Ensurepass

 

QUESTION 11

Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation?

 

A.

Specific developments only

B.

Business requirements only

C.

All phases of the installation must be documented

D.

No need to develop a customer specific documentation

 

Correct Answer: C

Explanation:

A global enterprise product reengineering (EPR) software package can be applied to a business to replace, simplify and improve the quality of IS processing. Documentation is intended to help understand how, why and which solutions that have been selected and implemented, and therefore must be specific to the pro
ject. Documentation is also intended to support quality assurance and must be comprehensive.

 

 

QUESTION 12

What kind of testing should programmers perform following any changes to an application or system?

 

A.

Unit, module, and full regression testing

B.

Module testing

C.

Unit testing

D.

Regression testing

 

Correct Answer: A

Explanation:

Pro
grammers should perform unit, module, and full regression testing following any changes to an application or system.

 

 

QUESTION 13

What often results in project scope creep when functional requirements are not defined as well as they could be?

 

A.

Inadequate software baselining

B.

Insufficient strategic planning

C.

Inaccurate resource allocation

D.

Project delays

 

Correct Answer: A

Explanation:

Inadequate software baselining often results in project scope creep because functional requirements are not defined as well as they could be.

 

 

QUESTION 14

Which of the following is a guiding best practice for implementing logical access controls?

 

A.

Implementing the Biba Integrity Model

B.

Access is granted on a least-privilege basis, per the organization’s data owners

C.

Implementing the Take-Grant access control model

D.

Classifying data according to the subject’s requirements

 

Correct Answer: B

Explanation:

Logical access controls should be reviewed to ensure that access is granted on a least-privilege basis, per the organization’s data owners.

 

QUESTION 15

What is a callback system?

 

A.

It is a remote-access system whereby the remote-access server immediately calls the user back at a predetermined number if the dial-in connection fails.

B.

It is a remote-access system whereby the user’s application automatically redials the remoteaccess server if the initial connection attempt fails.

C.

It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server’s configuration database.

D.

It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently allows the user to call back at an approved number for a limited period of time.

 

Correct Answer: C

Explanation:

A callback system is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server’s configuration database.

 

 

QUESTION 16

Which of the following typically focuses on making alternative processes and resources available for transaction processing?

 

A.

Cold-site facilities

B.

Disaster recovery for networks

C.

Diverse processing

D.

Disaster recovery for systems

 

Correct Answer: D

Explanation:

Disaster recovery for systems typically focuses on making alternative processes and resources available for transaction processing.

 

 

QUESTION 17

What is the most common reason for information systems to fail to meet the needs of users? Choose the BEST answer.

 

A.

Lack of funding

B.

Inadequate user participation during system requirements definition

C.

Inadequate senior management participation during system requirements definition

D.

Poor IT strategic planning

 

Correct Answer: B

Explanation:

Inadequate user participation during system requirements definition is the most common reason for information systems to fail to meet the needs of users.

 

 

 

 

QUESTION 18

What does PKI use to provide some of the strongest overall control over data confidentiality, reliability, and integrity for Internet transactions?

 

A.

A combination of public-key cryptography and digital certificates and two-factor authentication

B.

A combination of public-key cryptography and two-factor authentication

C.

A combination of public-key cryptography and digital certificates

D.

A combination of digital certificates and two-factor authentication

 

Correct Answer: C

Explanation:

PKI uses a combination of public-key cryptography and digital certificates to provide some of the strongest overall control over data confidentiality, reliability, and integrity for Internet transactions.

 

 

QUESTION 19

Obtaining user approval of program changes is very effective for controlling application changes and maintenance. True or false?

 

A.

True

B.

False

 

Correct Answer: A

Explanation:

Obtaining user approval of program changes is very effective for controlling application changes and maintenance.

 

 

QUESTION 20

Which of the following processes are performed during the design phase of the systemsdevelopment life cycle (SDLC) model?

 

A.

Develop test plans.

B.

Baseline procedures to prevent scope creep.

C.

Define the need that requires resolution, and map to the major requirements of the solution.

D.

Program and test the new system. The tests verify and validate what has been developed.

 

Correct Answer: B

Explanation:

Procedures to prevent scope creep are baselined in the design phase of the systems-development life cycle (SDLC) model.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.