CSQA_Final_Trac nghiem

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

1 "As the continuum of work processes move or evolve towards creative processes, the mix of written procedures and people skills change. A. True B. False"

A

105 "Matrix diagrams can be used for the following, except for: A. Focus on a specific objective and process B. Research or survey customer preferences C. Evaluate tools available versus usage D. Correlate defect rates, cycle times, and effort"

A

107 "A review that uses subject matter experts to ensure that critical success factors are being adequately addressed is a: A. Checkpoint Review B. In-Process Review C. Critical Design Review D. Phase-End Review E. Walkthrough"

A

11 "Internal control systems have two components. The first is_____________ ,and the second is the __________ within an individual business application A. Environmental Controls, Transaction Processing Controls B. Transaction Processing Controls, Environmental Controls C. General Control, Environmental Control D. Environmental Control, General Control"

A

110 "It is generally recognized that software testing should begin at which software development phase? A. Requirements Phase B. Internal Design Phase C. External Design Phase D. Build Phase E. After Software has Been Built"

A

118 "As per Deming's principle 'improve supervision', which one of the following should be discouraged? A. Supervisor calls the worker's attention to every defect B. Supervisor has more time to help people on the job C. Supervisor uses statistical methods"

A

123 "In the quality management infrastructure, the level which 'commits resources' is called: A. Quality Council B. Management Committee C. Middle Management D. Task Forces"

A

127 "Risk management is not an independent auditing process. A. True B. False"

A

128 "In terms of benefit compared to the control's cost, identify the correct sequence of controls in ascending order of cost. A. Preventive Control, Detective Control, Corrective Control B. Detective Control, Corrective Control, Preventive Control C. Preventive Control, Corrective Control, Detective Control"

A

129 "Which of the following is a characteristic of hardware compatibility? A. Disk Storage Unit Capacity B. Version of Operating System in Use C. Name of Operating System D. Program Compatibility"

A

131 "Process capability determination motivates an organization towards process improvements. A. True B. False"

A

135 "Management commitment is the single most important requirement for successful implementation of quality management. A. True B. False"

A

139 "QA is a management function with emphasis on the process producing the product. A. True B. False"

A

140 "Who is responsible to ensure that the organization has sufficiently trained personnel to protect its IT resources? A. CIO /IT Director B. Management C. Delivery Manager D. Director"

A

143 "Which of the following is not normally included in a contract for an outside organization to develop software for your use? A. Why it is needed B. What is done C. When it is done D. Who does what E. Penalties for nonperformance"

A

144 "One way to minimize risk is to: A. Install Controls B. Decrease Acceptance Testing C. Increase the Probability Factor D. None of the above E. All of the above"

A

15 "Strategic planning answers which of the following questions: A. What to do? B. When to do it? C. How to do it? D. Where to do it? E. Who does it?"

A

152 "It is very important 'to evaluate how employees feel about their manager or leader' to assess the climate of a specific organization or group. An assessment of an organization's 'climate' discovers if the employees' satisfaction level is positive or negative. A. True B. False"

A

154 "Focusing on quality can increase productivity, reduce costs, and improve customer satisfaction. A. True B. False"

A

158 "Many people believe there is an overlap between internal auditors and quality assurance, however, the main role of internal auditing is to: A. Identify and report problems B. Define and implement solutions to a problem C. Build processes that prevent problems from occurring D. Check all products to make sure they are defect free E. Conduct acceptance testing before usage"

A

16 "Enforcement of standards is the responsibility of: A. Management B. Quality Assurance C. Quality Control D. Auditors"

A

165 "These five components (environment, risk assessment, control activities, information communication, and monitoring) are associated with which of the following control models: A. COSO Internal Control Framework Model B. ISO Model C. Malcolm Baldrige National Quality Award Model D. Enterprise Risk and Management Model E. CobiT Model"

A

170 "When maturing the management process, movement will be from: A. Product Focus to Process Focus B. Process Focus to Product Focus C. Team Focus to Product Focus"

A

171 "_________ includes periodically assessing project status, reassessing the documented risks, examining executed strategies that succeeded or failed, and considering new risks A. Risk Monitoring B. Risk Resolution C. Risk Response Planning D. Risk Prioritization"

A

177 "Goals explain how the vision will be achieved. A. True B. False"

A

179 "Critical success factors for purchased software should be defined from the perspective of : A. The User B. Quality Assurance Personnel C. Computer Programmers D. Computer Operations Personnel E. IT Management"

A

199 "If you found, through testing software, that your IT project team was building software with an average of 58 defects per 1000 function points, this would be a: A. Baseline B. Benchmark C. Complexity Metric D. Size Measure"

A

20 "COTS software is normally developed prior to an organization selecting that software for its use. A. True B. False"

A

205 "Which type of monitoring focuses on the input or entrance criteria to a business process, for compliance to organizational policies? A. Preventive Monitoring B. Detective Monitoring C. Management Monitoring D. None of the above"

A

208 "One of the primary objectives of process control is to: A. Reduce Variability B. Increase Competition C. Improve Metrics D. Find Root Causes"

A

210 "A Standard states: A. What B. When C. Where D. Why"

A

221 "Internal control is not a serial process, where one component affects only the next. It is a multidirectional interactive process in which almost any component can and will influence another A. True B. False"

A

222 "As the type of product changes on the process maturity continuum, the work processes also change A. True B. False"

A

223 "A measure is a single attribute of a product or process. A. True B. False"

A

224 "Quality Control implemented through verification techniques is normally performed: A. Manually B. After the software has been executed C. Exclusively by user personnel D. During integration testing E. During system testing"

A

226 "In the context of the PDCA cycle, Work Processes represent the _____ component and the Check Processes represent the ___________component. A. Do | Check B. Plan | Do C. Act | Check D. Do | Act"

A

227 "Staged models are composed of a number of distinct levels of maturity. A. True B. False"

A

229 "A standard must be measurable, attainable, and necessary. What is meant by 'attainable' in this context? A. Given current resources and time frame; the standard can reasonably be complied with every time. B. Given current resources; the standard can reasonably be complied within this time frame. C. Given current time frame; the standard can reasonably be complied with given resources. D. Given current resources and time frame; the standard can reasonably be complied with in this cycle"

A

232 "Managing by process means to use processes to achieve management's desired results. In this the process performance indicators should always be: A. Quantitative B. Qualitative C. Subjective"

A

233 "The factors that need to be addressed during contract negotiations for software developed by an outside organization include the following, except for: A. Adequacy of Control B. Life of Contract C. Warranty D. Multi-Contractor Problem Resolution E. Penalties for Non-performance"

A

235 "Using the PDCA Cycle concept, defining the mission of a Quality Assurance function would be considered which PDCA phase? A. Plan B. Do C. Check D. Act"

A

240 "Which type of control method does not cause interpersonal problems? A. Automatic B. Peer Reviews C. Supervisory D. Third Party E. None of the above"

A

246 "Process Improvement is most effective when it is performed by: A. Owners of the Process B. Quality Assurance Personnel C. Independent Consultants D. Internal Auditors E. Professional Process Developers"

A

247 "Objective of assuring that the software / COTS can be integrated into the business system work flow is to ensure that: A. There is no disruption to normal operation B. Proper training can be given to users C. Manual system can be replaced D. None of the above"

A

248 "QFD can be used to provide forward and backward traceability of value in the software development life cycle. A. True B. False"

A

25 "Example(s) of traditional management philosophy are: A. Fire fighting B. Refine the process C. Teamwork D. A and C E. All the above"

A

260 "Processes containing only common causes of variation are considered stable. A. True B. False"

A

263 "In the context of process maturity, 'check process continuum' moves from: A. Literal Controls to Intent Controls B. Management Controls to Employee Controls C. Intent Controls to Literal Controls D. Minimal to Heavy Controls"

A

265 "At what process maturity level in the SEI process maturity model would you expect that the most effort would be devoted to quality control? A. Level Two B. Level Three C. Level Four D. Level Five"

A

268 "The methods that an organization uses for hiring, training, supervising, and evaluating personnel are what types of controls: A. Environmental Controls B. Transaction Controls C. Operational Controls D. Detective Controls E. Collective Controls"

A

277 "Doing the right thing, doing it the right way, doing it right the first time, and doing it on time without exceeding cost would be characteristics of the: A. Producer's view of quality B. Customer's view of quality C. Supplier's view of quality"

A

282 "A major corporation issued this statement: ""We see ourselves now and in the future as a company with a strong customer franchise, known for reliability, trust and integrity in all relationships. Our business will be based on technologies that have evolved over a long history and which will give us unique advantages over our competition. These technologies will span our core businesses and will also go beyond boundaries we can see today."" What type of statement is this? A. Vision B. Value C. Goal D. Principle"

A

284 "As per Crosby, to reduce Total Product Cost, the best approach is to: A. Increase prevention costs B. Increase appraisal and failure costs C. Reduce prevention costs"

A

29 "Process improvement activities should also be conducted as per a defined process. A. True B. False"

A

291 "The review and approval of a new computer system is an example of: A. Management Control B. Internal Control C. Application Control D. Quality Control E. Process Control"

A

297 "Which of the following is associated with ""Big-Q"" quality as proposed by Dr. Juran? A. Cross-functional teams throughout an organization working to prevent problems B. Team working to improve a specific process C. Creation of quality analysts tool-box D. Departmental team leader's quality analysis"

A

299 "Which of the following is a level for maturing the People Management Processes? A. Innovate B. Process Focus C. Product Focus D. Team Focus"

A

30 "Good ideas are of little value unless they are accepted and implemented. A. True B. False"

A

302 "If an organization was to categorize risks as critical, major, or minor what aspect of Risk Management would that be called? A. Risk Prioritization B. Risk Response Planning C. Risk Resolution D. Risk Analysis E. Risk Monitoring"

A

304 "Evaluating and quantifying the risks, controls, and vulnerabilities is called _________ . A. Risk Analysis B. Risk Planning C. Risk D. Risk Management"

A

305 "Process improvement is most effective when __________ are involved in improving the process. A. Users of the Process B. Quality Assurance Function C. Staff D. Management"

A

307 "Your IT director has asked you to write a policy on security for the organization. What type of control is that security policy? A. Preventive B. Detective C. Corrective D. None of the above"

A

309 "Quality cannot be delegated. A. True B. False"

A

312 "The four interconnected variables of IT development are: A. Scope, schedule, resources, and quality B. Scope, function points, metrics, and budget C. Budget, programming language, quality, and size D. Requirements, design, code, and testing"

A

320 "Desires and intents concerning intended objectives or products, should be set by: A. Management B. Quality Function C. Project Manager D. Quality Team"

A

324 "The quality gap for a software product would be considered: A. The gap between the producer's view and the customer's view B. The gap between the software developer's view and the tester's view C. The gap between the software developer's view and the quality assurance group's view D. The gap between the quality assurance group's view and the quality control group's view E. The gap between the quality control group's view and internal audit's view"

A

325 "A quality tool used to determine and understand the forces that drive and restrain a change. A. Force Field Analysis B. Cause and Effect Diagram C. Matrix D. Playscript"

A

326 "Quality Policy is a: A. Statement of principles B. Mission of the company C. Vision of the company D. Statement of objectives"

A

336 "Unit Testing is normally associated with: A. White Box Testing B. Black Box Testing C. Regression Testing D. Purchased Software E. Code Inspections"

A

337 "With the workbench concept, tools can support: A. Both DO and CHECK procedures B. Only the DO procedures C. The rework initiative D. Only the CHECK procedures"

A

343 "Establishing security baseline is the starting point to a better security program. A. True B. False"

A

345 "A measure can be reliable, but invalid. An unreliable measure cannot be valid. A. True B. False"

A

349 "____________ provides teams an opportunity to reach high-quality decisions with total team commitment. A. Consensus B. Compatibility C. Agreement"

A

353 "The primary responsibility of a quality program, from a producer's standpoint, is that the product produced: A. Meets requirements B. Satisfies the customer C. Is completed on time D. Does not exceed budgeted costs E. All of the above"

A

354 "Many organizations use code inspections as a means for removing defects prior to commencing unit testing. When code inspections are performed, according to the generally accepted code inspection process, the code inspectors are: A. Other Coders B. Quality Assurance Personnel C. Independent Testers D. Internal Auditors E. Computer Operations Personnel"

A

360 "Conducting an inspection of source code is: A. Quality Control B. Compilation C. Quality Assurance D. None of the above"

A

364 "Which technique is a structured, facilitated technique, where all team members participate by individually ranking ideas and then achieve consensus by combining the individual rankings? A. Nominal Group Technique B. Affinity Diagram C. Cause and Effect Diagram D. Control Chart"

A

368 "Which of the following is the correct definition of the quality attribute reliability? A. Extent to which a program can be expected to perform its intended function with required precision B. Extent to which access to software or data by unauthorized persons can be controlled C. Extent to which a program can be used in other applications D. Extent to which a program satisfies its specifications and fulfills the user's mission objectives"

A

369 "A type of ""Review"" where the producer of the material facilitates the review is a: A. Walkthrough B. Inspection C. Peer Review D. Test Readiness Review E. All of the above"

A

375 "The team for establishing a security baseline should consist of: A. Individuals responsible for computer security B. Auditors for internal control activities C. Senior management D. All employees"

A

380 "When should the Test Manager or Test Team Lead join the Software Project Team? A. By the beginning of the requirements phase B. After the requirements have been gathered C. When the design phase begins D. Before the developers start coding E. Before any testing starts"

A

383 "Boundary analysis techniques are used to create test cases that divide equivalence partitioned groups. A. True B. False"

A

388 "Statement Coverage is: A. White-Box Testing B. Black-Box Testing C. Tree Testing D. Static Testing E. Functional Testing"

A

39 "Testing to determine whether current changes have adversely affected previous functionality is called: A. Regression Testing B. System Testing C. Unit Testing D. Acceptance Testing E. Integration Testing"

A

390 "Causes of variation that are typically ""external"" to the process are referred to as: A. Special Causes of Variation B. Common Causes of Variation C. Separate Causes of Variation D. None of the above"

A

392 "An objective for conducting a 'baseline study' can be to identify quantitatively 'potential problems'. A. True B. False"

A

393 "As processes mature, there is a decrease in cycle time to produce a product. A. True B. False"

A

397 "The objective of estimation sampling is to select a sample, which represents the universe as closely as possible and is a snapshot of the universe. Estimation will permit the Quality Assurance Analyst to inform management of the size or severity of a problem without examining the entire universe. The data gathered in the sample is extrapolated to the entire universe A. True B. False"

A

398 "Customer software requirements are an attribute of a: A. Product / Service B. Process C. Metric D. Architecture"

A

399 "The workbench definition should contain a policy statement. The objective of the policy statement is which of the following? A. Define why the workbench is performed B. Define what the workbench is to accomplish C. Explain how the workbench will perform the tasks D. Define the quality of the offered product E. Define who is accountable for performing the workbench"

A

404 "Which one of the following is a disadvantage of Functional Testing? A. Potential of missing logical errors in software B. Its tests do not ensure that user requirements have been met C. Its tests may not mimic real-world situations D. None of the above"

A

405 "Cooperation is required to improve quality and to implement quality management. A. True B. False"

A

407 "In which company was the concept known as ""Just in Time"" first implemented? A. Toyota B. Motorola C. Honda D. Microsoft"

A

411 "In a software system a control implemented to protect the security of the system is: A. Part of the overall system of internal controls B. Only part of an organization's system of management controls C. Only part of the organization's transaction process controls"

A

417 "If there is a 50% probability of a risk occurring and the impact of the occurrence is $40,000 lost of revenue, then what is the expected value of the risk? A. $20,000 B. $80,000 C. $2,000 D. $800,000"

A

421 "Staff job satisfaction increases significantly as processes mature. A. True B. False"

A

422 "Which of the following quality control activities is most effective in uncovering defects? A. Inspections B. Unit Testing C. Integration Testing D. System Testing E. Acceptance Testing"

A

423 "The check sheet is used to record data gathered over a period of time to determine frequency of an event. A. True B. False"

A

426 "In a Waterfall Development Model, most risk management activity occurs close to milestones. A. True B. False"

A

428 "Which of the following is the correct definition of productivity? A. The ratio of output of a process to input B. The work effort that produces a product C. The step-by-step methods followed to ensure that standards are met D. The length of time to produce a product E. The ratio of input of a process to output"

