1

What is the mechanism through which IT governance affects firm performance?

a. IT governances impacts IT-Business Alignment, and IT-Business Alignment impacts Firm
Performance.
b. IT-Business Alignment influences IT Governance, and IT Governance influences Firm
Performance.
c. IT-Business Alignment influences Firm Performance, and Firm Performance influences IT
Governance.
2.
If a company has a well functioning IT steering committee, the company is more likely to
achieve IT-Business alignment?
True
False
3.
IT governance leads to?
a. IT and business alignment about the new products to introduce.
b. IT and business alignment about how business processes should work.
c. IT and business alignment about which new markets to enter.
d. All of the above.
4.
IT governance includes choices about?
a. What key IT decisions need to be made.
b. Who makes these decisions?
c. How these decisions are made?
d. All of the above.
5.
If a company is primarily interested in IT-enabled innovation and differentiation, the
_________ is the most appropriate decision making structure.
a. Business Monarchy
b. IT Monarchy
c. Feudal
d. All of the above.
6.
An IT investment approval process is used to describe:
a. The business and IT alignment of a new project.
b. The financial cost-benefit analysis for a new project.
c. The risk associated with a new project.
d. All of the above.
7.
What is a key managerial IT governance decision?
a. IT Infrastructure strategy
b. IT Architecture
c. IT Principle
8.
If a company competes on the basis of differentiation, then the CIO should ideally report to
the ____________.
a. CEO
b. CFO
c. COO
d. None of the above.
9.
The IT steering committee is a key IT governance decision making structure. The primary role
of this decision making structure is to:
a. Define IT architecture standards.
b. Define IT principles.
c. Specify the Service Level Agreements for the IT organization.
d. All of the above.
10.
In the replication operating model, firms share data across different business units?
True
False
11.
The rationalized data/optimized core stage of the enterprise IT architecture would be
appropriate for a firm operating with the replication model?
True
False
12.
A distinctive feature of the rationalized data/optimized core stage of the enterprise IT
architecture is:
a. Standardized infrastructure across the organization.
b. IT applications to meet specific users’ needs.
c. Standardized business processes across the organization.
d. Experiments to meet local needs.
13.
A distinctive governance mechanism in the rationalized data /optimized core stage of
enterprise IT architecture is:
a. Business case.
b. IT standards committee.
c. Enterprise-wide process owners.
14.
In which operating model do firms standardize business processes and share data across
business units?
a. Diversification.
b. Unification.
c. Coordination.
d. Replication.
15.
The evolution of enterprise IT architecture follows this sequence.
a. Application Silo, Standardized Technology, Rationalized Data/Optimized Core, Modular
Architecture.
b. Application Silo, Rationalized Data/Optimized Core, Standardized Technology, Modular
Architecture.
c. Application Silo, Standardized Technology, Modular Architecture, Rationalized
Data/Optimized Core.
d. Application Silo, Modular Architecture, Standardized Technology, Rationalized
Data/Optimized Core.
16.
A distinctive feature of the modularity stage of the enterprise IT architecture is:
a. Standardized infrastructure across the organization.
b. IT applications to meet specific users’ needs.
c. Standardized business processes across the organization.
d. Experiments to meet local needs.
17.
The key strategic implication of the rationalized data / optimized core stage of enterprise IT
architecture is?
a. Local optimization.
b. Operational efficiency.
c. Speed to market.
d. All of the above.

