1. Right Answer: A
Explanation: The word INCORRECT is the keyword used in this question. You need to find out the incorrect option specified above. The term recovery testing is incorrectly defined in the above options. The correct description of recovery testing is: Recovery Testing '' Checking the system's ability to recover after a software or hardware failureFor CISA exam you should know below types of testing:Unit Testing '' The testing of an individual program or module. Unit testing uses set of test cases that focus on control structure of procedural design. These tests ensure internal operation of the programs according to the specification.Interface or integration testing '' A hardware or software test that evaluates the connection of two or more components that pass information from one area to another. The objective it to take unit tested module and build an integrated structure dictated by design. The term integration testing is also referred to tests that verify and validate functioning of the application under test with other systems, where a set of data is transferred from one system to another.System Testing '' A series of tests designed to ensure that modified programs, objects, database schema, etc , which collectively constitute a new or modified system, function properly. These test procedures are often performed in a non-production test/development environment by software developers designated as a test team. The following specific analysis may be carried out during system testing.Recovery Testing '' Checking the system's ability to recover after a software or hardware failure.Security Testing '' Making sure the modified/new system includes provisions for appropriate access control and does not introduce any security holes that might compromise other systems.Load Testing '' Testing an application with large quantities of data to evaluate its performance during peak hour.Volume testing '' Studying the impact on the application by testing with an incremental volume of records to determine the maximum volume of records that application can process.Stress Testing '' Studying the impact on the application by testing with an incremental umber of concurrent users/services on the application to determine maximum number of concurrent user/service the application can process.Performance Testing '' Comparing the system performance to other equivalent systems using well defined benchmarks.Final Acceptance Testing -It has two major parts: Quality Assurance Testing(QAT) focusing on the technical aspect of the application and User acceptance testing focusing on functional aspect of the application.QAT focuses on documented specifications and the technology employed. It verifies that application works as documented by testing the logical design and the technology itself. It also ensures that the application meet the documented technical specifications and deliverables. QAT is performed primarily by IS department.The participation of end user is minimal and on request. QAT does not focus on functionality testing.UAT supports the process of ensuring that the system is production ready and satisfies all documented requirements. The methods include:Definition of test strategies and procedure.Design of test cases and scenariosExecution of the tests.Utilization of the result to verify system readiness.Acceptance criteria are defined criteria that a deliverable must meet to satisfy the predefined needs of the user. A UAT plan must be documented for the final test of the completed system. The tests are written from a user's perspective and should test the system in a manner as close to production possible.The following were incorrect answers:The other options presented contains valid definitions.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 166

2. Right Answer: C
Explanation: Regression testing is the process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.For CISA exam you should know below mentioned types of testingAlpha and Beta Testing - An alpha version is early version is an early version of the application system submitted to the internal user for testing. The alpha version may not contain all the features planned for the final version. Typically, software goes to two stages testing before it consider finished. The first stage is called alpha testing is often performed only by the user within the organization developing the software. The second stage is called beta testing, a form of user acceptance testing, generally involves a limited number of external users. Beta testing is the last stage of testing, and normally involves real world exposure, sending the beta version of the product to independent beta test sites or offering it free to interested user.Pilot Testing -A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests '' usually over interim platform and with only basic functionalities.White box testing - Assess the effectiveness of a software program logic. Specifically, test data are used in determining procedural accuracy or conditions of a program's specific logic path. However, testing all possible logical path in large information system is not feasible and would be cost prohibitive, and therefore is used on selective basis only.Black Box Testing - An integrity based form of testing associated with testing components of an information system's 'functional' operating effectiveness without regards to any specific internal program structure. Applicable to integration and user acceptance testing.Function/validation testing '' It is similar to system testing but it is often used to test the functionality of the system against the detailed requirements to ensure that the software that has been built is traceable to customer requirements.Regression Testing -The process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.Parallel Testing - This is the process of feeding test data into two systems '' the modified system and an alternative system and comparing the result.Sociability Testing -The purpose of these tests is to confirm that new or modified system can operate in its target environment without adversely impacting