A

43 "Which is generally considered the most important step in the process of contracting for software development? A. Selecting an outside organization as a contractor B. Contract negotiations C. Operation for maintenance D. Budget Criteria"

A

432 "What type of testing evaluates the completeness of the documentation associated with a software application? A. Verification testing B. Validation testing C. Testing by observing the demonstration of the software D. Parallel testing the operational COTS software versus the current method of processing"

A

441 "There is a strong correlation between process maturity and defect rates. As the process maturity level increases, the defect rate decreases. A. True B. False"

A

447 "Procedures describe how methods, _________, techniques, and people are applied to perform a process? A. Tools B. Applications C. Software D. None of the above"

A

448 "During the management cycle, which activity MUST be integrated with other activities because it is a continuous activity? A. Plan with Do, Check, and Act B. Act with Plan, Do, and Check C. Check with Plan, Do, and Act D. None of the above"

A

453 "Your manager describes his / her desires and intents concerning a process to you. The manager is describing the: A. Policy B. Standard C. Procedure"

A

462 "Which is the best positioning of a quality manager within the IT organization? A. Senior IT Manager B. Manager of Systems Programming C. Manager of Computer Operations D. Outside of the IT Function"

A

463 "Requirements reviews, code walkthroughs, and inspections are examples of: A. Verification B. Validation"

A

466 "According to quality experts, the most effective way to implement quality practices is: A. Top-down - management is the driver B. Bottom-up - workers put in good quality practices"

A

470 "Risk has two attributes. One is magnitude and the other is: A. Frequency B. Cause C. Type D. Use"

A

49 "Which of the following is not one of the phases of 'Team Development' ? A. Performing B. Forming C. Conforming D. Storming"

A

50 "Which of the following is the measurement of your current level of performance: A. Baseline B. Benchmark C. Assessment D. Audit"

A

53 "A histogram is a bar graph. A. True B. False"

A

57 "Which category of control methods is the most acceptable to the individual? A. Automatic B. Auditors C. Peer Reviews D. Supervisory E. Third Party"

A

66 "Which of the following is a level for maturing the Quality Assurance Processes? A. Controlling B. Verification C. Business Requirements D. Relational Requirements"

A

7 "A subjective enforcement decision is when someone analyzes the situation and then makes a decision on whether or not to enforce the policy. A. True B. False"

A

70 "COQ is also known as 'Price of Non-Conformance'. A. True B. False"

A

76 "Which one of the following is NOT a component of CMMi maturity levels? A. Common Practices B. Specific Goals C. Process Areas D. Generic Goals"

A

82 "Which of the following statements completely interprets the 'Act' phase of PDCA cycle? A. Correct the abnormality and prevent its recurrence B. Correct the abnormality C. Prevent the recurrence of abnormality D. Follow quality control activities"

A

92 "Capability Maturity Model(s) (CMMs) are defined and managed by: A. Software Engineering Institute B. Malcolm Baldrige Organization C. International Standards Organization D. Quality Assurance Institute"

A

97 "The Quality Manager is in the business of selling quality. A. True B. False"

A

101 "Example of a test activity to be performed during Maintenance Phase is: A. Determine Test Strategy B. Modify and Retest C. Determine Adequacy of Design D. Design Phase Activities"

B

108 "ISO /IEC 15504: Process Assessment is formerly known as: A. PDCA B. SPICE C. ITIL D. ISMS"

B

112 "When management selects an approach or set of actions to align assessed risks with the organization's risk appetite in the context of strategy and objectives, this is called: A. Risk Assessment B. Risk Response C. Risk Analysis D. Information and Communication E. Monitoring"

B

114 "Which of the following quality control processes is used by an organization at a high quality control maturity level? A. Adhoc Testing B. Statistical Process Control C. Defect Management D. Verification E. Validation"

B

115 "Statistical Process Control is used to measure: A. Productivity B. Variance in Processing C. Compliance to Standards D. Defect Rates"

B

116 "When using a cause-and-effect diagram to build controls, the effect that is desired is the achievement of the control objective. The causes defined in the cause-and-effect diagram are listed for what purpose: A. To identify who is responsible for control B. To identify the control needed to achieve the control objective C. To quantify the risks associated with the control objective D. To match the causes to the COSO control model E. To match the causes to the enterprise risk management model"

B

117 "If common causes of variation result in a process operating outside the customer's specifications, the process is improved by reducing the special causes of variation. A. True B. False"

B

119 "Yield or productivity is the example of ___________ indicators. A. Process Input B. Process Output C. Process Definition D. Process Layout"

B

125 "What might be considered one of the most important components of a security awareness program? A. Meeting the requirements of the Sarbanes Oxley Act B. Assuring that there is an understanding of who has responsibility for IT security awareness and training C. Budgeting for security awareness training D. Utilizing automation in developing security awareness E. Implementing the security policy"

B

126 "As per the 'Quality Leader Behavior Model', quality leader should NOT: A. Empower others B. Supervise and identify defects C. Coach, train and educate D. Remove obstacles to performance"

B

132 "The factors that must be present in acquired software for that software to be successful in your organization are called: A. COTS Factors B. Critical Success Factors C. Test Factors D. Budget and Schedule Factors"

B

133 "The development of the approach for process deployment is much harder than the actual deployment of the process. A. True B. False"

B

136 "Correlation between process maturity and an organization's willingness to embrace change can be described as: A. Accelerates at the lower levels and lags during the higher levels of maturity B. Lags slightly at the lower levels and accelerates during the higher levels of maturity C. Accelerates at same rate at all levels D. None of the above"

