The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1001
- Question
- Answer
- Explanation
- CISA Question 1002
- Question
- Answer
- Explanation
- CISA Question 1003
- Question
- Answer
- Explanation
- CISA Question 1004
- Question
- Answer
- Explanation
- CISA Question 1005
- Question
- Answer
- Explanation
- CISA Question 1006
- Question
- Answer
- Explanation
- CISA Question 1007
- Question
- Answer
- Explanation
- CISA Question 1008
- Question
- Answer
- Explanation
- CISA Question 1009
- Question
- Answer
- Explanation
- CISA Question 1010
- Question
- Answer
- Explanation
CISA Question 1001
Question
Test and development environments should be separated. True or false?
A. True
B. False
Answer
A. True
Explanation
Test and development environments should be separated, to control the stability of the test environment.
CISA Question 1002
Question
What is used to develop strategically important systems faster, reduce development costs, and still maintain high quality?
A. Rapid application development (RAD)
B. GANTT
C. PERT
D. Decision trees
Answer
A. Rapid application development (RAD)
Explanation
Rapid application development (RAD) is used to develop strategically important systems faster, reduce development costs, and still maintain high quality.
CISA Question 1003
Question
When should application controls be considered within the system-development process?
A. After application unit testing
B. After application module testing
C. After applications systems testing
D. As early as possible, even in the development of the project’s functional specifications
Answer
D. As early as possible, even in the development of the project’s functional specifications
Explanation
Application controls should be considered as early as possible in the system- development process, even in the development of the project’s functional specifications.
CISA Question 1004
Question
Which of the following processes are performed during the design phase of the systems development life cycle (SDLC) model?
A. Develop test plans.
B. Baseline procedures to prevent scope creep.
C. Define the need that requires resolution, and map to the major requirements of the solution.
D. Program and test the new system. The tests verify and validate what has been developed.
Answer
B. Baseline procedures to prevent scope creep.
Explanation
Procedures to prevent scope creep are baselined in the design phase of the systems- development life cycle (SDLC) model.
CISA Question 1005
Question
An IS auditor should carefully review the functional requirements in a system-development project to ensure that the project is designed to:
A. Meet business objectives
B. Enforce data security
C. Be culturally feasible
D. Be financially feasible
Answer
A. Meet business objectives
Explanation
An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to meet business objectives.
CISA Question 1006
Question
What should regression testing use to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors?
A. Contrived data
B. Independently created data
C. Live data
D. Data from previous tests
Answer
D. Data from previous tests
Explanation
Regression testing should use data from previous tests to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors.
CISA Question 1007
Question
Who is ultimately responsible for providing requirement specifications to the software- development team?
A. The project sponsor
B. The project members
C. The project leader
D. The project steering committee
Answer
A. The project sponsor
Explanation
The project sponsor is ultimately responsible for providing requirement specifications to the software-development team.
CISA Question 1008
Question
What protects an application purchaser’s ability to fix or change an application in case the application vendor goes out of business?
A. Assigning copyright to the organization
B. Program back doors
C. Source code escrow
D. Internal programming expertise
Answer
C. Source code escrow
Explanation
Source code escrow protects an application purchaser’s ability to fix or change an application in case the application vendor goes out of business.
CISA Question 1009
Question
What uses questionnaires to lead the user through a series of choices to reach a conclusion?
A. Logic trees
B. Decision trees
C. Decision algorithms
D. Logic algorithms
Answer
B. Decision trees
Explanation
Decision trees use questionnaires to lead the user through a series of choices to reach a conclusion.
CISA Question 1010
Question
Why is a clause for requiring source code escrow in an application vendor agreement important?
A. To segregate systems development and live environments
B. To protect the organization from copyright disputes
C. To ensure that sufficient code is available when needed
D. To ensure that the source code remains available even if the application vendor goes out of business
Answer
D. To ensure that the source code remains available even if the application vendor goes out of business
Explanation
A clause for requiring source code escrow in an application vendor agreement is important to ensure that the source code remains available even if the application vendor goes out of business.