development, etc. of
projects.

Question No: 96 ( Marks: 3 ) What are hackers?

Answer:

..Question No: 97 ( Marks: 2 ) What is an entity?

Answer: An entity is an object that exists and is distinguishable from other objects. An entity is described
using a set of attributes. For example specific person, company, event, plant, crop, department, section,
cost center.

Question No: 98 ( Marks: 2 ) Define CRM.

Answer: CRM Uses proven methodologies and e-business technologies to help companies to identify,
select, acquire, develop, and retain profitable customers, building the lasting relationships that are key to
long-term financial success.

Question No: 99( Marks: 3 ) Identify basic steps to implement BPRE.

Answer: Following steps should be followed to implement BPR.

• Break down the CSF’s into the key or critical business processes and gain

process ownership.

• Break down the critical processes into sub-processes, activities and task and
form the teams around these.

• Re-design, monitor and adjust the process-alignment in response to difficulties

in the change process.

Question No: 100 ( Marks: 3 )

Define Risk Determination. Identify its inputs and outputs.

Answer: This phase relates to analyzing how much the information assets are exposed to various threats
identified and thus quantifying the loss caused to the asset through this threat.

The inputs of to this phase are

1. Likelihood of threat exploitation

2. Magnitude of impact

3. Adequacy of planned and current controls

The output is the determination of risk and associated risk levels.

Risk Determination

The purpose of this step is to assess the level of risk to the IT system. The determination of

particular threat can be expressed as a function of

1. The likelihood of a given threat-source’s attempting to exercise a given vulnerability

(system flaw)

2. The magnitude of the impact should a threat source successfully exercise a vulnerability

3. The adequacy of planned or existing security controls for reducing or eliminating risk.

This phase also presumes the definition of risk levels in order to classify the risks. The is more of a
discretionary act on part of the management. Levels can be defined as high medium low and

allocating various probability ranges. Risk levels are made to compare them with the ranges of impact.

Question No: 102 ( Marks: 3 ) Differentiate CRM from ERP

Answer: The difference between CRM and ERP is that the former is outward-looking, while the latter is
inward-looking.

Question No: 102 ( Marks: 5 ) How the likelihood is determined? Enlist the factors.

Likelihood Determination
• This phase determines that a potential vulnerability could be exercised by a given

threat-source. Following table will help us to define and understand the likelihood

definitions. The input to this phase is

• Threat source motivation

• Threat capacity

• Nature of vulnerability

• Current Controls

The output to this phase is a likelihood rating to be used further in the risk assessment process.

Impact Analysis

This phase determines the adverse impact resulting from a successful threat exercise of

vulnerability. Following information is required before conducting an impact analysis.

1. System mission e.g. the process performed by IT system.

2. System and data criticality e.g. the system’s value or importance to an organization

3. System and data sensitivity

Question No:103 ( Marks: 10 ) How will you compare Integrated Systems to ERP?

Integrating systems

Let’s take a look what an integrated information system looks like. As seen in the above picture all
systems are interfaced with one another, the input in one system automatically updating the data in the
other relevant system. We thus observe simultaneous Data sharing between various systems and
simultaneous execution of different business processes. For Example, a confirmed sales order received
by the sales department from the customer will once entered into the sales system automatically
provide data input to stores/packing/ shipping and possibly the production systems. Thus ensuring that
all relevant departments are notified of ready for necessary action simultaneously.

Question No: 104 ( Marks: 1 ) What indicates the symbol Arrow in the flow charts?

Answer: Arrow in a flow chart shows the direction of flow of procedure or system.

Question No: 105 ( Marks: 1 ) Define Unfreezing class of Change.

Answer: In this phase of change management, a situation for next phase is prepared by disconfirming
existent attitudes and behaviors.
Question No:106 ( Marks: 2 ) What are the physical threats to the information systems?

Answer: This refers to the damage caused to the physical infrastructure of the information systems.
Examples are natural disasters (Fire, earth quake, flood), pollution, energy variations and physical
Intrusion.

Question No: 107 ( Marks: 2 ) What is cryptography?

Answer: In literal terms, cryptography means science of coded writing. It is a security safeguard to
render information unintelligible if unauthorized individuals intercept the transmission. When the
information is to be used, it can be decoded. “The conversion of data into a secret code for the secure
transmission over a public network is called cryptography.”

Question No: 108 ( Marks: 3 ) What is off-page connector?

Answer: If the flowchart becomes complex, it is better to use connector symbols to reduce the number
of flow lines. Off-Page Connector is used to connect remote flowchart portion on different pages. One
flow line enters or exits.

Question No: 109 ( Marks: 3 ) What is access control? Give example

Answer: These controls establish the interface between the would-be user of the computer system and
the computer itself. These controls monitor the initial handshaking procedure of the user with the
operating system. For example when a customer enters the card and the pin code in an automatic teller
machine (ATM), the access controls are exercised by the system to block unwanted or illegitimate access.

Question No: 110 ( Marks: 3 ) List any three ethical challenges given by IS security association of USA ?

Ethical Challenges

Information system security association of USA has listed down following ethical challenges

1. Misrepresentation of certifications, skills

2. Abuse of privileges

3. Inappropriate monitoring

4. Withholding information

5. Divulging information inappropriately

6. Overstating issues

7. Conflicts of interest

8. Management / employee / client issues

Question No: 111( Marks: 5 ) Differentiate the following (Intrusion Detection vs Variance Detection

Intrusion detection

Intrusion detection refers to the process of identifying attempts to penetrate a system and gain

unauthorized access. If audit trails have been designed and implemented to record appropriate

information, they can assist in intrusion detection. Intrusion detection system can be made part of

the regular security system to effectively detect intrusion. Real time intrusion detection is technical and
complex to achieve but reasonable extent can be attained. Real-time intrusion detection is primarily
aimed at outsiders attempting to gain unauthorized access to the system.

Variance detection and audit trails

Trends/variance-detection tools look for anomalies in user or system behavior. It is possible to

monitor usage trends and detect major variations. The log can be detected and analyzed to detect

the irregularity. For example, if a user typically logs in at 9 a.m., but appears at 4:30 a.m. one

morning, this may indicate either a security problem or a malfunctioning of the system clock, that may
need to be investigated. The log can be sorted/filtered for all log ins befor 9 a.m. from that particular
terminal

Question No: 112 ( Marks: 5 ) What are the sources of critical success factor?

Critical Success Factors have to be analyzed and established. CSF’s may be developed from various
sources.

Generally four major sources of identifying CSF’s are

• Industry CSFs resulting from specific industry characteristics;

• CSF’s resulting from the chosen competitive strategy of the business e.g. quick and timely delivery

may be critical to courier service business

• Environmental CSFs resulting from economic or technological changes; and

• Temporal CSFs resulting from internal organizational needs and changes.

Question No: 113 ( Marks: 10 ) What is reusable software?

Reusable Software – The software developed using object oriented approach can be easily reused

due to independence/uniqueness of the objects i.e. an independent accounting module built in

object oriented environment can be made a part of a complete ERP solution without developing it again
from scratch for ERP.

Question No:114 ( Marks: 10 )

Discuss System Characterization ? What information may help to characterize the system ?

System Characterization

In assessing risks for an IT system, the first step is to define the scope of the effort. The

resources and information that constitute the system are identified. The system related

information is documented which includes.

1. Hardware

2. Software

3. System Interface

4. Data & Information

5. People (Who support and use IT)

6. Systems Mission (Processes performed by IT system)

Additional information that may help in characterizing the system are:

1. Functional requirements of IT system

2. Users of system (technical support and application users)

3. System Security Policy

4. System Security Architecture

Question No: 115 ( Marks: 2 )

What should be the basic objective of an organization in your opinion?

The basic objective of an organization is to make a profit and get a sustainable competency.

Question No: 116 ( Marks: 2 ) Define intrusion detection ?

Intrusion detection refers to the process of identifying attempts to penetrate a system and gain

unauthorized access. If audit trails have been designed and implemented to record appropriate
information, they can assist in intrusion detection. Intrusion detection system can be made part of

Question No: 117 Where "While" loop is more preferable than "For" loop and vice versa?

The golden rule in iteration: everything done with a for loop can be done with a while loop, BUT not all
while loops can be implemented with a for loop.

for-loops are just a short-cut way for writing a while loop, while an initialization statement, control
statement (when to stop), and a iteration statement (what to do with the controlling factor after each
iteration).

Types of Viruses

Although viruses are of many types, however broad categories have been identified in accordance

with the damage they cause. Some of these categories have been stated below

• Boot Sector Viruses

• Overwriting viruses

• Dropper

• Trojans
Boot sector Virus

The boot sector is part of computer which helps it to start up. If the boot sector is infected, the

virus can be transferred to the operating system and application software.

Overwriting Viruses

As the name implies, it overwrites every program/software/file it infects with itself. Hence the

infected file no longer functions.

Dropper

A dropper is a program not a virus. It installs a virus on the PC while performing another function.

Trojan horse
A Trojan horse is a malicious program that is disguised as or embedded within legitimate software.

They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are

actually harmful when executed. Examples are

• Logic bomb – Trojan horses are triggered on certain event, e.g. when disc clean up reaches a
certain level of percentage

• Time bomb – Trojan horse is triggered on a certain date.

Possible perpetrators include:

• Hackers

• Hacktivists

• Crackers

Hackers

A hacker is a person who attempts to invade the privacy of the system. In fact he attempts to gain

un authorized entry to a computer system by circumventing the system’s access controls. Hackers

are normally skilled programmers, and have been known to crack system passwords, with quite an

ease. Initially hackers used to aim at simply copying the desired information from the system. But

now the trend has been to corrupt the desired information.

Hacktivsts

This refers to individuals using their skills to forward a political agenda, possibly breaking the law

in the process, but justifying their actions for political reasons.

Crackers

There are hackers who are more malicious in nature whose primary purpose or intent is to commit

a crime through their actions for some level of personal gain or satisfaction. The terms hack and

crack are often used interchangeably.

Its very common for hackers to misuse passwords and Personal identification number, in order to
gain unauthorized access.

Passwords

“Password is the secret character string that is required to log onto a computer system, thus

preventing unauthorized persons from obtaining access to the computer. Computer users may

password-protect their files in some systems.”

Misuse of passwords

A very simple form of hacking occurs when the password of the terminal under the use of a

particular employee is exposed or become commonly known. In such a situation access to the

entire information system can be made through that terminal by using the password. The extent of

access available to an intruder in this case depends on the privilege rights available to the user.

Question No: 118 ( Marks: 1 ) What indicates the symbol Arrow in the flow charts?

Answer: Arrow in a flow chart shows the direction of flow of procedure or system.

Question No: 119 ( Marks: 1 )

Define Unfreezing class of Change.

Answer: In this phase of change management, a situation for next phase is prepared by disconfirming
existent attitudes and behaviors.

Question No: 120 ( Marks: 2 )

What are the physical threats to the information systems?

Question No: 121 ( Marks: 2 )What is cryptography?

Question No: 122 ( Marks: 3 ) What is off-page connector?

Question No: 123 ( Marks: 3 )What is access control? Give example

Question No:124 ( Marks: 3 ) List the Supply Chain Flows.

Supply chain flow works as under:

Question No: 125 ( Marks: 5 )

How the scanners are used as the technical control against the spread of

viruses?

Scanners

They scan the operating system and application soft ware for any virus based on the viruses they contain.
Every virus has a different bit pattern. These unique bit patterns act as an identity for the virus and are
called signatures. These signatures are available in virus definitions. Every scanner contains in it certain
virus definitions which in fact are signatures (bit patterns) for various kinds of virus. The scanner checks
or scans the operating system and other application soft wares installed on the hard drives. While
scanning, it checks the bit patterns in all software against the bit patterns contained in the virus
definitions of the scanner. If they found similar, they are labeled as virus.