B

138 "Which of the following is NOT one of the five channels of communication? A. Information Channel B. Emotional Channel C. Vocal Channel D. Body Channel E. Verbal Channel"

B

14 "Laws and regulations affecting the products produced and operated are generally addressed in which planning activity: A. Business or Activity Planning B. Environment Planning C. Capabilities Planning D. Assumptions Planning E. Policies Planning"

B

142 "One of the critical success factors in acquiring COTS software is that the vendor will continue to provide additional features in the future. This critical success factor is commonly referred to as: A. Ease of Use B. Expandability C. Maintainability D. Transferability E. Reliability"

B

145 "Quality award given in Japan is: A. Malcolm Baldrige National Quality Awards B. Deming Prize C. Juran Prize D. Japanese Quality Award"

B

149 "Experience has shown statistically that as program modules become more complex: A. The time to develop the module decreases B. The amount of effort to test the validity increases geometrically C. The number of defects has an inverse relationship D. The tester needs to segment the program E. The need for a help desk increases"

B

155 "An audit is: A. A process used to measure the current level of performance B. An independent appraisal activity C. An evaluation of a model"

B

159 "The focus of post-implementation reviews or post mortems is to: A. Correct the defects B. Improve the process C. Plan future projects D. Fix the blame for bad quality E. None of the above"

B

160 "In which phase of the Quality Function's maturation does the organization's objectives move from Quality Control to Quality Assurance? A. Initial Phase B. Intermediate Phase C. Final Phase"

B

169 "Quality Assurance is defined as those activities designed to identify 'defects which have already been created'. A. True B. False"

B

173 "An objective measure is a measure that can be obtained by: A. An individual's perception B. Counting C. All the above D. None of the above"

B

18 "The level of quality can vary significantly from project to project. These levels of quality, which can be quantified and measured, are called: A. Defect Density B. Quality Attributes C. Quality Control D. Quality Assurance"

B

182 "The COSO Enterprise Risk Management model's ____________ component ensures that management has a process in place to set objectives and that the chosen objectives support and align with the organization's mission/vision. A. Information and Communication B. Objective Setting C. Risk Assessment D. Control Activities"

B

183 "Statement Testing is included in which of the following test data categories? A. Functional B. Structural C. Error Oriented"

B

185 "A help desk employee is allowed to hire a courier to deliver a report needed quickly by a user; but only up to a cost of $100. This means that the employee is being ___________. A. Mentored B. Empowered C. Trained D. Included"

B

187 "One of the concerns that IT management needs to address with their staff when software development is outsourced to an outside organization is: A. Why the contract was selected B. Loss of employee morale C. Need to cooperate with the contractor D. Benefit to the organization by having software developed at a lower cost E. Improved quality that can be achieved by contracting"

B

19 "The primary responsibility of quality lies with: A. Project Manager B. Senior Management C. Testing Team D. Developer"

B

191 "Process mapping identifies or maps relationships with all the below mentioned activities except? A. Between processes and the organization's mission and goals B. Its process exit criteria and work products C. Its deliverables (products and services) D. Its functional units or roles (people)"

B

193 "Earned Value is used to: A. Manage and Control the Product B. Manage and Control the Process C. Improve the Process D. Manage the Risks"

B

198 "Which of the following tools / techniques is a facilitated technique where all teammates participate by individually ranking ideas, issues, concerns, and solutions; then the group achieves a consensus by combining the individual rankings? A. Brainstorming B. Nominal Group Technique C. Force Field Analysis D. Affinity Diagram E. Benchmarking"

B

200 "The optimal number of task force members is: A. 1 - 3 members B. 3 - 8 members C. 8 - 10 members D. No limit"

B

202 "Controls are placed near the end of a process or workbench because this is the most appropriate location. A. True B. False"

B

206 "Characteristics such as 'product based', 'defect detection', relates to: A. Quality Assurance B. Quality Control C. Quality Improvement"

B

21 "In the PDCA cycle, if a check detects an abnormality, then record the abnormality and continue the work per the procedure. A. True B. False"

B

211 "One of the tools used to analyze process improvement results is: A. Developing measurement capability: Pie Charts B. Analyzing results: Control Charts C. Identifying advanced statistical techniques: QFD D. Identifying data collection tools: Force Field Analysis"

B

212 "The unit testing performed by a programmer is an example of: A. Quality Assurance B. Quality Control C. Walkthroughs D. Service-Level Agreements E. Customer Satisfaction"

B

213 "The objective of process improvement is to eliminate which of the following? A. Individuals that make the process B. Root cause of problems C. Incorrect input of processes D. Process engineering staff E. All of the control personnel"

B

215 "Which one of the following is NOT a step for benchmarking to establish a baseline goal? A. Develop a clearly defined baseline in your organization B. Select a 'process model' for the organization C. Identify the organizations you desire to baseline against D. Compare baseline calculations"

B

218 "One of the reasons a quality baseline needs to be established is: A. Identify missing requirements B. Identify perceived quality problems C. Measure other organizations' quality D. Prepare quality audits"

B

219 "______________is a statement of principles, and a broad guide to action. A. Quality Standards B. Quality Policy C. Quality Procedures D. Guidelines"

B

23 "What early quality pioneer developed the ""Quality Trilogy"" of Quality Planning, Quality Control, and Quality Improvement? A. William Perry B. Joseph Juran C. Dr. Deming D. Philip Crosby E. Bill Gates"

