7 -1 MIS REVIEW QUESTIONS

Why are information systems vulnerable to destruction, error, and abuse?

• List and describe the most common threats against contemporary information systems.
• Define malware and distinguish among a virus, a worm, and a Trojan horse.
• Define a hacker and explain how hackers create security problems and damage systems.
• Define computer crime. Provide two examples of crime in which computers are targets and two examples in which computers are used as instruments of crime.
• Define identity theft and phishing and explain why identity theft is such a big problem today.
• Describe the security and system reliability problems created by employees.
• Explain how software defects affect system reliability and security.

What is the business value of security and control?

• Explain how security and control provide value for businesses.
• Describe the relationship between security and control and recent U.S. government regulatory requirements and computer forensics.

What are the components of an organizational framework for security and control?

• Define general controls and describe each type of general control.
• Define application controls and describe each type of application control.
• Describe the function of risk assessment and explain how it is conducted for information systems.
• Define and describe the following: security policy, acceptable use policy, and identity management.
• Explain how MIS auditing promotes security and control.

What are the most important tools and technologies for safeguarding information resources?

• Name and describe three authentication methods.
• Describe the roles of firewalls, intrusion detection systems, and antivirus software in promoting security.
• Explain how encryption protects information.
• Describe the role of encryption and digital certificates in a public key infrastructure.
• Distinguish between fault tolerance and high-availability computing, and between di saster recovery planning and business continuity planning.
• Identify and describe the security problems posed by cloud computing.
• Describe measures for improving software quality and reliability.