Isca MCQ Book
Isca MCQ Book
Isca MCQ Book
4
Information System
Control & Audit
MCQs
by
CA Nikil Jain & CA Ankit Taprania
Published by
cA Ambition
Copyright © 2019 by CA Ambition owned by
CA Ankit Taprania. All rights reserved. No
part of this publication may be reproduced in
any form without the written permission of
the publisher.
A. 1 and 2.
B. 3 and 4.
C. 2 and 3.
d. 1,2,3
Q2. Management processes of the complete COBIT 5 enabler model provides for 13 APO processes . what
does APO stands for
Q3.The complete COBIT 5 enabler model include a total of ________ governance and management processes
a) 13
b) 5
c) 27
d) 37
Q4. The risk remain even after implementation of countermeasures is termed a________
a. Likelihood
b. Risk
c. Residual risk
d. Vulnerability
a. Threat
b. Vulnerability
c. Likelihood
d. None
a. Risk
b. Exposure
c. Counter measures
d. Residual risk
b. Uncertainty of loss
c. Probability
d. Vulnerability of system
Q8. Clause 49 of listing agreement and SOX held _______responsible for implementation of ERM and Internal
Controls.
a. Steering committee
b. Managing director
c. Senior management
d. Shareholders
Q9. Implementation of internal control is mandatory for all companies ( listed and unlisted)
a. True
b. False
Q10. Internal control as per COSO does not cover which of the following aspect ?
a) Control activities
b) Risk assessment
c) Internal audit
d) Monitoring
Q11. Who’s responsibility is it to take all key decisions of IT Deployments and implementations.
a. Top management
b. Managing director
c. Steering committee
d. Stakeholders
a. Vulnerability
b. Risk
c. Exposure
d. Likelihood
Q13. “COBIT 5 defines a set of enablers to support the implementation of a comprehensive governance and
management system for enterprise “. The statement is made in reference with which pricple of COBIT 5.
Q14. Which Enabler of COBIT 5 provide a way to translate the desired behaviour into practicable set of
guidance for day to day management
a. Processes
b. Organisation structure
a. 4
b. 5
c. 6
d. 7
b. a mechanism to transform IT goal into set of practices and processes to deliver maximum
value
a. Risk Identification
b. Risk Analysis
c. Risk Prioritization
Q21. Which aspect relates to the COBIT 5 principle 'Meting Stakeholder Needs?
A. Organizational structures
B. Proceses
Q24. Which principle is key for the governance and management of enterprise IT?
A. Managing IT Operations
D. Managing Information
Q25. What help management in monitoring the process and practices of IT risk management
b. GEIT
c. COSO
d. COBIT
a. Strategic planning
b. Management control
c. Operational control
d. Tactical control
c. Process to assure that resources are obtained and used effectively and efficiently
c. Process to assure that resources are obtained and used effectively and efficiently
Q29.. Which Risk management practice used to provide information to stakeholders on current state of IT
Exposures .
a. Analyse Risk
d. Respond to risk
Q30. Enterprise Risk Management (ERM) is considered to have a significant differences in comparison with
traditional risk management approaches because ERM
D. none
Q31. Which of the following would you expect to see in the context of the risk strategy of an organisation?
1. The risk and audit team report to the board quarterly.
2. The tolerance level of risk is clearly defined.
3. Ownership of risk is delegated to business units.
4. The organisation has a defined risk appetite.
A. 2 and 3.
B. 1, 2 and 4.
C. 2 and 4.
D. 1 and 2
Q32. Risk Strategy to be adaptable where probability and occurrence of risk is negligible .
d. Turnback
Q33. Risk Strategy to be adaptable where probability and occurrence of risk is low and risk is considered
minor .
d. Turnback
Q34. Management of ABC ltd is considering of shifting the IT Central server from its delhi branch to Mumbai
branch , for which it has hired TCS for providing all the consulting and job performance . this can be
categorised into which risk management strategy
Solution
1 a 8 c 15 d 22 a 29 c
2 c 9 a 16 d 23 a 30 b
3 d 10 c 17 a 24 c 31 c
4 c 11 c 18 d 25 a 32 d
5 b 12 c 19 a 26 d 33 b
6 c 13 b 20 d 27 c 34 d
7 d 14 c 21 b 28 b 35 ----
(a) Follow-up of customer and vendor complaints regarding amount due and owed.
Q2. The determination of whether a specific risk is tolerable will involve consideration of
1. the size of the residual risk.
2. history of losses.
3. risk appetite for that risk.
A. 1 and 2.
B. 1, 2 ,3.
C. 1,and 3
d. 2 and 3
a) True
b) False
Q4. A level of risk that the organisation views as acceptable , given the business objectives and resources
a) Exposure
b) Risk
c) Risk appetite
d) risk tolerance
Q5. The acceptable variation with respect to achieving a particular objective is _________
a) Exposure
b) Risk
c) Risk appetite
d)Risk tolerance
Q6. The consequence of a failure to identify all significant risks that an organisation faces is likely to be
1. Business objectives may not be achieved.
2. Operating costs may increase.
A. 1 and 2.
B. 1, 3 and 4.
C. 1, 2 and 3.
D. 1,2,3 and 4
Q7. Which risk management strategy is the last resort where all other strategies can’t be implemented
Q8. Which internal control of COSO provides for the management, mitigation and reduction of the risk
associated with the each business process?
a. Control environment
b. Risk assessment
c. Control activities
Q9. Choose the correct option according to the given statements regarding Risk Management.
Statement 1: A risk is a potential problem - it might happen, it might not.
Statement 2: Managers, software engineers, and customers participate in Risk Analysis and
Management.
Statement 3: Only Managers participate in Risk Analysis and Management.
Q10. Mr cobit has been asked by governance body to complete SWOT analysis for his solution scope . what
does SWOT analysis means
Q11. What is a very important enterprise communication mechanism for corporate values and desired
behaviour?
c) Organisational structures
b. Define relevant and tangible goals and objectives at various levels of responsibility
Q13. Which enabler describes an organised set of practices and activities to achieve certain objectives?
c. Processes
Q14.. Which is a vehicle to translate desired behaviour into practical guidance for day-to-day management?
a. Organisational structures
c. Processes
a. Process
b. Policies
c. Enablers
d. Information
Q16.. Which is one of the ways of meeting the Governance Objective of 'Value Creation'?
a. By optimising resources
b. By providing incentives
c. By hiring SMEs
d. When they provide a logical flow for staff who have to comply with them
Q18. Which aspect relates to the COBIT 5 key principle of 'meeting stakeholder needs'?
a. A staff member
b. A shareholder
c. A business partner
d. A regulator
a. Processes
b. Stakeholder needs
c. IT-Related goals
d. Enterprises
a. Value
b. Knowledge
c. Policies
d.Data
a) Risk expense
b) Risk experience
c) Risk exposure
Q23. As a tester which of the following will come under product risk if you are testing an e-commerce
website?
a) Shortage of tester
Q24. What assess the risk and your plans for mitigation and revise these when you learn more about the
risk?
a)Risk monitoring
b)Risk planning
c)risk analysis
d)Risk identification
Q25. “Provide information on current state of IT related exposure and opportunities to all stakeholders in
timely manner.”