B

230 "Which of the following in the COSO enterprise risk management model is the component that requires ""management to select an approach or set of actions to align assessed risks with the organization's risk appetite, in the context of the strategy and object A. Risk Assessment B. Risk Response C. Control Activities D. Information and Communication E. Monitoring"

B

236 "If a software development contract includes a clause on foreign attachments, which of the following would be considered a foreign attachment? A. A software system developed by an organization in another country B. An application component developed by a different contractor than the one contracted to build software using that component C. The customer's right to discontinue service with the contractor D. Having the hardware installed by an individual from a country other than where the software will be operated"

B

241 "If you had seven programs and the size in 'function points' were 5, 10, 15, 20, 30, 40, and 90. What is the mean size of those seven programs in function points? A. 20 B. 30 C. 40 D. 50 E. 60"

B

242 "_______________ is a structured, problem-solving technique used to show the relationship between groupings. A. Brainstorming B. Matrix C. Affinity Diagram D. Pie Chart"

B

243 "Within an ISO process assessment, a capability level is said to be established 'only' and 'only if' all the process attributes are 'fully achieved'. A. True B. False"

B

244 "____________ Listening is when the listener is performing an analysis of what the speaker said. A. Therapeutic B. Critical C. Comprehensive D. Appreciative E. Discriminative"

B

249 "Which of the following is NOT a major concerns during the operation and maintenance of a purchased application or software? A. Adequacy of Control B. Life of Contract C. Speed of Service "

B

251 "Which of the following is a long term objective of the quality function? A. Redefining a problem process B. Building a quality management environment C. Improving quality control D. Finding and fixing a problem"

B

254 "A common term that is used today for contracting for software development is "performance based contracting."" Performance based contracting means: A. The previous performance of a contractor is a critical success factor B. The performance criteria for a contractor will be defined in the contract C. The performance of the software will be defined in the contract D. The contractor will receive a bonus if performance exceeds the contract provisions"

B

255 "Which of the following would be considered a standard unit of measurement? A. Cost per unit of work B. Lines of code C. Percent over budget D. Defect removal efficiency E. Defects per thousand lines of code"

B

256 "While contracting for outsourced software development, ___________ refers to the rights of the customer to run the application system in more than one location. A. Maintainability B. Transportability C. Security D. Reliability"

B

257 "Baselines should always be based on objectively measured data. For this reason, baselines should never be based on subjective measures. A. True B. False"

B

258 "If the input product to a workbench does not meet the entry criteria, it should be accepted to save time and reworked later in the process. A. True B. False"

B

262 "What technique can be used to provide structure to the ideas from a brainstorming session? A. Brainstorming B. Affinity Diagram C. Matrix D. Pie Chart"

B

272 "Of the following steps, which step of implementing an IT quality function will be performed continually? A. Selecting a Quality Manager B. Driving the implementation of the quality environment C. Developing a charter D. Locating organizationally the IT quality function"

B

273 "Measurement is an algorithm, connecting the desired result with the contributors or causes, that will enable that result to be achieved. These contributors are: A. Team Members Involved B. Attributes of the Processes C. Technology Used D. None of the above"

B

274 "When contracting for software development, what is the correct sequence of events in the contracting life cycle? A. Contract negotiations, selection of an outside organization, operation and maintenance B. Selection of an outside organization, contract negotiations, operation and maintenance C. Operation and maintenance, contract negotiations, selection of an outside organization D. Selection of an outside organization, operation and maintenance, contract negotiations"

B

276 "The stakeholders of security system should be trained on security data collection methods and: A. Organization mission B. Security baseline program and charter C. Requirements"

B

28 "It is generally agreed that people are the key to providing an adequate and appropriate level of security. One of the most effective methods for involving people in security is: A. Write a security policy B. Conduct security awareness training C. Evaluate people on following security procedures D. Write detailed security procedures E. Develop security response programs"

B

283 "__________ is a software metric, developed by Thomas J. McCabe, used to indicate the complexity of a program. A. Knots B. Cyclomatic Complexity C. Lines of Code D. Function Points"

B

285 "The greater the involvement of the entire IT staff in quality, the larger the size of the quality staff that is needed. A. True B. False"

B

286 "As the maturity level increases, the cost per unit of work increases. A. True B. False"

B

295 "An objective baseline relies on judgment being applied in making the measure. A. True B. False"

B

298 "The first step in establishing the strategy for process deployment is: A. Plan the deployment B. Set goals for deployment C. Identify deployment team D. Prioritize"

B

300 "When people are presented with new ideas, their most common reaction is to: A. Accept the idea B. Object to the new idea C. Ask for more information about the idea D. Ask to be trained in the concepts related to the new idea E. Ask for time to consider the idea"

B

301 "Constructive criticism should incorporate all of the following tactics, EXCEPT: A. Have the facts B. Always have another manager in the room C. Be specific on expectations D. Be prepared to help the worker improve their performance E. All of the above"

B

303 "What does 'C' stand for in PDCA cycle? A. Correct B. Check C. Confirm D. Continuous"

B

306 "The plan of organization in methods and procedures adopted by management to ensure that resource use is consistent with laws, regulations, and policies; that resources are safeguarded against waste, loss, and misuse; and that reliable data are obtained, maintained, and fairly disclosed in reports. The previous statement is the definition of: maintained, and fairly disclosed in reports. The previous statement is the definition of: A. Auditing B. Internal Control C. Infrastructure D. Truth in Reporting E. Risk Analysis"

B

31 "Which of the following defines special cause of variation? A. Variation between the upper and lower control limits B. Variation not present in the process C. Conditions that regularly contribute to variability D. Contributes a small portion to control variation of process outputs E. Regular contributors to variability"