Question No: 126( Marks: 5 )

Can you classify E-Commerce into different classes? Identify any five.

E-Commerce models can be classified as

Business to Business (B2B),

Business to Consumer (B2C)

Consumer to Consumer (C2C)

Business to Employee (B2E),

E-Governmen
Question No: 127 ( Marks: 10 )

What do you understand by Intruder? Classify and discuss intruders according to way they operate.

In physical intrusion, the intruder physically could enter an organization to steal information system
assets or carry out sabotage. For example the Intruder might try to remove hard disks. In case of logical
intrusion, the intruder might be trying to have an unauthorized access to the system. The purpose could
be damaging or stealing data, installation of bug or wire tapping -- Spying on communication within the
organization.

A person making an intrusion is generally termed as intruder. However, he can be classified according to
the way he operates.

Possible perpetrators include:

• Hackers

• Hacktivists

• Crackers

Hackers

A hacker is a person who attempts to invade the privacy of the system. In fact he attempts to gain un
authorized entry to a computer system by circumventing the system’s access controls. Hackers are
normally skilled programmers, and have been known to crack system passwords, with quite an ease.
Initially hackers used to aim at simply copying the desired information from the system. But now the
trend has been to corrupt the desired information.

Hacktivsts

This refers to individuals using their skills to forward a political agenda, possibly breaking the law in the
process, but justifying their actions for political reasons.

Crackers There are hackers who are more malicious in nature whose primary purpose or intent is to
commit a crime through their actions for some level of personal gain or satisfaction. The terms hack and
crack are often used interchangeably.

Question No: 128 ( Marks: 10 ) Identify and define different levels of likelihood determination.

Likelihood level

High

The threat source is highly motivated and sufficiently capable and controls to prevent the Vulnerability
from being exercised are ineffective.
Medium

The threat source is motivated and capable but controls are in place that may impede the successful
exercise of the vulnerability

Low

The threat source lacks motivation or capability or controls are in place to prevent or at least significantly
impede the vulnerability from being exercised

Question No: 129 ( Marks: 5 )Discuss Intrusion detection Systems and also explain its components ?

PAGE 168+169

Intrusion Detection Systems (IDS)

Another element to securing networks is an intrusion detection system (IDS). IDS is used in

complement to firewalls. An IDS works in conjunction with routers and firewalls by monitoring network
usage anomalies. It protects a company’s information systems resources from external as well as internal
misuse.

Components of an IDS

An IDS comprise of following components:

• Sensors that are responsible for collecting data. The data can be in the form of network

packets, log files, system call, traces, etc.

• Analyzers that receive input from sensors and determine intrusive activity

• An administrative console – it contains intrusion definitions applied by the analyzers.

• A user interface

Question No: 130 ( Marks: 5 ) Identify the objective and scope of security.

The concept of security applies to all information. Security relates to the protection of valuable assets
against loss, disclosure, or damage. Valuable assets are the data or information recorded, processed,
stored, shared, transmitted, or retrieved from an electronic medium. The data or information must be
protected against harm from threats that will lead to its loss, inaccessibility, alteration or wrongful
disclosure.

How will you differentiate CSF from KPI? Discuss briefly.

Question No: 131 ( Marks: 10 )

The concept of security applies to all information. Discuss what is the objective and scope of Security?
What may be the security issues regarding information and what will be the management responsibility
to resolve these issues?

Question No: 132 ( Marks: 10

The concept of security applies to all information. Discuss what is the objective and scope of Security?
What may be the sceurity issues regarding information and what will be the management
responsibilty to resolve these issues?

Internet Security Controls

Information Systems can be made secure from the threats discussed last slides. There is not a single
control available to cater for the risk of vulnerabilities associated with web (Internet). Some of the
solutions are:

• Firewall Security Systems

• Intrusion Detection Systems

• Encryption

40.2 Firewall Security Systems

Every time a corporation connects its internal computer network to the Internet if faces potential danger.
Because of the Internet’s openness, every corporate network connected to it is vulnerable to attack.
Hackers on the Internet could break into the corporate network and do harm in a number of ways: steal
or damage important data, damage individual computers or the entire network, use the corporate
computer’s resources, or use the corporate network and resources as a way of posing as a corporate
employee. Companies should build firewalls as one means of perimeter security for their networks.
Likewise, this same principle holds true for very sensitive or critical systems that need to be protected
from entrusted users inside the corporate network.

Firewalls are defined as a device installed at the point where network connections enter a site; they
apply rules to control the type of networking traffic flowing in and out. The purpose is to protect the
Web server by controlling all traffic between the Internet and the Web server. To be effective, firewalls
should allow individual on the corporate network to access the Internet and at the same time, stop
hackers or others on the Internet from gaining access to the corporate network to cause damage.
Generally, most organizations can follow any of the two philosophies

• Deny-all philosophy -- which means that access to a given recourses will be denied unless a user can
provide a specific business reason or need for access to the information resource.

• Accept All Philosophy -- under which everyone is allowed access unless someone can provide a reason
for denying access. System reports may also be generated to see who attempted to attack to system and
tried to enter the firewall from remote locations.
Firewalls are hardware and software combinations that are built using routers, servers and variety of
software. They should control the most vulnerable point between a corporate network and the Internet,
and they can be as simple or complex as the corporate security policy demands. There are many types of
firewalls, but most enable organization to:

• Block access to an organization sites on the Internet

• Limit traffic on an organization’s public services segment to relevant addresses.

• Prevent certain users from accessing certain servers or services.

• Monitor communications between an internal and an external network

• Monitor and record all communications between an internal and the outside world to investigate
network penetrations or detect internal subversion.

• Encrypt packets of data that are sent between different physical locations within an organization by
creating a VPN over the Internet.

