1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

The difference between whitebox testing and blackbox testing
is that whitebox testing:

A. involves the IS auditor.

B. is performed by an independent programmer team.

C. examines a program's internal logical structure.

D. uses the bottom-up approach.

Question Posted / guest


The difference between whitebox testing and blackbox testing is that whitebox testing: A. involv..

Answer / guest

Answer: C

Blackbox testing observes a system's external behavior,
while whitebox testing is a detailed exam of a logical path,
checking the possible conditions. The IS auditor need not be
involved in either testing method. The bottom-up approach
can be used in both tests. Whitebox testing requires
knowledge of the internals of the program or the module to
be implemented/tested. Blackbox testing requires that the
functionality of the program be known. The independent
programmer team would not be aware of the application of a
program in which they have not been involved. Hence, the
independent programmer team cannot provide any assistance in
either of these testing approaches.

Is This Answer Correct ?    8 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

A database administrator is responsible for: A. defining data ownership. B. establishing operational standards for the data dictionary. C. creating the logical and physical database. D. establishing ground rules for ensuring data integrity and security.

1 Answers  

Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation? A. Multiple cycles of backup files remain available. B. Access controls establish accountability for e-mail activity. C. Data classification regulates what information should be communicated via e-mail. D. Within the enterprise, a clear policy for using e-mail ensures that evidence is available.

1 Answers  

Which of the following is a benefit of a risk-based approach to audit planning? Audit: A. scheduling may be performed months in advance. B. budgets are more likely to be met by the IS audit staff. C. staff will be exposed to a variety of technologies. D. resources are allocated to the areas of highest concern.

1 Answers  

Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting

1 Answers  

Which of the following integrity tests examines the accuracy, completeness, consistency and authorization of data? A. Data B. Relational C. Domain D. Referential

1 Answers  




Which of the following would be the LEAST likely indication that complete or selected outsourcing of IS functions should be considered? A. The applications development backlog is greater than three years. B. It takes one year to develop and implement a high-priority system. C. More than 60 percent of programming costs are spent on system maintenance. D. Duplicate information systems functions exist at two sites.

1 Answers  

As a business process reengineering (BPR) project takes hold it is expected that: A. business priorities will remain stable. B. information technologies will not change. C. the process will improve product, service and profitability. D. input from clients and customers will no longer be necessary.

3 Answers  

A B-to-C e-commerce web site as part of its information security program wants to monitor, detect and prevent hacking activities and alert the system administrator when suspicious activities occur. Which of the following infrastructure components could be used for this purpose? A. Intrusion detection systems B. Firewalls C. Routers D. Asymmetric encryption

1 Answers  

Which of the following offsite information processing facility conditions would cause an IS auditor the GREATEST concern? The facility A. is identified clearly on the outside with the company name. B. is located more than an hour driving distance from the originating site. C. does not have any windows to let in natural sunlight. D. entrance is located in the back of the building rather than the front.

1 Answers  

An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning

3 Answers  

Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.

1 Answers  

Which of the following would be of the LEAST value to an IS auditor attempting to gain an understanding of an organization's IT process? A. IT planning documents with deliverables and performance results B. Policies and procedures relating to planning, managing, monitoring and reporting on performance C. Prior audit reports D. Reports of IT functional activities

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)