ITIS204 Mock Exam - Final - First Semester 2024-2025 PDF
Document Details
Uploaded by ViewableLightYear
UOB
2025
Jenan haider
Tags
Summary
This is a mock exam for ITIS204, covering topics like computer viruses, phishing, e-commerce, and cloud computing. It includes true/false, multiple-choice, and essay questions. The exam is scheduled for the first semester of 2024-2025.
Full Transcript
DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 Mock Exam ً الرجاء عدم تناقل أسئ...
DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 Mock Exam ً الرجاء عدم تناقل أسئلة المراجعة بأي شكل كان مع أحد او ر: مالحظة مهمة نشها يف القروبات و أيضا عدم رميها عند قاعة المتحان او يج تعاريف عشوائية من جميع الجباتر ى الدخول بها حت ال تسبب ضر لكم—التوصيل ي 1 PART I: True or False (1M x 20Q = 20 Marks) 1) Worms are computer viruses that wait for a specific date before executing their instructions. a. True b. False 2) Phishing reroutes requests for legitimate websites to false websites. a. True b. False 3) Ecommerce includes business along with all activities related to internal and external business operations, such as servicing customer accounts, collaborating with partners, and exchanging real-time information. During Web 1.0, entrepreneurs began creating the first forms of ecommerce. a) True b) False 4) Cybervandalism is a problem that occurs when someone registers purposely misspelled variations of well-known domain names a) True b) False 5) Tokens are small electronic devices that change user passwords automatically a) True b) False 6) A business model shows the hierarchy and organization of the employees in a division or company. a) True b) False 7) Business intelligence is information collected from multiple sources such as suppliers, customers, competitors, partners, and industries that analyzes patterns, trends, and relationships for strategic decision making. a) True b) False- 8) The majority of eBay’s customers are using a business-to-business (B2B) ebusiness model a) True b) False 9) Social tagging is similar to taxonomy except that crowdsourcing determines the tags or keyword-based classification system. a) True b) False 10) Variety in big data includes different forms of structured and unstructured data. a) True b) False 11) URLs use domain names to identify particular websites a) True b) False 1|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 12) Search engine optimization are keywords that advertisers choose to pay for and appear as sponsored links on the Google results pages a) True b) False 13) Adwords are keywords that advertisers choose to pay for and appear as sponsored links on the Google results pages a) True b) False 14) A hybrid cloud includes two or more private, public, or community clouds, but each cloud remains separate and is only linked by technology that enables data and application portability. a) True b) False 15) Using only data and information to make decisions and solve problems is the key to finding success in business. These are also the only core drivers of the information age and the building blocks of business systems. a) True b) False 16) Accessibility is Cloud computing allows users to access virtual applications software, such as database software, through the Internet. This allows for access to more resources a) True b) False 17) The four common characteristics of big data include variety, veracity, volume, velocity. a) True b) False 18) One of the most important features of any BI system it is data visualization tools a) True b) False 19) Data science refers to the technology and processes used to gain intelligent, usable information from these databases. a) True b) False 20) A private cloud serves only one customer or organization and can be located on or off the customer’s premises driving a) True b) False PART II: Multiple Choices (1Mx15Q = 15 Marks) 1) Determining what is ethical can sometimes be difficult because certain actions can be justified or condemned depending on how you view the relationship between which of the following? a. legal and confidential b. legal and ethical c. legal and technical d. confidential and open 2) Which of the following represents the definition of information compliance? a. the act of conforming, acquiescing, or yielding information b. the ability to comply with software c. the understanding of technology d. the verbalization of information governance in a company's policies and procedures 3) Which of the following clauses is typically contained in an acceptable use policy? a. nonrepudiation clause b. digital trust clause c. confidentiality clause d. employee use clause 2|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 4) According to the ethical computer use policy, users should __________ the rules and, agreeing to use the system on that basis,______ to abide by the rules a. be informed of; collaborate b. consent to; be informed c. be informed; consent d. consent to; be informed 5) What offers a pay-per-use revenue model similar to a metered service such as gas or electricity? r? a. grid computing b. smart phones c. utility computing 6) The purpose of ________ is often to promote or discredit a public figure, political movement, or a company.? a. fake news b. microblogging c. folksonomy d. crowdsourcing 7) Which cloud computing delivery models. a. Private cloud, Public cloud, Hybrid cloud, Community cloud b. Infrastructure as a Service (IaaS) , Software as a Service (SaaS), Platform as a Service (PaaS) c. Disaster Recovery as a Service (DRaaS), Software as a Service (SaaS),Infrastructure as a Service (IaaS). 8) What is the internet protocol web browsers use to request and display web pages using universal resource locators? a. hypertext markup language (HTML) b. hypertext transport preteeel (HTTP) c. DARPA d. URL 9) What is the ebusiness model that represents 80 percent of all online businesses and is typically more complex, requiring greater security needs? a. consumer-to-consumer b. consumer-to-business c. business-to-consumer d. business-to-business 10) John and Jenny have been saving for two years to take their six children on a vacation to Disneyworld. They are surprised to find out that airline tickets are far more expensive than they had anticipated. They decide to try to find cheaper tickets on Priceline, where they are allowed to set the price they are willing to pay for the airline tickets. What form of ebusiness model are John and Jenny using? a. CBC b. B2B c. C2B d. C2C 11) What do Netflix and Amazon use to drive their recommendation tools? a. Web 1.0 content b. open source content c. virtual content d. user-generated content 12) Which of the following terms could you use synonymously when referring to the web? a. URL, domain name b. network, paradigm shift c. HTML, Internet d. All of the answers are correct. 3|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 13) ) Which of the following Cloud Computing Advantages? a. Accessibility , Availability , Cost Saving, Flexibility , Reliability , Portability , Capacity on Demand , Backup /Recovery and Scalability b. Accessibility , Security: , Scalability , Cost-effective: , Automatic backups , and Collaboration. c. Flexibility , Reliability , Cost Efficiency and Scalability d. Increased performance , Scalability and Cost savings. 14) Which of the following companies used technology to revamp the business process of selling books? a. Netflix b. Della c. Zappos d. Amazon 15) Nike offers people the opportunity to visit its website to create running shoes in the style and color they choose. How would you classify Nike’s ebusiness strategy? مهم a. information richness b. mass customization c. personalization d. Interactivity 16) Netflix creates a unique recommendation listing for each customer who revisits its website. How would you classify Netflix’s ebusiness strategy? a. information richness b. mass customization c. personalization d. interactivity PART III: Essay Questions 1) Explains deepfake and fake news (CH#5) Deepfake: Refers to a manipulated or synthesized media, typically videos or images, created using deep learning and artificial intelligence (AI) techniques. o Ex: Deepfake Obama” video. the video was actually a deepfake, with Obama’s face superimposed onto the body of another individual Fake news : Refers to false news stories created to be widely shared or distributed for the purpose of promoting or discrediting a public figure, political movement, or a company. 2) Describe the relationship between information security policies and an information security plan. (CH#9) 1. Information security policies: identify the rules required to maintain information security. o Ex: as requiring users to log off before leaving for lunch or meetings, never sharing passwords with anyone, and changing passwords every 30 days. 2. An information security plan :details how an organization will implement the information security policies. o The best way a company can safeguard itself from people is by implementing and communicating its information security plan. 3) Describe the relationships and differences between hackers and viruses.(CH#9) Hackers :are experts in technology who use their knowledge to break into computers and computer networks, either for profit or just for the challenge. A virus is software written with malicious intent to cause annoyance or damage 4|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 4) List and describe the four primary cloud computing environments.