Q26. Gap between need to protect information system and degree of protection applied arise due to .
(a) Framework
Q30. Organization need to have IT governance as an integral part of its overall risk management program in
order to implement appropriate __________ based upon the appropriately defined Risk appetite .
Q31. Which of the following component of COSO Framework require to have an ethically sound and
competent management , efficient board of directors etc
(d) IT governance
Q32. Which of the following component is considered the foundation of the internal control established by
the organization ?
(b) Monitoring
Q33. SOX have used_______ as one of the important guidelines for implementing risk management and
internal control .
(b) COBIT 5
(d) COSO
Q34. Management of Taprania Ltd has decided to respond to a particular risk by hedging risk with futures
contract. This is an example of Risk _____
(a) Acceptance
(b) Mitigation
(c) Elimination
(d) Sharing
(a) 2 and 4
(b) 3 and 4
(c) 1 and 2
(d) none
Q36. The control objectives for information and related technologies (COBIT ) framework has been
established by
Q38. Which of the following group has the least amount of responsibility for corporate governance ?
(a) 1,2,3,5
(b) 1,2,3,4
(c) 1,2,3,5
(d) 1,2,3
Solution
1 d 9 a 17 c 25 b 33 d
2 b 10 b 18 c 26 d 34 d
3 b 11 b 19 a 27 d 35 d
4 c 12 b 20 b 28 a 36 a
5 d 13 c 21 d 29 d 37 d
6 c 14 b 22 c 30 b 38 c
7 c 15 d 23 d 31 a 39 c
8 c 16 a 24 a 32 b 40 ---
a) Pre-determined objective
b) Interrelated subsystems
c) Interdependent subsystem
b) Customer Relationship
c) Interest Calculation
d) Manual Recording
a). create and share documents that support day-today office activities
b). process business transactions (e.g., time cards, payments, orders, etc.)
d) use the transaction data to produce information needed by managers to run the business
Q4 An information system that supports the planning and assessment needs of executive management is
a). DSS
b) ERP
c) MIS
a) operational
b) decision
c) success
d) simulation
Q6 Which category of computer-based information systems are concerned with improving efficiency by
applying information technology to common administrative tasks, such as creating business documents?
a) Expert systems
a) structured.
b) semistructured.
c) unstructured.
a) structured.
b) semistructured.
c) unstructured.
b) Back End
c) Internal system
d) None of these
a. Text mining
b. Web analysis
c. Customer profiling
a) transformed
b) processed
c) changed
d) engineered
Q16 _____ attempt to provide the same judgmental advice that human experts such as doctors provide.
a.ES
b.AI
c.KMS
d.DSS
a. Database
b. Model base
a. input
b. process
c. output
d. storage
a. Input
b. Process
c. Output
d. Feedback
Q21 Susan woke up and went to the bank to take money out of the ATM. She then went coffee cafe to buy a
coffee and paid with her debit card. She finished off her day by going to school and registered online for her
computer class. Susan has had multiple contacts with what kind of information systems throughout her day?
a) TPS
b) MIS
c) EIS
Q22 In an expert system, the process of matching a question to the information in the knowledge base is
called:
a) deduction.
b) inferencing.
c) inclusion.
Q23 Decision makers who are concerned with tactical information and decision making are
a) middle managers
b) . executive managers
d) mobile managers
Q24 Decision makers who are concerned with Strategic information and decision making are
a) middle managers
b) executive managers
c) supervisors
d) mobile managers
a) information
b) employee
c) management
d) capital
Q26 System providing information to help management to launch a new product shall be best classified as..
a. Data
b. Information
c. Tacit knowledge
d. Explicit knowledge
a. Validity
b. Adequacy
c. Quality
d. Reliability
b. Financial sector
c. Construction
d. E-Business
a. Information
b. Explicit Knowledge
c. Tacit knowledge
a. Software component
b. Process flow
c. Change customer
d. Change management
a. True
b. False
c. Irrelevant
d. None
A) Be flexible
a. Database
A. modern method.
B. advanced method.
C. effective method.
D. legacy method
a. Open system
b. Automated system
c. Deterministic system
d. Abstract system
A. less effectiveness.
B. high cost.
C. no integration.
D. more modules
Solutions.
1 d 9 c 17 d 25 a 33 c
2 d 10 d 18 d 26 d 34 a
3 d 11 d 19 d 27 d 35 a
4 d 12 b 20 d 28 c 36 b
5 b 13 c 21 a 29 b 37 d
6 d 14 d 22 b 30 c 38 d
7 c 15 b 23 a 31 c 39 c
8 a 16 a 24 b 32 c 40 a
Q2. Organization Doomdoma Ltd is facing employees resistance to use new system . suggest how
organization should approach here to incorporate new system
Q3. ERP make sure to provide realtime and integrated information to the user of all department . which
component of ERP describe how information flows among different modules so that most updated
information can be provided
a. software component
b. process flow
c. customer mindset
d. change management
Q4. Mr Bola an employee of the big organization is provided the task of preparing MIS report of online sales
and orders on hourly basis for the manager so that pricing policies can be updated by the end of the day but
bola provide the MIS reports on every 3 hour basis due to which manager was unable to take pricing
decisions . this example of non-existence of which of the attribute of information?
a. availability
b. Validity
c. Frequency
d. Rate
a. Portability
b. Electronic transmission
Q7. After clearing CA Mr Gabru sends enquiry email consisting of his biodata details to many companies to
get interview call . this is shows which one important feature of the Email .
a. Portability
b. Electronic transmission
Q8. Book publisher wants to implement a system for his employees for the purpose for formatting and
management of the softcopies of the book provided by the various book authors . what information system
should be implemented
b. OAS
c. TPS
Q9.Manager of the small organization needs a system for analyzing the the future investment in plant
machinery . suggest the suitable system
a. EIS
b. MIS.
c. DSS.
d. KMS
Q10.Mr sham , manager of DSS LTD , obtained a new system , which help him making important decisions by
using the information from organizations TPS and information from the world media. What information
system is used by the MR sham
a. EIS
b. MIS.
c. DSS.
d. KMS
Q11. Mr High temperature needs a information system which can be used for unstructured decision making
a. EIS
b. MIS.
c. DSS.
d. KMS
Q12.Mr bhukad , is a renounced writer till now he used typwiter for writing his novels but now he needs a
system for writing novels , please suggest a system to him for writing novels .
a. TPS
d. KMS
Q13 Which type of user of DSS is capable of using the complex system in their day to day work ?
a.End user
b. Manager
c.Backend User
d. staff specialist
a. TPS
b. DSS
c. ES
d. EIS
Q15. Among alternative solutions for an information system one may consider
Q16. _________ is an organized portfolio of formal systems for obtaining processing and delivering information in
support of the business operations and management of an organization.
B. DSS
C. EIS
D.KMS
Q18. ________ processing, involves duplicating, sorting and filling data.______ processing with electronic scanners
involves transforming and entering the data into an electronic form.
a) 1. Manual, electronic
b) 2. Electronic, manual
c) 3. Transforming
A) Information
B) Employees
C) Customers
D) Database
C) ERP systems have been widely adopted in large organisations to store critical knowledge used to make
the decisions that drive the organisation's performance
Q23. Which of the following method is used to produce reports about data.
