Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?
Attempt to submit new account applications with invalid dates of birth.
Review the business requirements document for date of birth field requirements.
Review new account applications submitted in the past month for invalid dates of birth.
Evaluate configuration settings for the date of birth field requirements
Data analytics is the process of collecting, transforming, analyzing, and visualizing data to gain insights and support decision making1. Data analytics can be used to facilitate the testing of a new account creation process by applying various techniques and methods to evaluate the quality, functionality, performance, and security of the process. One of the approaches that would utilize data analytics to test the new account creation process is to review new account applications submitted in the past month for invalid dates of birth. This approach would involve the following steps:
Extract the data of new account applications from the source system, such as a database or a web service, using appropriate tools and methods.
Transform and clean the data to ensure its accuracy, completeness, consistency, and validity, using techniques such as data profiling, data cleansing, data mapping, and data validation2.
Analyze the data to identify any anomalies, errors, or outliers in the date of birth field, using methods such as descriptive statistics, exploratory data analysis, hypothesis testing, or anomaly detection3.
Visualize the data to present the findings and insights in a clear and understandable way, using tools and techniques such as charts, graphs, dashboards, or reports.
By reviewing new account applications submitted in the past month for invalid dates of birth, the tester can use data analytics to:
Verify if the new account creation process is working as expected and meets the business requirements and specifications for the date of birth field.
Detect any defects or issues in the new account creation process that may cause invalid dates of birth to be accepted or rejected incorrectly.
Measure and monitor the performance and reliability of the new account creation process in terms of data quality, accuracy, and completeness.
Evaluate and improve the test coverage and effectiveness of the new account creation process by identifying any gaps or risks in the test cases or scenarios.
Therefore, option C is the correct answer.
Option A is not correct because attempting to submit new account applications with invalid dates of birth is not a data analytics approach, but a functional testing approach that involves executing test cases or scenarios manually or automatically to validate the behavior and functionality of the new account creation process. Option B is not correct because reviewing the business requirements document for date of birth field requirements is not a data analytics approach, but a requirements analysis approach that involves examining and understanding the needs and expectations of the stakeholders for the new account creation process. Option D is not correct because evaluating configuration settings for date of birth field requirements is not a data analytics approach, but a configuration testing approach that involves verifying if the settings and parameters of the new account creation process are correct and consistent with the requirements.
References:
What is Data Analytics? Definition & Examples1
Data Transformation: Definition & Examples2
Data Analysis: Definition & Examples3
Data Visualization: Definition & Examples
Functional Testing: Definition & Examples
Requirements Analysis: Definition & Examples
Configuration Testing: Definition & Examples
Which of the following is MOST likely to be a project deliverable of an agile software development methodology?
Strictly managed software requirements baselines
Extensive project documentation
Automated software programming routines
Rapidly created working prototypes
A project deliverable is a tangible or intangible product or service that is produced as a result of a project and delivered to the customer or stakeholder. A project deliverable can be either an intermediate deliverable that is part of the project process or a final deliverable that is the outcome of the project.
An agile software development methodology is a project management approach that involves breaking the project into phases and emphasizes continuous collaboration and improvement. Teams follow a cycle of planning, executing, and evaluating. Agile software development methodologies value working software over comprehensive documentation and respond to change over following a plan.
Rapidly created working prototypes are most likely to be a project deliverable of an agile software development methodology because they:
Provide early and frequent feedback from customers and stakeholders on the functionality and usability of the software product
Allow for rapid validation and verification of the software requirements and design
Enable continuous improvement and adaptation of the software product based on changing customer needs and expectations
Reduce the risk of delivering a software product that does not meet customer needs or expectations
Increase customer satisfaction and trust by delivering working software products frequently and consistently
Some examples of agile software development methodologies that use rapidly created working prototypes as project deliverables are:
Scrum - a framework that organizes the work into fixed-length sprints (usually 2-4 weeks) and delivers potentially shippable increments of the software product at the end of each sprint1
Extreme Programming (XP) - a methodology that focuses on delivering high-quality software products through practices such as test-driven development, pair programming, continuous integration, and frequent releases2
Rapid Application Development (RAD) - a methodology that emphasizes rapid prototyping and user involvement throughout the software development process3
The other options are not likely to be project deliverables of an agile software development methodology.