(CH#6) مكرر 1) Private cloud:serves only one customer or organization and can be located on the customer’s premises or off the customer’s premises(Single-tenancy) o EX: Bank, government, Corporation 2) Public cloud :promotes massive, global, and industrywide applications offered to the general public.( Multi-tenancy) o EX: Amazon EC2, Windows Azure 3) Community cloud :serves a specific community with common business models, security requirements, and compliance considerations..( Multi-tenancy) o EX: Private hospital, all colorado state government organization 4) Hybrid cloud: includes two or more private, public, or community clouds, but each cloud remains separate and is only linked by technology that enables data and application portability.( Mix of private, public, or community) o EX: private cloud of the company and Public cloud for customers, suppliers and partners 5) List The core drivers of the information age. (CH#7) 1) Data: Raw facts that describe the characteristics of an event or object 2) Information: Data converted into a meaningful and useful context 3) Business Intelligence : Information collected from multiple sources such as suppliers, customers, competitors, partners, and industries that analyzes patterns, trends, and relationships for strategic 4) Knowledge: The skills, experience, and expertise, coupled with information and intelligence, that create a person's intellectual resources 2 PART I: True or False (1M x 20Q = 20 Marks) 1) Multi-tenancy in the cloud means that a single instance of a system serves multiple customers. In the cloud, each customer is called a tenant, and multiple tenants can access the same system. a. True b. False 2) Unstructured data is data that is not defined and does not follow a specified format and is typically free-form text such as emails, Twitter tweets, and text messages. a. True b. False 3) Disruptive technology tends to provide us with better, faster, and cheaper products. a. True b. False 4) Volume in big data includes the uncertainty of data, including biases, noise, and abnormalities. a. True b. False 5) Ethics and security are two fundamental building blocks for all organizations. a. True b. False 6) BI tools also have search features that either use a special query language (SQL, usually pronounced “sequel”) engine or a natural language search engine. a. True b. False 7) A bit (short for binary digit) is the smallest element of data and has a value of either 0 or 1. 5|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 a. True b. False 8) Content providers are companies that generate revenue by providing digital content such as news, music, photos, or videos and examples include Netflix and Spotify. a. True b. False 9) Trojan-horse virus hides inside other software, usually as an attachment or a downloadable file. a. True b. False 10) Dynamic scaling which means the MIS infrastructure can be automatically scaled up or down based on requirements. a. True b. False 11) Ebusiness is something that a business can just go out and buy. a. True b. False 12) One Megabyte (MB) equal million bytes a. True b. False 13) Information richness measures the number of people a firm can communicate with all over the world. a. True b. False 14) A fact is the confirmation or validation of an event or object. In the past, people primarily learned facts from books. a. True b. False 15) Salesforce.com is one of the most popular SaaS providers. a. True b. False 16) Confidentiality is the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent. a. True b. False 17) Order date, amount sold, and customer number are all forms of data. a. True b. False 18) BYOD policies offer four basic options, including unlimited access for personal devices; access only to nonsensitive systems and data; access, but with IT control over personal devices, apps, and stored data; and access, but preventing local storage of data on personal devices. a. True b. False 19) Knowledge can be a real competitive advantage for an organization. The most common form of collective intelligence found inside the organization is knowledge management (KM), which involves capturing, classifying, evaluating, retrieving, and sharing information assets in a way that provides context for effective decisions and actions.. a. True b. False 6|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 20) The Innovator’s Dilemma, a book by Clayton Christensen, discusses how established companies can take advantage of disruptive technologies without hindering existing relationships with customers, partners, and stakeholders. a. True b. False PART II: Multiple Choices (1Mx15Q = 15 Marks) 1) Which of the following terms implies that organizations that cannot adapt to the new demands placed on them for surviving in the information age are doomed to extinction? a. collective intelligence b. digital Darwinism- c. joint venture 2) Who is a person within the organization who is trusted to monitor, contribute, filter, and guide the social media presence of a company, individual, product, or brand? a. social media monitoring b. social media manager c. social media policy d. information privacy manager 3) What includes governments that are after some form of information about other governments? a. network behavior analysis b. cyber-vigilantes c. cyberterrorism d. cyber-espionage- 4) What occurs when a new radical form of business enters the market that reshapes the way companies and organizations behave? a. domain name b. domain name hosting c. click-thru d. paradigm shift 5) What is a hashtag? a. represents the interconnection of relationships in a social network b. a keyword or phrase used to identify a topic and is preceded by a hash or pound sign (#) c. maps group contacts, identifying who knows each other and who works together d. describes the collaborative activity of marking shared online content with keywords or tags as a way to organize it for future navigation, filtering, or search 6) What occurs when each customer or tenant must purchase and maintain an individual system? a. multi-tenancy b. single-tenancy c. noisy neighbor d. rapid elasticity. 7) What is a collection of large, complex datasets, including structured and unstructured data, which cannot be analyzed using traditional database methods and tools?? a. big data b. data scientist c. data analyst d. descriptive analytics 7|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 8) Which of the following is the correct list of the six different types of hackers listed in your text? a. black-hat, crackers, cyberterrorists, hacktivists, script-kiddies, and white-hat- b. black-top, cookie, script-kiddies, environment, web 3.0, and white-top c. black-hat, script-kiddies, script bats, spider crawlers, ad spiders, and white-hat 9) What is Data analytics? a. are used to convey meaning from Big Data analytics to managers who need to make decisions based on this data. b. The human, structural, and recorded resources available to the organization. c. refers to the technology and processes used to gain intelligent, usable information from these databases. d. assist managers by examining large quantities of data and parsing it into usable information 10) What is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to “confirm” their account information? a. pharming b. phishing c. phishing expedition d. vishing 11) Which of the following represent human-generated unstructured data? a. text messages b. social media data c. emails d. All of the answers are correct. 12) What type of structured data includes sensor data, point-of-sale data, and web log data? a. machine-generated b. human-generated c. collective intelligence 13) Which key benefits of Cloud Computing? a. accessibility, security, Scalability, Cost-effectivey, Automatic backup and Collaboration b. backup and recovery plan, disaster recovery plan, and business continuity planning c. grid computing, cloud computing, and virtualization d. storage, network, and server virtualization 14) Which term describes the WWW during its first few years of operation between 1991 and 2003?? a. eshop b. Web 1.0 c. open source 15) Universities were among some of the first users of the Internet. What was the Internet first called? a. HTML b. ARPANET c. OPT زيادة لان مهميين 16) The most secure procedures combine which of the following authentication and authorization techniques? a. something the user knows, such as a user ID and password b. something the user has, such as a smart card or token c. something that is part of the user, such as a fingerprint or voice signature d. All of the answers are correct. 8|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 17) Charles Mott works for a company called VeriSign that acts a trusted third party to verify information. One of Charles’ largest clients is CheckMd, which holds and authenticates customer reviews of doctors and dentists online. Having a third party validating the reviews is critical to CheckMd’s success. What type of authentication technique is VeriSign providing for CheckMD ركزوا ع الكي وورد a. Firewall b. certificate authority c. online certificate d. digital content certificate 18) False information about the COVID-19 vaccine or about 5G allegedly causing cancer are two examples of ________ spread through the Internet.? a. snackable conten b. the net neutrality affect c. misinformation d. asynchronous communication PART III: Essay Questions Ch#6 1) Define cloud computing Cloud computing: stores, manages, and processes data and applications over the Internet rather than on a personal computer or server. o examples of cloud computing in action are: 1. Email: Gmail and Outlook where your emails are stored on remote servers. 