All questions pertain to the Billington Pharmaceuticals case study.
| Question 1 | Which of the following measures should be taken to ensure that the system is fully functional after deployment and can be properly used and maintained? (Choose all that apply.) A. Education/training plan B. Maintenance/support/upgrade plan C. Support for any Internet browser D. Error-trapping data entry mechanisms E. Testing plan
|
| A1: | The correct answers are A, B, and D. A variety of plans have to be part of the final system being deployed. For a system to be fully functional and maintainable, plans must be made for training the staff, testing the system functionality, and performing maintenance and upgrades. Although it would be superb to build error-free input into the system, this is a virtual impossibility, but every attempt should be made to minimize errors. You might not want to support low-end Internet browsers, as they could compromise system security. |
| Question 2 | When a client calls in over the toll-free telephone system to get information, which of the following types of information should be taken before divulging personal data to the caller? A. Credit card information. B. Home address information. C. Client birth date. D. Personal information shouldn't be given.
|
| A2: | The correct answer is D. It should be somewhat obvious that personal information shouldn't be given in this situation, with the nature of the information you might have on record. If any information is given over the phone, a secure ID and password should be used. |
| Question 3 | Billington wants to move all data currently stored in its mainframe to a SQL Server cluster that will serve as the basis for the new system. Billington currently has an aging system with no ODBC or OLE DB support for its current data store. Which of the following mechanisms would be the most efficient method of porting data over to SQL Server? (Choose all that apply.) A. Create an ODBC driver for the mainframe data, and use SQL Server to pull the data over to the new cluster. B. Run the systems in parallel for a short period, until stability and performance can be guaranteed on the new cluster. C. Create a mainframe application that translates the data into text files that can then be imported to the new cluster. D. Leave the data on the mainframe and avoid phasing out the mainframe system, as it would be too costly. E. Use SNA technology to create a link between the PC network and the mainframe applications so that data can be ported to the new cluster.
|
| A3: | The correct answers are B and E. SNA technologies can be used to create a link between the two systems, allowing data to be transferred between them. It would be a good idea to run the systems in parallel for a period of time, after which the mainframe can be phased out. In an aging system, keeping the system around would likely be too costly, and development on the mainframe side in the form of a driver or new application would probably also prove costly and inefficient. |
| Question 4 | You are preparing a monitoring plan for use on the Web server that will house the majority of the system. What monitoring and/or logging should be implemented on this server? (Choose all that apply.) A. User access to data and statistics on data usage B. Errors recorded within the applications C. IIS logging on user information and site usage D. Attempts to breach security at the firewall E. Data entry errors on the user interface
|
| A4: | The correct answers are B and C. The Web server would likely record site usage statistical information and errors for applications running on the server. User statistical access would likely be recorded on the database, possibly by using triggers or other mechanisms. Security information at the firewall is recorded by the firewall software itself. After deployment, there is little gain in knowing how many typing and related errors are made in the interface, although during testing this information might be more usable. |
| Question 5 | You would like to deploy parts of the new system to the user across the Internet. Some of these elements are backup mechanisms to allow some portions of the application to be performed from a small Windows application when communication has been lost. How would you deploy this small Windows application? A. Prepare a Windows setup package to put the program onto two floppy disks that can be mailed or couriered to users. B. Prepare a Windows setup package to put the program onto a CD that can be mailed or couriered to users. C. Prepare a .cab setup package to download, and provide a link that users can access to download the file. D. Prepare a Windows setup package, and then zip the package into an easy-to-download file. E. Prepare a Windows setup package and have the package zipped to be e-mailed to the user.
|
| A5: | The correct answer is D. The applications should be provided on a secure portion of the Web site that can be accessed only after applicable user validation has occurred. The snail mail system is likely not the best mechanism for reasons of speed, security, and reliability, nor would e-mail be a good choice, as many systems block these types of attachments. |
| Question 6 | The new Billington system will constantly be handling confidential information. Which of the following measures could you take to ensure that client and physician confidentiality is maintained? (Choose all that apply.) A. Provide a process by which the user must log in to the system. B. Ensure that all transmitted data is encrypted. C. Build roles in which groups of users belong, and assign applicable permissions in the database to each role. D. Mandate that the user provide credit card information before allowing any transactions. E. Ensure that only employees can access data in the system.
