1

The University of the South Pacific

Serving the Cook Islands, Fiji, Kiribati, Marshall Islands, Nauru, Niue, Samoa, Solomon Islands, Tokelau, Tonga, Tuvalu, and Vanuatu.

School of Accounting & Finance

AF302: INFORMATION SYSTEMS

MID-SEMESTER EXAM — SEMESTER 1, 2021
BLENDED MODE

Time
allowed: TWO HOURS PLUS 10 MINUTES READING TIME

(Weighting: 20% towards coursework)

Types of Question: MULTIPLE CHOICE (20); SHORT ANSWERS (4); Application

Question (1)

INSTRUCTIONS FOR ALL CANDIDATES

• THERE ARE SECTIONS IN THIS PAPER

• ATTEMPT ALL QUESTIONS

SECTION DESCRIPTION SUGGESTED

ALLOCATION TIME
A Q1 - 20 Multiple Choice Questions - 20 50 minutes
General
B 4 Short-answer Questions 12 25 minutes

c 1 Application Questions 18 30 minutes

TOTAL 50 2 HOURS
SECTION A
MULTIPLE CHOICE QUESTIONS (20 marks)
fuse approx. 50 minutest
1. All of the following are examples of the influence of social, mobile, and cloud
technologies except

a. Connections and feedback via social networks have changed the balance of
influence.
b. Customers expect to use location-aware services, apps, alerts, social networks,
and the latest digital capabilities at work artd outside work.
c. Customer loyalty and revenue growth depend on a business’ ability to offer
unique customer experiences that wow customers more than competitors can.
d. Consumers are less likely to trust tweets from ordinary people than
recommendations made by celebrity endorsements.
2. Which if the following is not an example of how the Internet of Things is being used by
businesses?

a. A network of ground sensors that allow agricultural operations to adjust the

amount of fertilizer and water applied to specific field locations.
b. Sensors in shoppers’ club cards that make it possible for retailers to offer
discounts or promotions to consumers at the point of sale.
c. Sensors in rental cars that allow companies to base rates on the driving
behavior of their customers
d. Sensors on packages of cereal, pasta, soup or other food products made for
children that allow companies to determine young consumer’s satisfaction
with the nutritional value of the product.

3. Examples of that can be facilitated by digital technologies are credit

approval, opening a new account, order fulfillment, and shipping a product.

a. Strategic activities
b. Business processes
c. Planning activities
d. Competitive advantages

4. Applying IT to a manual or outdated process will

a. maximize cycle time

b. not optimize the process
c. eliminate wasted steps
d. improve the outputs

1
5. guides the evolution, expansion and integration of information systems, digital
technology, and business processes.

a. Data governance
b. Master data management
c. Enterprise architecture
d. Data standardization

6. Which of the following descriptions about enterprise architecture (EA) is false?

a. EA is the blueprint that guides and governs software add-ons, upgrades,

hardware, systems, networks, cloud services and other IT.
b. EA is a well-thought out IT growth plan.
c. EA is needed for simple, single-user, nondistributed systems as well as
complex distributed systems.
d. EA starts with the organization’s target—vision of the future.

7. Many health care organizations are drowning in data. Yet health care workers cannot get
reliable insights from this data. Information from physician notes, registration forms,
discharge summaries, documents and so on often go unused or are difficult for
administrators and mangers to access. One of the primary reasons for this problem is that

e. Cutbacks in IT budgets have reduced their ability to operate effectively.

f. Users lack training and experience with health care apps.
g. Data are stored in silos.
h. Security policies that are too stringent

8. tools and techniques process data and do statistical analysis for insight and
discovery.

a. Operational intelligence
b. Business intelligence
c. Information accessibility
d. Information fluidity

9. An accurate and consistent view of data throughout the enterprise is needed so one can
make informed, actionable decisions that support the business strategy. A function performed
by a DBMS to integrate, match, or link data from disparate sources is data

2
 e. filtering
f. profiling
g. synchronization
h. maintenance

10. A DBMS that does not lose service as a result of a single failure is said to be

i. scalable
j. fault tolerant
k. volatile
1. synchronized

11. Every device that communicates with a network must have a unique identifying

a. API
b. IP address
c. protocol
d. VoIP

12. Which of the following decides how the digital 1’s and 0’s are represented in terms of
voltage and frequencies?

e. Signal frequency spectrum

f. Bandwidth
g. Switches and routers
h. Modulation and coding

13. Investments in data networks, IP addresses, routers, and switches are

because of their impact on productivity, security, user experiences, and customer service.