Q25. A _____ provides a set of integrated computer tools that allow a decision maker to interact directly with
computers in order to retrieve information useful for semistructured and unstructured decisions,
a.DDS
b.DBMS
c.MIS
d.Control
Q27. Which is used to provide the right information to the right person at the right time for proper decision making?
a) DBMS
b) MIS
c) ISO
d) PSO
Q29. _________level of Database defines schema which is sub divided into sub-schema
a. Physical
b. Logical
c. External
d. None
Q30. Which component of ERP defines the way information flow among different modules
a. Software component
b. Process flow
c. Customer mindset
d. Change management
Q31. Which of the following systems is used to present high-level overview information as well as the ability to drill
down to details for high-level managers?
Q32. Which of the following are used to support decision making in situations in which the situation is only partly
structured or known in advance?
Q34. In TPS systems, an output that signifies that a specific transaction has taken place is called a(n):
a. action document.
b. detail report.
c. exception report.
d. summary report
Q35. The decision-making level of an organization that is most concerned with daily operations is the
a) operational level.
b) managerial level.
c) executive level.
Q36. The decision-making level of an organization that is most concerned with optimizing
organizational efficiency is the:
a. operational level.
b. managerial level.
c. executive level.
Q37. Which of these applications is most likely to be implemented using an online transaction
processing system?
a. Payroll processing
b. Airline reservations
a. formulas
b. algorithms
c. models
d. heuristics
Q39. The MacDonald's fast food chain is experiencing slow growth because of over saturation of MacDonald's outlets
across North America. They are looking for ways to increase growth in their organization by diversifying into the hotel
a. structured
b. semi-structured
c. unstructured
a) a.explanation module
b) b.knowledge base
Q43 Application that helps most in health care enterprises calculating product costs for individual
procedures and services .
e. Expert system
f. MIS
g. EIS
h. DSS
Q44 “Application and technology that are used to collect and provide access and analyze data and
information about companies operation “ are which IT tool used in business
e. Business website
Q45 Infosys Finacle , Nucleus FinnOne and Oracle’s Flexcube are example of
e. DSS
f. ERP
g. CBS
h. EIS
Q46 Business manager should have the knowledge of “what are components of system and their functions”
is known as knowledge of
e. Business Application
f. Development processes
g. Management challenges
h. Foundation Concepts
f. How end users and IS specialists develop and executes business solution to problem
Q48. A ‘throw-away’ type sealed digital watch , which composed of a number of components that worked in
a cooperative fashion designed to perform some specific task . is an example of
Q51. Matching the frequency of transmitting message at which receiver wants to receive it , is which attribute of
information
a. Adequacy
b. Availability
c. Rate
d. Validity
Q52. Which system provide Dashboard for the decision maker as a way to create generalized environment
a. MIS
b. ES
c. EIS
d. DSS
Q53. The most important attribute of information quality that a manager requires is:
a. relevance.
b. media.
c. presentation.
d. timeliness
a. user intelligence
b. planning language
c. model base
d. Database
Solutions.
1 c 10 a 19 d 28 d 37 b 46 d
2 c 11 a 20 d 29 c 38 c 47 b
3 b 12 c 21 b 30 b 39 c 48 c
4 d 13 d 22 b 31 b 40 d 49 d
5 a 14 a 23 d 32 a 41 d 50 d
6 d 15 b 24 c 33 d 42 d 51 c
7 c 16 a 25 a 34 a 43 d 52 c
8 d 17 c 26 b 35 a 44 c 53 a
9 c 18 a 27 b 36 a 45 c 54 c
a) 19thAugust88
b) Delhi88
c) P@assw0rd
d) !augustdelhi
a) Authorization
b) Authentication
Q3. Organisation Pajama ltd has a policy that Internet accessed by the employees will always be routed
through a firewall and proxy . this is an example of which network access control?
a. Segregation of network
c. Firewall
d. Enforced path
Q4. Organisation Pajama ltd has a policy to ensure that network connection between the heads of two
branches must be through a secured VPN instead of general network service to ensure the integrity of the
message communicated . This control of network access is an example of which control .
a. Segregation of network
c. Firewall
d. Enforced path
Q5. Organisation Pajama ltd has a policy to ensure that employees are not allowed to establish a connection
to specified web sites for example facebook , twitter , etc . This control of network access is an example of
which control .
a. Segregation of network
a) Write
b) Execute
c) Stop
d) Read
a) Key card
b) fingerprint
c) retina pattern
d) Password
a) Default behavior of OS
d) Account administrator
a. Preventive control
b. Detective control
c. Corrective control
d. Compensatory control
a. Preventive control
b. Detective control
c. Corrective control
d. Compensatory control
Q12. Security guard of bank building is a example of_______ control to information system
a. Preventive
b. Detective
c. Corrective
d. Compensatory
a. Preventive control
b. Detective control
c. Corrective control
d. Compensatory control
a. Preventive control
b. Detective control
c. Corrective control
d. Compensatory control
a. Standards
b. Guidelines
c. Procedures
d. None
a. Standards
b. Guidelines
c. Procedures
a. i and ii
b. ii and iii
c. iii and iv
d. i and iv
a) stealth
b) virus signature
c) armoured
d) multipartite
Q21. Which one of the following is a process that uses the spawn mechanism to damage the system
performance?
a) worm
b) Trojan
c) threat
d) virus
a) a security hole, inserted at programming time in the system for later use
b) a type of antivirus
a) source file
b) object file
c) executable file
A) Cryptoware
C) Phishing
D) Spam
Q25. Which of the following is a malicious program that hide in a host program and cause illegitimate
actions ?
a.Worm
b.Trojan horse
c.Time bomb
d.Logic bomb
Q26. The ................... is code embedded in some legitimate program that is set to “explode” when certain
conditions are met.
a.Trap doors
b.Trojan horse
c.Logic Bomb
d.Virus
a.Trojan Horse
b.Virus
c.Worm
d.Zombie
a.True, False
c.True, True
d.False, False
A. A server that retrieves data from host servers before sending it to a computer
B. A virtual server that can behave like a mail server, Web server or FTP server
C. A waiter who never seems to be in the restaurant when your water glass is empty
D. None of these
c. filters packets travelling from and to the intranet from the internet
c. expensive modem
a. i, ii and iv
d. i and iii
d. None
Q35. Which type of lock provide a 10 digit number panel mounted near/on door?
a. Identification badges
c. Perimeter fencing
d. Encryption of data
Q41. What is the process of encoding information in a way so that only someone with a key can decode it?
a. Compression
b.Systemic variation
c.Encryption
d.Decryption
d.Fishing
Q43. The .................... uses a special system program to bypass normal system login procedures.
a. Trap doors
b.Trojan horse
c.Logic Bomb
d.Super zapping
Q44. ................... programs can be used to accomplish functions indirectly that an unauthorized user could not
accomplish directly.