|
| A6: | The correct answers are A, B, and C. Any data that is transmitted over public or private channels should be encrypted so that if it falls into the wrong hands, it is unusable. A user should be logging in to the system before any access is given. Some form of certificate or other identification mechanism should be used to ensure the user's identity. Permissions should be assigned by roles, and all users should be placed into applicable roles. (The Administrators role is the only one with full control.) Credit card information does nothing to secure data being communicated, and giving all employees access to the data would allow any clerk access to far too much information. |
| Question 7 | The call system in a future release might need to be altered to attach a user fee to each call that's made. How would the initial preparation and deployment of the application make this task easier? A. Build the complete call application as a single component so that the entire component can be replaced if needed. B. Have the call application perform a call to the product table, and store the call as a product with an initial price of zero. C. Have a billing program prepared as part of the original system design that is ready to send invoices to the customer for the calls made. D. Prepare a call-billing component stub that is called by the call system and initially supplies a zero value to each call. E. Have a charge system built into the original system that initially records a charge record in the database with a zero value.
|
| A7: | The correct answer is D. By building a call component that simply supplies zero initially, you minimize the amount of initial coding while preparing for the replacement of this component if a user fee is ever applied. If a user fee is never applied to the system, answers B, C, and E perform far too much initial development for something that might never come to fruition. Building the call system as a single component (answer A) would interrupt the system and result in excessive system downtime during application upgrade/replacement, as the entire application, rather than just a component, would have to be taken offline and replaced. |
| Question 8 | In the Billington system, the user supplies data in a Web form for the browser portion of the system. On the form are fields marked as mandatory, and some of the fields, of course, are optional. If data for the missing fields is stored in a database for current clients, what should be done to ensure that data is correctly collected? A. Fill in missing values from the database after the form has been submitted. B. Have the user supply valid information for the required fields before submitting the form. C. Allow the form to be submitted, perform a query to the database, and if data is not found, request it from the user. D. Allow the form to be submitted and ignore the missing information. E. Allow the form to be submitted and supply default information for the missing values.
|
| A8: | The correct answer is B. If an input form has indicated that values are mandatory, then regardless of wherever else the information might be stored, the form should be completed before continuing in the system. Another possible solution is to have the client perform a logon process and fill in as much information as possible for the database before sending the form to the user to complete. Alternatively, data could be stored in a cookie. |
| Question 9 | The call answer service that will be part of Billington's new system means applying several business rules. Which of the following could represent business rules associated with the call application? (Choose all that apply.) A. Users of the call system must be registered patients or physicians. B. Prescription information must contain a registered patient ID and physician ID. C. Each call request must contain location information. D. Call information is provided only for medications found in the database. E. Employees answering calls should first recommend Billington brand products.
|
| A9: | The correct answers are A and C. As stated by the staff pharmacist during the interview process, you want to ensure that this system is used only by patients and/or physicians who are registered in the database. The service is not intended to push specific products over others, nor is it necessary that advice be directly associated with products sold at Billington's locations. The case study specified that location tracking was part of this system and ID information was also tracked. Although the prescription information should contain a valid physician ID and patient ID, these requirements are not directly tied to the call system. |
| Question 10 | In the Billington system, users supply data in a Web form for the browser portion of the system. On the form are fields marked as mandatory, and some of the fields, of course, are optional. Where should errors first be noted if mandatory information is missing? A. Validation in the user interface B. Validation at the Web server C. Validation within a business rules component in a middle-tier application D. Validation in the database in the form of NOT NULL allocations
|
| A10: | The correct answer is A. Mandatory and optional information can easily be noted in the user interface without requiring a round-trip to the server. A business rules component, ASP code on the Web server, or validation at the data source could also perform these checks, but users most easily notice validation in the user interface (answer A). |