2. Streaming services: Netflix and Spotify deliver media content over the internet 2) List Cloud Providers 1) AmazonCloud Drive, Cloud Player, Amazon Prime 2) AppleiCloud, iWork, iBooks, iTunes 3) GoogleGoogle Apps, Google Drive, Gmail, Google Calendar 4) MicrosoftOffice 365, OneDrive, OneNote, Exchange 3) Advantages of Cloud Computing: مهم جد ًا 1) Accessibility 2) Availability 3) Cost Saving 4) Flexibility 5) Reliability 6) Portability 7) Capacity on Demand 8) Backup /Recovery 9) Scalability 9|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 4) Describe the key benefits of Cloud Computing: 1) Accessibility: Cloud computing allows users to access virtual applications software, such as database software, through the Internet. This allows for access to more resources 2) Security: Cloud providers offer robust security measures to secure and protect data 3) Scalability: Users can easily change the amount of storage required –either increase or decrease according to requirements 4) Cost-effective:Cloud storage can eliminate the need for physical storage devices and users only pay for the storage needed. 5) Automatic backups: Many cloud storage providers will offer automatic backups to the data ensuring work is protected. 6) Collaboration:Share folders and files with others easily and work together more seamlessly to prevent version issues with files 5) Advantages of Utility computing models: 1. Flexibility: Resources are allocated on demand. 2. Reliability: Ensures high availability and reliability with redundancy, failover mechanisms, and backup systems to minimize downtime and ensure business continuity. 3. Cost Efficiency: Organizations can avoid the upfront costs associated with building and maintaining their infrastructure by adopting utility computing. 4. Scalability: Users can scale computing resources up or down based on demand. 6) Understand cloud storage and identify key examples Cloud storage :is a type of data storage where digital data is stored on remote servers maintained by a third-party provider. This provider is responsible for hosting, managing, and securing the data stored on its infrastructure. o Key Examples of Cloud Storage Provider: Google Drive , Dropbox, OneDrive (Microsoft), iCloud (Apple) 7) List and describe the three most popular cloud computing delivery models 1) Infrastructure as a Service (IaaS) :Offers computer hardware and networking equipment on a pay-per-use basis o Ex:: Amazon Ec2, Rackspace, Vmware, Google Cloud Storage 2) Software as a Service (SaaS):Offers applications on a pay-per-use basis o Ex: Saleforce.com, Google Apps, Zoho, Hotmail 3) Platform as a Service (PaaS):Offers hardware, networking, and application on a pay-per-use basis o Ex: Google Application Engine, Windows Azure, Amazon Elastic 8) SaaS extensions include: Data as a Service (DaaS): Facilitates the accessibility of business-critical data in a timely, secure, and affordable manner. Security as a Service (SaaS): Involves applications such as anti-virus software delivered over the Internet with constant virus definition updates that are not reliant on user compliance. EX: Cisco, McAfee, and Symantec CH#7 9) Identify the differences between structured and unstructured data Structured data: Has a defined length, type, and format and includes numbers, dates, or strings such as Customer Address forma Unstructured data :Not defined, does not follow a specified format, and is typically free-form text such as emails, Twitter tweets, and text messages does not follow a specified format 10) The sources of structured data include: مهم جد ًا 1. Machine-generated data : Created by a machine without human intervention. includes sensor data, point-of-sale data, and web log data. 2. Human-generated data : Data that humans, in interaction with computers, generat includes input data, clickstream data, or gaming data. 10 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 11) The sources of unstructured data include: مهم جد ًا 1. Machine-generated unstructured data : Such as satellite images, scientific atmosphere data, and radar data 2. Human-generated unstructured data:Such as text messages, social media data, and email 12) Describe the Four Common Characteristics of Big Data مهم جد ًا يتكرر 1. Variety:Different forms of structured and unstructured data 2. Veracity : The uncertainty of data, including biases, noise, and abnormalities 3. Volume: The scale of data 4. Velocity The analysis of streaming data as it travels around the Internet 13) Define data science and describe Big Data analytics Data science: refers to the process of gathering, storing, and searching relevant data. Big data analytics :refers to the technology and processes used to gain intelligent, usable information from these databases. 14) List BI dashboards track corporate metrics: مهم جد ًا 1. critical success factors 2. key performance indicators a 3. advanced capabilities such as interactive controls allowing users to manipulate data for analysis CH#5 15) Define disruptive technology Disruptive technology: A new way of doing things that initially does not meet the needs of existing customers. 16) List E-business Advantages: يتكرر 1. Expanding Global Reach. 2. Opening New Markets. 3. Reducing Costs. 4. Improving Effectiveness 17) Two levels of clickstream analytics: 1. Website traffic analytics : Uses clickstream data to determine the efficiency of the site for the users and operates at the server level 2. Website ebusiness analytics :Uses clickstream data to determine the effectiveness of the site as a channel-to market 18) Compare the four ebusiness models.:مهم يتكرر (1) business-to-business, :applies to businesses buying from and selling to each other over the Interne o EX: Oracle and SAP (2) business-to-consumer, :applies to any business that sells its products or services directly to consumers online o EX:Carfax (3) consumer-to-business: applies to any consumer who sells a product or service to a business on the Internet o EX: Priceline.com (4) consumer-to-consume: applies to customers offering goods and services to each other on the Interne o EX: Craigslist and eBay 19) Describe the five ebusiness tools for connecting and communicating مهم يتكرر (1) Email : (electronic mail,): is the exchange of digital messages over the Internet (2) Instant Messaging : A service that enables instant or real-time communication between people. (3) Podcasting : Converts an audio broadcast to a digital music player (4) Video Chat : An online face-to-face, visual communication performed with other Internet users by using a webcam and dedicated software (5) Content Management systems (CMSs):Help companies manage the creation, storage, editing, and publication of their website content. 11 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 20) There are three main drivers of the DTC sales channels : 1) Customer Experience. 2) Data Collection. 3) Reduced Costs 21) Explain Web 2.0 and identify its Four Characteristics of Business 2.0: يتكرر Web 2.0 (Business 2.0): The next generation of Internet use – a more mature, distinctive communications platform characterized by three qualities: Collaboration, Sharing. and being free. Four Characteristics of 1) Content Sharing through Open Sourcing 2) User-Contributed Content 3) Collaboration Inside the Organization 4) Collaboration Outside the Organization 22) Synchronous communication outside the organization has led to two amazing business resources : 1) Crowdsourcing التعهيد الجماعي: The wisdom of the crowd. Ex: Waze 2) Crowdfunding التمويل الجماعي: Sources capital for a project by raising many small amounts from a large number of individuals, typically via the Internet. Ex: Kiva 23) Compare between Web2.0 and Web 3.0 Web 2.0 : Brings people closer together with information by using machines Web 3.0: brings machines closer together by using information. 24) Compare between Deep Web and Dark Web مهم يتكرر Deep web ( invisible web) :The large part of the Internet that is inaccessible to conventional search engines. Dark web: The portion of the Internet that is intentionally hidden from search engines, uses masked IP addresses, and is accessible only with a special web browse 25) List Social Taggin (1) Hashtag (2) Folksonomy (3) Social tagging: (4) Social bookmarking (5) e.website bookmark 26) explains the influencer and influence vulnerability: يتكرر Influencer: An individual who has established credibility, expertise, or a significant following in a particular field or niche. Influence vulnerability: Refers to the susceptibility or sensitivity of an individual or a group to being influenced or manipulated by external factors 27) List Reasons for growth of the WWW.: 1. Microcomputer revolution. 2. Advancements in networking. 3. Easy browser software. 4. Speed, convenience, and low cost of email. 