a.Zombie
b.Worm
c.Trojan Horses
d.Logic Bomb
a) It is easy to generated
b) It cannot be shared
Solution
1 c 10 a 19 b 28 c 37 c
2 a 11 a 20 b 29 c 38 a
3 d 12 d 21 a 30 a 39 d
4 a 13 b 22 a 31 c 40 a
5 b 14 c 23 c 32 a 41 c
6 c 15 c 24 c 33 c 42 b
7 c 16 c 25 b 34 c 43 a
8 d 17 a 26 c 35 a 44 c
9 d 18 d 27 a 36 d 45 c
c) Password encryption
a) Analysis Engine
b) Event provider
c) Alert Database
c. Never leaving system under their responsibility unattended and use encryption technology
d. Using of strong password of system and Never leaving system under their responsibility unattended
Q4. The clerk of the organisation was going to issue invoice from a system and from discount instead of
pressing plus (+) sign he pressed minus (-) sign , even after this mistake the system took minus (-) sign for
discount .which system input control is referred here ?
a. Check digit
b. Valid sign
c. Picture check
d. Arithmetic check
Q5. Bank issued a credit card whose number is generated by computer program through a formula except
the last digit . which is added to ensure the integrity and validity of credit card number. This last digit is an
example of which control
a. Limit Check
b. Picture check
d. Check digit
Q6. While registering on income tax site didn’t allowed the user Ram to enter last character of PAN as
numeric . this control is an example of.
b. Picture check
d. Check digit
Q7. While registering on income tax site It allowed the user Ram to enter only 10 PAN . this control is an
example of.
a. Limit Check
b. Picture check
d. Check digit
Q8. When an attempt is to make a machine or network resource unavailable to its intended users, the attack
is called
a) denial-of-service attack
c) spoofed attack
d) starvation attack
Q9. In computer security, ……………………. means that computer system assets can be modified only
by authorized parities.
A) Confidentiality
B) Integrity
C) Availability
) Authenticity
Q10. In computer security, …………………….. means that the information in a computer system only
be accessible for reading by authorized parities
A) Confidentiality
B) Integrity
C) Availability
) Authenticity
a. ii and iii
b. i and iii
c. i and ii
d. ii and iv
a. Bridge
b. Router
c. Gateway
d. Output control
a. Event logging
b. Clock synchronization
Q18. The following measures are taken to ensure security of information systems:
(i)duplicate copies of data/programs are kept in a different place preferably in fire-proof vault
(ii)password protection is used to prevent unauthorized access
(iii)database once prepared should never be allowed to change
(iv)printed copies should be accessed by authorised persons only
a. i and ii
b. i, ii, iii
c. ii, iii, iv
d. iii and iv
a. i and iii
b. i and ii
c. ii and iv
d. i, iii, iv
a. True
b. False
a. calculates the same quantity in two different ways and compares them for equality
Q24. A program can never be categorized into Time bomb as well as Logic Bomb
a. True
b. False
Q25. The internal code of any software that will set of a malicious function when specified conditions are
met, is called
a) code stacker
b) trap door
c) logic bomb
a) Theft of information
b) Modification of data
c) Wiping of information
Q27. Your supervisor is very busy and asks you to log into the HR Server using her user-ID and password to
retrieve some reports. What should you do?
c) Decline the request and remind your supervisor that it is against UC policy.
d)None
c. ensure that the system processes data as it was designed to and that the results are reliable
29. Gap arise between need of protection and degree of protection of information systems due to
(i) Regulatory requirements
(ii) interconnectivity of system
(iii) protection from system from virus attack
(iv) data may be lost due to disk crashes
a. i and ii
b. i and iii
c. i and iv
d. ii and iii
b. I,ii,iii,vi
c. I,ii,iii,iv,v
d. i,ii,iii,iv,v,vi
Q33 It is necessary to protect information system from various logical access violators which may be
(i)Authorized employes
(ii)IS personnel
(iii)vendors and consultants
(iv)hackers
(v)former employees
(vi)government
a. ii,iv,i,iii
b. I,ii,iii,vi
c. i,ii,iii,iv,v
d. i,ii,iii,iv,v,vi
Q35. Kalu executed a command to print the document of 2500 pages , __________ control allow him to work
even if the printer is still printing the documents .
a) Logging
b) Retention
c) Spooling
d) Router
a) online terminal
b) dial-up ports
c) Telecommunication network
d) Router
a) password
b) PIN
c) Biometric Devices
d) identification badges
Q38. Which of the following step is not involved in an Application Access Control mechanism process?
(a) Identification
(b) Authentication
(c) Confidentiality
(d) Authorization
Q39. During an audit of financial transactions in an enterprise XYZ, it was found that simple errors of
data entry were occurring when two digits that were either individual or part of larger
sequence of numbers were reversed when posting a transaction. Which type of error is this?
(a) Virus
(b) Trojan
(c) Worm
(d) Firewall
a) Wire-tapping
(b) DataLeakage
(d) Piggybacking
Q42. Which are the controls that are responsible for maintaining a chronology of the events from the
time a sender dispatches a message to the time a receiver obtains themessage?
b) CommunicationControls
c) InputControls
d) DatabaseControls
Q43. Change of data before or after they entered the system, This technical exposure is known as ______ .
a) Data Diddling
b) Data Bomb
c) Christmas card
d) Rounding Down
Q44. Which error occur when a digit or character is removed from the end of as code ?OR 83276 is recorded
as 8327. which type of error is it ?
a) Addition Error
b) Truncation Errors
c) Substitution Error
d) None of these
Q45. Which error occur when one digit in a code is replaced with another?OR 98975is recorded as 99975.
which type of error is it ?
a) Addition Error
b) Truncation Errors
c) Substitution Error
d) None of these
Q46. Which errors occur when two adjacent digits are reversed? OR is recorded as 89975. which type of
error is it?
d) None of these
Q47. Which control has a pair of doors that are typically found in entries to facilities such as computer
rooms and document stations .
c) Bonded Personnel
a) Lending
b) Organizing
c) Planning
d) Controlling
Q49. Auditors examine variables that often indicate when motivation problems exist or suggest poor
leadership known as ____ .
a) Lending
b) Planning
c) Controlling
d) Organizing
Q50. Which error occur when an extra digit or character is added to code ? OR 83276 is recorded as 832766.
which type of error is it?
a) Addition Error
b) Truncation Errors
c) Substitution Error
d) None of these
Q51. In which data processing control two or more fields can be compared and cross verified to ensure their
correctness?
a) Run-to-Run totals
b) Edit Checks
c) Exception Reports
d) Reasonableness Verification
Q52. TALLY accounting software gives a warning when cash balance may turn negative on updating a
voucher. This is good example of
(d) password
Q54. In order to use Gas based suppression system to control fire , what need to be assured first
Solution
1 d 10 a 19 b 28 c 37 d 46 a
2 d 11 c 20 c 29 a 38 c 47 d
3 d 12 b 21 b 30 a 39 d 48 a
4 b 13 d 22 b 31 d 40 d 49 a
5 d 14 b 23 a 32 d 41 a 50 a
6 b 15 b 24 a 33 c 42 b 51 d
7 a 16 a 25 c 34 a 43 a 52 d
8 a 17 d 26 d 35 c 44 b 53 d
9 b 18 a 27 c 36 d 45 c 54 c
A. Annually
B. Monthly
C. Quarterly
D. Regularly
Q3. Rahul had a server crash on Thursday morning. Rahul performed a backup in which he used the
complete backup from Sunday and several other tapes from Monday, Tuesday, and Wednesday. Which tape-
backup method was used?