i. telecommunication basics
j. tactical issues
k. technology decisions
1. business decisions

14. In terms of digital transmissions, transfers data in small blocks based on the
destination IP address.

3
 m.Chunking
n. Circuit switching
o. Packet switching
p. IP Streaming

15. The main cause of data breaches is , which is so successful because of

when management does not do enough to defend against cyberthreats.

a. Hacking; highly motivated hackers

b. Hacking; negligence
c. Malware; BYOD
d. Malware; negligence

16. A computer security specialist who breaks into protected systems and networks
to test and assess their security.

a. White Hat hacker

b. Red Hat hacker
c. Black Hat Hacker
d. Gray Hat Hacker

17. is also known as human hacking—tricking users into revealing their credentials
and then using them to gain access to networks or accounts.

a. Android-hacking
b. BYOD
c. Hacktivism
d. Social engineering

18. rely on sophisticated computer programs called spiders or crawlers that surf
webpages, links, and other online content that are then stored in the search engine’s page
repository.

a. Crawler search engines

b. Information retrieval engines
c. Semantic search engines
d. Web directories

19. Google maintains a copy of the Internet for its search engine services, and is also
constantly updating a map of the entire planet for users of its popular Google Earth
application. Due to requirements like this, Google’s biggest technical challenge is:

a. Managing Gmail
b. Updating its search algorithms
c. Data storage
d. Semantic searches

20. Businesses that have become skilled at using SEO and PPC campaigns to drive traffic

4
to their websites will have to go back to the drawing board to figure out how the rise in
search using IPA’s will affect some fundamental marketing strategies.

a. social
b. voice
c. semantic
d. mobile

SECTION B - SHORT ANSWERS (TOTAL 20 marks)

(ose approx. 40 minutest

5
1. Explain why TPSs need to process incoming data before they are stored.

2. Why is master data management (MDM) important in companies with multiple data
sources?

3. Briefly explain the following and answer the short calculation attached to it:

a. Cost of customer acquisition (CoCA)— 2 marks

i. If you spent $1,000 on a campaign that yielded 40 customers, what would
be your CoCA per customer.
b. Return of advertising spend (ROAS) 2 marks

6
SECTION C - APPLICATION ( TOTAL 20 marks)

(use approx. 30 minutest

Operation Aurora was a counter espionage operation being run by the Chinese government. It
was a series of cyber-attacks conducted by APTs with ties to the People’s Liberation Army in
China. Attackers successfully accessed a database that flagged Gmail accounts marked for
court-ordered wiretaps to gain insights into active investigations being conducted by the FBI
and other law enforcement agencies that involved undercover Chinese operatives.
To access IP, Operation Aurora exploited security flaws in e-mail attachments to sneak into
the networks of major financial, defense, and technology companies and research institutions
in the US by performing six steps namely:

1. A targeted user receives a link in an email or text from a trusted source

2. When the user clicks the link, a website hosted in Taiwan loads. It contains malicious
JavaScript
3. The user’s browser downloads and executes the JavaScript, which includes a zero-day
IE exploit
4. The exploit downloads a binary disguised as an image and executes the malicious
payload
5. The payload sets up a backdoor and connects to C and C servers in Taiwan
6. Attackers now have complete access to the internal systems. They are now a persistent
threat.

Standard IT security technologies at Google failed to prevent these sis steps from occurring
and neither Google nor its Gmail account holders knew they had been hacked.

Once the APTs gained access to Google’s internal systems (step 6) they were free to steal
corporate secrets. Reportedly over 30 other large companies from a wide range of industries
were similarly targeted by Operation Aurora.
Most hack activities do not become headline grabbers until the incidents are detected and
reported. Even then, victimized Companies are reluctant to discuss them so statistics are
scarce to the case of Operation Aurora, the attack was not discovered until almost one year
after the effect.

7
Questions

1. Describe the 6 steps of Operation Aurora and what each step entails. 12 marks
2. What was the purpose of Operation Aurora? 4 marks

3. What could Google have done to prevent Operation Aurora? 4 marks

‘THE END’