Pass4SureTest is providing a wide range of preparation material for certification students in the form of pdf question answers and practice test software.it is facilitating the customers with the authentic and up to date learning material for Isaca CISA Exam.For Customers satisfaction Pass4SureTest is offering free demo of CISA exam as well as money back guarantee.for more details visit our website http://www.pass4suretest.com/CISA-exam.html
Comments
Content
How To Deal With The Problem of Preparation of CISA Exam
The preparation can be started once after knowing the syllabus of exam. If you start browsing to find a suitable source to prepare
Isaca CISA/ CISA from, you will be bombarded with thousands of results. It then adds to your hard work to look for the most
authentic source from that heap. To save you from this trouble, I will tell you the source that will give you the most reliable
information on the Certified Information Systems Auditor exam you have to attempt.
Have Pass4sureTest By Your Side
The website I am talking about is Pass4sureTest and it is the most dependable source of CISA Certified Information Systems Auditor
exam preparation material. This is because it has been in association with Isaca for a long period of time now and is considered as
best out there. In addition, Pass4sureTest is one of the forerunners of preparation movement and has been helping candidates to get
through their exams for stretch of time.
Verify Reliability Through Testimonials
You can verify the reliability and relevancy by looking at the long line of testimonials stated by the customers. The Pass4sureTest
has successfully turned a number of customers into certified Isaca professionals. The testimonial section is full of claims by Isaca
Certified Information Systems Auditor professionals that willingly guarantee the reliability of Pass4sureTest.
What is Special About The CISA Exam Product?
How would you know that the material provided by Pass4sureTest is unique and
incomparable to others? Well this can be confirmed by looking at the material
provided to you. It is in rich PDF format which is easy to read and edit. Moreover,
there is also special software included in the product that allows you to practice the
test before taking exam.
The Facility To Set CISA Exam
Preferences
With numerous accessibility options provided by the
Pass4sureTest's product, you can change exam
preferences, languages and other options as well. So, do
as you please.
Simulation of Isaca CISA Exam
CISA Practice Test Software
The CISA practice software is created by specialists who have made sure that the
questions in this software cover all the syllabus topics of the Isaca CISA exam.
Resultantly, you will get full coverage of the syllabus.
The practice test software provided in the product
imitates the Certified Information Systems Auditor
exam environment and hence, provides you the
opportunity to attempt the real exam before it actually
happens. As a result, your confidence is driven up and
you will enter the examination hall knowing what you
are going to face in there.
SAFE AND SECURE
With highly effective tools developed by McAfee and a SSL 64bit
framework, Pass4sureTest gives you unbeatable security.
QUALITY IS OUR GUARANTEE
The material provided by the Pass4sureTest is top quality. Such
quality is achieved by a complete research of the CISA Certified
Information Systems Auditor exam syllabus to create the
preparatory material.
HANDY INTERFACE
The product is specially designed by keeping in mind the problems
people have with the tech products. To ensure this Isaca Certified
Information Systems Auditor specialists have worked hard and made
a handy product.
Money Back Guarantee
Pass4sureTest is very
much confident about the
product it offers and as a
result, it gives each and
every candidate a 90
days' window to state his
failure in CISA/ CISA exam. If a candidate
brings forth his failure in 90 days,
Pass4sureTest pays the money back to the
candidate. What better opportunity can there
be to make your investment riskfree? For
more details, visit the website.
Never Remain Behind on
Updates
Pass4sureTest knows the
importance of updates in
a
software
related
product. Therefore, it
provides routine updates
for the syllabus, Isaca
CISA exam questions and the software.
These updates can be downloaded free of
cost. To get benefit fully from the product,
you should regularly check for updates.
Discounts And Rewards
Current customers
are enjoying benefits
of cashback offers
whereas
new
promotions
are
launched for the new
customers. By buying
the Isaca CISA/ CISA Certified Information
Systems Auditor exam package, you can get
a 30% discount. It will remain by your side
during you entire professional career and
will keep on helping you.
Try Free Demo of Isaca CISA Exam Questions
Don't trust Pass4sureTest before trying the free demo of the CISA exam product. This will enable you to check the quality as well. Get the demo for
CISA/ CISA exam now, free of cost. When you get satisfied with the quality, make the final purchase. Do leave your valuable feedback as it is a good
source of insight.
http://www.pass4suretest.com/CISAexam.html
Isaca
CISA
Certified Information Systems Auditor
Demo Product
To Buy Full Set of Exam Questions, Visit:
http://www.pass4suretest.com/CISA-exam.html
Question 1
IS management has decided to rewrite a legacy customer relatons system using fourth generaton
languages (4GLs). Which of the following risks is MOST ofen associated with system development
using 4GLs?