A. Full restore
B. Mirror restore
C. Differential restore
D. Incremental restore
Q4.Which is a separate fully equipped facility where the company can move immediately after the disaster
and resume business
B. Hot site
C. Cold site
D. Warm site
Q5.Which is a separate facility that does not have any computer equipment but is a place where the
knowledge workers can move after the disaster ?
B. Hot site
C. Cold site
D. Warm site
Q6. What should the scope of the BCM be to understand the needs and expectations of interested parties?
B. Compliance process
C. Governance process
Q9. What is one of the purposes of the Business Impact Analysis (BIA)?
C. to identify risks
B. 1,2,4,3,5,7,8,6
C. 2,1,4,3,5,7,8,6
D.2,1,4,3,5,6,7,8
a) Crisis Management
Q13. How should the top management demonstrate its commitment to the BCM?
C. ensure that BCM objectives are aligned to the strategic goals of the business
Q14. Which plan typically focuses on restoring systems after disasters occur?
Q15. Incremental backup is a backup taken from Last back up.Here what kind of backup could be the “Last
Backup” ?
A. Full back up
B. differential backup
Q16.When identifying risks of disruptive incidents, how are single points of failure (SPOF), inadequacies in
fire protection, electrical resilience, staffing levels, IT security and IT resilience considered?
A. Impacts
B. Risks
C. Threats
D. Vulnerabilities
Q17. There are several reasons why a company would develop and implement a business continuity plan.
A. To increase liability
Q18. What is not one of the outcomes indicative of an effective Business Continuity program?
Q19. The organization should identify nonconformities, take action to control, contain and correct them,
deal with the consequences and evaluate the need for action.
What should be the basis for determining the priority of corrective actions?
Q20. What do we call the process of seeking out and studying practices in other organizations that one’s own
organization desires to duplicate?
a. Baselining
b. Benchmarking
c. Best practices
d. Due diligence
B. Senior management
A. Standard
B. Stakeholder analysis
C. Procedure
D. Policy
B. It is a cheap solution.
A. Reciprocal agreement
B. Cold site
C. Warm site
D. Hot Site
a) Full backup
b) Incremental backup
c) Differential backup
b) Prior notice should be given to people who will be affected by the test of BCP
a) The more important the data, the greater the need for backing it up
c) Storing the backup copy near to its original site is best strategy
A. Full back up
B. Incremental back up
C. Differential back up
D. Mirror back up
A. Full backup
B. Incremental back up
C. Differential back up
D. Mirror back up
Q32. Which process can prevent data from lose due to computer problems or human errors?
A.backup
B.recovery
C.benchmarking
D.data cleansing
Solutions.
1 d 9 d 17 b 25 d
2 b 10 c 18 d 26 b
3 d 11 c 19 d 27 d
4 b 12 b 20 b 28 d
5 c 13 c 21 d 29 c
6 a 14 b 22 b 30 a
7 c 15 c 23 d 31 d
8 d 16 d 24 a 32 a
a) Steering committee
b) Project managers
c) Business Analyst
d) Domain Specialist
Q2. “Consider a system where, a heat sensor detects an intrusion and alerts the security company.” What
kind of a requirement the system is providing ?
a) Functional
b) Non-Functional
c) Known Requirement
Q3. Which one of the following models is not suitable for accommodating changes?
a) spiral model
b) Prototyping Model
c) RAD Model
d) Waterfall Model
Q4. The work associated with software development can be categorized into three generic phases ,
regardless of application area, project size, or complexity ,namely the__________ phase which focuses on what,
the_________ phase which focuses on how and the_________ phase which focuses on change.
i. support
ii. development
iii. definition
a) 1, 2, 3
b) 2, 1, 3
c) 3, 2, 1
d) 3, 1, 2
a) Maintainability
b) Portability
c) Robustness
Q7. Which of the following is not the primary objectives in the Preliminary investigation of system
development?
d)Report finding to the management with recomendation to accept or reject the proposal
Q8. _________ and _________ are not the subject matter of Requirement Analysis.
c) Functional, Non-Functional
Q9. Arrange the given sequence to form a SRS Prototype outline as per SRS Standard.
i. General description
ii. Introduction
iii. Review
iv. Appendices
v. Specific Requirements
a) iii, i, ii,v, iv
b) iii, ii, i, v, iv
d) iii, i, ii,v,iv
c) Defined process is acceptable and usable by the engineers responsible for producing the software
a) alpha testing
b) beta testing
c) regression testing
a) Performance
b) Functionality
c) Design solutions
d) External Interfaces
Q13. If you were a lead developer of a software company and you are asked to submit a project /product
within a stipulated time-frame but within cost barriers, which model would you select?
a) Waterfall
b) Spiral
c) RAD
d) Incremental
a) Only i is true
B . Feasibility Study
D. Maintenance phase
Q16. Which two of the following models will not be able to give the desired outcome if user’s participation is
not involved?
Q19. The modification of the software to match changes in the ever changing environment, falls under which
category of software maintenance?
a) Corrective
b) Adaptive
c) Perfective
d) Preventive
Q20. Which model can be selected if user is involved in all the phases of SDLC?
a) Waterfall Model
b) Prototyping Model
c) RAD Model
a) Expandability
b) Existence of technology
c) Suitability of technology
Q22. Which of the following life cycle model can’t be chosen if the development team has less experience on
similar projects?
a) Spiral
b) Waterfall
c) RAD
d) Iterative Model
a) Sequential structure
b) A List
c) A plan
d) An Algorithm
Q24. Which of the following property does not correspond to a good Software Requirements Specification
(SRS) ?
a) Verifiable
b) Ambiguous
c) Complete
d) Traceable
a) Condition Stub
b) Preferences Stub
c) Action Stub
d) Action Entries
a) Error corrections
b) Enhancements of capabilities
a) Developers
b) Testers
c) Users
a) True
b) False
a) Stress
b) Structural
c) Functional
d) Security
Q31. An iterative process of system development in which requirements are converted to a working system
that is continually revised through close work between an analyst and user is called
A. Waterfall modeling
B. Iterative modeling
C. Spiral modeling
Q32. Which of the following does not apply to agility to a software process?
Solution
1 c 9 c 17 b 25 b
2 a 10 d 18 c 26 d
3 d 11 b 19 b 27 a
4 c 12 c 20 c 28 c
5 b 13 c 21 d 29 a
6 d 14 c 22 a 30 d
7 c 15 b 23 d 31 c
8 b 16 d 24 b 32 c
SDLC MCQs - 2
Q1. In a proposed system, entity finds that system does not have an option to modify rates of TDS. The need may arise
whenever law changes in future. This failure may be defined as failure of…
Q2. A task of developing a technical blueprint and specifications for a solution that fulfills the business requirements is
undertaken in the following phase of the system development process
A. system implementation
C. system design
D. feasibility study
D. both A and B
Q4. Which one is NOT a phase of the systems development life cycle?