Strictly managed software requirements baselines are not likely to be project deliverables of an agile software development methodology. A software requirements baseline is a set of agreed-upon and approved software requirements that serve as the basis for the software design, development, testing,and delivery. A strictly managed software requirements baseline is a software requirements baseline that is controlled and changed only through a formalchange management process. Strictly managed software requirements baselines are more suitable for traditional or waterfall software development methodologies that follow a linear and sequential process of defining, designing, developing, testing, and delivering software products. Strictly managed software requirements baselines are not compatible with agile software development methodologies that embrace change and flexibility in the software requirements based on customer feedback and evolving needs.
Extensive project documentation is not likely to be project deliverables of an agile software development methodology. Project documentation is any written or electronic information that describes or records the activities, processes, results, or decisions of a project. Extensive project documentation is project documentation that covers every aspect of the project in detail and requires significant time and effort to produce and maintain. Extensive project documentation is more suitable for traditional or waterfall software development methodologies that rely on comprehensive documentation to communicate and document the project scope, requirements, design, testing, and delivery. Extensive project documentation is not compatible with agile software development methodologies that value working software over comprehensive documentation and use minimal documentation to support the communication and collaboration among the project team members.
Automated software programming routines are not likely to be project deliverables of an agile software development methodology. Automated software programming routines are programs or scripts that perform repetitive or complex tasks in the software development process without human intervention. Automated software programming routines can improve the efficiency, quality, and consistency of the software development process by reducing human errors, saving time, and enforcing standards. Automated software programming routines can be used in any software development methodology, but they are not specific to agile software development methodologies. Automated software programming routines are not considered as project deliverables because they are not part of the final product that is delivered to the customer.
Which of the following is MOST helpful for an IS auditor to review when evaluating an organizations business process that are supported by applications and IT systems?
Configuration management database (CMDB)
Enterprise architecture (EA)
IT portfolio management
IT service management
The most helpful thing for an IS auditor to review when evaluating an organization’s business processes that are supported by applications and IT systems is the enterprise architecture (EA). EA is the practice of designing a business with a holistic view, considering all of its parts and how they interact. EA defines the overall goals, the strategies that support those goals, and the tactics that are needed to execute those strategies. EA also outlines the ways various components of IT projects interact with one another and with the business processes. By reviewing the EA, an IS auditor can gain a comprehensive understanding of how the organization aligns its IT efforts with its overall mission, business strategy, and priorities. An IS auditor can also assess the effectiveness, efficiency, agility, and continuity of complex business operations.
The other options are not as helpful as option B. A configuration management database (CMDB) is a database that stores and manages information about the components that make up an IT system. A CMDB tracks individual configuration items (CIs), such as hardware, software, or data assets, and their attributes, dependencies, and changes over time. A CMDB can help an IS auditor to monitor the performance, availability, and configuration of IT assets, but it does not provide a holistic view of how they support the business processes. IT portfolio management is the practice of managing IT investments, projects, and activities as a portfolio. IT portfolio management aims to optimize the value, risk, and cost of IT initiatives and align them with the business objectives. IT portfolio management can help an IS auditor to evaluate the return on IT investments and the alignment of IT projects with the business strategy, but it does not provide a detailed view of how they support the business processes. IT service management (ITSM) is the practice of planning, implementing, managing, and optimizing IT services to meet the needs of end users and customers. ITSM focuses on delivering IT as a service using standardized processes and best practices. ITSM can help an IS auditor to review the quality, efficiency, and effectiveness of IT service delivery and support, but it does not provide a comprehensive view of how they support the business processes. References: What is enterprise architecture (EA)? - RingCentral, What is a configuration management database (CMDB)? - Red Hat, IT Portfolio Management Strategies | Smartsheet, What is IT service management (ITSM)? | IBM
Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?
Legacy data has not been purged.
Admin account passwords are not set to expire.
Default settings have not been changed.
Database activity logging is not complete.
Admin accounts typically have the highest level of privileges and access to sensitive data. If the passwords for these accounts are not set to expire, it increases the risk of unauthorized access and potential security breaches. This is especially true if an admin’s credentials are compromised, as the attacker could have ongoing access to critical systems and data1.
References:
Database Auditing - Satori
Copyright © 2021-2025 CertsTopics. All Rights Reserved