1.This type of estimate requires understanding of the work packages (units of work) that
have to be executed to complete the project.
a. Order of Magnitude Estimate.
b. Budget Estimate.
c. Definitive.
2.
In calculating the environmental complexity factor, if a factor (e.g., stability of requirements)
has higher assigned value then that factor increases the environmental complexity factor:
True
False
3.
Question 3
IT systems often create strategic benefits. Strategic benefits are generally ________.
a. Tangible.
b. Intangible.
4.
Question 4
In the use case method a complex actor has higher impact on the final use case point
compared to a less complex use case.
True
False
5.
In the use case point method of software cost estimation, a higher/larger number for the
productivity factor means the developer takes more time to code one use case point, thus the
developer is less productive:
True
False
6.
IT systems often create intangible benefits. These intangible benefits are reflected in the
__________ of the firm?
a. Balance sheet.
b. Market value.
7.
An IT system is implemented, even when it has a negative NPV, because the system allows
other follow on projects. This is an example of _________ ?
a. Deferral.
b. Staging.
c. Growth option.
8.
Process improvement projects are appropriately evaluated using __________ .
a. NPV based business case.
b. Real Options analysis.
9.
Large system implementations often require cooperation customers and/or supplier? This is
an example of _______________ risk.
a. Development.
b. Organizational.
c. Market.
10.
An IT system is being implemented as it has a positive NPV. However, during system
development, regulations change and the project no longer has a positive NPV. The real
options approach would suggest _________ ?
a. Continue with the project, as project termination may hurt the morale of the project team.
b. Terminate the project and reallocate resources to a more profitable project.
11.
Transformation projects are appropriately evaluated using __________ .
a. NPV based business case.
b. Real Options analysis.
1.
Project Management is about doing the right projects, whereas Portfolio Management is
about doing projects right.
True
False
2.
An innovation focused firm spends more on __________ compared to the average firm.
a. Firm wide infrastructure
b. Transactional systems
c. Informational systems
d. Strategic systems
3.
Information Technology Portfolio Management is more important for firms that:
a. Execute one large project every year.
b. Execute multiple projects in a given year.
4.
Strategic systems are about?
a. Providing aggregated information for decision making.
b. Performing core business processes of the firm cost effectively.
c. Providing competitive advantage or reducing competitive disadvantage.
d. All of the above.
5.
Which element of the IT investment portfolio is about the long-term strategy of the firm?
a. Firm wide infrastructure
b. Transactional systems
c. Informational systems
d. Strategic systems
6.
In the service center approach to IT chargeback, IT units offer services for a price where the
price is set to recover the IT unit’s costs of providing the service.
True
False
7.
The main advantage of the service center approach to IT chargeback is __________.
a. The simplicity of the approach.
b. The incentives for users to consume IT services prudently.
c. The incentives for the IT unit to be as efficient as possible.
d. All of the above.
8.
If the IT and the user organizations understand IT costs because of the IT chargeback system
in place, then the IT chargeback system is likely to lead to better IT decisions.
True
False
9.
In the profit center approach to IT chargeback, IT units offer services for a price where the
price is set based on the market price for the same service.
True
False
10.
If the IT chargeback system suggests that the IT organization has been continuously
reducing the price for an IT service and the price charged compares favorably with the
market price for the service, then the IT chargeback system is likely to lead to a higher
reputation for competence for the IT organization.
True
False
1.
If users believe that leaning to use the new information system is going to cost significant
time and effort on their part, it is rational on their part to resist the implementation of the new
system.
True
False
2.
In the demand driven model of user adoption, if a user believes that many other users are
adopting the new system, they are less likely to themselves adopt the new system.
True
False
3.
Top management support is more important in information systems implementations when
task interdependence is low than when task interdependence is high.
True
False
4.
If users have invested significant time and effort to learn and master using the current
system, they are more likely to resist the implementation of a new system:
True
False
5.
In the supply driven model of user adoption, institutions that remove knowledge barriers
reduce the adoption of new systems.
True
False
6.
Users find it easier to learn from and solve problems with the help of peers and coworkers
than with help form external consultants and the internal help desk.
True
False
7.
The evolutionary approach uses ______ to implement a new system.
a. Firm milestone
b. Flexible milestones
8.
The role of management in the learning approach to implementing a new system emphasizes:
a. Providing clear purpose, scope, and resources to implement the new system.
b. Creating an environment where new capabilities are developed and knowledge is shared.
9.
In the learning approach to implementing a new system, users are more likely to learn to use
the new system from ____________________.
a. External consultants and power users.
b. Self discovery and from peers.
10.
The use of outsiders and new management team is more appropriate for the implementation
of ___________.
a. Evolutionary change.
b. Revolutionary change.