A. problem analysis
B. requirements analysis
C. post-implementation review
D. Customer analysis
A. model-driven analysis
B. traditional approaches
D. structured analysis
B. schedule feasibility
C. operational feasibility
D. Hardware feasibility
Q7. The task of identifying and expressing system requirements is performed in which phase of systems analysis?
Q8. Cause-and-effect analysis is performed in which of the following phase of systems development
C. design phase
a. iii and iv
b. i, ii and iii
d. ii and iii
a. it is economical to operate
b. it is expensive to operate
a. economic feasibility
b. operational feasibility
c. technical feasibility
a. i and ii
b. ii and iii
c. iii and iv
d. i and iii
a. i and ii
b. ii and iii
c. iii and iv
d. i and iii
a. to find out direct and indirect cost of developing the information system
a. i and ii
b. i, ii and iv
d. i, ii and iii
a. impossible
d. usually done
a. i and iii
b. ii and iii
c. ii and iv
d. i, ii & iv
Q30. Which is the most secure method to change over from old system to new system
a. direct implementation
b. phased changeover
c. pilot changeover
d. parallel changeover
b. to determine the type of computer system and software tools needed to meet the final system
specification
Q32. When system needs to be developed within specified time schedule , which development methodology can’t be
a. waterfall
b. Agile
c. RAD
d. Spiral
a. i
b. i
c. ii
d. ii
b. to tell the organization’s managers what the proposed system will achieve in a language understood
by them
b. to assess if it is possible to meet the requirements specified subject to constraints of budget, human
resource and hardware
d. at any time
d. top, middle and operational managers and also all who will use the system
a. top management can not ensure that a project is feasible before calling a system analyst
b. top management is not sure what they want from the system
c. even though top management is in favor of the system, technology may not be mature for
implementation
d. all organizations do it
a. interviewing managers and users and arriving at the requirements based on consensus
Q45. The major goal of requirement determination phase of information system development is
A. batch document
B. source document
C. on-line document
Q47. Which of the following is(are) the inputs to the Systems Construction phase?
A. design prototypes
C. documentation
Q48. Which of the following is(are) the deliverables of the Systems Implementation phase?
C. operational system
Q49. Which of the tests is a final system test performed by end users using real data over an extended period of time?
A. final test
B. complete test
D. parallel test
A. missing requirements
B. costly requirements
C. conflicting requirements
D. ambiguous requirements
A. Questionnaire
B. interviews
C. Documentation
D. Desk check
A. assisting users
Q53. The process of requirements discovery consists of the following activities, except
A. requirements management
B. requirements discovery
A. observations
B. Questionnaire
C. interviews
D. Documentation
Q55. In Which one of the following fact-finding techniques Exact requirement of user is collected obtained ?
A. observations
B. Questionnaire
C. interviews
D. Documentation
Q56. In Which one of the following fact-finding techniques system analyst actually visits the organization to collected
obtained ?
A. observations
B. Questionnaire
C. interviews
D. Documentation
Q57. Which is the best system development methodology involve joint development workshop
A) Traditional Approach
B) Prototype arrpoach
C) spiral approach
D) RAD approach
Q58 Which is the best system development methodology for risk identification and removal
A) Traditional Approach
B) Prototype arrpoach
C) spiral approach
D) RAD approach
Q59 Which is the best system development methodology is best suitable to obtain exact requirements at early stage of
the system development
A) Traditional Approach
B) Prototype arrpoach
D) RAD approach
Q60 Which is the best system development methodology is best suitable for developing regular system
A) Traditional Approach
B) Prototype arrpoach
C) spiral approach
D) RAD approach
Solutions.
1 b 11 a 21 b 31 b 41 a 51 d
2 c 12 a 22 c 32 d 42 a 52 d
3 d 13 d 23 b 33 a 43 c 53 c
4 d 14 c 24 a 34 d 44 a 54 b
5 c 15 a 25 b 35 a 45 b 55 c
6 d 16 a 26 a 36 b 46 b 56 a
7 c 17 c 27 d 37 a 47 d 57 d
8 d 18 c 28 a 38 b 48 c 58 c
9 c 19 b 29 c 39 c 49 c 59 b
10 b 20 d 30 d 40 d 50 b 60 a
IT Audit MCQs
Q 1.With the help of what tools, IT auditor can plan for 100% substantive testing
A. CAAT
B. ERP
C. COBIT
D. Manual
Q 2. CAAT tools are used by the Auditor to perform Substantive Testing. CAAT stands for.
a. the inputs and the corresponding outputs are compared and checked for correctness
a. the inputs and the corresponding outputs are compared and checked for correctness
a. the inputs and the corresponding outputs are compared and checked for correctness
A. Systemic Error raise audit flags on system errors to auditor against which auditor can easily take
action
C. Systemic errors are made on all the transactions processed thus it reduces auditor time to
evaluate evidence
Q 7. In an organisation Auditor wants to collect evidences based on system user profiles ; which CATT can be
used by the auditor to achive the objective
a) CIS
b) Audit Hooks
c) Audit Trails
d) SCARF
Q 8. To perform IS audit IS Auditor must possess a good skills set ;in reference to this identify the wrong
statment
A. Analysis
B. Planning
C. Fieldwork
D. Reporting
Q10. Which CAT tool facilitate real time notification display of messages on the auditor terminal
A. Snapshot
B. SCRAF
C. CIS
D. Audit Hook
Q 12. Auditor uses SCARF to collect various information; what does SCARF stands for
Q13. Which one is not Audit preformed during system development process
A. Concurrent audit
B. Pre-implementation Audit
C. Post-Implementation Audit
D. General Audit
C. Whether allows organisational goals to be achieved effectively and uses resources efficiently
B. Detection Risk
C. Inherent Risk
D. Control Risk
C. Standing data
D. Environmental Regulations
A. Detective
B. Application
C. Preventive
D. Correction
a) Resources requested
b) No of sign on attempts
Q20. Which among the following is not a compliance test as related to IT environment
B. If these is only production environment and audit could not test dummy data
Q22. The type of audit evidence which the auditor should consider using in IT audit includes
B. IDEA
C. COBIT
A. i and ii
B. iii and iv
C. ii and iii
D. i , ii and iii
Q 26. In which type of IT Audit Auditor ensure that it management has developed a controlled environment
for information processing
B. System development
B. Obtain a copy of the contract to determine if adequate controls have been specified
C. Ensure that audit needs are taken into account and included in the contracts
B. Use controls that detect and report the occurrence of an error, omission or malicious act.
B. SCRAF
C. Cobit
D. snapshot
A. Confidentiality
C. Availability
D. Integrity
(1) planning
(2)scoping
(3) Fieldwork
(4) close
(5) Analysis
(6)report
a. 1,2,3,4,5,6
b. 1,2,3,5,6,4
c. 2,1,3,5,4,6
Solutions.
1 a 9 b 17 d 25 d
2 c 10 d 18 a 26 d
3 a 11 c 19 d 27 b
4 c 12 a 20 d 28 d
5 b 13 b 21 c 29 b
6 c 14 d 22 a 30 c
7 d 15 c 23 a 31 b
8 d 16 b 24 d 32 d
A. 17 October,2000
B. 11 November,2000
C. 17 October,2001
D. 11 November,2001
Q2. IT Act 2000 amended various sections of which of the following Acts?
