Quiz5

docx

School

Montgomery College *

*We aren’t endorsed by this school

Course

350

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

8

Uploaded by MajorLark1993

Report
n 1 2 / What is a work authorization system? Question options: An IT system used to baseline requirements so that they can be worked on. An IT system used by the Change Control Board to track changes to requirements. A process outside the project which is used to give approval for work to be started. None of the listed choices are correct. Hide question 1 feedback Read chapter 5, section 5.4 all sub sections n 2 2 / Which of the following analyses should be performed by a business analyst when a change to a requirement is proposed? Question options: Project Scope Analysis SWOT Analysis Impact Analysis Traceability Analysis Hide question 2 feedback Read Chapter 5, Section 5.8 (all sub sections) n 3 6 / A security engineer has proposed a change to the requirements which specify the features required in a firewall. The change is needed to address a new type of advanced persistent threat. What type of analysis should the Change Control Board require before considering this recommended change? Question options: SWOT Analysis Impact Analysis Business Needs Assessment Traceability Analysis Hide question 3 feedback Read Chapter 5, Section 5.8 (all sub sections) n 4 2 / What is a requirements baseline?
Question options: All of the listed choices are correct. An unchanging set of requirements. The initial set of requirements for a project. A set of approved requirements that are managed and tracked. Hide question 4 feedback Read Chapter 5 Section 5.1 n 5 2 / Which tool is used to safely store and preserve the integrity of project deliverables including requirements documentation. Question options: None of the listed choices are correct. Project Lifecycle Management System Requirements Management System Configuration Management System Hide question 5 feedback Read Chapter 5, section 5.6 (all sub sections) n 6 2 / Which of the following types of information is not used as a requirements attribute in a traceability matrix? Question options: Source, Owner, and Uses of the requirement Requirement ID Acceptance Criteria Relevance Rating Hide question 6 feedback Read Chapter 5, section 5.2.3 all sub sections n 7 6 / During an after action / lessons learned session, the project manager and the lead business analyst are discussing ways that project risk can be managed better in the future. Which of the following should the business analyst propose? Question options: All of the listed choices are correct. Reject all requirements changes that are not approved by the project sponsor. Impose strict limits on changes to requirements after the business analysis has been completed.
In the future, determine the level of requirements tracing needed as part of the business analysis planning proc Hide question 7 feedback Read Chapter 5, section 5.2 all sub sections n 8 2 / Who is responsible for assessing the impact of requirements changes upon the project? Question options: Project Manager Project Sponsor Business Analyst Project Planner Hide question 8 feedback R n 9 2 / What is the relationship between product scope and the requirements baseline? Question options: The product scope is the features and functions of the product as documented in the requirements baseline. None of the listed choices are correct. The product scope is what the customer wants. The requirements baseline is what the project is actually buildi The product scope contains both approved and unapproved requirements. The baseline only contains approved Hide question 9 feedback Read Chapter 5 section 5.5 all sub sections n 10 2 / What should a business analyst do when a requirements gap is identified? Question options: Modify the requirements baseline to cover the gap Notify the change control board of a missing requirement None of the listed choices are correct. Cancel or defer the approved requirement until the gap can be addressed Hide question 10 feedback Read Chapter 5, section 5.6 (all sub sections) n 11 6 / The project manager has received complaints from the software developers that requirements are being changed
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
without them being notified or asked about potential impacts. The business analysts believe that the developers were given outdated requirements that should not have been in the requirements matrix that the developers were working from. What tool can the project manager adopt to prevent this from happening in the future? Question options: Version Control System Requirements Tracking Tool Configuration Management System None of the listed choices are correct. Hide question 11 feedback Read Chapter 5, Section 5.8 (all sub sections) n 12 2 / When can changes to requirements be proposed? Question options: Before the beginning of a testing cycle. When user stories are being expanded and updated. At any time during a project. At the end of each spiral before the next spiral begins. Hide question 12 feedback Read Chapter 5, Section 5.8 (all sub sections) n 13 2 / Which of the following are components of governance in a large business? Question options: None of the listed choices are correct. laws, regulations, and standards Rules, processes, and relationships Representatives from each business function Hide question 13 feedback Case Study: Governance as an Activity n 14 2 / The Sifers-Grayson governance board is reviewing a company developed policy for protecting customer information, especially information furnished by federal government
