Download New Updated (July) Isaca CISA Actual Test 491-500

Ensurepass

 

QUESTION 491

The GREATEST advantage of using web services for the exchange of information between two systems is:

 

A.

secure communications.

B.

improved performance.

C.

efficient interfacing.

D.

enhanced documentation.

 

Correct Answer: C

Explanation:

Web services facilitate the exchange of information between two systems, regardless of the operating system or programming language used. Communication is not necessarily securer or faster, and there is no documentation benefit in using web services.

 

 

QUESTION 492

Which of the following types of testing would determine whether a new or modified system can operate in its target environment without adversely impacting other existing systems?

 

A.

Parallel testing

B.

Pilot testing

C.

Interface/integration testing

D.

Sociability testing

 

Correct Answer: D

Explanation:

The purpose of sociability testing is to confirm that a new or modified system can operate in its target environment without adversely impacting existing systems. This should cover th
e platform that will perform primary application processing and interfaces with other systems, as well as changes to the desktop in a client-server or web development. Parallel testing is the process of feeding data into two systems-the modified system and an alternate system- and comparing the results. In this approach, the old and new systems operate concurrently for a period of time and perform the same processing functions. Pilot testing takes place first at one location and is then extended to other locations. The purpose is to see if the new system operates satisfactorily in one place before implementing it at other locations. Interface/integration testing is a hardware or software test that evaluates the connection of two or more components that pass information from one area to another.The objective is to take unit-tested modules and build an integrated structure.

 

 

QUESTION 493

During an application audit, an IS auditor finds several problems related to corrupted data in the database. Which of the following is a corrective control that the IS auditor should recommend?

 

A.

implement data backup and recovery procedures.

B.

Define standards and closely monitor for compliance.

C.

Ensure that only authorized personnel can update the database.

D.

Establish controls to handle concurrent access problems.

 

Correct Answer: A

Explanation:

Implementing data backup and recovery procedure is a corrective control, because backup and recovery procedures can be used to roll back database errors. Defining or establishing standards is a preventive control, while monitoring for compliance is adetective control. Ensuring that only authorized personnel can update the database is a preventive control. Establishing controls to handle concurrent access problems is also a preventive control.

 

 

 

 

QUESTION 494

Which of the following is MOST critical when creating data for testing the logic in a new or modified application system?

 

A.

A sufficient quantity of data for each test case

B.

Data representing conditions that are expected in actual processing

C.

Completing the test on schedule

D.

A random sample of actual data

 

Correct Answer: B

Explanation:

Selecting the right kind of data is key in testing a computer system. The data should not only include valid and invalid data but should be representative of actual processing; quality is more important than quantity. It is more important to have adequate test data than to complete the testing on schedule. It is unlikely that a random sample of actual data would cover all test conditions and provide a reasonable representation of actual data.

 

 

QUESTION 495

Which of the following will BEST ensure the successful offshore development of business applications?

 

A.

Stringent contract management practices

B.

Detailed and correctly applied specifications

C.

Awareness of cultural and political differences

D.

Postimplementation reviews

 

Correct Answer: B

Explanation:

When dealing with offshore operations, it is essential that detailed specifications be created. Language differences and a lack of interaction between developers and physically remote end users could create gaps in communication in which assumptionsand modifications may not be adequately communicated. Contract management practices, cultural and political differences, and postimplementation reviews, although important, are not as pivotal to the success of the project.

 

 

QUESTION 496

Which of the following should an IS auditor review to understand project progress in terms of time, budget and deliverables for early detection of possible overruns and for projecting estimates at completion (EACs)?

 

A.

Function point analysis

B.

Earned value analysis

C.

Cost budget

D.

Program Evaluation and Review Technique

 

Correct Answer: B

Explanation:

Earned value analysis (EVA) is an industry standard method for measuring a project’s progress at any given point in time, forecasting its completion date and final cost, and analyzing variances in the schedule and budget as the project proceeds. It compares the planned amount of work with what has actually been completed, to determine if the cost, schedule and work accomplished are progressing in accordance with the plan. EVA works most effectively if a well-formed work breakdown structure exists. Function point analysis (FPA) is an indirect measure of software size and complexity and, therefore, does not address the elements of time and budget. Cost budgets do not address time. PERT aids in time and deliverables management, but lacks projections for estimates at completion (EACs) and overall financial management.

 

 

QUESTION 497

A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not performing adequately which of the following types of testing?

 

A.

Unit testing

B.

Integration testing

C.

Design walkthroughs

D.

Configuration management

 

Correct Answer: B

Explanation:

A common system maintenance problem is that errors are often corrected quickly (especially when deadlines are tight). Units are tested by the programmer and then transferred to the acceptance test area; this often results in system problems that should have been detected during integration or system testing. Integration testing aims at ensuring that the major components of the system interface correctly.

 

 

QUESTION 498

Failure in which of the following testing stages would have the GREATEST impact on the implementation of new application software?

 

A.

System testing

B.

Acceptance testing

C.

Integration testing

D.

Unit testing

 

Correct Answer: B

Explanation:

Acceptance testing is the final stage before the software is installed and is available for use. The greatest impact would occur if the software fails at the acceptance testing level, as this could result in delays and cost overruns. System testing is undertaken by the developer team to determine if the software meets user requirements per specifications. Integration testing examines the units/modules as one integrated system and unit testing examines the individual units or components of the software. System, integration and unit testing are all performed by the developers at various stages of development; the impact of failure is comparatively less for each than failure at the acceptance testing stage.

 

 

QUESTION 499

The MOST likely explanation for the use of applets in an Internet application is that:

 

A.

it is sent over the network from the server.

B.

the server does not run the program and the output is not sent over the network.

C.

they improve the performance of the web server and network.

D.

it is a JAVA program downloaded through the web browser and executed by the web server of the client machine.

 

Correct Answer: C

Explanation:

An applet is a JAVA program that is sent over the network from the web server, through a web browser and to the client machine; the code is then run on the machine. Since the server does not run the program and the output is not sent over the network, the performance on the web server and network-over which the server and client are connected-drastically improves through the use of applets. Performance improvement is more important than the reasons offered in choices A and B. Since JAVA virtual machine (JVM) is embedded in most web browsers, the applet download through the web browser runs on the client machine from the web browser, not from the web server, making choice D incorrect.

 

 

QUESTION 500

Which of the following is a dynamic analysis tool for the purpose of testing software modules?

 

A.

Black box test

B.

Desk checking

C.

Structured walkthrough

D.

Design and code

 

Correct Answer: A

Explanation:

A black box test is a dynamic analysis tool for testing software modules. During the testing of software modules a black box test works first in a cohesive manner as a single unit/entity consisting of numerous modules, and second with the user data that flows across software modules, in some cases, this even drives the software behavior. In choices B, C and D, the software (design or code) remains static and someone closely examines it by applying their mind, without actually activating the software. Therefore, these cannot be referred to as dynamic analysis tools.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …