1. ___ is the overall time between a request for system activity and the delivery of the response. A. response time
2. ____ describes the amount of data that a system can transfer in a fixed time period. A. bandwidth
3. ____ ensures that authorized users have timely and reliable access to necessary information A. availability
4. ____ includes monitoring a system for signs of trouble, logging all system failures, diagnosing the problem, and applying corrective action. A. fault management
5. _____ analyzes an organization’s assets, threats, and vulnerabilities. A. risk indentification
6. _____ costs include expenses for items such as supplies and equipment rental. A. operational
7. _____ develops safeguards that reduce risks and their impact. A. risk control
8. _____ expenses vary significantly during a system’s operational life and include spending to support maintenance activities. A. maintenance
9. _____ include changing programs, procedures, or documentation to ensure correct system performance; adapting the system to changing requirements; and making the system operate more efficiently. A. maintenance activities
10. _____ is a process for controlling changes in system requirements during software development. A. configuration management
11. _____ is a process that monitors current activity and performance levels, anticipates future activity, and forecasts the resources needed to provide desired levels of service. A. capacity planning
12. _____ is the process of tracking system releases A. version control
13. _____ measures actual system performance under specific circumstances and is affected by network loads and hardware efficiency. A. throughput
14. _____ measures risk likelihood and impact. A. risk assessment
15. _____ measures the time between submitting a request for information and the fulfillment of the request A. turn around time
16. _____ prevents unauthorized users from creating, modifying, or deleting information. A. integrity
17. _____ protects information from unauthorized disclosure and safeguards privacy. A. confidentiality
18. _____, a risk control strategy, eliminates risks by adding protective safeguards. A. avoidance.
19. A _____ is a centralized resource staffed by IT professionals who provide users with the support they need to do their jobs. A. help desk
20. A _____ is a formal reference point that measures system characteristics at a specific time. A. baseline
21. A _____ is a security weakness or soft spot. A. vulnerability
22. A _____ is an internal or external entity that could endanger an asset. A. threat
23. A _____ is responsible for assigning maintenance tasks to individuals or to a maintenance team. A. system administrator
24. A continuous backup only backs up files that are new or changed since the last full backup. A. false
25. A help desk can boost its productivity by using _____, which allows IT staff to take over a user’s workstation and provide support and troubleshooting. A. remote control software
26. A patch is a specially written software module that provides temporary repairs so operations can resume. A. true
27. A system in its final stages requires corrective maintenance only to keep the system operational A. true
30. A test site is an alternate IT location, anywhere in the world, that can support critical systems in the event of a power outage, system crash, or physical catastrophe. A. false
31. A(n) _____ is an attack that takes advantage of a vulnerability. A. exploit
32. Acceptance means that nothing is done; companies usually accept a risk only when the protection clearly is not worth the expense. A. true
33. Adaptive maintenance _____. A. adds enhancements to an operational system and makes the system easier to use
34. Adaptive maintenance involves changing an operational system to make it more efficient, reliable, or maintainable. A. false
36. An incremental backup only includes recent files that have never been backed up by any method. A. true
37. As enterprise-wide information systems grow more complex, configuration management becomes trivial. A. false
38. Backup media can include tape, hard drives, optical storage, and online storage. A. true
39. Bandwidth requirements are expressed in bytes per minute. A. false
40. Both adaptive and perfective maintenance activities decrease in a dynamic business environment. A. false
41. Cloud computing provides the IT infrastructure that enables service orientation. A. true
42. Corrective maintenance _____. A. diagnoses and corrects errors in an operational system
43. George’s firm contracts to provide risk management services for a wide range of smaller companies that cannot provide the service for themselves. One of George’s responsibilities at the end of each month is to review the threats encountered by the companies and put them into the appropriate categories.One of his firm’s clients details an incident in which a hacker — a former employee — thieved trade secrets from the client and threatened to release them to the competition if he was not paid. Which category should George place this incident? A. extortion
44. George’s firm contracts to provide risk management services for a wide range of smaller companies that cannot provide the service for themselves. One of George’s responsibilities at the end of each month is to review the threats encountered by the companies and put them into the appropriate categories. Another of George’s clients has software that is outdated and has become increasingly vulnerable to attack. How does George categorize this threat? A. Technical obsolescence
45. Hard skills include communications, interpersonal, and perceptive abilities. A. false
46. If significant changes take place in an existing system or if a new version is released, the IT department might develop a _____. A. user training package
47. In a broad sense, credentials include formal degrees, diplomas, or certificates granted by learning institutions to show that a certain level of education has been achieved. A. true
49. In a public key encryption environment, each user on the network has a pair of keys: a foreign key and a private key. A. false
50. In a secluded engineering attack, an intruder uses social interaction to gain access to a computer system. A. false
51. In a typical system, the initial version of the system is 1.0, and the release that includes the first set of maintenance changes is version _____. A. 1.1
52. In addition to benchmark testing, performance measurements, called _____, can monitor the number of transactions processed in a given time period, the number of records accessed, and the volume of online data. A. metrics
53. In dumpster diving attacks, an intruder raids desks or trash bins for valuable information. A. true
54. In maintenance management, _____ involves studying the parts of a system to understand the overall system. A. synthesis
55. In maintenance management, _____ means examining the whole in order to learn about the individual elements. A. analysis
56. Maintenance expense stay consistently the same during the system’s operational life. A. false
57. Many IT departments use a job title of _____ to designate positions that require a combination of systems analysis and programming skills. A. programmer/analyst
58. Mitigation shifts the risk to another asset or party, such as an insurance company. A. false
59. One highly publicized form of social engineering is called post texting, which is a method of obtaining personal information under false pretenses A. false
60. Perfective maintenance _____. A. involves changing an operational system to make it more efficient, reliable, or maintainable
61. Perfective maintenance usually is cost effective _____ a system’s operational life. A. during the middle of
62. Preventative maintenance adds new capability and enhancements. A. false
63. Retention periods of backups can be a specific number of months or years, depending on legal requirements and company policy. A. true
64. Software leases are not considered an operational cost. A. false
65. The _____ describes a system at the beginning of system operation and includes the results of performance and acceptance tests for the operational system. A. product baseline
66. The _____ documents a system at the end of the design phase, identifies any changes since the beginning of the project, and includes testing and verification of all system requirements and features. A. allocated baseline
67. The _____ is the configuration of a system documented at the beginning of the project and consists of all necessary system requirements and design constraints. A. functional baseline
68. The first step in managing IT security is to develop a _____ based on confidentiality, integrity, and availability. A. security policy
69. The hardening process that makes a system more secure is fully automatic. A. false
70. The main objective of training is to show users how the system can help them perform their jobs. A. true
71. The systems support and _____ phase begins when a system becomes operational and continues until the system reaches the end of its useful life. A. security
72. To avoid problems, preventive maintenance _____. A. requires analysis of areas where trouble is likely to occur
73. To measure system performance, companies use _____, which uses a set of standard tests on one system to compare its performance and capacity to that of other systems. A. benchmark testing
74. Using a release methodology reduces the documentation burden. A. true
75. When a maintenance release methodology is used, all changes, critical and noncritical, are implemented consecutively as they arrive. A. fasle
76. When a new version of a system is installed, the prior release is _____, or stored. A. archived
77. When a user submits a maintenance request, the system administrator makes an initial determination. A. true
78. When network traffic is encrypted, it is invisible and its content and purpose are masked. A. false
79. Wrapping refers to the practice of storing backup media away from the main business location, in order to mitigate the risk of a catastrophic disaster, such as a flood, fire, or earthquake. A. false
Other Links:
See other websites for quiz:
Check on QUIZLET