CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 230
1. During the review of a web-based software development project, an IS auditor realizes that coding standards are not enforced and code reviews are rarely carried out. This will MOST likely increase the likelihood of a successful:
A) buffer overflow.
B) brute force attack.
C) distributed denial-of-service attack.
D) war dialing attack.
2. Which testing approach is MOST appropriate to ensure that internal application interface errors are identified as soon as possible?
A) Bottom up
B) Sociability testing
C) Top-down
D) System test
3. During the requirements definition phase of a software development project, the aspects of software testing that should be addressed are developing:
A) test data covering critical applications.
B) detailed test plans.
C) quality assurance test specifications.
D) user acceptance testing specifications
4. Which of the following is an advantage of the top-down approach to software testing?
A) Interface errors are identified early
B) Testing can be started before all programs are complete
C) it is more effective than other testing approaches
D) Errors in critical modules are detected sooner
5. During the system testing phase of an application development project the IS auditor should review the:
A) conceptual design specifications.
B) vendor contract.
C) error reports.
D) program change requests.
A) buffer overflow.
B) brute force attack.
C) distributed denial-of-service attack.
D) war dialing attack.
2. Which testing approach is MOST appropriate to ensure that internal application interface errors are identified as soon as possible?
A) Bottom up
B) Sociability testing
C) Top-down
D) System test
3. During the requirements definition phase of a software development project, the aspects of software testing that should be addressed are developing:
A) test data covering critical applications.
B) detailed test plans.
C) quality assurance test specifications.
D) user acceptance testing specifications
4. Which of the following is an advantage of the top-down approach to software testing?
A) Interface errors are identified early
B) Testing can be started before all programs are complete
C) it is more effective than other testing approaches
D) Errors in critical modules are detected sooner
5. During the system testing phase of an application development project the IS auditor should review the:
A) conceptual design specifications.
B) vendor contract.
C) error reports.
D) program change requests.
1. Right Answer: A
Explanation: Poorly written code, especially in web-based applications, is often exploited by hackers using buffer overflow techniques. A brute force attack is used to crack passwords. A distributed denial- of-service attack floods its target with numerous packets, to prevent it from responding to legitimate requests. War dialing uses modem-scanning tools to hack PBXs.
2. Right Answer: C
Explanation: The top-down approach to testing ensures that interface errors are detected early and that testing of major functions is conducted early. A bottom-up approach to testing begins with atomic units, such as programs and modules, and works upward until a complete system test has taken place. Sociability testing and system tests take place at a later stage in the development process.
3. Right Answer: D
Explanation: A key objective in any software development project is to ensure that the developed software will meet the business objectives and the requirements of the user. The users should be involved in the requirements definition phase of a development project and user acceptance test specification should be developed during this phase. The other choices are generally performed during the system testing phase.
4. Right Answer: A
Explanation: The advantage of the top-down approach is that tests of major functions are conducted early, thus enabling the detection of interface errors sooner. The most effective testing approach is dependent on the environment being tested. Choices B and D are advantages of the bottom-up approach to system testing.
5. Right Answer: C
Explanation: Testing is crucial in determining that user requirements have been validated. The IS auditor should be involved in this phase and review error reports for their precision in recognizing erroneous data and review the procedures for resolving errors. A conceptual design specification is a document prepared during the requirements definition phase. A vendor contract is prepared during a software acquisition process. Program change requests would normally be reviewed as a part of the postimplementation phase.
Explanation: Poorly written code, especially in web-based applications, is often exploited by hackers using buffer overflow techniques. A brute force attack is used to crack passwords. A distributed denial- of-service attack floods its target with numerous packets, to prevent it from responding to legitimate requests. War dialing uses modem-scanning tools to hack PBXs.
2. Right Answer: C
Explanation: The top-down approach to testing ensures that interface errors are detected early and that testing of major functions is conducted early. A bottom-up approach to testing begins with atomic units, such as programs and modules, and works upward until a complete system test has taken place. Sociability testing and system tests take place at a later stage in the development process.
3. Right Answer: D
Explanation: A key objective in any software development project is to ensure that the developed software will meet the business objectives and the requirements of the user. The users should be involved in the requirements definition phase of a development project and user acceptance test specification should be developed during this phase. The other choices are generally performed during the system testing phase.
4. Right Answer: A
Explanation: The advantage of the top-down approach is that tests of major functions are conducted early, thus enabling the detection of interface errors sooner. The most effective testing approach is dependent on the environment being tested. Choices B and D are advantages of the bottom-up approach to system testing.
5. Right Answer: C
Explanation: Testing is crucial in determining that user requirements have been validated. The IS auditor should be involved in this phase and review error reports for their precision in recognizing erroneous data and review the procedures for resolving errors. A conceptual design specification is a document prepared during the requirements definition phase. A vendor contract is prepared during a software acquisition process. Program change requests would normally be reviewed as a part of the postimplementation phase.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment