A check-point procedure
1.checks program correctness at certain points
2.divides a program into smaller parts
3.breaks a programs into portions at the end of each of which a check point program is executed
4.finds points in a program where it is convenient to check it
A digital signature is
1.a bit string giving identity of a correspondent
2.a unique identification of a sender
3.an authentication of an electronic record by tying it uniquely to a key only a sender knows
4.an encrypted signature of a sender
A firewall is a
1.wall built to prevent fires from damaging a corporate intranet
2.security device deployed at the boundary of a company to prevent unauthorized physical access
3.security device deployed at the boundary of a corporate intranet to protect it from unauthorized access
4.device to prevent all accesses from the internet to the corporate intranet
A firewall is used in a system connected to a wide area network to
1.prevent spread of fire in the network
2.prevent unauthorized access by hackers
3.to scan for viruses in files
4.to extinguish fire spreading via network cables
A firewall may be implemented in
1.routers which connect intranet to internet
2.bridges used in an intranet
3.expensive modem
4.user's application programs
A hardened firewall host on an Intranet is
1.a software which runs in any of the computers in the intranet
2.a software which runs on a special reserved computer on the intranet
3.a stripped down computer connected to the intranet
4.a mainframe connected to the intranet to ensure security
A proof figure is
1.a figure used to prove the correctness of data entry
2.an additional data entered with each record to facilitate detection of arithmetic error
3.a number used during data entry
4.a modulus-11 check digit
A relationship check
1.is concerned with checking a relation
2.uses an entity-relationship model for checking
3.finds out if a relationship is satisfied in computation
4.uses the fact that a known relationship exists between two data elements and checks if it is satisfied during computation
A two way check
1.calculates the same quantity in two different ways and compares them for equality
2.calculates the quantities and compares them for equality
3.checks a data item in two different ways
4.enters data two times and cross-checks them
An audit trail is established in a system to
1.detect errors in a system
2.enable auditing of a system
3.localize the source of an error in a system
4.trail a program
ANSI X.12 is a standard developed by
1.American National Standard Institute
2.International Standard Institute
3.European Common Market
4.United Nations Economic Commission for Europe
Audit in the design of information system is used to
1.inspect the system and check that it is built as per specifications
2.protect data from accidental or intentional loss
3.ensure that the system processes data as it was designed to and that the results are reliable
4.ensure privacy of data processed by it
auditing with a computer we mean
1.the inputs and the corresponding outputs are compared and checked for correctness
2.the programs and procedures are checked for correctness
3.special synthetic data is input and outputs checked for correctness
4.programs are written to check the functioning of the computer hardware
B2C commerce
1.includes services such as legal advice
2.means only shopping for physical goods
3.means only customers should approach customers to sell
4.means only customers should approach business to buy
By applying permutation (31254) and substitution by 5 characters away from current character (A → F , B → G etc..) the following string ABRACADABRA becomes
1.FGWCAAADRBF
2.RABCAAADRBF
3.WFGHFFFIWGF
4.None of the above
By auditing around the computer we mean
1.the inputs and the corresponding outputs are compared and checked for correctness
2.the programs and procedures are checked for correctness
3.special synthetic data is input and outputs checked for correctness
4.programs are written to check the functioning of the computer hardware
By auditing through the computer we mean
1.the inputs and the corresponding outputs are compared and checked for correctness
2.the programs and procedures are checked for correctness
3.special synthetic data is input and outputs checked for correctness
4.programs are written to check the functioning of the computer hardware
By Electronic Commerce we mean:
1.Commerce of electronic goods
2.Commerce which depends on electronics
3.Commerce which is based on the use of internet
4.Commerce which is based on transactions using computers connected by telecommunication network
By encryption of a text we mean
1.compressing it
2.expanding it
3.scrambling it to preserve its security
4.hashing it
By information system testing we mean
1.testing an information system correctly
2.determining whether a system is performing as per specifications
3.determining whether a system is performing optimally
4.ensuring proper function of a system
By string test we mean
1.a test which tests operations with strings
2.a string of tests on programs
3.Test on related programs
4.The output of a program is sent as input to related program(s) to see if data is transferred correctly
Control in design of an information system is used to
1.inspect the system and check that it is built as per specifications
2.protect data from accidental or intentional loss
3.ensure that the system processes data as it was designed to and that the results are reliable
4.ensure privacy of data processed by it
DES using 56 bit keys
1.Cannot be broken in reasonable time using presently available computers
2.Can be broken only if the algorithm is known using even slow computers.
3.Can be broken with presently available high performance computers.
4.It is impossible to break ever.