Q3. Which one of the following is outside the scope of IT Act 2000
A. Electronic gift
C. Electronic message
D. Electronic Evidence
A. Will
C. Power of attorney
A. Trust
C. Will
D. Truncated Cheque
Q6. Ram has a office in Kolkata , from where he accessed server of google situated in New York and hacked password
file . Is IT Act applicable on him
B. No
Q7. Ram has a office in New York , from where he accessed server of google situated in Kolkata and hacked password
file . Is IT Act applicable on him
A. Yes
B. No
Q8. Ram has a office in New York , from where he accessed server of google situated in canada and hacked password
file . Is IT Act applicable on him
A. Yes
B. No
A. Trade Marks
B. Copyright
C. Patent
Q10. IT (Amendment )Act 2008 with amend IT Act 2000 , become effective from
A. 27 oct 2008
B. 27 oct 2009
C. 21 july 2008
D. 21 may 2009
Q11. Which Act casts responsibility on body corporate to protect sensitive personal information and
provide punishment for offences by companies.
A. IT Act 2000
D. none
A. Section 6
B. Section 3
C. Section 4
A. Section 3
B. Section 5
C. Section 6
D. Section 4
Q14. Which Act in India focuses on data protection and Data privacy ?
B. IT Act 2000
Q15. Which section of IT Act deals with Child pornography and punishment provided by it for first conviction ?
Q16. Which section of IT Act deals with publishing sexually explicit contect in e form and punishment
provided by it for first conviction ?
B. Life Imprisonment
D. 6 year imprisonment
A. Section 66F
B. Section 66C
C. Section 66B
D. Section 66A
Q21. What is the time limit for filing appeal against the order of Cyber appellate tribunal?
A. 30 days
B. 90 days
C. 60 days
D. 45 days
Q22. What is the penalty for publishing images of a person's private parts without consent, as per IT Act 2000?
B. Life imprisonment
A. Section 66C
B. Section 66B
C. Section 66F
D. Section 66A
B. Life Imprisonment
B. Digital Certificates
A. Autonomous body
Q29. Which section of IT Act deals with the appointment of Controller of certifying authorities?
A. Section 5
B. Section 15
C. Section 10
D. Section 17
Q30. Which Act which provides legal framework for e-Governance in India?
C. IT Act - 2000
A. 3
B. 4
C. 6
D. 2
Q32. As per SEBI norms Auditor must have __________years of experience to perform Audit
A. 5
B. 10
C. 3
D. 4
A. 5 months
B. 6 months
C. 3months
D. 2 months
Q34. Each Non-Conformities must be corrected by auditee management within a period of ________ and reported to
SEBI.
A. 1 month
B. 2 month
C. 3 month
D. 4 month
Q35. As per IRDA all insurer must get their system & processes audited once in ______ years by a CA
A. 3
B. 5
C. 4
D. 6
Q36. What enable enterprise to get certified by an independent certification body which confirms that IS security is
A. ITIL
B. SA 402
C. ISO27001
D. BS47001
Q37. The authentication to be affected by use of asymmetric crypto system and hash function is known as
A) Public key
B) Private Key
C) Digital signature
D) E governance
A. Program
B. Graphical coding
C. HTML
D. Cryptography
e. Digitally sign
h. coding
A. Digitally sign
D. coding
e. Public key
f. Private key
g. Digital signature
Q42. the central government may appoint a _________ of certifying authority who shall exercise supervision over the
a. Commissioner
b. Controller
c. Executive
d. President
Q43. The certifying authority empowered to issue a Digital Signature certificate shall have to procure a
licence from the _________ to issue a Digital Signature certificate
B. Central government
C. State government
Q44 . ____________ is the person in whose name the digital signature certificate is issued
A. Certified authority
B. subscriber
C. holder
D. Controller
Q45. the _________ has the power to suspend or revoke Digital Signature certificate .
A. Certified authority
B. subscriber
C. commissioner
A. Controller
Q46. Which is the appeal court on the orders issued by Cyber appellate tribunal?
A. Muncipal court
B. District Court
C. High Court
D. Supreme Court
Q47. As per IT Act 2000 if you fail to maintain books of accounts you will be penalized upto
B. 50000
D. NIL
B. Issue of grant
C. Make payment
Q49 As per IT Act 2000 those who fail to furnish documents will be penalized upto
B. 50000
C. 25000
D. 150000
A. 3
B. 4
C. 5
D. 6
Q51. What provide set of practices for IT Service Management with focus on aligning IT service with
business needs?
A. Cobit 5
B. ISO27001
C. SA402
D. ITIL
A. 4
B. 5
C. 6
D. 8
A Plan phase
B. Do phase
C. Check phase
D. Act phase
Q55. Which phase of ISMS provide for the implementation of identified improvements
A. Plan phase
B. Do phase
C. Check phase
D. Act phase
A. Plan phase
B. Do phase
C. Check phase
D. Act phase
Q57. Which Volume of ITIL provide guidance on measurement of service performance throughout the life
cycle and improvements to ensure service deliver maximum benefits ?
A. Service strategy
B. Service transition
C. Service operation
Q58. As per IRDA guidelines who is not eligible to perform system audit
C. Statutory auditor
D. Cost Auditor
Q59. Section 67,67A,67B applies in reference of clidren who have not completed _________years of age ?
A. 12
B. 14
C. 16
Q60. Which SA provide the responsibilities of auditor to obtain sufficient audit evidences when entity uses
the service of one or more service organisation
A. SA402
B. SA406
C. SA408
D. SA410
Q61. Where company commits a offence under IT Act , who shall be punished ?
A. Company
B. Directors
C. Person incharge
Solutions.
1 a 10 b 19 a 28 c 37 c 46 c 55 d
2 d 11 b 20 d 29 d 38 d 47 c 56 a
3 b 12 c 21 c 30 c 39 a 48 d 57 d
4 d 13 b 22 c 31 b 40 b 49 d 58 c
5 d 14 d 23 c 32 c 41 c 50 c 59 d
6 a 15 d 24 d 33 d 42 b 51 d 60 a
7 a 16 a 25 c 34 c 43 a 52 a 61 d
8 b 17 d 26 b 35 a 44 b 53 c 62 ---
9 d 18 b 27 d 36 c 45 a 54 c 63 ---
Q3. SWIGGY.IN formed a cloud for its all branches but due to its limited resources it obtained the services of
AWS for extended provisioning and thus modified its cloud ; The cloud so formed is the example of ______
a) Private cloud
b) Public cloud
c) Hybrid cloud
d) community cloud
Q6. _______ provides virtual machines, virtual storage, virtual infrastructure, and other hardware assets.
a) IaaS
b) SaaS
c) PaaS
d) All of the mentioned
Q7 .Usually methods like RAID strategies are used in cloud computing to maintain integrity. What RAID
stands for ?
a) Redundant array of independent disks
b) Redundant arrangements of independent disks
c) Removal of array in independent disks
d) Remove array for integrity dependent
Q11. All cloud computing applications suffer from the inherent _______ that is intrinsic in their WAN
connectivity.
