The application test plans are developed in which of the
following systems development life cycle (SDLC) phases?
A. Design
B. Testing
C. Requirement
D. Development
- 1 Answers
- 5181 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Developing test plans for the various levels of testing is
one of the key activities during the application development
design phase. The test plans are used in the actual software
testing.
| Is This Answer Correct ? | 6 Yes | 0 No |
When developing a risk management program, the FIRST activity to be performed is a/an: A. threats assessment. B. classification of data. C. inventory of assets. D. criticality analysis.
Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.
The PKI element that manages the certificate life cycle, including certificate directory maintenance and certificate revocation list (CRL) maintenance and publication is the: A. certificate authority. B. digital certificate. C. certification practice statement. D. registration authority.
A programmer managed to gain access to the production library, modified a program that was then used to update a sensitive table in the payroll database and restored the original program. Which of the following methods would MOST effectively detect this type of unauthorized changes? A. Source code comparison B. Executable code comparison C. Integrated test facilities (ITF) D. Review of transaction log files
After a full operational contingency test, the IS auditor performs a review of the recovery steps and concludes that the elapsed time until the technological environment and systems were actually functioning, exceeded the required critical recovery time. Which of the following should the auditor recommend? A. Perform an integral review of the recovery tasks. B. Broaden the processing capacity to gain recovery time. C. Make improvements in the facility's circulation structure. D. Increase the amount of human resources involved in the recovery.
Which of the following would be the BEST population to take a sample from when testing program changes? A. Test library listings B. Source program listings C. Program change requests D. Production library listings
An advantage in using a bottom-up versus a top-down approach to software testing is that: A. interface errors are detected earlier. B. confidence in the system is achieved earlier. C. errors in critical modules are detected earlier. D. major functions and processing are tested earlier.
Authentication is the process by which the: A. system verifies that the user is entitled to input the transaction requested. B. system verifies the identity of the user. C. user identifies himself to the system. D. user indicates to the system that the transaction was processed correctly.
Which of the following procedures can a biometric system perform? A. Measure airborne contamination. B. Provide security over physical access. C. Monitor temperature and humidity levels. D. Detect hazardous electromagnetic fields in an area.
During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification
Which of the following controls would BEST detect intrusion? A. User ids and user privileges are granted through authorized procedures. B. Automatic logoff is used when a workstation is inactive for a particular period of time. C. Automatic logoff of the system after a specified number of unsuccessful attempts. D. Unsuccessful logon attempts are monitored by the security administrator.
Cisco Certifications 