Analysis for Business Systems

1 week
1.
In what deliverable does a PM identify phases & deliverables, create WBS,
estimate tasks, create dependencies, and assign people to tasks?
Work Plan
Triple Constraint
Critical Path
2.
Which of the following diagrams can be used to document a business process?
Swim-lane diagram
Flow charts
All of the above
3.
What diagram includes a system, external entities, processes, boundaries,
inputs, and outputs?
Swim-lane diagram
Context diagram
4.
What are the four phases of SDLC methodology in order?
Analyze, Plan, Design, Implement
Plan, Analyze, Design, Implement
Plan ,Design, Analyze, Implement
5.
What differentiates RAD from Waterfall?
Prototyping
Iteration
6.
What differentiates Agile from Waterfall?
Iteratively delivers features via sprints
Clearly defined phases with deliverables
7.
In what phase(s) of SDLC does an ideal Business Analyst contribute?
Plan
Analyze
Design
Implement
All of the above
8.
In what phase(s) is a System Request document introduced?
Plan
Analyze
Design
Implement
9.
What does a feasibility analysis focus on?
Time
Money
Quality
All of the above
None of the above
10.
In what phase of SDLC methodology does Organizational Readiness occur?
Plan+?
Analyze
Design
Implement
All of the above

2 week
1.
What phase of the SDLC results in a System Proposal?
Plan
Analyze
Design
Implement
2.
Which of the following is NOT a desirable quality of a good requirement?
Necessary
Consistent
Multiple
3.
Which of the following is a good sample syntax for writing a good
requirement.
[Condition] [Subject] [Action] [Object] [Constraint]
[Subject] [Condition] [Action] [Object] [Constraint]
4.
Which of the following is a good sample syntax for writing a good
requirement.
[Subject] [Action] [Subject] [Value]
[Condition] [Action or Constraint] [Value]
5.
Functional requirements are usually discussed with subject-matter experts.
True
False
6.
Non-functional requirements are usually discussed with developers.
True
False
7.
Which traceability method identifies the gold-plating example given at the
beginning of the module video?
Forward Traceability
Backward Traceability
8.
In what phase of SDLC methodology do we write use cases?
Plan
Analyze
Design
Implement
9.
In a use case, what level of detail has exhaustive, numbered steps with data
flows?
Fully-dressed
Casual
Briefs
10.
What are the two major types of relationships among use cases?
<<extend>> <<include>>
<<exclude>> <<include>>

3 week
1.
When balancing DFDs and ERDs, what will data stores & some external
entities become in an ERD?
Entities
Attributes
2.
When balancing DFDs and ERDs, what will data flows become in an ERD?
Entities
Attributes
3.
What are the elements of a DFD?
Process, data flow, data store, external entity
Actor, boundary, data
4.
What differentiates a context diagram from a process flow diagram?
Context diagram depicts data flows, sequences of events are not depicted. Process flow
depicts the process. Non-data elements are included. Sequence matters.
Process flow diagram depicts data flows, sequences of events are not depicted. Context
diagram depicts the process. Non-data elements are included. Sequence matters.
5.
What DFD type focuses on the business and business activities?
Physical DFD
Logical DFD
6.
How can a DFD be decomposed into a primitive?
Through structured english, decision tree, or decision table
Through structured english, decision tree, or context table
7.
Business Process Model and Notation includes which of the following
components?
A start event, sequence flow, task, gateway “decision”, and end event
A boundary, external entities, inputs, and outputs
8.
What refers to the maximum number of times an instance in one entity can be
associated with instances in the related entity?
Modularity
Cardinality
9.
What type of entity instances store attributes that are common to one or
more entity subtypes?
Supertype
Subtype
10.
What type of entity instances may inherit common attributes from its entity
supertype?
Supertype
Subtype

4 week

1.
In Object-Oriented Programming, an object is kind of person, place, event, or
thing about which we want to capture.
True
False
2.
An application for a fast food chain models each user with a class. Any user
can apply a 5% off coupon code when ordering a meal above $10 (represented
by a class labelled User), however users that pay a monthly fee can also apply
a 10% off coupon code when ordering any menu item from the store and are
represented by a subclass of User labeled specialUser. Is this an example of
inheritance?
Yes
No
3.
Which of the following is false?
It is usually much easier to restructure a UML diagram than restructure code.
In a sequence diagram, the program is represented visually by an ‘actor’ that sends
‘messages’ to the objects throughout the time of the interaction.
In a state machine diagram, various states of an object in a program are represented by
arrows throughout the diagram.
4.
Which of the following is true about acquisition strategies?
If a firm does not fully understand how to develop or implement a software system, it is often
more effective to outsource that system to a vendor.
In the long run, it is usually more cost-effective to develop new software in-house.
One of the drawbacks to outsourcing software development is that it is harder to control the
quality of the design and ensure that it meets the necessary requirements.
5.
Which is the best way to describe an Alternative Matrix?
Since it considers every technical criteria for a system with a corresponding weight, the
resulting scores of an Alternative Matrix for a given system determine which alternative is
objectively the best decision for the firm to make as it is comprehensive of every factor going
into that system’s development.
The scores of an Alternative Matrix should only be considered as a factor in the decision-
making process for a firm, and should be weighed against other external criteria by an
experienced leader responsible for the system’s development.
6.
Online retailers frequently implement systems that recommend other
products to customers based on their previous purchase history, what time of
year they made the purchase, what other customers frequently bought in
addition to the customers purchase, and other data relating to the purchase.
This is an example of:
Business Intelligence Architecture
Operational Architecture
7.
The best implementation might be a human implementation of a physical
process.
True
False
8.
Which of the following is the definition of “scope creep”?
When ERP management locks a firm into one ecosystem, resulting in all data being managed
under the same vendor.
When additional features are requested during the implementation phase of a project, thus
increasing the cost and time required to complete said project.
9.
The Business Analyst is involved with preparing the technology during the
migration plan.
True
False
10.
The Maintenance phase in the SDLC described in this course is the longest
and costliest phase.
True
False

Enterprise Systems

1.
What are some of the roles of the Project Manager during ERP implementation?
D. A and B only
A. Assess the risks of the implementation in terms of cost and duration
C. Purchase and select the right ERP system
B. Secure resources for the implementation team
2.
All Fortune 1000 companies use some form of ERP systems.
True
False
3.
Business processes are activities that businesses do in their daily operations.
True
False
4.
What are some difficulties faced when executing business processes?
A. A big company should not face any difficulties in their business process, only small
companies face such issues
B. Information does not flow between business units, leading to bad decisions being made
C. There are multiple business units, which makes coordination of effort difficult
D. B and C only
5.
Why do silo effect arise?
A. Workers become highly specialized in their work area, and do not know about the
capabilities and objectives of other departments
B. Workers in each department have different incentives schemes and do not optimize their
efforts towards the overall good of the company
C. Workers are not paid enough for their work
D. A and B only
6.
What are the two definitions of Enterprise System mentioned in the class?
A. ERP is an expensive systems used by large companies
B. ERP is a system that supports end-to-end business processes
C. ERP is a technology strategy in which operational business transactions are linked to
financial transactions
D. A and B only
E. B and C only
7.
'R' in SAP R/3 stands for 'real-time'.
True
False
8.
What are the three layers in SAP R/3?
A. Database, Security, Presentation
B. Database, Application, Network
C. Database, Application, Presentation
D. Database, Security, Network
9.
Data created in SAP can be deleted easily.
True
False
10.
Users can access SAP via the following devices:
A. PC desktops
B. Mobile phones
C. Tablet computers
D. All of above

1.
Which of the following are organizational data?
A. Storage location
B. Client
C. Sales Organization
D. All of the above
2.
Fields of master data change frequently.
True
False
3.
Fields of master data can be different across organizational units (e.g., plants).
True
False
4.
Within SAP, how many main types of data are there?
A. 2
B. 3
C. 4
D. 5
5.
A unique sale area is made up by a combination of
A. Sales organization, distribution channel, Division
B. Sale organization, Material Master, Customer Master
C. Company, distribution channel, Sales organization
D. Company, distribution channel, Division
6.
Why would companies want to have different sales areas in SAP?
A. This is to allow companies to account for different product considerations when serving
their customers
B. This is to allow companies to account for the regional differences when serving their
customers
C. This is to allow companies to account for different characteristics of distribution channels
when serving their customers
D. All of above
7.
What are instances of master data seen in the class?
A. Company
B. Customer
C. Factory
D. All of the above
8.
Purchase order is an example of a master data.
True
False
9.
The good issue step is performed to indicate that a focal company has fulfilled their part of
the transaction by shipping goods to the customer.
True
False
10.
What are possible scenarios in which delivery and billing documents are combined?
A. Two separate deliveries to the same customer made on different days are consolidated
into one billing document
B. Two separate deliveries to different customers made on different days are consolidated
into one billing document
C. A delivery to a customer is being split into two billing documents to be paid by different
departments of the customer company
D. A and C only