existing system. This should cover not only platform that will perform primary application processing and interface with other system but, in a client server and web development, changes to the desktop environment. Multiple application may run on the user's desktop, potentially simultaneously, so it is important to test the impact of installing new dynamic link libraries (DLLs), making operating system registry or configuration file modification, and possibly extra memory utilization.The following were incorrect answers:Parallel Testing - This is the process of feeding test data into two systems '' the modified system and an alternative system and comparing the result.Black Box Testing - An integrity based form of testing associated with testing components of an information system's 'functional' operating effectiveness without regards to any specific internal program structure. Applicable to integration and user acceptance testing.Pilot Testing -A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests '' usually over interim platform and with only basic functionalitiesThe following reference(s) were/was used to create this question:CISA review manual 2014 Page number 167

3. Right Answer: A
Explanation: Parallel testing is the process of feeding test data into two systems '' the modified system and an alternative system and comparing the result.For CISA exam you should know below mentioned types of testingAlpha and Beta Testing - An alpha version is early version is an early version of the application system submitted to the internal user for testing. The alpha version may not contain all the features planned for the final version. Typically, software goes to two stages testing before it consider finished. The first stage is called alpha testing is often performed only by the user within the organization developing the software. The second stage is called beta testing, a form of user acceptance testing, generally involves a limited number of external users. Beta testing is the last stage of testing, and normally involves real world exposure, sending the beta version of the product to independent beta test sites or offering it free to interested user.Pilot Testing -A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests '' usually over interim platform and with only basic functionalities.White box testing - Assess the effectiveness of a software program logic. Specifically, test data are used in determining procedural accuracy or conditions of a program's specific logic path. However, testing all possible logical path in large information system is not feasible and would be cost prohibitive, and therefore is used on selective basis only.Black Box Testing - An integrity based form of testing associated with testing components of an information system's 'functional' operating effectiveness without regards to any specific internal program structure. Applicable to integration and user acceptance testing.Function/validation testing '' It is similar to system testing but it is often used to test the functionality of the system against the detailed requirements to ensure that the software that has been built is traceable to customer requirements.Regression Testing -The process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.Parallel Testing - This is the process of feeding test data into two systems '' the modified system and an alternative system and comparing the result.Sociability Testing -The purpose of these tests is to confirm that new or modified system can operate in its target environment without adversely impacting existing system. This should cover not only platform that will perform primary application processing and interface with other system but, in a client server and web development, changes to the desktop environment. Multiple application may run on the user's desktop, potentially simultaneously, so it is important to test the impact of installing new dynamic link libraries (DLLs ) , making operating system registry or configuration file modification, and possibly extra memory utilization.The following were incorrect answers:Regression Testing -The process of returning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.Black Box Testing - An integrity based form of testing associated with testing components of an information system's 'functional' operating effectiveness without regards to any specific internal program structure. Applicable to integration and user acceptance testing.Pilot Testing -A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests '' usually over interim platform and with only basic functionalitiesThe following reference(s) were/was used to create this question:CISA review manual 2014 Page number 167

4. Right Answer: A
Explanation: For CISA exam you should know below mentioned types of testingAlpha and Beta Testing - An alpha version is early version is an early version of the application system submitted to the internal user for testing. The alpha version may not contain all the features planned for the final version. Typically, software goes to two stages testing before it consider finished. The first stage is called alpha testing is often performed only by the user within the organization developing the software. The second stage is called beta testing, a form of user acceptance testing, generally involves a limited number of external users. Beta testing is the last stage of testing, and normally involves real world exposure, sending the beta version of the product to independent beta test sites or offering it free to interested user.Pilot Testing -A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests '' usually over interim platform and with only basic functionalities.White box testing - Assess the effectiveness of a software program logic. Specifically, test data are used in determining procedural accuracy or conditions of a program's specific logic path. However, testing all possible logical path in large information system is not feasible and would be cost prohibitive, and therefore is used on selective basis only.Black Box Testing - An integrity based form of testing associated with testing