5. Web pages easy to create and flexible. 12 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 CH#9 28) The protection of customers’ privacy and data is one of the largest and murkiest ethical issues facing organizations today Confidentiality: The assurance that messages and information remain available only to those authorized to view them. Information ethics”Govern the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, distribution, and processing of information itself (with or without the aid of computer technologies) Privacy.:The right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consen 29) List Business issues related to information ethics 1-Copyright:The legal protection afforded an expression of an idea, such as a song, book, or video game 2-Counterfeit software: Software that is manufactured to look like the real thing and sold as such. 3-Digital rights management: A technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution. 4- Intellectual property: Intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents 5-Patents: An exclusive right to make, use, and sell an invention; granted by a government to the inventor. 6-Pirated software:The unauthorized use, duplication, distribution, or sale of copyrighted software. 30) Ethical Guidelines for Information Management يمكن يجي توصيل Information secrecy : The category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity. Information governance: : A method or system of government for information management or control. Information management: Examines the organizational resource of information and regulates its definitions, uses, value, and distribution, ensuring that it has the types of data/information required to function and grow effectively. Information compliance: The act of conforming, acquiescing, or yielding information. Information property.: An ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged. 31) List Examples of the many types of unethical computer use: Cyberbullying Includes threats, negative remarks, or defamatory comments transmitted through the Internet or posted on the website. click-fraud : The abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking a link to increase charges or costs for the advertiser. 32) Common Internet Monitoring Technologies مهم جد ًا 1. Key logger, or key trapper, software: A program that records every keystroke and mouse click. 2. Hardware key logger: A hardware device that captures keystrokes on their journey from the keyboard to the motherboard. 3. Cookie: A small file deposited on a hard drive by a website containing information about customers and their web activities. 4. Adware: Software that generates ads that install themselves on a computer when a person downloads some other program from the Internet 5. Spyware (sneakware or stealthware): Software that comes hidden in free downloadable software and tracks online movements, mines the information stored on a computer, or uses a computer’s CPU and storage for some task the user knows nothing about. 6. Clickstream: Records information about a customer during a web surfing session such as what websites were visited, how long the visit was, what ads were viewed, and what was purchased. 13 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 33) Provide an example of each of the three primary information security areas: مهم يتكرر (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response. 1. Authentication and authorization: Authentication :is a method for confirming users’ identities. Explain: Once a system determines the authentication of a user, it can then determine the access privileges (or authorization) for that user. Authorization: is the process of providing a user with permission, including access levels and abilities Ex: File access, hours of access, and amount of allocated storage space 2. Prevention and resistance: Content filtering: occurs when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information. Encryption: scrambles information into an alternative form that requires a key or password to decrypt. In a security breach, a thief is then unable to read encrypted information. A firewall: is hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings. 3. Detection and response: Intrusion detection software (IDS) features full-time monitoring tools that search for patterns in network traffic to identify intruders. 34) Describe Types of Hackers مهم يتكرر 1) Black-hat hacker: into other people's computer systems and may just look around or may steal and destroy information. 2) Cracker: have criminal intent when hacking. 3) Cyberterrorist: seek to cause harm to people or to destroy critical systems or information and use the Internet as a weapon of mass destruction 4) Hactivist: have philosophical and political reasons for breaking into systems and will often deface the website as a protest. 5) kiddies 6) White-hat hacker: work at the request of the system owners to find system vulnerabilities and plug the holes. 35) Describe types of viruses مهم يتكرر 1. Backdoor program. open a way into the network for future attacks. 2. Denial-of-service attack (DoS). floods a website with so many requests for service that it slows down or crashes. 3. Distributed denial-of-service attack (DDoS). targets multiple computers and floods a website with so many requests for service that it slows down or crashes. 4. Polymorphic viruses and worms change their form as they propagate. 5. Trojan-horse virus hides inside other software, usually as an attachment or a downloadable file. 36) Two forms of malicious software programs include مهم يتكرر 1. Ransomware مهم: A form of malicious software that infects your computer and asks for money. 2. Scareware مهم: A type of malware designed to trick victims into giving up personal information to purchase or download useless and potentially dangerous software 14 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 تكملة الملخص ACyberattacks have the following attributes: (essay) مهم 1. Use computers, mobile phones, gaming systems, and other devices. 2. Include identity theft. 3. Block your access or delete your personal documents and pictures. 4. Target children. 5. Cause problems with business services, transportation, and power Security threats to ebusiness Or Hacker Weapons include:مهمين 1. Elevation of privilege is a process by which a user misleads a system into granting unauthorized rights, usually for the purpose of compromising or destroying the system.. 2. Hoaxes: attack computer systems by transmitting a virus hoax with a real virus attached 3. Malicious code: Includes a variety of threats such: (مهم جد ًا1) aviruses. (2) worms. (3) Trojan horses. 4. Packet tampering consists of altering the contents of packets as they travel over the Internet or altering data on computer disks after penetrating a network. 5. A sniffer: is a program or device that can monitor data traveling over a network. Sniffers can show all the data being transmitted over a network, including passwords and sensitive information. 6. Spoofing: consists of forging the return address on an email so that the message appears to come from someone other than the actual sender. 7. Splogs (spam blogs): are fake blogs created solely to raise the search engine rank of affiliated websites. 8. Spyware : is software that comes hidden in free downloadable software and tracks online movements, mines the information stored on a computer, or uses a computer’s CPU and storage for some task the user knows nothing about. 2. The First Line of Defense—People (T/F) o مهمOrganizations view this type information as intellectual capital and implement security measures to prevent it from being stolen or falling into the wrong hand. o مهمOrganizations must enable employees, customers, and partners to access information electronically o مهمThe biggest issue surrounding information security is not a technical issue, but a people misusing organizational information. Insiders: Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident. ً A forms of unethical scams used by hackers to gain information include (essay) مهم جدا 1-Social engineering: occurs when hackers use their social skills to trick people into revealing access credentials or other valuable information.. يحدث عندما يستخدم المتسللون مهاراتهم االجتماعية لخداع األشخاص للكشف عن بيانات اعتماد الوصول أو غيرها من المعلومات القيمة 2- Dumpster diving. Occurs when a hacker looks through people’s trash to obtain information.. يحدث عندما يبحث المخترق في مهمالت األشخاص للحصول على معلومات 3- Pretexting. A form of social engineering in which one individual lies to obtain confidential data about another individual.. شكل من أشكال الهندسة االجتماعية يكذب فيه الفرد للحصول على بيانات سرية حول فرد آخر 15 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 مهمThe first line of defense an organization should follow to help combat insider issues is to 1. Information security policies : Identify the rules required to maintain information security,. 2. Information security plan: Details how an organization will implement the information security policies. 3. The Second Line of Defense—Technology Destructive agents مهم: Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines. Two means of stealing an identity are phishing and pharming. مهم بالتعاريف: 1) Phishing: A technique to gain personal information for the purpose of identity theft, usually by means of fraudulent email. 