MIS Mid-Term Examination
MIS Mid-Term Examination
MIS Mid-Term Examination
Semester: 2 Marks: 20
3
Student I.D: ___16279(owais)________ Program:BBA(2Y)
Instructions:
MUST write your Name, KASBIT Student ID.
All the questios are compulsory.
Attempt the Mid-term exam paper by typing on MS-Word.
Merge this file and your attempted Mid-term exam paper into ONE Single File and
convert this file into Pdf.
Name the pdf file as e.g. ID-XXXXX Mid-term exam.
Upload your ONE Single pdf File of Mid Term Exam on LMS before the due date
and time (By email not permitted).
You must press the submit button in the LMS after uploading your attempted
Mid-term paper.
Late submission NOT Permitted.
All the students are supposed to concentrate on the assignment on an individual basis.
If the submitted document speaks of any copying, duplication or plagiarism, it shall
stand cancelled.
Q1: Elaborate the Problem Solving Process w.r.t Information Systems. (5 Marks)
Ans.
Ans.
Information System
The software that helps organize and analyze data. So, the purpose of an information
system is to turn raw data into useful information that can be used for decision making
in an organization.
Input
The input in an information system has two types:
The specification of what type of analysis is done must be specified by the user
Storage
The storage of Data should be done at the most detailed level possible. Regular backups
and various summaries should be completed to avoid losing any important data due to
errors. The backups should also be stored in a geographically different location to avoid
any major disasters such as flooding or fires etc.. which could impact on both the
original data storage and the backup data storage.
Processing
A process is a function which transforms data into information. A simple process would
be adding up a number of items that is sold by a business by a variable such as the
location of a store or the product or the time and date. More complex processes are the
functions that perform calculations and can make assumptions about missing data in
order to create information from the data available.
Output
There are two types of output in this context, graphical and textual:
Graphical output is usually used to look at information on a larger scale which is then
presented as charts, graphs, diagrams and pictures.
An open system will interact fully with its environment and is capable of handling any
unexpected event as it monitors the environment which means that it can adapt the
output depending on the circumstances.
A closed system is separated and secluded from the environment which means they do
not interact with it much. A closed system only interacts with the environment when it
is planned and predicted beforehand or as a part of an automated process. It works
when it is triggered and only acts according to events. Closed systems do not have any
effect on external environments. An automatic payroll calculator would be triggered by
an event such as payroll day.
Q3: Discuss threats & its types. (5 Marks)
Ans.
Threats
Cyber attackers are day by day changing their attacking techniques and gaining access
of a organizations system. There are different types of security threats to organizations,
which can affect business continuity of an organization. So, there is no way to be
completely sure that an organization is free from cyber security threats or attack
Types of Threats
Worms
This malicious program category largely exploits operating system vulnerabilities to
spread itself. The class was named for the way the worms crawl from computer to
computer, using networks and e-mail. This feature gives many worms a rather high
speed in spreading themselves.
Viruses
Programs that infected other programs, adding their own code to them to gain control
of the infected files when they are opened. This simple definition explains the
fundamental action performed by a virus - infection.
Trojans
Programs that carry out unauthorized actions on computers, such as deleting
information on drives, making the system hang, stealing confidential information, etc.
This class of malicious program is not a virus in the traditional sense of the word
(meaning it does not infect other computers or data). Trojans cannot break into
computers on their own and are spread by hackers, who disguise them as regular
software. The damage that they incur can exceed that done by traditional virus attacks
by several fold.
Spyware
Software that collects information about a particular user or organization without their
knowledge. You might never guess that you have spyware installed on your computer.
Riskware
Potentially dangerous applications include software that has not malicious features but
could form part of the development environment for malicious programs or could be
used by hackers as auxiliary components for malicious programs.
Rootkits
Utilities used to conceal malicious activity. They mask malicious programs to keep anti-
virus programs from detecting them. Rootkits modify the operating system on the
computer and alter its basic functions to hide its own existence and actions that the
hacker undertakes on the infected computer.
Q4: Discuss Firewalls & its types. (5 Marks)
Ans.
Firewalls
A firewall is a type of cyber-security tool that is used to filter traffic on a
network. Firewalls can be software, hardware, or cloud-based, with
each type of firewall having its own unique pros and cons. Firewalls
can be used to separate network nodes from external traffic sources,
internal traffic sources, or even specific applications.
Types of Firewalls
There are several types of firewalls that have developed over the
years, becoming progressively more complex and taking more
parameters into consideration when determining whether traffic should
be allowed to pass.
Proxy-based firewalls
These firewalls act as a gateway between end users who request data and
the source of that data. Host devices connect to the proxy, and the proxy
makes a separate connection to the source of the data. The major downside
of proxy-based firewalls is that terminating incoming connections and
creating outgoing connections plus filtering causes delays that can degrade
performance.
Stateful firewalls
A performance improvement over proxy-based firewalls came in the form of
stateful firewalls, which keep track of a realm of information about connections
and make it unnecessary for the firewall to inspect every packet.
Next-generation firewalls
Packets can be filtered using more than the state of connections and source
and destination addresses. This is where NGFWs come into play.