Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 10

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1001

Question

Test and development environments should be separated. True or false?

A. True
B. False

Answer

A. True

Explanation

Test and development environments should be separated, to control the stability of the test environment.

CISA Question 1002

Question

What is used to develop strategically important systems faster, reduce development costs, and still maintain high quality?

A. Rapid application development (RAD)
B. GANTT
C. PERT
D. Decision trees

Answer

A. Rapid application development (RAD)

Explanation

Rapid application development (RAD) is used to develop strategically important systems faster, reduce development costs, and still maintain high quality.

CISA Question 1003

Question

When should application controls be considered within the system-development process?

A. After application unit testing
B. After application module testing
C. After applications systems testing
D. As early as possible, even in the development of the project’s functional specifications

Answer

D. As early as possible, even in the development of the project’s functional specifications

Explanation

Application controls should be considered as early as possible in the system- development process, even in the development of the project’s functional specifications.

CISA Question 1004

Question

Which of the following processes are performed during the design phase of the systems development life cycle (SDLC) model?

A. Develop test plans.
B. Baseline procedures to prevent scope creep.
C. Define the need that requires resolution, and map to the major requirements of the solution.
D. Program and test the new system. The tests verify and validate what has been developed.

Answer

B. Baseline procedures to prevent scope creep.

Explanation

Procedures to prevent scope creep are baselined in the design phase of the systems- development life cycle (SDLC) model.

CISA Question 1005

Question

An IS auditor should carefully review the functional requirements in a system-development project to ensure that the project is designed to:

A. Meet business objectives
B. Enforce data security
C. Be culturally feasible
D. Be financially feasible

Answer

A. Meet business objectives

Explanation

An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to meet business objectives.

CISA Question 1006

Question

What should regression testing use to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors?

A. Contrived data
B. Independently created data
C. Live data
D. Data from previous tests

Answer

D. Data from previous tests

Explanation

Regression testing should use data from previous tests to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors.

CISA Question 1007

Question

Who is ultimately responsible for providing requirement specifications to the software- development team?

A. The project sponsor
B. The project members
C. The project leader
D. The project steering committee

Answer

A. The project sponsor

Explanation

The project sponsor is ultimately responsible for providing requirement specifications to the software-development team.

CISA Question 1008

Question

What protects an application purchaser’s ability to fix or change an application in case the application vendor goes out of business?

A. Assigning copyright to the organization
B. Program back doors
C. Source code escrow
D. Internal programming expertise

Answer

C. Source code escrow

Explanation

Source code escrow protects an application purchaser’s ability to fix or change an application in case the application vendor goes out of business.

CISA Question 1009

Question

What uses questionnaires to lead the user through a series of choices to reach a conclusion?

A. Logic trees
B. Decision trees
C. Decision algorithms
D. Logic algorithms

Answer

B. Decision trees

Explanation

Decision trees use questionnaires to lead the user through a series of choices to reach a conclusion.

CISA Question 1010

Question

Why is a clause for requiring source code escrow in an application vendor agreement important?

A. To segregate systems development and live environments
B. To protect the organization from copyright disputes
C. To ensure that sufficient code is available when needed
D. To ensure that the source code remains available even if the application vendor goes out of business

Answer

D. To ensure that the source code remains available even if the application vendor goes out of business

Explanation

A clause for requiring source code escrow in an application vendor agreement is important to ensure that the source code remains available even if the application vendor goes out of business.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.