2) Pharming: Reroutes requests for legitimate websites to false websites Different forms of phishing include:مهمين 1. Phishing expedition : A masquerading attack that combines spam with spoofing. The perpetrator sends millions of spam emails that appear to be from a respectable company 2. Spear phishing: A phishing expedition in which the emails are carefully designed to target a particular person or organization. 3. Vishing (or voice phishing): A phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information Technologies that prevent identity theft, phishing, and pharming scams: (essay) مهم جد ًا 1. Authentication : A method for confirming users’ identities o Explain :Once a system determines the authentication of a user, it can then determine the access privileges (or authorization) for that user. 2. Authorization : The process of giving someone permission to do or have something o Ex: File access, hours of access, and amount of allocated storage space. The most secure type of authentication involves: (essay) مهم جد ًا 1.Something the user knows, such as a user ID and password. 2. Something the user has, such as a smart card or token. 3. Something that is part of the user, such fingerprint or voice signature. Two of the primary forms of this type Something the user has (essay) مهم جد ًا 1. Tokens : Small electronic devices that change user passwords automatically. Explain: The user enters his or her user ID and token-displayed password to gain access to the network. 2. Smart card : A device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing. Ex: Smart cards can be used as identification, digital cash, or data storage devices to store medical records. مهمين لازم يجيبونهم Single-factor authentication: The traditional security process, which requires a user name and password. Two-factor authentication: Requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token). Multifactor authentication: Requires more than two means of authentication, such as what the user knows (password), what the user has (security token), and what the user is (biometric verification). form of malicious software that infects your computer and asks for money. 16 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 There are two kinds of privilege escalation 1. Vertical privilege escalation: Attackers grant themselves a higher access level such as administrator, allowing the attacker to perform illegal actions such as running unauthorized code or deleting data. 2. Horizontal privilege escalation: Attackers grant themselves the same access levels they already have but assume the identity of another user. Technologies available to help prevent and build resistance to attacks include: (essay) مهم جد ًا 1. Content filtering: Occurs when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information 2. Encryption: Scrambles information into an alternative form that requires a key or password to decrypt. 3. Firewalls: is hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings two types of PII include: (essay) مهم جد ًا1-Sensitive PII. 2- Nonsensitive PII. 1. Sensitive PII: 2. Nonsensitive PII: Definition: Information transmitted Definition: Information transmitted without with encryption and, when encryption. disclosed, results in a breach of an تنتقل المعلومات بدون تشفير. individual’s privacy and can Includes: information collected from public potentially cause the individual records, phone books, corporate directories, harm. websites, etc وعند الكشف، المعلومات المنقولة بالتشفير تؤدي إلى انتهاك خصوصية الفرد ويمكن، عنها Nonsensitive PII is information that does فرديا ً ضررا ً أن تسبب not harm an individual, such as an Includes: biometric information, address. financial information, medical معلومات تحديد الهوية الشخصية غير الحساسة هي المعلومات التي ال information, and unique identifiers. مثل العنوان، تضر بالفرد such as passport or Social Security numbers. types of criminals with various agendas, including: (essay) ًمهم جد ًا جدا 1. Cyberwar: An organized attempt by a country’s military to disrupt or destroy the information and communication systems of another country. محاولة منظمة من قبل جيش بلد ما لتعطيل أو تدمير أنظمة المعلومات والاتصالات لدولة أخرى:الحرب الإلكترونية. 2. Cyberterrorism: The use of computer and networking technologies against persons or property to intimidate or coerce governments, individuals, or any segment of society to attain political, religious, or ideological goals. استخدام تقنيات الكمبيوتر والشبكات ضد الأشخاص أو الممتلكات لتخويف أو إكراه الحكومات أو الأفراد أو أي شريحة من:الإرهاب السيبراني.المجتمع لتحقيق أهداف سياسية أو دينية أو أيديولوجية 3. Cyberespionage: Includes governments that are after some form of information about other governments. يشمل الحكومات التي تسعى للحصول على شكل من أشكال المعلومات حول الحكومات الأخرى:التجسس ا لإلكتروني 4. Cybervigilantes: Include individuals that seek notoriety or want to make a social or political point, such as WikiLeaks. مثل، يشمل الأفراد الذين يسعون إلى الشهرة أو يرغبون في إثارة وجهة نظر اجتماعية أو سياسية:لمراقبون السيبرانيون.ويكيليكس 17 | P a g e النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 PART IIII: Matching CH#5 1. Digital Darwinism 2. Internet 3. Internet fast lanes 4. (HTML) 5. World Wide Web 6. Disruptive technology 7. (HTTP) 8. web hosting 9. Web browser 10. Sustaining technology 10. Net neutrality 11. Information reach 2 A massive network that connects computers all over the world and allows them to communicate with one another 6 A new way of doing things that initially does not meet the needs of existing customers. Provides access to Internet information through documents including text, graphics, 5 audio, and video files that use a special formatting language called HTML – hypertext markup language 10 Produces an improved product customers are eager to buy 1 Organizations which cannot adapt to the new demands placed on them for surviving in the information age are doomed to extinction. 4 Publishes hypertext on the WWW, which allows users to move from one document to another simply by clicking a hot spot or link 11 Ensures all Internet traffic is treated equally without any discrimination or preference given to specific types of content, applications, or websites. 9 Allows users to access the WWW 3 Companies pay extra fees to certain content providers in exchange for faster and more reliable access to the Internet for their users. 7 The Internet protocol that web browsers use to request and display web pages using universal resource locators (URLs) 12 Measures the number of people a firm can communicate with all over the world 8 A service that allows the owner of a domain name to maintain a simple website and provide email capacity 1|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 PART IIII: Matching Part 2 1. Information richness 2. Stickiness 3. Intermediaries 4. Heat map 5. Interactivity 6. Viral marketing 7. Clickstream 8. Click-thru 9. Showrooming 10- Clickstream analytics 11- Search engine 12- Affiliate program Knowledge management system (KMS 2 Supports the capture, organization, and dissemination of knowledge (i.e., know-how) throughout an organization.. 2 Measures the amount of time visitors spend on a website or application. 6 A technique that induces websites or users to pass on a marketing message to other websites or users, creating exponential growth in the message’s visibility and effect. Measures advertising effectiveness by counting visitor interactions with the target ad, 5 including time spent viewing the ad, number of pages viewed, and number of repeat visits to the advertisement 10 The process of collecting, analyzing and reporting aggregate data about which pages a website visitor visits—and in what order. 1 Refers to the depth and breadth of details contained in a piece of textual, graphic, audio, or video information 8 A count of the number of people who visit one site and click an advertisement that takes them to the site of the advertiser. 4 A two-dimensional representation of data in which values are represented by colors. 11 Website software that finds other pages based on keyword matching similar to Google 12 Allows a business to generate commissions or referral fees when a customer visiting its website clicks a link to another merchant’s website. 9 Occurs when a customer browses at a physical store and then decides to purchase the product online for a reduced cost. Agents, software, or businesses that provide a trading infrastructure to bring buyers 3 and sellers together. 7 The exact path a visitor takes through a website including the pattern of a consumer’s navigation.. 2|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 5 تكملة لتعاريف الي تكرر جبتر Knowledge management: Involves capturing, classifying, evaluating, retrieving, and sharing information assets in a way that provides context for effective decisions and actions Direct-to-Consumer (DTC): Ebusiness model where companies build, market, sell, and ship their products themselves, without relying on traditional stores or intermediaries Taxonomy : The scientific classification of organisms into groups based on similarities of structure or origin. Search engine ranking: Evaluates variables that search engines use to determine where a URL appears on the list of search results Search engine optimization(SEO):Combines art along with science to determine how to make URLs more attractive to search engines resulting in higher search engine ranking. A cyborg anthropologist :is an individual who studies the interaction between humans and technology, observing how technology can shape humans’ lives. Cyborg anthropology studies online communication methods for businesses. Internet service provider (ISP): A company that provides access to the Internet for a monthly fee. Real-time communication: occurs when a system updates information at the same rate it receives it. Web 2.0 (Business 2.0): The next generation of Internet use – a more mature, distinctive communications platform characterized by three qualities: Collaboration, Sharing. and being free. Asynchronous communication: Communication, such as email, in which the message and the response do not occur at the same time Synchronous communication: Communications that occur at the same time, such as IM or chat. Social media: Websites that rely on user participation and user-contributed content. Social network: An application that connects people by matching profile information. Social networking: The practice of expanding your business and/or social contacts by a personal network. Social networking analysis (SNA): Maps group contacts (personal and professional) identifying who knows each other and who works together. Network effect: Describes how products in a network increase in value to users as the number of users increases. Hashtag: is a keyword or phrase used to identify a topic and is preceded by a hash or pound sign (#) Social tagging:The collaborative activity of marking shared online content with keywords or tags to organize it for future navigation, filtering, or searching. Blog or web log: Online journal that allows users to post their own comments, graphics, and video. Selfie: A self-photograph placed on a social media website. Wiki(the word is Hawaiian for “quick”):Collaborative Web page that allows users to add, remove, and change content, which can be easily organization and reorganized as required. Web 3.0: Includes platforms and applications that enable shifts toward a future, decentralized Internet with open standards and protocols, while protecting digital-ownership rights, providing users with significant ownership of their data, and catalyzing new business models. Deepfake: Refers to a manipulated or synthesized media, typically videos or images, created using deep learning and artificial intelligence (AI) techniques. Fake news : Refers to false news stories created to be widely shared or distributed for the purpose of promoting or discrediting a public figure, political movement, or a company. Disinformation : Refers to false information that is presented as fact, with an intent to deceive and mislead. Misinformation : Refers to false information that is presented as fact without an intent to deceive. 3|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 PART IIII: من امتحانات سابقة Q.2- Business models fall into one of the four categories 1- Craigslist and eBay 2- Priceline 3- Carfax 4- Oracle and SAP Business-to-Consumer (B2C) 3- Carfax Consumer-to-Consumer (C2C) 1- Craigslist and eBay Consumer-to-Business (C2B) 2- Priceline Business-to-Business (B2B) 4- Oracle and SAP Characteristics of Business 2.0: 1-Content Sharing through 2-User-Contributed 3- Collaboration 4-Collaboration Outside Open Sourcing Content Inside the the Organization Organization email & IM or chat 4-Collaboration Outside the Organization eBay 2-User-Contributed Content Firefox 1-Content Sharing through Open Sourcing Netflix 2-User-Contributed Content 4|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 Ch#6 Cloud computing: stores, manages, and processes data and applications over the Internet rather than on a personal computer or server. Cloud storage :is a type of data storage where digital data is stored on remote servers maintained by a third-party provider. The Utility Computing model : enables users to leverage services as needed, scaling resources up and down on demand and paying only for what they need. Utility computing: Offers a pay-per-use revenue model similar to a metered service such as gas or electricity. Dynamic scaling: which means the MIS infrastructure can be automatically scaled up or down based on requirements. Disaster Recovery as a Service (DRaaS) offers backup services that use cloud resources to protect applications and data from disruption caused by disaster. Ch#7 Fact : The confirmation or validation of an event or object Information age : A time infinite quantities of facts are widely available to anyone who can use a computer A bit: which is short for binary digit, is the smallest unit of storage on a computer A byte: is big enough to store a letter, number, space, or symbol. Big data :A collection of large, complex datasets, which cannot be analyzed using traditional database methods and tools Structured data: Has a defined length, type, and format and includes numbers, dates, or strings Unstructured data :Not defined, does not follow a specified format, and is typically free-form text Data is the new Oil :is a common phrase in business Data is the new Soil: is the new translation Data science: refers to the process of gathering, storing, and searching relevant data. Big data analytics :refers to the technology and processes used to gain intelligent, usable information from these databases. Data visualization tools: are used to convey meaning from Big Data analytics to managers who need to make decisions based on this data. Data analytics: assist managers by examining large quantities of data and parsing it into usable information. Knowledge assets ( مهمintellectual capital):The human, structural, and recorded resources available to the organization. Knowledge facilitators مهم: Help harness the wealth of knowledge in the organization Knowledge worker مهم: Individual valued for their ability to interpret and analyze information Ch#9 Ethics :The principles and standards that guide our behavior toward other people. Data harvesting مهم: Refers to the process of collecting and extracting large amounts of data from various sources, often through automated means, for analysis, storage, or business purposes. Data scraping) web scraping( مهم:The process of extracting large amounts of data from a website and saving it to a spreadsheet or computer. Digital trust: The measure of consumer, partner, and employee confidence in an organization’s ability to protect and secure data and the privacy of individuals Ediscovery (or electronic discovery): Refers to the ability of a company to identify, search, gather, seize, or export digital information in responding to a litigation, audit, investigation, or information inquiry. Child Online Protection Act (COPA): Passed to protect minors from accessing inappropriate material on the Internet. 5|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 AI explainability: Refers to the ability to understand and interpret the output or prediction from the algorithm. AI transparency: the extent to which the decision-making processes, algorithms, and data used by artificial intelligence systems are open, accessible, and understandable to stakeholders and users. AI hallucination: The fabrication of imaginary text, images, and sources when an AI model does not have enough data to answer a question. Epolicies مهم جدا: Policies and procedures that address information management, along with the ethical use of computers and the Internet in the business environment. Ethical computer use policy: Contains general principles to guide computer user behavior. Cyberbullying مهم جداIncludes threats, negative remarks, or defamatory comments transmitted through the Internet or posted on the website. Click-fraud: The abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking a link to increase charges or costs for the advertiser. Competitive click-fraud: A computer crime in which a competitor or disgruntled employee increases a company’s search advertising costs by repeatedly clicking the advertiser’s link. Threat: An act or object that poses a danger to assets. Bring your own device (BYOD): Policy allows employees to use their personal mobile devices and computers to access enterprise data and applications. Information privacy policy مهم جدا: Contains general principles regarding information privacy. Fair information practices (FIPs): A general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy. General Data Protection Regulation (GDPR): A legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The right to be forgotten: Allows individuals to request to have all content that violates their privacy removed. Acceptable use policy (AUP): Requires a user to agree to follow it to be provided access to corporate email, information systems, and the Internet. Internet use policy: Contains general principles to guide the proper use of the Internet. Nonrepudiation: A contractual stipulation to ensure that ebusiness participants do not deny (repudiate) their online actions. Examples of unacceptable Internet use. مهم جدا Cybervandalism: The electronic defacing of an existing website. Typosquatting: A problem that occurs when someone registers purposely misspelled variations of well-known domain names Email privacy policy مهم جدا: Details the extent to which email messages may be read by others. Spam: Unsolicited email. Anti-spam policy: Simply states that email users will not send unsolicited emails (or spam). Opt out: A user can stop receiving emails by choosing to deny permission to incoming emails. Opt in: A user can receive emails by choosing to allow permissions to incoming emails. Social media policy: Outlining the corporate guidelines or principles governing employee online communications. Social media monitoringمهم جدا: The process of monitoring and responding to what is being said about a company, individual, product, or brand. Social media manager مهم جدا: A person within the organization who is trusted to monitor, contribute, filter, and guide the social media presence of a company, individual, product, or brand. Cyberbullying: Refers to the act of using digital communication technologies, such as social media platforms, text messages, or online forums, to harass, intimidate, threaten, or humiliate others Cyberbullying policy: Outlines the guidelines, expectations, and consequences related to cyberbullying within an organization or educational institution. 