Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following techniques would provide the BEST
assurance that the estimate of program development effort is
reliable?
A. Function point analysis
B. Estimates by business area
C. A computer-based project schedule
D. An estimate by experienced programmer
- 1 Answers
- 4269 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The use of estimation techniques, such as function point
analysis or lines of code estimation, provide a firm basis
for estimation, particularly if supported by historic
records of past activities. An estimate by an experienced
programmer would be the next best option. However, it may be
individualistic and unless there is a standard approach
adopted by the programmer, the estimate can vary
considerably from one programmer to another. Standard
project scheduling tools assist in working out the overall
project schedule, but are reliant on the quality of
estimation of individual tasks. They do not give an estimate
of actual development cost.
| Is This Answer Correct ? | 3 Yes | 0 No |
Requiring passwords to be changed on a regular basis, assigning a new one-time password when a user forgets his/hers, and requiring users not to write down their passwords are all examples of: A. audit objectives. B. audit procedures. C. controls objectives. D. control procedures.
Data flow diagrams are used by IS auditors to: A. order data hierarchically. B. highlight high-level data definitions. C. graphically summarize data paths and storage. D. portray step-by-step details of data generation.
To help mitigate the effects of a denial of service attack, which mechanism can an Internet service provider (ISP) use to identify Internet protocol (IP) packets from unauthorized sources? A. Inbound traffic filtering B. Rate limiting C. Reverse address lookup D. Network performance monitoring
An IS auditor evaluates the test results of a modification to a system that deals with payment computation. The auditor finds that 50 percent of the calculations do not match predetermined totals. Which of the following would MOST likely be the next step in the audit? A. Design further tests of the calculations that are in error. B. Identify variables that may have caused the test results to be inaccurate. C. Examine some of the test cases to confirm the results. D. Document the results and prepare a report of findings, conclusions and recommendations.
Birth date and marriage date items were switched while entering data. Which of the following data validation checks could detect this? A. Logical relationship B. Sequence C. Reasonableness D. Validity
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? A. Invite client participation. B. Involve all technical staff. C. Rotate recovery managers. D. Install locally stored backup.
Which of the following concerns associated with the World Wide Web would be addressed by a firewall? A. Unauthorized access from outside the organization B. Unauthorized access from within the organization C. A delay in Internet connectivity D. A delay in downloading using file transfer protocol (FTP)
Which of the following would provide a mechanism whereby IS management can determine if the activities of the organization have deviated from the planned or expected levels? A. Quality management B. IS assessment methods C. Management principles D. Industry standards/benchmarking
When a PC that has been used for the storage of confidential data is sold on the open market the: A. hard disk should be demagnetized. B. hard disk should be mid-level formatted.s C. data on the hard disk should be deleted. D. data on the hard disk should be defragmented.
An IS auditor who is reviewing application run manuals would expect them to contain: A. details of source documents. B. error codes and their recovery actions. C. program logic flowcharts and file definitions. D. change records for the application source code.
In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls
Cisco Certifications 