B

314 "A process that is effected by an organization's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of operations, reliability and financial reporting and compliance with applicable law and regulations is called: A. Corporate Governance B. System of Internal Control C. Code of Ethics D. Software Security E. Risk Analysis"

B

316 "Critical Success Factors (CSF) are those criteria or factors that: A. Are critical to be defined B. Must be present in acquired software C. Are very desirable in the acquired software D. Will be defined during acceptance testing E. Are limited to functional requirements"

B

321 "The editing ability of the computer can be used to detect errors in ____________ that have not been detected by other control techniques. A. Output Preparation B. Input Preparation C. Output Research D. Input Research"

B

322 "As the organization matures, management relies on __________ for success. A. Managers B. Teams C. Creative Ideas D. Processes"

B

333 "Which quality pioneer gave the concept of 'zero defects' ? A. Dr. Deming B. Philip Crosby C. Joseph Juran D. William Perry"

B

334 "One of the primary goals of defect management is to: A. Uncover Defects B. Prevent Defects C. Assure that Defects are Properly Resolved D. Reporting Defects E. All of the above"

B

338 "One of the first steps in establishing a security program is to develop a snapshot of the organization's security program at a certain time. This snapshot is called: A. Security Snapshot B. Security Baseline C. Security Process D. Security Model E. Risk Assessment"

B

339 "A ""leader"" and a ""manager"" are two terms that basically mean the same thing. A. True B. False"

B

352 "To validate that the COTS software will meet the functional and structural needs of the user, both ________________ and _______________ Testing is performed. A. Correctness; Maintainability B. Correctness; Reliability C. Security; Reliability D. Reusability; Flexibility"

B

355 "The requirement for a control is: A. Limit individual's ability to perform B. A risk to be reduced C. Identify individuals violating organizational rules D. Hold individuals accountable for problems E. Assist management in accomplishing their mission"

B

356 "The concept of continuous improvement as applied to quality means: A. Employees will continue to get better B. Processes will be improved by many small improvements C. Processes will be improved through a few large improvements D. Improved technology will be added to the process, such as acquiring CASE tools E. The functionality of the products will be enhanced"

B

359 "Philip Crosby's concept that ""quality is free"" means that: A. It is not necessary to budget for quality activities B. Quality activities provide a positive return on investment C. Quality activities come out of a corporate budget as opposed to an IT budget D. Individual work activities are not charged for quality activities E. Quality costs should be integrated into project costs"

B

36 "In critical listening, the listener is: A. Sympathetic to the speaker's point of view B. Performing an analysis of what the speaker said C. Selecting pieces of information D. Getting a complete message with minimal distortion E. None of the above"

B

361 "Which of the following is not one of the four major purposes of recording defects? A. To ensure the defect is corrected B. To determine who made the defect C. To report the status of the application D. To gather statistics used to develop defect expectations and future applications E. To improve the software development process"

B

365 "For maturing the management process at Level 3, which of the following should be in focus? A. Employee Suggestion System B. End-user Feedback System C. Employee Surveys D. Quality Planning E. None of the above"

B

366 "The IT tool that teams can use to identify root causes of a problem is: A. Nominal Group Technique B. Cause and Effect Diagram C. Quality Function Deployment D. Force Field Analysis E. Affinity Diagram"

B

371 "When comparing the ratio of testers to developers in your organization with the ratio of testers to developers in another organization, this would be: A. Baselining B. Benchmarking C. ROI Analysis D. Measurement E. None of the above"

B

373 "How do you objectively measure operational reliability? A. Customer satisfaction B. Mean time between failure C. Number of errors in outputs D. Function points per person month"

B

376 "Integration Testing_____________________ and System Testing _________________. A. Validates that logic between the modules/ units executes | Validates the system is connected in the organization's operating environment. B. Tests connecting logic between the modules/units | Validates that the system executes in the organization's operating environment. C. Tests connecting modules/units in the organization's operating environment | Validates that the system operates effectively D. Validates that the system is connected in the organization's operating environment | Validates modules/units are logically"

B

38 "When listening to a speaker, the speaker's verbal, vocal, and body channels always convey the same message. A. True B. False"

B

381 "If you use the PDCA cycle for managing processes, which activity is associated with the planning component? A. Process Definition B. Process Mapping C. Process Measurement D. Process Improvement E. Process Controls"

B

389 "Measurement has a high cost; too much investment is required and the return is too low. A. True B. False"

B

391 "The code walkthrough and code inspection are the same thing. A. True B. False"

B

4 "The acronym COTS refers to: A. Critical Organizational Testing Systems B. Commercial Off The Shelf Software C. Contractor Overview Training System D. Code Origination Tracking System"

B

40 "Branch testing technique is included in which of the following test data categories? A. Functional B. Structural C. Error Oriented"

B

41 "Tactical Planning answers the question: A. What to do? B. How to do it? C. What objectives need to be accomplished? D. How IT customers will be satisfied? E. How customer satisfaction will be exceeded?"