a) propagation
b) latency
c) noise
d) None of the mentioned
Q13. Which of the following should be replaced with the question mark in the following figure ?
a) Abstraction
b) Virtualization
c) Mobility Pattern
d) All of the mentioned
Q15. _______ enables batch processing, which greatly speeds up high-processing applications.
a) Scalability
b) Reliability
c) Elasticity
d) Utility
Q17. Cloud computing is also a good option when the cost of infrastructure and management is ______
a) low
b) high
c) moderate
d) none of the mentioned
Q19. Which of the following is most important area of concern in cloud computing ?
a) Security
b) Storage
c) Scalability
d) All of the mentioned
Q20. ________ refers to the location and management of the cloud’s infrastructure.
a) Service
b) Deployment
c) Application
d) None of the mentioned
Q21. SaaS supports multiple users and provides a shared data model through _________ model.
a) single-tenancy
b) multi-tenancy
c) multiple-instance
d) all of the mentioned
Q26 . _________ as a Service is a cloud computing infrastructure that creates a development environment upon
which applications may be build.
a) Infrastructure
b) Service
c) Platform
d) All of the mentioned
Q27 Which cloud is deployed when there is a budget constraint but business autonomy is most essential ?
a) Private cloud
b) Public cloud
c) Hybrid cloud
d) Community cloud
Q28 CaaS vendor offer guaranteed QOS in SLA to their clients .what does QOS stands for ?
a) Quality operating system
b) Quality in other services
c) Quality of service
d) Quality object oriented service
Q29.__________ cloud is one where the cloud has been organized to serve a common function or purpose by
many organisation .
a) Public
b) Private
c) Community
Q30. ______ offering provides the tools and development environment to deploy applications on another
vendor’s application.
a) PaaS
b) IaaS
c) CaaS
d) multi-tenancy
Solution
1 c 9 a 17 b 25 a
2 b 10 a 18 b 26 c
3 c 11 b 19 a 27 a
4 d 12 d 20 b 28 c
5 d 13 b 21 b 29 c
6 a 14 d 22 a 30 b
7 a 15 a 23 a 31 d
8 d 16 a 24 b 32 c
a) Grid Computing
b) Cloud Computing
c) Virtualization
d) Green Computing
Q2. In which of the following unused power of the hardware owners are borrowed and let out to others ?
A. Cloud Computing
B. BYOD
C. Mobile Computing
D. Grid Computing
Q3. Grid computing enables ___________resources of computers to work collaboratively to solve a complex
problem
A. Owned
B. Homogeneous
C. Heterogeneous
D. Old
Q4.. Which technology allows use of read/write web, blogs & interactive web application etc. ?
a) Mobile Computing
b) Grid Computing
c) Cloud Computing
d) Web 2.0
A. Backup as a service
B. Backend as a service
C. Block as a service
D. Blockage as a service
a) Lower IT Budget
Q7. What allow data to be readily intercepted by machines so that data can be reused ?
A. Ajax
C. Semantic web
D. Web services
A secure
B. Central control
C weak SLA
D. scalable
Q9. Which instance of SaaS Provide users with an integrated system of office automation, records
management, Migration, integration services with archiving, spam blocking, Malware protection &
Compliance feature ?
a) Testing as a service
b) Communication as a service
c) Desktop as a service
d) Email as a Service
a) Semantic Web
b) Systematic Web
c) Supportive Web
d) Segmented Web
a) Network Risk
b) Device Risk
c) Implementation Risk
d) Application Risk
A. Folksonomy
B. Ajax
C. Mash up
a) Communication
b) Software
c) Hardware
d) Database
b) Transmission interferences
c) Power Consumption
Q16. Which components of Web 3.0 provides user a common framework that could be used to share & reuse the data
across various application ?
a) Semantic Web
b) Web Services
c) Supportive Web
d) Systematic Web
Q17. _______ Allows servers and stogare devices to increasingly share and utilise applications by easy migration from
one server to another.
a) Virtualization
b) Grid Computing
d) Web 3.0
a) Private
b) Public
c) Hybrid
d) Community
a) Internal cloud
b) Corporate loud
c) Supportive Cloud
d) None of these
Q20. A company is using Google Cloud Service for hosting its data / application. This use by the company of Google
cloud can be classified as..
Q22. Under emerging BYOD (Bring your Own Device) Threats, _______________ risk refers to the data ost from stolen
or lost devices.
(a) Network
(b) Application
(c) Device
(d) Implementation
Q24. Which components of Web 3.0 supports computer-to-computer interaction over internet.
a) Web Services
b) Supportive Web
c) Systematic Web
d) None of these
Q26. Which has meaning that employees are welcomed to use their personal computer in an organization ?
a) BYOD
b) Grid
c) Cloud
d)none
A. Secured
B. Central Control
C. Scalable
A. High Scalability
B. Virtualization
C. Multi-sharing
A. Mobile Communication
B. Mobile Hardware
C. BYOD
D. Mobile Software
C. Network Risk
D. Virus Risk
A. Marketing
B. Social Media
C. Education
D. sementic web
Q34. Which of the following cloud offer data on demand to a diverse users , system , application?
Q35. which cloud offer service of moving cloud security features into cloud itself?
A. Community cloud
B. Hybrid cloud
C. Both A and B
D. None
B Strict SLAs
C. central control
b) Pervasive accessibility
c) Economic of scale
d) Program debugging
B. Highly scalable
D. Complex management
A. Private cloud
B. Public cloud
C. Community cloud
D. Hybrid cloud
A. Private cloud
B. Public cloud
C. Community cloud
D. Hybrid cloud
Q42.. In Cloud Computing, which of the following instance of Software as a Service (SaaS) allows users to
explore functionality of Web services such as Google Maps, Payroll Processing, and credit card processing
services.
A. Private cloud
B. Public cloud
C. Community cloud
D. Hybrid cloud
Q44. If a university sets up a web-based information system that faculty could access to record student
grades and to advise students, that would be an example of a/an
a) CRM
b) intranet
c) ERP
d)extranet
Q45. What allow feeding of freshly published web content to the users
A. Ajax
C. Semantic web
D. Web services
Q46. …………………… refers to the study and practice of environmentally sustainable computing or IT.
A. Green computing
B. Cloud Computing
C. Grid Computing
D. Mobile Computing
A. Integrity
B. Legitimate
C. Accountability
D. Insufficient bandwidth
A. Power consumption
B. Health hazards
C. Business challenges
D. Security standards
A. Compute
B. Storage
C. Network
D. Mail service
Q50. Which cloud is characterised of offering its service by way of offline access?
A. Iaas
B. Paas
C. Saas
D. Caas
D. none of above
Solution.
1 a 10 a 19 c 28 d 37 a 46 a
2 d 11 c 20 a 29 c 38 d 47 d
3 c 12 b 21 b 30 c 39 b 48 c
4 d 13 d 22 c 31 d 40 c 49 d
5 b 14 d 23 a 32 c 41 a 50 b
6 c 15 d 24 a 33 a 42 a 51 b
7 c 16 a 25 a 34 b 43 a 52 c
8 d 17 a 26 a 35 b 44 b 53 ---
9 d 18 c 27 c 36 b 45 b 54 ---