1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

The difference between whitebox testing and blackbox testing
is that whitebox testing:

A. involves the IS auditor.

B. is performed by an independent programmer team.

C. examines a program's internal logical structure.

D. uses the bottom-up approach.

Question Posted / guest


The difference between whitebox testing and blackbox testing is that whitebox testing: A. involv..

Answer / guest

Answer: C

Blackbox testing observes a system's external behavior,
while whitebox testing is a detailed exam of a logical path,
checking the possible conditions. The IS auditor need not be
involved in either testing method. The bottom-up approach
can be used in both tests. Whitebox testing requires
knowledge of the internals of the program or the module to
be implemented/tested. Blackbox testing requires that the
functionality of the program be known. The independent
programmer team would not be aware of the application of a
program in which they have not been involved. Hence, the
independent programmer team cannot provide any assistance in
either of these testing approaches.

Is This Answer Correct ?    8 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Which of the following types of firewalls provide the GREATEST degree and granularity of control? A. Screening router B. Packet filter C. Application gateway D. Circuit gateway

1 Answers  

An organization is developing a new business system. Which of the following will provide the MOST assurance that the system provides the required functionality? A. Unit testing B. Regression testing C. Acceptance testing D. Integration testing

1 Answers  

A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.

2 Answers  

Which of the following testing methods is MOST effective during the initial phases of prototyping? A. System B. Parallel C. Volume D. Top-down

2 Answers  

During an audit, an IS auditor learns that lengthy and complex passwords are required to reach the network via modem. These passwords were established by an outside provider. The communications software allows users to select a ?remember password? option. What should the IS auditor's PRIMARY recommendation be? A. Disable the save password option and have users record them elsewhere. B. Request that the provider change the dial-in password to a group password. C. Establish and enforce a process to have users change their passwords. D. Allow users to change their passwords to something less complex.

1 Answers  




Which of the following techniques or tools would assist an IS auditor when performing a statistical sampling of financial transactions maintained in a financial management information system? A. Spreadsheets B. Parallel simulation C. Generalized audit software D. Regression testing

1 Answers  

In planning a software development project, which of the following is the MOST difficult to determine? A. Project slack times B. The project's critical path C. Time and resource requirements for individual tasks D. Relationships that preclude the start of an activity before others are complete

1 Answers  

Which of the following integrity tests examines the accuracy, completeness, consistency and authorization of data? A. Data B. Relational C. Domain D. Referential

1 Answers  

A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in.TCP services.

1 Answers  

In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as: A. isolation. B. consistency. C. atomicity. D. durability.

2 Answers  

Which of the following data entry controls provides the GREATEST assurance that the data is entered correctly? A. Using key verification B. Segregating the data entry function from data entry verification C. Maintaining a log/record detailing the time, date, employee's initials/user id and progress of various data preparation and verification tasks D. Adding check digits

1 Answers  

Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems? A. Proxy server B. Firewall installation C. Network administrator D. Password implementation and administration

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)