1.
The SAP All-in-One ERP solution is good for large enterprises.
True
False
2.
What is true of the SAP By-Design ERP?
A. It is meant for small-mid size enterprises
B. It is meant for large size enterprises
C. It is provided as a software-as-a-service (cloud ERP)
D. A and C only
3.
Which of the following are offerings provided by Oracle?
A. Sage ERP
B. JD Edwards
C. Peoplesoft ERP
D. B and C only
4.
According to the Clash of Titan report presented in the video, which ERP vendor has the
market share?
A. Oracle
B. Infor
C. Microsoft Dynamics
D. SAP
5.
Completion of vision in the magic quadrant refers to whether a ERP vendor/provider has a
good understanding of the industry to provide ERP features that meets their future needs.
True
False
6.
If my company has many specialized and sophisticated business processes, and is operating
in a business environment causes rapid changes to business needs, what type of ERP
should I shortlist based on the magic quadrant?
A. Leaders
B. Challengers
C. Visionaries
D. Niche Players
7.
If I run a simple business that does not have complicated business processes and is not
subjected to rapid changes in the business environment, I should shortlist ERPs from the
_________ quadrant.
A. Leaders
B. Challengers
C. Visionaries
D. Niche Players
8.
If a company buys all its ERP module from a single vendor, it is said to be pursuing a
A. Best of Suite Strategy
B. Best of Breed Strategy
C. All of the above
9.
What are the advantages of using a Best of Suite Strategy?
A. Less risks in term of system integration as the modules are from the same vendor
B. Less costly implementation cost as there is less integration complexity
C. It provides the best features across all ERP offerings
D. A and B only
10.
What are the advantages of using a Best of Breed Strategy?
A. Less risks in term of system integration as the modules are from the same vendor
B. Less costly implementation cost as there is less integration complexity
C. It provides the best features across all ERP offerings
D. B and C only

1.
In the opening case of Target's ERP implementation, what were the bad managerial decisions
made that led to a failed outcome?
A. Top management decided to pursue an aggressive and tight implementation timeline.
B. When populating the ERP system, mid-managers utilized the benchmark figures from the
US operations to forecast the sales demand in Canada
C. Appropriate checks and balances are not in place, leading store managers to turn off auto-
replenishment feature in the system.
D. All of above
2.
Change Management is:
A. People side of technology project
B. A systematic approach to dealing with change
C. Only appropriate for ERP-related projects
D. A and B only
3.
When assessing the possible areas of changes during an ERP implementation, it is important
to consider elements of
A. People
B. Process
C. Technology
D. All of above
4.
Constant communication of project benefits to the users and a clear illustration of milestones
are useful change management techniques for keeping motivation levels high during ERP
implementation.
True
False
5.
Workers do not need time to adjust to newly implemented ERP if they are well-trained to use
the new system prior to its launch.
True
False
6.
What are indicators of ERP implementation success?
A. On time implementation
B. On budget implementation
C. On scope implementation
D. All of above.
7.
A small company with small amount of capital that has finished implementing a small scale
ERP system. The consulting team concludes that there are little risk of of go-live problems as
the system does not involve complex interdependencies due to its small scale. What might
be a good approach in the rollout of this system?
A. Big Bang
B. Phased Approach
8.
A large company with operations in multiple countries has just finished upgrading its legacy
system to an Oracle ERP system. The consultant team believes that the risk of go-live
problems can be subtantial, given that there are multiple interdependencies across business
units. What might be a good approach in the roll out of this system?
A. Big Bang
B. Phased Approach
9.
A retail company has zero experience with ERP implementation. They have hired an external
consultant to help them with the implementation of SAP. The retail company is very
amendable to the recommendations provided by their consultants. What role should the
consultants take on, in general?
A. Foot soldiers
B. Commanders
C. Diplomats
10.
A client company wanted to implement a large scale ERP system. The project scope appears
to be highly uncertain and the client does not seem to know what features are to be included
in the final deliverable. What would be a good pricing model to use here when charging the
client?
A. Fixed Price
B. Time and Material

