Download New Updated (July) Isaca CISA Actual Test 41-50

Ensurepass

 

QUESTION 41

IS management has decided to rewrite a legacy customer relations system using fourth generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs?

 

A.

Inadequate screen/report design facilities

B.

Complex programming language subsets

C.

Lack of portability across operating systems

D.

Inability to perform data intensive operations

 

Correct Answer: D

Explanation:

4GLs are usually not suitable for data intensive operations. Instead, they are used mainly for graphic user interface (GUI) design or as simple query/report generators.

 

 

 

QUESTION 42

What is the primary objective of a control self-assessment (CSA) program?

 

A.

Enhancement of the audit responsibility

B.

Elimination of the audit responsibility

C.

Replacement of the audit responsibility

D.

Integrity of the audit responsibility

 

Correct Answer: A

Explanation:

Audit responsibility enhancement is an objective of a control self-assessment (CSA) program.

 

 

QUESTION 43

When storing data archives off-site, what must be done with the data to ensure data completeness?

 

A.

The data must be normalized.

B.

The data must be validated.

C.

The data must be parallel-tested.

D.

The data must be synchronized.

 

Correct Answer: D

Explanation:

When storing data archives off-site, data must be synchronized to ensure data completeness.

 

 

QUESTION 44

When should reviewing an audit client’s business plan be performed relative to reviewing an organization’s IT strategic plan?

 

A.

Reviewing an audit client’s business plan should be performed before reviewing an organization’s IT strategic plan.

B.

Reviewing an audit client’s business plan should be performed after reviewing an organization’s IT strategic plan.

C.

Reviewing an audit client’s business plan should be performed during the review of an organization’s IT strategic plan.

D.

Reviewing an audit client’s business plan should be performed without regard to an organization’s IT strategic plan.

 

Correct Answer: A

Explanation:

Reviewing an audit client’s business plan should be performed before reviewing an organization’s IT strategic plan.

 

 

QUESTION 45

Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them?

 

A.

A neural network

B.

Database management software

C.

Management information systems

D.

Computer assisted audit techniques

 

Correct Answer: A

Explanation:

A neural network will monitor and learn patterns, reporting exceptions for investigation.

 

 

QUESTION 46

What determines the strength of a secret key within a symmetric key cryptosystem?

 

A.

A combination of key length, degree of permutation, and the complexity of the data- encryption algorithm that uses the key

B.

A combination of key length, initial input vectors, and the complexity of the data- encryption algorithm that uses the key

C.

A combination of key length and the complexity of the data-encryption algorithm that uses the key

D.

Initial input vectors and the complexity of the data-encryption algorithm that uses the key

 

Correct Answer: B

Explanation:

The strength of a secret key within a symmetric key cryptosystem is determined by a combination of key length, initial input vectors, and the complexity of the data-encryption algorithm that uses the key.

 

 

QUESTION 47

Test and development environments should be separated. True or false?

 

A.

True

B.

False

 

Correct Answer: A

Explanation:

Test and development environments should be separated, to control the stability of the test environment.

 

 

QUESTION 48

Which of the following is a dynamic analysis tool for the purpose of testing software modules?

 

A.

Blackbox test

B.

Desk checking

C.

Structured walk-through

D.

Design and code

 

Correct Answer: A

Explanation:

A blackbox test is a dynamic analysis tool for testing software modules. During the testing of software modules a blackbox test works first in a cohesive manner as one single unit/entity, consisting of numerous modules and second, with the user data that flows across software modules. In some cases, this even drives the software behavior.

 

 

 

 

QUESTION 49

Key verification is one of the best controls for ensuring that:

 

A.

Data is entered correctly

B.

Only authorized cryptographic keys are used

C.

Input is authorized

D.

Database indexing is performed properly

 

Correct Answer: A

Explanation:

Key verification is one of the best controls for ensuring that data is entered correctly.

 

 

QUESTION 50

What type of fire-suppression system suppresses fire via water that is released from a main valve to be delivered via a system of dry pipes installed throughout the facilities?

 

A.

A dry-pipe sprinkler system

B.

A deluge sprinkler system

C.

A wet-pipe system

D.

A halon sprinkler system

 

Correct Answer: A

Explanation:

A dry-pipe sprinkler system suppresses fire via water that is released from a main valve to be delivered via a system of dry pipes installed throughout the facilities.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …