CISA Certified Information Systems Auditor
Isaca CISA: Practice Exam QUESTION NO: 1 IS management has decided to rewrite a legacy customer relations system using fourth generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? A. Inadequate screen/report design facilities B. Complex programming language subsets C. Lack of portability across operating systems D. Inability to perform data intensive operations Answer: D Explanation: 4GLs are usually not suitable for data intensive operations. Instead, they are used mainly for graphic user interface (GUI) design or as simple query/report generators. Incorrect answers: A, B. Screen/report design facilities are one of the main advantages of 4GLs, and 4GLs have simple programming language subsets. C. Portability is also one of the main advantages of 4GLs.
QUESTION NO: 2
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report Answer: D
Explanation: A before-and-after maintenance report is the best answer because a visual review would provide the most positive verification that updating was proper.
QUESTION NO: 3 Which of the following is a dynamic analysis tool for the purpose of testing software modules? A. Blackbox test
"Pass Any Exam. Any Time." - www.actualtests.com
Isaca CISA: Practice Exam B. Desk checking C. Structured walk-through D. Design and code Answer: A Explanation: A blackbox test is a dynamic analysis tool for testing software modules. During the testing of software modules a blackbox test works first in a cohesive manner as one single unit/entity, consisting of numerous modules and second, with the user data that flows across software modules. In some cases, this even drives the software behavior. Incorrect answers: In choices B, C and D, the software (design or code) remains static and somebody simply closely examines it by applying his/her mind, without actually activating the software. Hence, these cannot be referred to as dynamic analysis tools.
QUESTION NO: 4
Explanation: A BPR project more often leads to an increased number of people using technology, and this would be a cause for concern. Incorrect answers: B. As BPR is often technology oriented, and this technology is usually more complex and volatile than in the past, cost savings do not often materialize in this areA . D. There is no reason for IP to conflict with a BPR project, unless the project is not run properly.
QUESTION NO: 5 Which of the following devices extends the network and has the capacity to store frames and act as a storage and forward device? A. Router B. Bridge "Pass Any Exam. Any Time." - www.actualtests.com 3
A. An increased number of people using technology B. Significant cost savings, through a reduction in the complexity of information technology C. A weaker organizational structures and less accountability D. Increased information protection (IP) risk will increase
Which of the following is MOST likely to result from a business process reengineering (BPR) project?
Isaca CISA: Practice Exam C. Repeater D. Gateway Answer: B Explanation: A bridge connects two separate networks to form a logical network (e.g., joining an ethernet and token network) and has the storage capacity to store frames and act as a storage and forward device. Bridges operate at the OSI data link layer by examining the media access control header of a data packet. Incorrect answers: A. Routers are switching devices that operate at the OSI network layer by examining network addresses (i.e., routing information encoded in an IP packet). The router, by examining the IP address, can make intelligent decisions...