DES works by using
1.permutation and substitution on 64 bit blocks of plain text
2.only permutations on blocks of 128 bits
3.exclusive ORing key bits with 64 bit blocks
4.4 rounds of substitution on 64 bit blocks with 56 bit keys
EDI requires
1.representation of common business documents in computer readable form
2.data entry operators by receivers
3.special value added networks
4.special hardware at co-operating Business premises
EDI use
1.requires an extranet
2.requires value added network
3.can be done on internet
4.requires a corporate intranet
EDIFACT standard was developed by
1.American National Standard Institute
2.International Standard Institute
3.European Common Market
4.United Nations Economic Commission for Europe
Electronic Data Interchange is necessary in
1.B2C e-Commerce
2.C2C e-Commerce
3.B2B e-Commerce
4.Commerce using internet
Encryption can be done
1.only on textual data
2.only on ASCII coded data
3.on any bit string
4.only on mnemonic data
Firewall as part of a router program
1.filters only packets coming from internet
2.filters only packets coming from internet
3.filters packets travelling from and to the intranet from the internet
4.ensures rapid traffic of packets for speedy e-Commerce
Hashed message is signed by a sender using
1.his public key
2.his private key
3.receiver's public key
4.receiver's private key
HTML and XML are markup languages
1.Specially development for the web
2.Are based on SGML
3.Are versions of SGML
4.Independent of SGML
In auditing with a computer
1.auditing programs are designed and used to check a system
2.the hardware of the computer is thoroughly checked for malfunctions
3.system software is thoroughly checked to ensure error free operations
4.auditors check system with a computer
In Electronic cash payment
1.a debit card payment system is used
2.a customer buys several electronic coins which are digitally signed by coinissuing bank
3.a credit card payment system is used
4.RSA cryptography is used in the transactions
In public key encryption if A wants to send an encrypted message to B
1.A encrypts message using his private key
2.A encrypts message using B's private key
3.A encrypts message using B's public key
4.A encrypts message using his public key
In SET protocol a customer sends a purchase order
1.encrypted with his public key
2.in plain text form
3.encrypted using Bank's public key
4.using digital Signature system
IP addresses are converted to
1.a binary string
2.alphanumeric string
3.a hierarchy of domain names
4.a hexadecimal string
Message can be sent more securely using DES by
1.encrypting plain text by a different randomly selected key for each transmission
2.encrypting plain text by a different random key for each message transmission and sending the key to the receiver using a public key system
3.using an algorithm to implement DES instead of using hardware
4.designing DES with high security and not publicizing algorithm used by it
One of the problems with using SET protocol is
1.the merchant's risk is high as he accepts encrypted credit card
2.the credit card company should check digital signature
3.the bank has to keep a database of the public keys of all customers
4.the bank has to keep a database of digital signatures of all customers
Organizational measures in control mean
1.a set of well organized methods
2.assignment of appropriate responsibilities to individuals in data processing in an organization
3.proper organization of data
4.creation of an organization for controlling system
Parallel runs are used
1.during regular operation of an information system
2.when a system is initially implemented
3.whenever errors are found in a computerized system
4.whenever management insists
Public key encryption method is a system
1.which uses a set of public keys one for each participant in e-Commerce
2.in which each person who wants to communicate has two keys; a private key known to him only and a public key which is publicized to enable others to send message to him
3.which uses the RSA coding system
4.which is a standard for use in e-Commerce
Security in the design of information system is used to
1.inspect the system and check that it is built as per the specifications
2.protect data and programs from accidental or intentional loss
3.ensure that the system processes data as it was designed to and that the results are reliable
4.ensure privacy of data processed by it
The bank has to have the public keys of all customers in SET protocol as it has to
1.check the digital signature of customers
2.communicate with merchants
3.communicate with merchants credit card company
4.certify their keys
The purpose of parallel run is to
1.to see whether outputs of a newly computerized system matches those of currently running manual or legacy system
2.have redundancy for reliability
3.test an operational information system
4.test a system being newly designed
The scope of the system test includes
1.both computerized and manual procedures
2.only test of computer procedures
3.computerized procedures, manual procedures, computer operations and controls
4.mainly computerized procedures and operations controls
The Secure Electronic Transaction protocol is used for
1.credit card payment
2.credit card payment
3.electronic cash payments
4.payment of small amounts for internet services
Triple DES
1.is a symmetric key encryption method
2.guarantees excellent security
3.is implementable as a hardware VLSI chip
4.is public key encryption method with three keys.
Triple DES
1.Cannot be broken in reasonable time using presently available computers.
2.Can be broken only if the algorithm is known using even slow computer.
3.Can be broken with presently available high performance computers.
4.It is impossible to break ever.
While sending a signed message, a sender
1.sends message key using public key encryption using DES and hashed message using public key encryption
2.sends message using public key encryption and hashed message using DES
3.sends both message and hashed message using DES
4.sends both message and hashed message using public key encryption