The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 521
- Question
- Answer
- Explanation
- CISA Question 522
- Question
- Answer
- Explanation
- CISA Question 523
- Question
- Answer
- Explanation
- CISA Question 524
- Question
- Answer
- Explanation
- CISA Question 525
- Question
- Answer
- Explanation
- CISA Question 526
- Question
- Answer
- CISA Question 527
- Question
- Answer
- Explanation
- CISA Question 528
- Question
- Answer
- Explanation
- CISA Question 529
- Question
- Answer
- Explanation
- CISA Question 530
- Question
- Answer
- Explanation
CISA Question 521
Question
The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as:
A. rules.
B. decision trees.
C. semantic nets.
D. dataflow diagrams.
Answer
B. decision trees.
Explanation
Decision trees use questionnaires to lead a user through a series of choices until a conclusion is reached. Rules refer to the expression of declarative knowledge through the use of if-then relationships. Semantic nets consist of a graph in which nodes represent physical or conceptual objects and the arcs describe the relationship between the nodes. Semantic nets resemble a dataflow diagram and make use of an inheritance mechanism to prevent duplication of data.
CISA Question 522
Question
Which of the following is the PRIMARY purpose for conducting parallel testing?
A. To determine if the system is cost-effective
B. To enable comprehensive unit and system testing
C. To highlight errors in the program interfaces with files
D. To ensure the new system meets user requirements
Answer
D. To ensure the new system meets user requirements
Explanation
The purpose of parallel testing is to ensure that the implementation of a new system will meet user requirements. Parallel testing may show that the old system is, in fact, better than the new system, but this is not the primary reason. Unit and system are completed before parallel testing. Program interfaces with files are tested for errors during system testing.
CISA Question 523
Question
An IS auditor’s PRIMARY concern when application developers wish to use a copy of yesterday’s production transaction file for volume tests is that:
A. users may prefer to use contrived data for testing.
B. unauthorized access to sensitive data may result.
C. error handling and credibility checks may not be fully proven.
D. the full functionality of the new process may not necessarily be tested.
Answer
B. unauthorized access to sensitive data may result.
Explanation
Unless the data are sanitized, there is a risk of disclosing sensitive data.
CISA Question 524
Question
An advantage of using sanitized live transactions in test data is that:
A. all transaction types will be included.
B. every error condition is likely to be tested.
C. no special routines are required to assess the results.
D. test transactions are representative of live processing.
Answer
D. test transactions are representative of live processing.
Explanation
Test data will be representative of live processing; however, it is unlikely that all transaction types or error conditions will be tested in this way.
CISA Question 525
Question
A decision support system (DSS):
A. is aimed at solving highly structured problems.
B. combines the use of models with nontraditional data access and retrieval functions.
C. emphasizes flexibility in the decision making approach of users.
D. supports only structured decision making tasks.
Answer
C. emphasizes flexibility in the decision making approach of users.
Explanation
DSS emphasizes flexibility in the decision making approach of users. It is aimed at solving less structured problems, combines the use of models and analytic techniques with traditional data access and retrieval functions, and supports semi structured decision making tasks.
CISA Question 526
Question
Which of the following is an advantage of prototyping?
A. The finished system normally has strong internal controls.
B. Prototype systems can provide significant time and cost savings.
C. Change control is often less complicated with prototype systems.
D. it ensures that functions or extras are not added to the intended system.
Answer
B. Prototype systems can provide significant time and cost savings.
CISA Question 527
Question
When implementing an application software package, which of the following presents the GREATEST risk?
A. Uncontrolled multiple software versions
B. Source programs that are not synchronized with object code
C. incorrectly set parameters
D. Programming errors.
Answer
C. incorrectly set parameters
Explanation
Parameters that are not set correctly would be the greatest concern when implementing an application software package. The other choices, though important, are a concern of the provider, not the organization that is implementing the software itself.
CISA Question 528
Question
Which of the following is a management technique that enables organizations to develop strategically important systems faster, while reducing development costs and maintaining quality?
A. Function point analysis
B. Critical path methodology
C. Rapid application development
D. Program evaluation review technique
Answer
C. Rapid application development
Explanation
Rapid application development is a management technique that enables organizations to develop strategically important systems faster, while reducing development costs and maintaining quality. The program evaluation review technique (PERT) and critical path methodology (CPM) are both planning and control techniques, while function point analysis is used for estimating the complexity of developing business applications.
CISA Question 529
Question
The phases and deliverables of a system development life cycle (SDLC) project should be determined:
A. during the initial planning stages of the project.
B. after early planning has been completed, but before work has begun.
C. throughout the work stages, based on risks and exposures.
D. only after all risks and exposures have been identified and the IS auditor has recommended appropriate controls.
Answer
A. during the initial planning stages of the project.
Explanation
It is extremely important that the project be planned properly and that the specific phases and deliverables be identified during the early stages of the project.
CISA Question 530
Question
Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data?
A. inheritance
B. Dynamic warehousing
C. Encapsulation
D. Polymorphism
Answer
C. Encapsulation
Explanation
Encapsulation is a property of objects, and it prevents accessing either properties or methods that have not been previously defined as public.
This means that any implementation of the behavior of an object is not accessible. An object defines a communication interface with the exterior and only that which belongs to that interface can be accessed.