Firewalls encrypt packets that are sent between different physical locations within an organization by
creating a VPN over the Internet. The capabilities of some firewalls can be extended so that they can also
provide for protection against viruses and attacks directed to exploit known operating system
vulnerabilities. Remote Location server protected by fire walls and IDS further complemented by IPS
(Intrusion Prevention system) – Defining Specific ranges of IP addresses that may access the location
with defined rights.

Question No: 133 ( Marks: 10 )

What is polymorphism? Define with example.

Polymorphism Following example will help understand the concept in a better manner.

Hence based on the example given above, the concept can be defined. Ppolymorphism is a derived from
Greek language meaning "having multiple forms"). Polymorphism is the characteristic of being able to
assign a different meaning or usage to something in different contexts - specifically, to allow an entity
such as a variable, a method, or an object to have more than one form.

Question No: 134 ( Marks: 3 )

Explain intrusion with example

Intrusion can be both either physical or logical. In physical intrusion, the intruder physically could enter
an organization to steal information system assets or carry out sabotage. For example the Intruder might
try to remove hard disks. In case of logical intrusion, the intruder might be trying to have an
unauthorized access to the system. The purpose could be damaging or stealing data, installation of bug
or wire tapping -- Spying on communication within the organization.
Question No: 135 ( Marks: 3 ) Define Active attacks?

Active Attacks: Once enough network information has been gathered, the intruder will launch an actual
attack against a targeted system to either gain complete control over that system or enough control to
cause certain threats to be realized. This may include obtaining unauthorized access to modify data or
programs, causing a denial of service, escalating privileges, accessing other systems. They affect the
integrity, availability and authentication attributes of network security.

Question No: 136 ( Marks: 10 )

What do you understand by Crypto systems? Discuss different types of controls.

In literal terms, cryptography means science of coded writing. It is a security safeguard to render
information unintelligible if unauthorized individuals intercept the transmission. When the information is
to be used, it can be decoded. “The conversion of data into a secret code for the secure transmission
over a public network is called cryptography.”

Encryption & Decryption

Cryptography primarily consists of two basic processes. These processes are explained through a
diagram.

• Encryption – the process of converting data into codes (cryptograms)

• Decryption – the process of decoding the code arrived at data actually encrypted

Question No: 137 ( Marks: 10 ) What are the components of the object? Give example

An object is defined as

“an abstraction of something in a problem domain, reflecting the capabilities of the system to keep
information about it, interact with it, or both.” Coad and Yourdon (1990)

An object is any abstraction that models a single concept.

Another Definition of object

“A concept, abstraction, or thing with crisp boundaries and meaning of the problem at hand. Objects
serve two purposes. They promote understanding of the real world and provide a practical basis for
computer implementation.” Rumbaugh et al. (1991)

Components of object

According to Booch, there are three components of object. Objects have state, behavior and identity.

• Identity: Who is it?

Each object has unique identity.

• Behavior: What can it do?

What an object can do, how it can respond to events and stimuli.

• State: What does it know?

The condition of an object at any moment, affecting how it can behave

Real-world objects share two characteristics: They all have state and behavior.

For example,

• Dogs have state (name, color, breed, hungry) and behavior (barking, fetching, wagging tail).

• Bicycles have state (current gear, current pedal cadence, two wheels, number of gears) and behavior
(braking, accelerating, slowing down, changing gears)..

Question No: 138 ( Marks: 10 ) How can we compute the expected loss? Discuss the occurrence of
threats.

Computing Expected Loss

In fourth step of the exposure analysis, the amount of expected loss is computed through following
formula

A=BxCxD

1. A = Expected Loss

2. B = Chances (in %) of threat occurrence

3. C = Chances (in %) of Threat being successful

4. D = Loss which can occur once the threat is successful

Control Adjustment

This phase involves determining whether any controls can be designed, implemented, operated. The cost
of devising controls should not exceed the expected potential benefit being en-cashed and the potential
loss being avoided. The controls that could mitigate or eliminate the identified risk appropriate to the
organization’s operations are provided. The goal of the recommended controls is to reduce the level of
risk to the IT system and its data to an acceptable level. Following factors should be considered in
recommending controls and alternative solutions to minimize or eliminate identified risks.

• Effectiveness of recommended options

• Legislation and regulation

• Organizational policy

• Operational Impact

• Safety and reliability

The control recommendations are the results of the risk assessment process and provide the risk
mitigation process during which the recommended procedural and technical security controls are
evaluated, prioritized and implemented. It should be noted that not all possible recommended controls
can be implemented to reach and to determine which ones are required and appropriate for a specific
organization, a cost analysis, should be conducted for the proposed recommendations of controls to
demonstrate that the costs of implementing the controls can be justified by the reduction in the level of
risk. In addition, the operational impact and feasibility of introducing recommended option should be
evaluated carefully during the risk mitigation process.

The above decision takes into account consideration of following factors:

5. Personal judgment of the situation

6. Any information gained on desired/non-existing controls during the previous phases

7. Seek demands of users for an ideal control environment.

Existing controls should not be totally discarded while adjusting controls. They can either be terminated
totally, due to the threats not being there any more or existence of better controls or modification for
betterment, this phase should consider the security to be cost effective, and integrated.
2)- What are the conglomerate organizations?
3)- Feasibility
4)- RAID model
5)- waterfall model
6)- system analyst
7)- Computer Integrated Manufacturing

Computer Integrated Manufacturing (CIM) Goals

CIM has three basic goals

• Simplification of all manufacturing technologies and techniques

• Automation of as many of the manufacturing processes as possible by integration of many information
technologies like
o Flexible Manufacturing Systems – a form of flexible automation in which several machine tools are
linked together by a material-handling system controlled by a central computer. It is distinguished from
an automated production line by its ability to process more than one product style simultaneously.

o Computer aided Engineering (CAE) -- the application of computer software in engineering to analyze
the robustness and performance of components, assemblies, products and manufacturing tools. o Just in
time (JIT) – A Japanese idea that inventory is manufactured (or acquired) only as the need for it arises or
in time to be sold (or used). A major goal is to cut down on inventory investment.

• Integration and coordination of all the manufacturing aspects through computer hardware and
software

8)- Define different models of SDLC?

Project lifecycle vs. SDLC

The systems development life cycle is a project management technique that divides complex projects
into smaller, more easily managed segments or phases. Segmenting projects allows managers to verify
the successful completion of project phases before allocating resources to subsequent phases. Although
System development can be seen as a project in itself, but the attribute that makes system development
different from regular projects is that a project has a definite end and it is unlikely that ongoing
maintenance will be included in the scope of the project but this falls in the definition of SDLC.
9)- Spiral Model.

SPIRAL is an iterative approach to system development. The spiral lifecycle model is a combination of the
classic waterfall model and aspects of risk analysis. This model is very appropriate for large and complex
Information Systems. The spiral model emphasizes the need to go back and reiterate earlier steps a
number of times as the project progresses. It's actually a series of short waterfall cycles, each producing
an early prototype representing a part of the entire project. It is a circular view of the software lifecycle
as opposed to the linear view of the waterfall approach. It can incorporate other models in its various
developmental phases.

There are usually four distinct phases of the spiral model software development approach.
10) physical design

The logical design is converted to physical design in this phase. The physical design involves breaking up
the logical design into units, which in turn can be decomposed further into implementation units such as
programs and modules.

Design of the Hardware/ Software Platform

New system requires new software and hardware not currently available in the organization.

For example

• User workstations might have to be purchased to support an office automation system.

• A minicomputer might have to be purchased to provide extra processing resources to the new system.

Office Automation Systems

Office automation system includes formal and informal electronic systems primarily concerned with the
communication of information to and from persons both inside and outside the firm. It supports data
workers in an organization.

For Instance

• Word processing

• Desktop publishing

• Imaging & Web publishing

• Electronic calendars – manager’s appt. calendars

• Email

• Audio & video conferencing – establishing communication between geographically dispersed persons.

Question No: 139 ( Marks: 5 )

How the scanners are used as the technical control against the spread of viruses?

Use of antivirus software is another very important technical control against the spread of virus.

33.1 Scanners

Question No: 140 ( Marks: 5 )

Can you classify E-Commerce into different classes? Identify any five.

Electronic Commerce (e-commerce or EC) describes the buying, selling, and exchanging of products,
services, and information via computer network, primarily the internet. Some people view the term
commerce as describing transactions conducted between business partners. Ebusiness is a broad
definition of EC, not just buying and selling, but also servicing customers, collaborating with business
partners, and conducting electronic transactions within an organization. The most prevalent of
E-Commerce models can be classified as

1. Business to Consumer (B2C)

2. Business to Business (B2B),

3. Business to Employee (B2E),

4. Consumer to Consumer (C2C) and

5. E-Government

• Government to Citizens/Customers (G2C)

• Government to Business (G2B)

• Government to Government (G2G

141What is Object Oriented Analysis and Design (OOAD)? (Marks 1)

Object Oriented Analysis and Design (OOAD)

The concept of object oriented analysis and design focuses on problems in terms of classes and objects.
This concept combines aspects of both entity relationship diagram and data flow diagrams. The object
oriented analysis and design tool has been devised to support the object oriented languages, for
example C++ and Java. The roots of the concept of object orientation evolved in late 60’s with the
emergence of first language “SIMULA 67” as the first object oriented language. Object oriented
methodologies do not replace traditional approaches (such as data flow, process flow, and state
transition diagrams); they are important new additions to the toolkit.

142 What do you understand by computing envroiment. Describe the • Stand Alone Processing and
Web Based Environment (Marks 5)

Web based Environment

The typically refers to the use of web, internet and browser based applications for transactions
execution. In Web based environment, clients connect to the application through Broad-band or base
band/dial up connection. Application is located on the enterprise server which is accessed by the client
through then internet connection. Access may be given to single application software or the entire
operating system. Web based environment can be combined with and applied to both centralized or
decentralized to optimize the performance.

Web based architecture can be used, either to give access to the company employees to the information
system e.g Virtual Private Networks (VPN) in case of banks or to give access to any body and every body
to company’s information system.
Following example can explain the concept in a better fashion. Two users A & B present at remote
locations or we can say outside the organization may want to access the server located within the
organization. They may get connected with the internet and access the server located in the
organization. The server needs to be online as well so as to be accessed by A & B through any of the
means (broad band, base band, wi-fi, or satellite). Hence data can be transmitted and retrieved using the
internet. Availability of connection of proper bandwidth allowing appropriate internet connection speed
is critical to both transmission and retrieval. Due to this reason, companies have taken dedicated lines to
enjoy uninterrupted service.

143 Roles & Responsibility any three (Marks 3)

Roles & Responsibility

For security to be effective, it is imperative that individual roles, responsibilities are clearly
communicated

and understood by all. Organizations must assign security related functions in the appropriate manner to
nominated employees. Responsibilities to consider include:

1. Executive Management — assigned overall responsibility for the security of information;

2. Information Systems Security Professionals — responsible for the design, implementation,

management, and review of the organization’s security policy, standards, measures, practices, and
procedures;

3. Data Owners — responsible for determining sensitivity or classification levels of the data as well as
maintaining accuracy and integrity of the data resident on the information system;

4. Process Owners — responsible for ensuring that appropriate security, consistent with the
organization’s security policy, is embedded in their information systems;

5. Technology providers — responsible for assisting with the implementation of information security;

6. Users — responsible for following the procedures set out in the organization’s security policy; and

7. Information Systems Auditors — responsible for providing independent assurance to management on

the appropriateness of the security objectives.

144 What is focal Point? Complete(Marks 10)

What is focal Point?