A. Inadequate screen/report design facilites
B. Complex programming language subsets
C. Lack of portability across operatng systems
D. Inability to perform data intensive operatons
Aoswern D
Explanatonn
4GLs are usually not suitable for data intensive operatons. Instead, they are used mainly for graphic
user interface (GUI) design or as simple query/report generators.
Incorrect answersn
A, B. Screen/report design facilites are one of the main advantages of 4GLs, and 4GLs have simple
programming language subsets.
C. Portability is also one of the main advantages of 4GLs.
Question 2
Which of the following would be the BEST method for ensuring that critcal felds in a master record
have been updated properly?
A. Field checks
B. Control totals
C. Reasonableness checks
D. A before-and-afer maintenance report
Aoswern D
Explanatonn
A before-and-afer maintenance report is the best answer because a visual review would provide the
most positve verifcaton that updatng was proper.
Question 3
Which of the following is a dynamic analysis tool for the purpose of testng sofware modules?
A. Blackbox test
B. Desk checking
C. Structured walk-through
D. Design and code
Aoswern A
Explanatonn
A blackbox test is a dynamic analysis tool for testng sofware modules. During the testng of sofware
modules a blackbox test works frst in a cohesive manner as one single unit/entty, consistng of
numerous modules and second, with the user data that fows across sofware modules. In some
cases, this even drives the sofware behavior. Incorrect answersn
In choices B, C and D, the sofware (design or code) remains statc and somebody simply closely
examines it by applying his/her mind, without actually actvatng the sofware. Hence, these cannot
be referred to as dynamic analysis tools.
Question 4
Which of the following is MOST likely to result from a business process reengineering (BPR) project?
A. An increased number of people using technology
B. Signifcant cost savings, through a reducton in the complexity of informaton technology
C. A weaker organizatonal structures and less accountability
D. Increased informaton protecton (IP) risk will increase
Aoswern A
Explanatonn
A BPR project more ofen leads to an increased number of people using technology, and this would
be a cause for concern. Incorrect answersn
B. As BPR is ofen technology oriented, and this technology is usually more complex and volatle than
in the past, cost savings do not ofen materialize in this areA .
D. There is no reason for IP to confict with a BPR project, unless the project is not run properly.
Question 5
Which of the following devices extends the network and has the capacity to store frames and act as a
storage and forward device?
A. Router
B. Bridge
C. Repeater
D. Gateway
Aoswern B
Explanatonn
A bridge connects two separate networks to form a logical network (e.g., joining an ethernet andd
token network) and has the storage capacity to store frames and act as a storage and forward device.
Bridges operate at the OSI data link layer by examining the media access control header of a data
packet.
Incorrect answersn
A. Routers are switching devices that operate at the OSI network layer by examining network
addresses (i.e., routng informaton encoded in an IP packet). The router, by examining the IP
address, can make intelligent decisions in directng the packet to its destnaton.
C. Repeaters amplify transmission signals to reach remote devices by taking a signal from a LAN,
reconditoning and retming it, and sending it to another. This functonality is hardware encoded and
occurs at the OSI physical layer.
D. Gateways provide access paths to foreign networks.
Question 6
Which of the following is a beneft of using callback devices?
A. Provide an audit trail
B. Can be used in a switchboard environment
C. Permit unlimited user mobility
D. Allow call forwarding
Aoswern A
Explanatonn
A callback feature hooks into the access control sofware and logs all authorized and unauthorized
access atempts, permitng the follow-up and further review of potental breaches. Call forwarding
(choice D) is a means of potentally bypassing callback control. By dialing through an authorized
phone number from an unauthorized phone number, a perpetrator can gain computer access. This
vulnerability can be controlled through callback systems that are available.
Question 7
A call-back system requires that a user with an id and password call a remote server through a dialup line, then the server disconnects andn
A. dials back to the user machine based on the user id and password using a telephone number from
its database.
B. dials back to the user machine based on the user id and password using a telephone number
provided by the user during this connecton.
C. waits for a redial back from the user machine for reconfrmaton and then verifes the user id and
password using its database.
D. waits for a redial back from the user machine for reconfrmaton and then verifes the user id and
password using the sender's database.
Aoswern A
Explanatonn
A call-back system in a net centric environment would mean that a user with an id and password calls
a remote server through a dial-up line frst, and then the server disconnects and dials back to the
user machine based on the user id and password using a telephone number from its database.
Although the server can depend upon its own database, it cannot know the authentcity of the dialer
when the user dials again. The server cannot depend upon the sender's database to dial back as the
same could be manipulated.
Question 8
Structured programming is BEST described as a technique thatn
A. provides knowledge of program functons to other programmers via peer reviews.
B. reduces the maintenance tme of programs by the use of small-scale program modules.
C. makes the readable coding refect as closely as possible the dynamic executon of the program.
D. controls the coding and testng of the high-level functons of the program in the development
process.