6|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204- Mock Exam-Final First semester 2024-2025 Workplace MIS monitoring: Tracks people’s activities by such measures as number of keystrokes, error rate, and number of transactions processed Cybersecurity مهم: Involves prevention, detection, and response to cyberattacks that can have wide-ranging effects on individuals, organizations, communities, and nations. Cyberattacks مهم: Malicious attempts to access or damage a computer system. Information security مهم:The protection of information from accidental or intentional misuse by persons inside or outside an organization. Ethical hacker: A person who hacks into a computer system to find vulnerabilities to help a company test its security. An ethical hacker hacks without malicious or criminal intent. Virus ًمهم جدا: Software written with malicious intent to cause annoyance or damage. A worm مهم جدا: spreads itself not only from file to file but also from computer to computer A digital footprint: مهم جداrepresents everything a customer does on a company’s website or applications and is collected and analyzed for target marketing such as customized ads and coupons Digital identity :represents an individual or entity in the digital realm and encompasses usernames, passwords, biometric data, email addresses, and social media profiles. Personally identifiable information (PII) مهم: Any data that could potentially identify a specific individual The HIPAA Security Rule: ensures national standards for securing patient data that is stored or transferred electronically. Insiders: Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident. Destructive agents مهم: Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines. Identity theft :The forging of someone’s identity for the purpose of fraud. Biometrics (narrowly defined) : The identification of a user based on a physical characteristic, Voiceprint: A set of measurable characteristics of a human voice that uniquely identifies an individual. Privilege escalation: A network intrusion attack that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications. Decrypt: To decrypt information is to decode it. It is the opposite of encrypt. Cryptography: The science that studies encryption, which is the hiding of messages so only the sender and receiver can read them. Certificate authority: A trusted third party, such as VeriSign, that validates user identities by means of digital certificates. Digital certificate: A data file that identifies individuals or organizations online and is comparable to a digital signature Network behavior analysis :gathers an organization’s computer network traffic patterns to identify unusual or suspicious operations. Intrusion detection software(IDC) مهم: Features full-time monitoring tools that search for patterns in network traffic to identify intruders.. GOOD LUCK 7|Page النوتات ليس مجانية يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204-ch#9 First semester 2024-2025 Ch.9 Questions Q.1- Explain the ethical issues in the use of information technology. موجود ف النوت Information ethics govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself (with or without the aid of computer technologies). Ethical dilemmas in this area usually arise not as simple, clear-cut situations but as clashes among competing goals, responsibilities, and loyalties. Inevitably, there will be more than one socially acceptable or correct decision. For this reason, acting ethically and legally are not always the same. Q.2- identify the six epolicies organizations should implement to protect themselves. مهم جد ًا جد ًا 1) An ethical computer use policy contains general principles to guide computer user behavior. For example, it might explicitly state that users should refrain from playing computer games during working hours. 2) An information privacy policy contains general principles regarding information privacy. 3) An acceptable use policy (AUP) is a policy that a user must agree to follow to be provided access to corporate email, information systems, and the Internet. 4) An email privacy policy details the extent to which email messages may be read by others. 5) A social media policy outlines the corporate guidelines or principles governing employee online communications. 6) An employee-monitoring policy states explicitly how, when, and where the company monitors its employee Q.3- Describe the relationships and differences between hackers and viruses.يتكرر Hackers :are experts in technology who use their knowledge to break into computers and computer networks, either for profit or just for the challenge. إما من أجل الربح أو من أجل التحدي فقط، هم خبراء في التكنولوجيا يستخدمون معرفتهم لاقتحام أجهزة الكمبيوتر وشبكات الكمبيوتر A virus is software written with malicious intent to cause annoyance or damage. برنامج مكتوب بقصد ضار للتسبب في الإزعاج أو الضرر Some hackers create and leave viruses, causing massive computer damage. Q.4- Describe the relationship between information security policies and an information security plan.يتكرر 1. Information security policies: identify the rules required to maintain information security. Ex: as requiring users to log off before leaving for lunch or meetings, never sharing passwords with anyone, and changing passwords every 30 days. مطلق ً وعدم مشاركة كلمات المرور مع أي شخص، مطالبة المستخدمين بتسجيل الخروج قبل المغادرة لتناول طعام الغداء أو االجتماعات يوما30 تغيير كلمات المرور كل 2. An information security plan :details how an organization will implement the information security policies. The best way a company can safeguard itself from people is by implementing and communicating its information security plan..أفضل طريقة لحماية نفسها من الأشخاص هي تنفيذ خطة أمن المعلومات الخاصة بها والتواصل معها 1 | Page يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204-ch#9 First semester 2024-2025 Q.5- Provide an example of each of the three primary information security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response. يتكرر 1. Authentication and authorization: Authentication :is a method for confirming users’ identities. Explain: Once a system determines the authentication of a user, it can then determine the access privileges (or authorization) for that user. Authorization: is the process of providing a user with permission, including access levels and abilities Ex: File access, hours of access, and amount of allocated storage space. 2. Prevention and resistance: Content filtering occurs when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information. Encryption scrambles information into an alternative form that requires a key or password to decrypt. In a security breach, a thief is then unable to read encrypted information. A firewall is hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings. 3. Detection and response: Intrusion detection software (IDS) features full-time monitoring tools that search for patterns in network traffic to identify intruders. 2 | Page يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204-ch#5 First semester 2024-2025 Questions CH#5 1. Q 3.1: Compare disruptive and sustaining technologies and explain how the Internet and WWW caused business disruption. Disruptive technologies :offer a new way of doing things that initially does not meet the needs of existing customers. Disruptive technologies redefine the competitive playing fields of their respective markets, open new markets and destroy old ones, and cut into the low end of the marketplace and eventually evolve to displace high-end competitors and their reigning technologies. Sustaining technologies produce improved products customers are eager to buy, such as a faster car or larger hard drive. Sustaining technologies tend to provide us with better, faster, and cheaper products in established markets and virtually never lead in markets opened by new and disruptive technologies. The Internet and the World Wide Web caused business disruption by allowing people to communicate and collaborate in ways that were not possible before the information age. The Internet and WWW completely disrupted the way businesses operate, employees communicate, and products are developed and sold. 2. Q 3.2: Describe ebusiness and its associated advantages. Web 1.0: is a term that refers to the World Wide Web during its first few years of operation, between 1991 and 2003. Ebusiness includes ecommerce along with all activities related to internal and external business operations such as servicing customer accounts, collaborating with partners, and exchanging real-time information. During Web 1.0, entrepreneurs began creating the first forms of ebusiness. Ebusiness advantages 1- expanding global reach 2- opening new markets 3- reducing costs, 4- improving operations and effectiveness. 