7 -1 MIS REVIEW QUESTIONS
Why are information systems vulnerable to destruction, error, and abuse?
- List and describe the most common threats against contemporary information systems.
- Define malware and distinguish among a virus, a worm, and a Trojan horse.
- Define a hacker and explain how hackers create security problems and damage systems.
- Define computer crime. Provide two examples of crime in which computers are targets and two examples in which computers are used as instruments of crime.
- Define identity theft and phishing and explain why identity theft is such a big problem today.
- Describe the security and system reliability problems created by employees.
- Explain how software defects affect system reliability and security.
What is the business value of security and control?
- Explain how security and control provide value for businesses.
- Describe the relationship between security and control and recent U.S. government regulatory requirements and computer forensics.
What are the components of an organizational framework for security and control?
- Define general controls and describe each type of general control.
- Define application controls and describe each type of application control.
- Describe the function of risk assessment and explain how it is conducted for information systems.
- Define and describe the following: security policy, acceptable use policy, and identity management.
- Explain how MIS auditing promotes security and control.
What are the most important tools and technologies for safeguarding information resources?
- Name and describe three authentication methods.
- Describe the roles of firewalls, intrusion detection systems, and antivirus software in promoting security.
- Explain how encryption protects information.
- Describe the role of encryption and digital certificates in a public key infrastructure.
- Distinguish between fault tolerance and high-availability computing, and between di saster recovery planning and business continuity planning.
- Identify and describe the security problems posed by cloud computing.
- Describe measures for improving software quality and reliability.