A corporate-level facilitator may serve as a focal point for assessments throughout the company,
including those pertaining to information security because of familiarity with the tools and the reporting
requirements. Each business unit in an organization may have a designated individual responsible for the
business unit's risk assessment activities. The computer hardware and software company, may also
create a team for the purpose of improving the overall risk assessment process and reviewing results of
risk assessments in the hardware and software systems from the perspective of offering a better, reliable
and risk free product.

145 What is Vulnerability? (Marks 1)

Vulnerability is a weakness that can be accidentally triggered or intentionally exploited. This phase helps
in building up a list of weaknesses and flaws that could be exploited by the potential threat sources.

146Two output of Impact Analysis? (Marks 2)

Impact Analysis

This phase determines the adverse impact resulting from a successful threat exercise of vulnerability.
Following information is required before conducting an impact analysis.

1. System mission e.g. the process performed by IT system.

2. System and data criticality e.g. the system’s value or importance to an organization

3. System and data sensitivity

The information can be obtained from existing organizational documentation.

The threat source lacks motivation or capability or controls are in place to prevent or at least significantly
impede the vulnerability from being exercised.

Low The threat source is motivated and capable but controls are in place that may impede the successful
exercise of the vulnerability.

Medium The threat source is highly motivated and sufficiently capable and controls to prevent then
vulnerability from being exercised are ineffective

High Likelihood level Likelihood Definition

Impact needs to be measured by defining certain levels. E.g. high medium low as qualitative categories
or quantifying the impact by using probability distribution.

• Mission Impact Analysis

• Assess criticality assessment

• Data criticality

• Data sensitivity

The output of this phase is impact rating.

147What is change management. Identify its types ? (Marks 5)

Change management

Change management means to plan, initiate, realize, control, and finally stabilize change processes on
both, corporate and personal level. Implementation of ERP or any other integration software needs
commitment and proper management. Managing change in implementation projects has become a
serious concern for the management.

Types of Change

• Organizational Development: This is the more gradual and evolutionary approach to change. It bases
on the assumption that it is possible to align corporate objectives with the individual employees’
objectives. In practice, however, this will rarely be possible.

• Reengineering: This is known as corporate transformation or business transformation. It is the more

radical form of change management, since it challenges all elements of processes or structures that have
evolved over time.

148 What is difference between the Changing and Freezing? (Marks 3)

Another view of phases

Change management phases can be classified in an alternative way:

• Unfreezing -- Preparing a situation for change by disconfirming existing attitudes and behaviors.

• Changing -- Taking action to modify a situation by altering the targets of change.

• Refreezing -- Maintaining and eventually institutionalizing the change.

149 How will you differentiate CSF from KPI? Discuss briefly.

CSF vs. Key Performance Indicator

A critical success factor is not a key performance indicator or KPI. Critical Success Factors are elements
that are vital for a strategy to be successful. A KPI measures the achievements.The following example will
clarify the difference. A CSF for improved sales may be adopting a new sales strategy through better and
regularly arranged display of products in the shop windows. However, the KPI identified would be the
increased/decreased Average Revenue Per Customer as a result of the strategy. Key Performance
Indicators directly or indirectly measure the results of implementation of Critical Success Factors. KPI’s
are measures that quantify objectives and enable the measurement of strategic performance.

Question No: 150 ( Marks: 1 ) What is an entity set? Entity

An entity is an object that exists and is distinguishable from other objects. An entity is described using a
set of attributes. For example specific person, company, event, plant, crop, department, section, cost
center.
• An entity set is a set of entities of the same type that share the same properties

• All entities in an entity set have the same set of attributes, i.e. common characteristics e.g. names,
addresses, date of birth, etc.

• Each entity set has a distinct attribute by which it can be easily identified, e.g. NIC no., employee no.

Example

• Bird is an entity

• The class of birds is an entity set

• The color of birds is an attribute

151 Why use in arrow of process in the flow chart? (Marks 1)

Flow Chart

"A schematic representation of a sequence of operations as in a manufacturing process or computer

program

Question No:152( Marks: 2 ) Why we use the tools like flowcharts, DFDs etc in the System Design?

Entity Relationship Diagram (ERD)

Another diagrammatical tool used in system design is ERD. ERD as shown below indicates simple
relationships. These relationships can be read as follows.

• One department has one supervisor

• A department may have more than one employees

• An employee may be in more than one departments

• An employee may not be working on any project but a project must have at least one employee
working on it Or

• An employee may be in more than one departments

• An employee may not be working on any project but a project must have at least one employee
working on it This is another form of ERD used to show the relations between various fields in files used
to record specific data.

153Question No: 153 ( Marks: 1 ) Define Clear Text ?

Clear text – it is the data to be encrypted.

• Cipher text – it is the code created out of data after encryption

Critical Success Factors differ from organization to organization. While approving any project, the
management may evaluate the project on the basis of certain factors critical to the success or failure
of the project. Five example in real life (Marks 10)

Critical Success Factors (CSF)

Critical Success Factor (CSF) is a business term for an element which is necessary for an organization or
project to achieve its mission. For example, for an international package delivery system, CSF’s can be
identified such as safe transport of customer consignments, timely delivery of consignment, online status
confirmation system to inform customers and proper packaging and handling.

• Money factors: positive cash flow, revenue growth, and profit margins.

• Acquiring new customers and/or distributors

• Customer satisfaction – No. of complaints, after sales service

• Quality – Customer feed back on the product.

• Product / service development -- what's new that will increase business with existing customers and
attract new ones?

• Intellectual capital – enhancing production techniques and acquiring knowledge relating to

advancement in hardware/machines, equipment, processes.

• Strategic relationships -- new sources of business, products and outside revenue, sub contracting.

• Employee development and retention –

• Sustainability

• Corporate social responsibility

• Corporate Governance

27.1 Sources of Critical Success Factors

Critical Success Factors have to be analyzed and established. CSF’s may be developed from various
sources.
Generally four major sources of identifying CSF’s are

• Industry CSFs resulting from specific industry characteristics;

• CSF’s resulting from the chosen competitive strategy of the business e.g. quick and timely delivery

may be critical to courier service business

• Environmental CSFs resulting from economic or technological changes; and

• Temporal CSFs resulting from internal organizational needs and changes.