IT Infrastructure and Emerging Trends

1.
Businesses can use virtualization technology to:
(a) Improve efficiency
(b) Lower cost
(c) Provide faster maintenance
(d) All of the above
2.
Why does the opex model (such as pay-as-you-go) work for the cloud providers?
(a) It allows them to generate a steady source of revenue over time from their clients
(b) It allows them to offer freemium model to potential clients who can try out the service
without significant commitment
(c) It allows them to offer any available resources on-demand and charge based on usage
(d) All of the above
3.
Which of the following is used to distribute incoming requests among various servers that
form a computer cluster?
(a) Hypervisor
(b) Load balancer
(c) Database
(d) None of the above
4.
Which of the following statements is NOT true for web applications?
(a) Software runs on the web app provider’s server
(b) They can be accesses using a client’s web browser
(c) Even if client machines can fail, the data and applications can be still accessed from
another client device
(d) Requires virtualization of the client’s machine
5.
Which of the following is an example of a hypervisor?
(a) VMware ESXi
(b) Citrix Xenserver
(c) Microsoft Hyper-V
(d) All of the above
6.
Which is the core technology behind “cloud computing”?
(a) HTTP
(b) Virtualization
(c) Thin clients
(d) Remote Desktop
7.
Google’s cloud platform offering is a:
(a) Public cloud
(b) Private cloud
(c) Hybrid cloud
(d) None of the above
8.
Which kind of infrastructure will you prefer if you are operating a business in which some
applications have to comply with strict regulatory compliance requirements on data security,
while others require automated scalability and load balancing?
(a) Fog computing
(b) Private Cloud
(c) Public Cloud
(d) Hybrid Cloud
9.
You are the CIO of a company that wants to create a new software application that would
require customizing the operating system for optimal performance. What kind of cloud
service are you basically looking for?
(a) SaaS
(b) PaaS
(c) IaaS
10.
Which of the following statements is true for data centers?
(a) Datacenters with fully connected topology improves host-to-host capacity
(b) Blade servers in a rack are interconnected using the TOR switch
(c) Hardware maintenance on a server in a datacenter can be performed without interrupting
the software applications because of virtualization
(d) All of the above

1.
Which of the following statements is NOT true?
(a) Different wireless technologies occupy different frequency bands.
(b) WiFi is a wireless technology that offers higher data speed but lower coverage area than
cellular network technology
(c) Wireless technologies that offer high data speed/rate also offer greater coverage area
(d) None of the above
2.
Which of the following statements is true about base stations in a cellular network?
(a) Base stations provide coverage over the area of a cell
(b) Base stations will use different frequencies in adjacent sectors
(c) Adjacent base stations participate in the handover process of ongoing mobile
conversations
(d) All of the above
3.
Suppose an airport is using RFID tags on ventilation units for monitoring and reporting of
their functional status, PDAs for technicians, and SAP Mobile Asset Management software.
Which of the following activities can be achieved using these solutions?
(a) Inspectors can easily check the status of the units from the ground without having to get
up and manually inspect them, thus increasing operational efficiency.
(b) Automatic reporting from the ventilation units will improve error-free reporting and safety
of the building.
(c) Automatic reporting also serves as evidence for genuine repairs
(d) All of the above
4.
Which of the following will be most useful for enabling wider usage of QR codes?
(a) Include built-in QR scanner app in the smartphones
(b) Encourage creation of ad-supported third-party apps for QR code scanners
(c) Encourage creation of QR code scanning app by individual vendors
(d) None of the above
5.
Which of the following statements is NOT true about WiFi networks?
(a) WiFi operates in an unlicensed spectrum band
(b) WiFi and cellular networks use the same set of frequencies
(c) WiFi is an example of Wireless Local Area Networks (WLAN)
(d) All of the above
6.
Which of the following statements is NOT true about femtocells?
(a) When registered mobile phone users arrive under coverage area of a femtocell, they
switch over from the cellular network to femtocell automatically
(b) When mobile phone users leave the coverage area of a femtocell, they switch over from
the femtocell to a cellular network seamlessly
(c) Existing WiFi or DSL routers can be upgraded to a femtocell without the need for any new
hardware
(d) All of the above
7.
Which of the following pairing of technology to its coverage area is mismatched?
(a) Bluetooth – Wireless Personal Area Network (WPAN)
(b) GSM – Wireless Wide Area Network (WWAN)
(c) WiFi – Wirelss Metropolitan Area Network (WMAN)
(d) CDMA – Wireless Wide Area Network (WWAN)
8.
Which of the following is the primary technology used in a mobile payment system like Apple
Pay?
(a) Near Field Communication (NFC)
(b) QR code
(c) Radio Frequency Identification (RFID)
(d) None of the above
9.
A shopping mall plans to send targeted offers to customers connected to their WiFi network.
Which type of data about the customer will be most valuable to send these offers?
(a) Time of day
(b) Geolocation
(c) Weather
(d) None of the above
10.
Which of the following issues cannot be addressed effectively with flat rate pricing of
network bandwidth?
(a) There is a large differential between peak and off-peak hour demand
(b) Some users are consuming a disproportionate amount of bandwidth in peak time
(c) Some applications are poorly designed and consume too much bandwidth
(d) All of the above