Aoswern B
Explanatonn
A characteristc of structured programming is smaller, workable units. Structured programming has
evolved because smaller, workable units are easier to maintain. Structured programming is a style of
programming which restricts the kinds of control structures. This limitaton is not crippling. Any
program can be writen with allowed control structures. Structured programming is sometmes
referred to as go-to-less programming, since a go-to statement is not allowed. This is perhaps the
most well known restricton of the style, since go-to statements were common at the tme structured
programming was becoming more popular. Statement labels also become unnecessary, except in
languages where subroutnes are identfed by labels.
Question 9
Which of the following data validaton edits is efectve in detectng transpositon and transcripton
errors?
A. Range check
B. Check digit
C. Validity check
D. Duplicate check
Aoswern B
Explanatonn
A check digit is a numeric value that is calculated mathematcally and is appended to data to ensure
that the original data have not been altered or an incorrect, but valid, value substtuted.
This control is efectve in detectng transpositon and transcripton errors.
Incorrect answersn
A. A range check is checking data that matches a predetermined range of values.
C. A validity check is programmed checking of the data validity in accordance with predetermined
criteriA .
D. In a duplicate check, new or fresh transactons are matched to those previously entered to ensure
that they are not already in the system.
Question 10
An ofsite informaton processing facility having electrical wiring, air conditoning and fooring, but
no computer or communicatons equipment is an
A. cold site.
B. warm site.
C. dial-up site.
D. duplicate processing facility.
Aoswern A
Explanatonn
A cold site is ready to receive equipment but does not ofer any components at the site in advance of
the need.
Incorrect answersn
B. A warm site is an ofsite backup facility that is confgured partally with network connectons and
selected peripheral equipment, such as disk and tape units, controllers and CPUs, to operate an
informaton processing facility.
D. A duplicate informaton processing facility is a dedicated, self-developed recovery site that can
back up critcal applicatons.
Question 11
A number of system failures are occurring when correctons to previously detected errors are
resubmited for acceptance testng. This would indicate that the maintenance team is probably not
adequately performing which of the following types of testng?
A. Unit testng
B. Integraton testng
C. Design walk-throughs
D. Confguraton management
Aoswern B
Explanatonn
A common system maintenance problem is that errors are ofen corrected quickly (especially when
deadlines are tght), units are tested by the programmer, and then transferred to the acceptance test
areA . This ofen results in system problems that should have been detected during integraton or
system testng. Integraton testng aims at ensuring that the major components of the system
interface correctly.
Question 12
In an EDI process, the device which transmits and receives electronic documents is then
A. communicatons handler.
B. EDI translator.
C. applicaton interface.
D. EDI interface.
Aoswern A
Explanatonn
A communicatons handler transmits and receives electronic documents between trading partners
and/or wide area networks (WANs).
Incorrect answersn
B. An EDI translator translates data between the standard format and a trading partner's proprietary
format.
C. An applicaton interface moves electronic transactons to, or from, the applicaton system and
performs data mapping.
D. An EDI interface manipulates and routes data between the applicaton system and the
communicatons handler.
Question 13
The MOST signifcant level of efort for business contnuity planning (BCP) generally is required
during then
A. testng stage.
B. evaluaton stage.
C. maintenance stage.
D. early stages of planning.
Aoswern D
Explanatonn
Company.com in the early stages of a BCP will incur the most signifcant level of program
development efort, which will level out as the BCP moves into maintenance, testng and evaluaton
stages. It is during the planning stage that an IS auditor will play an important role in obtaining senior
management's commitment to resources and assignment of BCP responsibilites.
Question 14
Which of the following network confguraton optons contains a direct link between any two host
machines?
A. Bus
B. Ring
C. Star
D. Completely connected (mesh)
Aoswern D
Explanatonn
A completely connected mesh confguraton creates a direct link between any two host machines.
Incorrect answersn
A. A bus confguraton links all statons along one transmission line.
B. A ring confguraton forms a circle, and all statons are atached to a point on the transmission
circle.
D. In a star confguraton each staton is linked directly to a main hub.
Question 15
Which of the following types of data validaton editng checks is used to determine if a feld contains
data, and not zeros or blanks?
A. Check digit
B. Existence check
C. Completeness check
D. Reasonableness check
Aoswern C
Explanatonn
A completeness check is used to determine if a feld contains data and not zeros or blanks. Incorrect
answersn
A. A check digit is a digit calculated mathematcally to ensure original data was not altered.
B. An existence check also checks entered data for agreement to predetermined criteriA .
D. A reasonableness check matches input to predetermined reasonable limits or occurrence rates.
THANKS FOR TRYING THE DEMO OF OUR PRODUCT
Visit Our Site to Purchase the Full Set of Actual CISA Exam Questons With Answers.
http://www.pass4suretest.com/CISA-exam.html
We Also Provide Practce Exam Sofware That Simulates Real Exam Environment And Has
Many Self-Assessment Features. Download Free Product Demo Fromn