Question No: 154 ( Marks: 2 )What is the use of Default keyword in switch structure?

The default statement is used because, when dealing with switch, you will have many cases either
returning TRUE or FALSE.
If neither of those cases return true, then default will recognize the switch value. However, the default
line should be at the end of every caseIt's a catch-all for any case that doesn't exist. Think of it as 'else' in
a list of if-else statements, if the switch doesn't match a listed case, the default case is used (if it exists).

155 Object Oriented Design has the purpose to create flexible Object Oriented Systems.
Object-Oriented Analysis(OOA) and Object-Oriented Design(OOD)?
Flexible in terms of Object Orientation means, that it's possible to add functionality without messing the
whole thing up. Object Oriented Analysis has the purpose of finding a proper OOD for the problem, e.g.
by using Design Patterns.

Question No: 156( Marks: 3 ) Identify draw backs to ERP systems.

Disadvantages of ERP: Many problems organizations have with ERP systems are due to inadequate
investment in ongoing training for involved personnel, including those implementing and testing
changes, as well as a lack of corporate policy protecting the integrity of the data in the ERP systems and
how it is used.

Next-Generation: Pitch Deck
No ratings yet
Next-Generation: Pitch Deck
285 pages
Housekeeping Department: Profit & Loss Meeting - February 2 0 1 7
No ratings yet
Housekeeping Department: Profit & Loss Meeting - February 2 0 1 7
29 pages
Alireza Nasseh Resume
No ratings yet
Alireza Nasseh Resume
3 pages
MGCR 222 Introduction To Organizational Behavior Syllabus - Pdfs
No ratings yet
MGCR 222 Introduction To Organizational Behavior Syllabus - Pdfs
6 pages
Clash of Clans
No ratings yet
Clash of Clans
10 pages
Create A Simple ABAP CDS View in ADT
100% (1)
Create A Simple ABAP CDS View in ADT
71 pages
Economic Regulation Market Reports
No ratings yet
Economic Regulation Market Reports
39 pages
Orion POS - Guide - Button Training PDF
No ratings yet
Orion POS - Guide - Button Training PDF
68 pages
Capstone Final Report - Natural Disaster App - Final
No ratings yet
Capstone Final Report - Natural Disaster App - Final
32 pages
Receiving An MDS: Version: IMDS Release 10.0
No ratings yet
Receiving An MDS: Version: IMDS Release 10.0
26 pages
Fiscal Year 2024 - Volume 1
No ratings yet
Fiscal Year 2024 - Volume 1
666 pages
Business Explosure-Atharv Foundries 3
No ratings yet
Business Explosure-Atharv Foundries 3
20 pages
Overview of Entrepreneurship
No ratings yet
Overview of Entrepreneurship
17 pages
2.ZAMARA RWANDA COMPANY PROFILE - v2
No ratings yet
2.ZAMARA RWANDA COMPANY PROFILE - v2
12 pages
CIRCULAR-For Special Incentive - 15022022
No ratings yet
CIRCULAR-For Special Incentive - 15022022
7 pages
Chapter 4 - System Design Part 1
No ratings yet
Chapter 4 - System Design Part 1
9 pages
Principles of Marketing
No ratings yet
Principles of Marketing
18 pages
History: Important Days
No ratings yet
History: Important Days
3 pages
UTILTS User Guide
No ratings yet
UTILTS User Guide
137 pages
Gmail HACC Clackamas County
No ratings yet
Gmail HACC Clackamas County
3 pages
Wage Management
No ratings yet
Wage Management
6 pages
Hyponic Catalog
No ratings yet
Hyponic Catalog
128 pages
Pestel Analysis Furniture
No ratings yet
Pestel Analysis Furniture
4 pages
PSR Digital Industries SP 20170707
No ratings yet
PSR Digital Industries SP 20170707
20 pages
11 - Q2 Extent To Which The SCM Strategy Adopted by IKEA in The Case Study May Be Considered To Lean And-Or Agile
No ratings yet
11 - Q2 Extent To Which The SCM Strategy Adopted by IKEA in The Case Study May Be Considered To Lean And-Or Agile
3 pages
BSC HS - Sumer 2018 - Sem I
No ratings yet
BSC HS - Sumer 2018 - Sem I
16 pages
Transaction Statement: Account Number: 0226104000114196 Date: 2023-04-28 Currency: INR
No ratings yet
Transaction Statement: Account Number: 0226104000114196 Date: 2023-04-28 Currency: INR
6 pages
Davrados 2023 Obligations II Outline - LZ
No ratings yet
Davrados 2023 Obligations II Outline - LZ
68 pages
Asda Case Study
No ratings yet
Asda Case Study
29 pages
Integrating ADC
No ratings yet
Integrating ADC
4 pages
Atos 2019 Financial Report PDF
No ratings yet
Atos 2019 Financial Report PDF
106 pages
T Code List
No ratings yet
T Code List
5 pages
Case Study Analysis
No ratings yet
Case Study Analysis
15 pages
Online Grocery Delivery Models 2022-23
No ratings yet
Online Grocery Delivery Models 2022-23
4 pages
Central Action Plan 2021-22
No ratings yet
Central Action Plan 2021-22
73 pages
Unit 5
No ratings yet
Unit 5
11 pages
Fuji Differential
No ratings yet
Fuji Differential
40 pages
Commodities
No ratings yet
Commodities
18 pages
SMPG Corporate Actions Events Templates - SR2021: Disclaimer
No ratings yet
SMPG Corporate Actions Events Templates - SR2021: Disclaimer