components of an information system's 'functional' operating effectiveness without regards to any specific internal program structure. Applicable to integration and user acceptance testing.Function/validation testing '' It is similar to system testing but it is often used to test the functionality of the system against the detailed requirements to ensure that the software that has been built is traceable to customer requirements.Regression Testing -The process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.Parallel Testing - This is the process of feeding test data into two systems '' the modified system and an alternative system and comparing the result.Sociability Testing -The purpose of these tests is to confirm that new or modified system can operate in its target environment without adversely impacting existing system. This should cover not only platform that will perform primary application processing and interface with other system but, in a client server and web development, changes to the desktop environment. Multiple application may run on the user's desktop, potentially simultaneously, so it is important to test the impact of installing new dynamic link libraries (DLLs) , making operating system registry or configuration file modification, and possibly extra memory utilization.The following were incorrect answers:The other options presented does not provides correct difference between black box and white box testing.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 167

5. Right Answer: A
Explanation: In the Range Check control data should not exceed a predefined range of valuesFor CISA exam you should know below mentioned data validation edits and controlsSequence Check '' The control number follows sequentially and any sequence or duplicated control numbers are rejected or noted on an exception report for follow-up purposes. For example, invoices are numbered sequentially. The day's invoice begins with 12001 and ends with 15045. If any invoice larger than 15045 is encountered during processing, that invoice would be rejected as an invalid invoice number.Limit Check -Data should not exceed a predefined amount. For example, payroll checks should not exceed US $ 4000. If a check exceeds US $ 4000, data would be rejected for further verification/authorization.Validity Check -Programmed checking of data validity in accordance with predefined criteria. For example, a payroll record contains a field for marital status and the acceptable status codes are M or S. If any other code is entered, record should be rejected.Range Check -Data should not exceed a predefined range of values. For example, product type code range from 100 to 250. Any code outside this range should be rejected as an invalid product type.Reasonableness check '' Input data are matched to predefined reasonable limits or occurrence rates. For example, a widget manufacturer usually receives an order for no more than 20 widgets. If an order for more than 20 widgets is received, the computer program should be designed to print the record with a warning indicating that the order appears unreasonable.Table Lookups '' Input data comply with predefined criteria maintained in computerized table of possible values. For example, an input check enters a city code of1 to 10. This number corresponds with a computerize table that matches a code to a city name.Existence Check '' Data are entered correctly and agree with valid predefined criteria. For example, a valid transaction code must be entered in transaction code field.Key verification -The keying process is repeated by a separate individual using a machine that compares the original key stroke to the repeated keyed input. For ex. the worker number is keyed twice and compared to verify the keying process.Check digit '' a numeric value that has been calculated mathematically is added to a data to ensure that original data have not been p[ altered or incorrect, butValid, value substituted. This control is effective in detecting transposition and transcription error. For ex. A check digit is added to an account number so it can be checked for accuracy when it is used.Completeness check '' a filed should always contain data rather than zero or blanks. A check of each byte of that field should be performed to determine that some form of data, or not blanks or zeros, is present. For ex. A worker number on a new employee record is left blank. His is identified as a key in filed and the record would be rejected, with a request that the field be completed before the record is accepted for processing.Duplicate check- new transaction is matched to those previously input to ensure that they have not already been entered. For ex. A vendor invoice number agrees with previously recorded invoice to ensure that the current order is not a duplicate and, therefore, the vendor will not be paid twice.Logical relationship check '' if a particular condition is true, then one or more additional conditions or data input relationship may be required to be true and consider the input valid. For ex. The hire data of an employee may be required to be true and consider the input valid. For ex. The hire date of an employee may be required to be more than 16 years past his her date of birth.The following were incorrect answers:Table Lookups '' Input data comply with predefined criteria maintained in computerized table of possible values. For example, an input check enters a city code of1 to 10. This number corresponds with a computerize table that matches a code to a city name.Existence Check '' Data are entered correctly and agree with valid predefined criteria. For example, a valid transaction code must be entered in transaction code field.Reasonableness check '' Input data are matched to predefined reasonable limits or occurrence rates. For example, a widget manufacturer usually receives an order for no more than 20 widgets. If an order for more than 20 widgets is received, the computer program should be designed to print the record with a warning indicating that the order appears unreasonable.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 215