1.
Denial of service (DOS) security attacks are intended to compromise a system’s _______.
(a) Confidentiality
(b) Availability
(c) Integrity
(d) Authenticity
2.
Which of the following statements is true for malwares?
(a) They are computer programs that can infect other programs
(b) Many of them can propagate by attaching themselves to files and emails
(c) They may not always do outright damage
(d) All of the above
3.
Which of the following techniques system administrators use to reduce the risk of password
hacking?
(a) Preventing users from using alphanumeric passwords
(b) Enforcing a cap on the number of password retries at login before the account gets
locked
(c) Encouraging usage of easy to remember dictionary words as passwords
(d) All of the above
4.
Which of the following statements about basic encryption techniques NOT true?
(a) The key used in Caesar cipher should be kept private between the sender and the receiver
(b) The key used in Caesar cipher should be made publicly available to allow the receiver to
decrypt the message
(c) The keys used in one-time pads need to be kept private between the sender and the
receiver
(d) The keys used in one-time pads are a pre-selected sequence of random numbers
5.
Which of the following statements about private key cryptography is true?
(a) The same key is used by both the sender and the receiver to encrypt and decrypt a
message
(b) The sender uses one key to encrypt a message and the receiver uses another key to
decrypt it.
(c) The sender and the receiver do not have to agree upon a shared key in advance
(d) All of the above
6.
Which of the following statements is true for public key cryptosystem?
(a) A secret message should be encrypted using the public key of the sender and decrypted
using the private key of the receiver
(b) A secret message should be encrypted using the private key of the sender and decrypted
using the public key of the receiver
(c) A secret message should be encrypted using the private key of the sender and decrypted
using the public key of the receiver
(d) A secret message should be encrypted using the public key of the receiver and decrypted
using the private key of the receiver
7.
In case of digital signatures, which of the following statements will be true? (Digital
signatures are not meant to be secret messages, instead they are used to demonstrate that
the message must have originated from a particular sender who signed it).
(a) The message will need to be encrypted using the sender’s private key. Anyone can then
use the sender’s public key to decrypt it, and thereby verify that it must have been encrypted
(signed) by that particular sender.
(b) The message will need to be encrypted using the sender’s public key. Anyone can then
use the sender’s private key to decrypt it, and thereby verify that it must have been encrypted
(signed) by that particular sender
(c) The message will need to be encrypted using the sender’s private key. Anyone can then
use the sender’s private key to decrypt it, and thereby verify that it must have been encrypted
(signed) by that particular sender.
(d) The message will need to be encrypted using the sender’s public key. Anyone can then
use the sender’s public key to decrypt it, and thereby verify that it must have been encrypted
(signed) by that particular sender.
8.
Which of the following statements is NOT true about these cyber defense systems?
(a) Honeypots are legitimate parts of the site that are actually isolated and monitored, and act
as traps for attackers
(b) Honeypots can be used to learn about organization’s security weaknesses
(c) Intrusion detection systems cannot look inside the contents of the data packets, and
therefore only use traffic filtering rules.
(d) None of the above
9.
Which of the following should be practiced to prevent confidential data loss from
cyberattacks?
(a) Store the encrypted data and the encryption key at different locations
(b) Use a two-factor access control
(c) Limit third-party access to the internal network
(d) All of the above
10.
The type of disclosure process in which a new bug discovery is first reported to the software
vendor whose product contains the bug is known as:
(a) Responsible Disclosure
(b) Full Disclosure
(c) Market Disclosure
(d) None of the above