233 pages
7 Module 3-Brand Building Through Imperative, Global and Corporate Image
No ratings yet
7 Module 3-Brand Building Through Imperative, Global and Corporate Image
31 pages
Academy of Management The Academy of Management Review
No ratings yet
Academy of Management The Academy of Management Review
22 pages
Cambridge IGCSE™: Short Answer and Data Response
No ratings yet
Cambridge IGCSE™: Short Answer and Data Response
23 pages
Interview Material Goa Division 2020 PDF
No ratings yet
Interview Material Goa Division 2020 PDF
82 pages
Different Paradigms of Pattern Recognition
No ratings yet
Different Paradigms of Pattern Recognition
8 pages
March 2023: Monthly Current Affairs
No ratings yet
March 2023: Monthly Current Affairs
149 pages
Economics Unit 1 Notes
No ratings yet
Economics Unit 1 Notes
40 pages
HMIS Procedures Manual I II - English-Revised-20110823 (Final)
No ratings yet
HMIS Procedures Manual I II - English-Revised-20110823 (Final)
163 pages
PGR 2022-00031 - Order Instituting PGR (Grecia D'702)
No ratings yet
PGR 2022-00031 - Order Instituting PGR (Grecia D'702)
16 pages
Ahun 1 Final Print Booklet
100% (1)
Ahun 1 Final Print Booklet
24 pages
Sanmati Engineering College Brochure PDF
No ratings yet
Sanmati Engineering College Brochure PDF
22 pages
Bennet-Kaine Medicare-X Choice Act Summary
No ratings yet
Bennet-Kaine Medicare-X Choice Act Summary
1 page
International Trade Law
No ratings yet
International Trade Law
30 pages
Noncontingent Reinforcement
No ratings yet
Noncontingent Reinforcement
2 pages
4.topic 2 - Legal Environment
No ratings yet
4.topic 2 - Legal Environment
25 pages
SMSC 5.0 EMI - UCP Interface
No ratings yet
SMSC 5.0 EMI - UCP Interface
105 pages
Financial Performance of Marks and Spencer's
No ratings yet
Financial Performance of Marks and Spencer's
6 pages
Strategic Marketing Assignment
No ratings yet
Strategic Marketing Assignment
7 pages
VXMLRef 007-02542-0025 R4.21 v01
No ratings yet
VXMLRef 007-02542-0025 R4.21 v01
232 pages
18691ptla - Xii Computer - Part 2
No ratings yet
18691ptla - Xii Computer - Part 2
48 pages
Report Monitoring Stock FOC CIANJUR (Update 17 April 2023) - Update Weris 18 Apr 23
No ratings yet
Report Monitoring Stock FOC CIANJUR (Update 17 April 2023) - Update Weris 18 Apr 23
250 pages
Medical Reimbursement
No ratings yet
Medical Reimbursement
56 pages
Cs 507 Subjective: Naive Enigma - ●♥ Ƹƹӝƹʒ ♥● - ٠· .
No ratings yet
Cs 507 Subjective: Naive Enigma - ●♥ Ƹƹӝƹʒ ♥● - ٠· .
45 pages
Old Testament Books - OverviewBible
No ratings yet
Old Testament Books - OverviewBible
7 pages
Reviewer Mapeh 3RD Quarter
No ratings yet
Reviewer Mapeh 3RD Quarter
3 pages
Red Hat 3scale API Management 2.8
No ratings yet
Red Hat 3scale API Management 2.8
74 pages
Nine Motor Boats and How To Build Them
100% (4)
Nine Motor Boats and How To Build Them
136 pages
Final RDG ch12 Ad 07 27 18
No ratings yet
Final RDG ch12 Ad 07 27 18
28 pages
IB HL 5 EQ Paper 2 s99 To s13 Incl W 4students PDF
No ratings yet
IB HL 5 EQ Paper 2 s99 To s13 Incl W 4students PDF
76 pages
Keegan Globalmktg6e 09
No ratings yet
Keegan Globalmktg6e 09
29 pages
Likert Scale in Social Sciences Research: Problems and Difficulties
No ratings yet
Likert Scale in Social Sciences Research: Problems and Difficulties
14 pages
5000 Words
No ratings yet
5000 Words
1 page
Chapter 3 Ethics
No ratings yet
Chapter 3 Ethics
8 pages
Module 1 Ge8
No ratings yet
Module 1 Ge8
14 pages
Resume KNM12
No ratings yet
Resume KNM12
1 page
Pricelist Honda Agustus 2019
No ratings yet
Pricelist Honda Agustus 2019
2,436 pages
3x rrv4 65b r12 Product Specifications
No ratings yet
3x rrv4 65b r12 Product Specifications
4 pages
World Laughter Day
No ratings yet
World Laughter Day
12 pages
MPP & MP GRMB
No ratings yet
MPP & MP GRMB
10 pages
pr1169 1170
No ratings yet
pr1169 1170
1 page
Cyber Bullying Essay
100% (4)
Cyber Bullying Essay
8 pages
All Doc Reader-1.5.2-Backup-Export-All - JSON
No ratings yet
All Doc Reader-1.5.2-Backup-Export-All - JSON
4 pages
Nature and Scope of Micro Economics
No ratings yet
Nature and Scope of Micro Economics
23 pages
Tutorial 3 Bail
No ratings yet
Tutorial 3 Bail
9 pages
VP Institutional Asset Management in Washington DC Resume Lisa Drazin
100% (1)
VP Institutional Asset Management in Washington DC Resume Lisa Drazin
3 pages
SSVP Kal Report 2023
No ratings yet
SSVP Kal Report 2023
10 pages
The Factors That Influence The Career Choices of Grade 12 HUMSS Students in Mil
100% (1)
The Factors That Influence The Career Choices of Grade 12 HUMSS Students in Mil
28 pages
Visa and Immigration Guide For Students
No ratings yet
Visa and Immigration Guide For Students
21 pages
Comparative and Superlative Degree
No ratings yet
Comparative and Superlative Degree
3 pages
Loner by Rae
No ratings yet
Loner by Rae
278 pages
HR Email Contact
No ratings yet
HR Email Contact
3 pages