agencies. Which NIST document should they consult to make sure that the government's requirements are addressed appropriately in the company's policy? Question options: NIST 800-53 NIST Cybersecurity Framework NIST 800-171 NIST 800-37 Hide question 14 feedback Case Study Weeks 5 & 7 n 15 6 / The Corporate Governance board at Sifers-Grayson does not have enough time in their meeting schedule to consider the problem of supply chain risk and how the company as a whole will solve this problem. What action can the board take to ensure that it is able to maintain adequate oversight of the company's efforts in this area? Question options: Outsource supply chain risk management Work with business analysts to develop requirements and then hand the problem off to a project team Appoint a subordinate governance board to provide oversight for risk management. Hire a team of consultants to make recommendations Hide question 15 feedback Case Study: Governance as an Activity n 16 2 / What is the goal of an Information Security Governance program? Question options: All of the listed choices are correct. To manage all risks to the organization To manage IT security independent of the organization's business functions To align IT security activities with overall governance goals of the organization Hide question 16 feedback Case Study: Weeks 1 & 7 n 17 2 /
A governance board wants to learn more about the problem of Advanced Persistent Threats as they affect the company. Who should be asked to provide a briefing for the members? Question options: Operations Supervisor for the Network Security Center Lead Business Analyst FBI Agent in Charge of Hacking Investigations Chief Information Security Officer Hide question 17 feedback Case Study: Weeks 5 & 7 n 18 2 / Which of the following international organizations studies Corporate Governance? Question options: Organisation for Economic Co-operation and Development World Intellectual Property Organization UN Public Administration Network World Trade Organization Hide question 18 feedback Case Study: Governance as an Activity n 19 2 / Which industry security framework focuses upon IT governance and management? Question options: COBIT NIST CSF ISO/IEC 27001 PCI-DSS Hide question 19 feedback Case Study: Weeks 5 & 7 n 20 2 / Members of the governance board want to impose a penalty for employees who ignore or bypass privacy protections on client data. What is the best means for doing this? Question options: Direct the head of Human Resources to immediately terminate violators.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Include consequences in a privacy policy. Warn employees that they could face fines if they violate the GDRPR. Direct the CISO to file criminal charges against violators. Hide question 20 feedback Case Study Weeks 5 & 7 n 21 6 / The governance board at Sifers-Grayson is considering a request for expansion of the company's security operations center. What key question should be addressed in the proposal sent to the board for approval? Question options: What is the impact to the company's current operations? Who is the project sponsor? When will the activity start and end? What is the business value of this activity? Hide question 21 feedback Case Study Weeks 1 & 7 and Chapters 4 and 5 n 22 6 / The CISO for Bay and Shore General Store needs to request an increase in the budget for hardware and software due to increased costs for products meeting the company's security requirements. What documentation should be submitted to the governance board to support this request? Question options: Business Case Requirements Matrix Business Analysis Project Charter Hide question 22 feedback Case Study Weeks 1 & 7 and Chapters 4 and 5 n 23 2 / In a new company, who should be named as members of the governance board? Question options: Representatives elected by employees All of the listed choices are correct.
C-Suite Executives Senior Managers Hide question 23 feedback Case Study: Governance as an Activity

Related Documents

Student_Instructions_CPCCBC4010B.docx
CPCCBC4011B_Jayatunga_Siriwardana.docx
CS 2205 UNIT 3 LJ.docx
Jayatunga Siriwardana_CPCCBC4001A.docx
Jayatunga Siriwardana_CPCCBC4009B__print.docx
Quiz4.docx
Case 1 Reflection.pdf
script practicum.docx
Excel_4G_Aquatics_Instructions.docx
Lab 11.docx
Lab 4.docx
Lab 20.docx