1.
Which of the following statements regarding Blockchain is NOT true?
(a) Blockchain is a list of records, called blocks, which are linked using cryptography and are
accessible for verification by the public.
(b) Blockchain is a distributed digital ledger in which transactions can be recorded
chronologically and publicly.
(c) Traditional databases also store transaction information chronologically. But secure
databases are kept under the centralized control of a host organization and maintained by IT
administrators.
(d) Blockchain is designed as a centralized solution so that a single entity can control it and
validate all transactions.
2.
Which of the following statements is NOT true?
(a) Ethereum is an example of a blockchain
(b) The cryptocurrency used in Ethereum are called Bitcoins
(c) Hyperledger is an example of open-source blockchain
(d) The cryptocurrency used in Ethereum are called Ethers
3.
Which of the following statements is true?
(a) In blockchains, any change or new transactions can be realized only by adding a new
block of information to the historical transaction records.
(b) In blockchains, one doesn’t erase or override the past records, it adds transactions in a
chronological order to a growing list.
(c) Unlike the ledgers maintained by banks, Bitcoin’s blockchain is replicated on networked
machines around the world; hence it is called a “Distributed Ledger”.
(d) All of the above.
4.
Which of the following is NOT true for Bitcoin mining?
1 / 1 point
(a) The technology uses a pair of keys for encryption
(b) The private key is used by the sender to encrypt the payment message
(c) Miners use the sender’s public key to validate that the payment request was indeed made
by the sender
(d) Miners will use the public key to compute the private key of the sender
5.
Which of the following statement is true?
(a) The process of adding blocks to a blockchain is computationally expensive, and even
more so to change blocks further back in the chain.
(b) Any miner trying to add a new block of data is required to provide a cryptographic proof
called Proof of Work.
(c) To produce the Proof of Work, a miner will have to perform multiple rounds of hashing
with the data of the previous block such that the resultant hash value begins with a specified
number of zeros.
(d) All of the above.
6.
Which of the following is an application area for smart contracts?
(a) Supply chains are often inefficient because of paper-based systems and need for multi-
party approvals, validation cost, potential for loss and fraud. Smart contracts can provide a
secure, accessible digital version to all parties on the blockchain to automate contracts and
payment.
(b) Peer-to-peer buying and selling of goods and services (e.g., in electricity smart grids and
ridesharing services) can benefit from smart contracts executed between various parties
participating in the blockchain.
(c) Buyers and sellers of insurance can agree on and claim reparation compensation using
smart contracts.
(d) All of the above.
7.
Suppose your organization needs multiple people to store and update transaction records
while ensuring immutability. Which one should you choose?
(a) Traditional database
(b) Blockchain
8.
Suppose the requirements that your organization has in regards to storing transaction
information can be met with either a traditional database or a blockchain. Which one should
you choose?
(a) Traditional database
(b) Blockchain
9.
Suppose your organization needs to store transaction data that should be kept private,
immutable, verifiable, but also control who can read and write to it in order to maintain
scalability. What should you choose?
(a) Traditional database
(b) Permissioned blockchain
(c) Public blockchain
(d) None of the above
10.
Which of the following statements is true?
(a) A blockchain’s technology and process ensure truthful-reporting and provides incentives
for participation.
(b) Cryptography principles implement validation of digital signatures, security, and
immutability in a blockchain.
(c) A blockchain’s distributed realization and public accessibility helps overcome censorship.
(d) All of the above.