3. Q 3.3: Compare the four ebusiness models. 1) Business-to-business (B2B): applies to businesses buying from and selling to each other over the Internet. 2) Business-to-consumer (B2C) :applies to any business that sells its products or services to consumers over the Internet. 3) Consumer-to-business (C2B): applies to any consumer who sells a product or service to a business over the Internet. 4) Consumer-to-consumer (C2C): applies to sites primarily offering goods and services to assist consumers interacting with each other over the Internet. The primary difference between B2B and B2C are the customers; B2B customers are other businesses, whereas B2C markets to consumers. Overall, B2B relations are more complex and have higher security needs and are the dominant ebusiness force, representing 80 percent of all online business. 1 | Page يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال DONE BY : Jenan haider ITIS204-ch#5 First semester 2024-2025 4. Q 3.4: Describe the five ebusiness tools for connecting and communicating. As firms began to move online, more MIS tools were created to support ebusiness processes and requirements. The ebusiness tools used to connect and communicate include 1) Email 2) instant messaging 3) podcasting 4) content management systems 5) video chat. 5. Q 3.5: Explain Web 2.0 and identify its four characteristics. Web 2.0, or Business 2.0, is the next generation of Internet use—a more mature, distinctive communications platform characterized by new qualities such as collaboration, sharing, and being free. Web 2.0 encourages user participation and the formation of communities that contribute to the content. In Web 2.0, technical skills are no longer required to use and publish information to the World Wide Web, eliminating entry barriers for online business. The four characteristics of Web 2.0 include: Content sharing through open sourcing. User-contributed content. Collaboration inside the organization. Collaboration outside the organization. 6. Q 3.6: Explain how Business 2.0 is helping communities network and collaborate. A social network: is an application that connects people by matching profile information. Providing individuals with the ability to network is, by far, one of the greatest advantages of Business 2.0. Social networking is the practice of expanding your business and/or social contacts by constructing a personal network. Business 2.0 simplifies the way individuals communicate, network, find employment, and search for information. 7. Q 3.7: Describe Web 3.0 and the next generation of online business. Web 3.0 is based on intelligent web applications using natural language processing, machine-based learning and reasoning, and intelligent applications. Web 3.0 is the next step in the evolution of the Internet and web applications. Business leaders who explore its opportunities will be the first to market with competitive advantages. Web 3.0 offers a way for people to describe information in ways that enable computers to understand the relationships among concepts and topics. 2 | Page يحرم مشاركتها مع احد او بيعها بأي شكل من االشكال CH 3 MARWA 37764611 TRUE/FALSE - Write 'T' if the statement is true and 'F' if the statement is false. 1) Disruptive technology tends to provide us with better, faster, and cheaper products. ⊚ true ⊚ false 2) Disruptive and new technologies typically cut into the low-end of the marketplace and eventually evolve to displace high-end competitors and their reigning technologies. ⊚ true ⊚ false 3) In terms of disruptive technology, what is best for an organization’s current business could ruin it in the long term. ⊚ true ⊚ false 4) Ebusiness is the buying and selling of goods and services over the Internet. ⊚ true ⊚ false 5) Ebusiness is something that a business can just go out and buy. ⊚ true ⊚ false 6) Future managers and workers need to understand the benefits MIS and ebusiness can offer a company if it wants to take advantage of sustaining technologies. ⊚ true ⊚ false 7) A disruptive technology is a new way of doing things that initially does not meet the needs of existing customers. ⊚ true ⊚ false Version 1 1 CH 3 MARWA 37764611 8) A sustaining technology produces an improved product customers are eager to buy, such as a faster car or larger hard drive. ⊚ true ⊚ false 9) A sustaining technology is a new way of doing things that initially does not meet the needs of existing customers. ⊚ true ⊚ false 10) A disruptive technology produces an improved product customers are eager to buy, such as a faster car or larger hard drive. ⊚ true ⊚ false 11) The universal resource locator (URL) contains the address of a file or resource on the web such as www.apple.com or www.microsoft.com. ⊚ true ⊚ false 12) The Innovator’s Dilemma, a book by Clayton Christensen, discusses how established companies can take advantage of disruptive technologies without hindering existing relationships with customers, partners, and stakeholders. ⊚ true ⊚ false 13) The Internet provides access to Internet information through documents including text, graphics, audio, and video files that use a special formatting language called HTML. ⊚ true ⊚ false \ 14) The WWW provides access to Internet information through documents including text, graphics, audio, and video files that use a special formatting language called HTML. ⊚ true ⊚ false Version 1 2 CH 3 MARWA 37764611 15) The Internet is a massive network that connects computers all over the world and allows them to communicate with one another. ⊚ true ⊚ false 16) Hypertext markup language (HTML) links documents, allowing users to move from one to another simply by clicking on a hot spot or link. ⊚ true ⊚ false 17) The World Wide Web, such as Internet Explorer or Mozilla’s Firefox, allow users to access organization systems. ⊚ true ⊚ false 18) Hypertext transport protocol (HTTP) is the Internet protocol web browsers use to request and display web pages using universal resource locators (url). ⊚ true ⊚ false 19) A universal resource locator (URL) identifies a URL address, and apple.com is an example of a domain name. ⊚ true ⊚ false 20) URLs use domain names to identify particular websites. ⊚ true ⊚ false 21) Domain name hosting (web hosting) is a service that allows the owner of a domain name to maintain a simple website and provide email capacity. ⊚ true ⊚ false Version 1 3 CH 3 MARWA 37764611 22) Ecommerce is the buying and selling of goods and services over the Internet. Ecommerce refers only to online transactions. ⊚ true ⊚ false 23) Ecommerce includes ebusiness along with all activities related to internal and external business operations, such as servicing customer accounts, collaborating with partners, and exchanging real-time information. During Web 1.0, entrepreneurs began creating the first forms of ecommerce. ⊚ true ⊚ false 24) A paradigm shift occurs when a new radical form of business enters the market that reshapes the way companies and organizations behave. ⊚ true ⊚ false 25) A few examples of ebusiness advantages can include opening new markets, reducing costs, and expanding global reach. ⊚ true ⊚ false 26) Intermediaries occur when a customer sells directly to another customer online, cutting out the intermediary. ⊚ true ⊚ false 27) Net neutrality’s founding principle includes the idea that all consumers should be able to use the Internet and its resources. ⊚ true ⊚ false Version 1 4 CH 3 MARWA 37764611 28) Interactivity measures advertising effectiveness by counting visitor interactions with the target ad, including time spent viewing the ad, number of pages viewed, and number of repeat visits to the advertisement. ⊚ true ⊚ false 29) Information richness refers to the depth and breadth of details contained in a piece of textual, graphic, audio, or video information. ⊚ true ⊚ false 30) Information richness measures the number of people a firm can communicate with all over the world. ⊚ true ⊚ false 31) Mass customization is the ability of an organization to tailor its products or services to the customers’ specifications. For example, customers can order M&Ms in special colors or with customized sayings such as “Marry Me.” ⊚ true ⊚ false 32) Mass customization occurs when a company knows enough about a customer’s likes and dislikes that it can fashion offers more likely to appeal to that person, say by tailoring its website to individuals or groups based on profile information, demographics, or prior transactions. ⊚ true ⊚ false 33) Cybermediation refers to the creation of new kinds of intermediaries that simply could not have existed before the advent of e