B

414 "There are five levels of ISO Process Capability. A. True B. False"

B

415 "The theory of levels of maturity is that organizations can skip a level if business needs require them to be at a higher maturity level. A. True B. False"

B

418 "Which of the following would be considered the lack of involvement by management to promote quality concepts? A. Unknown software defects in the production system B. Failure to enforce standards C. Lack of a quality vocabulary D. Lack of knowledge of the principles of quality"

B

419 "Which of the following is considered a subjective measure? A. Lines of code B. Customer satisfaction C. Mean time to failure D. Hours to write a thousand lines of code E. Defect removal efficiency"

B

420 "One of the most effective arguments for establishing an independent test group within an IT organization is: A. Programmers cannot be trusted B. It is difficult for people to find their own errors C. Programmers cannot be trained to test D. Organizational auditors like independent testing"

B

424 "Cause-and-effect graphing is a tool used to: A. Trace requirements B. Help determine root causes of problems in processes C. Determine what requirements have been covered D. Graph defects uncovered by cause E. Identifies the routines in which errors occur"

B

425 "Senior management uses ________ to manage the organization and track to mission, vision, or goals. A. Process Dashboards B. Strategic Dashboards C. Tactical Dashboards"

B

427 "Which of the following is the primary objective of a quality improvement program? A. Ensure our users are adequately trained in their work processes B. Reduce the defect rate in IT products and processes C. Identify the individuals responsible for poor quality D. Train workers in how to do quality work E. Identify processes that no longer work"

B

429 "If you were to download a software package, which had been developed and placed on the internet for general usage, the one thing you could not control is: A. Ability to test the software B. Defining the requirements C. Determining how the software will be used D. Training IT staff in how to use the software E. Deciding not to use the software"

B

434 "Audits can be performed by the individuals involved in conducting the work. A. True B. False"

B

436 "A questionnaire has a question that rates ""satisfaction"" on a scale of 1 to 5 where 1 is poo satisfaction and 5 is high satisfaction. The data type for the variable ""satisfaction"" is: A. Ratio B. Ordinal C. Nominal D. Interval"

B

437 "Event identification, control activities, and risk response are included in which of the following internal control models? A. COSO Internal Control Model B. COSO Enterprise Risk Management Model C. CobiT Model"

B

438 "During a review, both the producer and product are reviewed. A. True B. False"

B

443 "Which organization developed the generally accepted model for internal control? A. AICPA B. COSO C. CobiT D. ERME ISO"

B

445 "When building a quality environment, one of top management's major responsibilities must be: A. Setting the ground rules of who can participate B. Developing the vision / values and mission statement for the company C. Determining who should sit on each of the quality boards D. Ensuring that the quality meetings do not last more than one hour"

B

446 "The risk associated with replacing a team member would be characterized as: A. Time-Based B. Situational C. Interdependent D. Time-Based E. Value-Based"

B

45 "The objective of integrating business and quality planning in a single planning cycle is to ensure that: A. Resources should be involved in both strategic and tactical planning B. Adequate resources and time are available to perform the quality activities. C. Individuals executing the business plan cannot differentiate the quality planning from the business planning. D. Both business staff and the quality staff should be involved in IT planning"

B

450 "For contracted software, detailing the obligations of both contractual parties within the contract addresses: A. What is done? B. Who does it? C. When it is done? D. How it is done?"

B

452 "The concept of ""just in time"", as pioneered by Toyota, is only applicable to inventory control. A. True B. False"

B

456 "In the diagram (Refer sheet 456), the sections of the diagram labeled ""A"" and ""B"" represent larger portions of ""DO"" and ""CHECK"". Note that the top of the diagram represents a more creative process and lower portion a more defined process. A. A = DO, B = CHECK B. A = CHECK, B = DO C. A and B are same"

B

457 "In the Cost of Quality diagram shown (Refer sheet #457), the COQ cost labeled ""A"" represents: A. Prevention Costs B. Failure Costs C. Appraisal Costs D. Cost of Production"

B

46 "Which technique is used to develop a common vision of what a process should look like and depicts processes, their relationships, and their owners? A. Flowchart B. Process Map C. Nominal Group Technique D. Pie Chart"

B

467 "The following types of controls, which are designed to alert individuals to a process problem such as control totals assuring data transmissions are complete, are called: A. Preventive Controls B. Detective Controls C. Corrective Controls D. Quality Controls E. All of the above"

B

55 "A test case tested data values at 0, 9, 10, 11, 49, 50, 51, 100. Which black-box technique was most likely used to generate these data points A. Error Guessing B. Boundary Analysis C. Equivalence Partitioning D. Data Sampling"

B

59 "A snapshot of an organization's security program at a certain time is a: A. Security Model B. Security Baseline C. Security Risk D. Security Test Procedure"

B

61 "Which of the following is the correct definition of the Quality Attribute Maintainability? A. Effort required to ensure that the system performs as its intended B. Effort required to locate and fix an error in an operational system C. Extent to which a program satisfies its specifications D. Extent to which a program can be expected to perform its intended function E. None of the above"

B

63 "To measure the customer's perception of the quality of a software system, what type of measure would you use? A. Objective B. Subjective C. Process Measure D. Process Variation"

B

64 "A weakness in an information system, which is a point where the software systems are easiest to penetrate, is called a: A. Risk B. Vulnerability C. Threat D. Control E. Exposure"

B

65 "Which of the following is one of the two major objectives for establishing a security baseline? A. Developing a security budget B. Determining the effectiveness of the security program C. Determine where security training is necessary D. Developing a security policy E. As a basis for organizing a security function"

B

67 "The purpose of the ___________ is to define the work activities that will accomplish the business objectives. A. Management Plan B. Business Plan C. Quality Plan D. Work Plan"

B

68 "It is very easy to distinguish between accidental loss and intentional loss, with respect to security activities. A. True B. False"

B

71 "Customer surveys are: A. Objective Baselines B. Subjective Baselines C. Predictive Baselines"

B

72 "When making a judgment while compliance monitoring, experience plays a larger role when: A. The standard is objective B. The standard is subjective C. Standards should not be a factor D. None of the above"

B

74 "If a programmer follows a series of steps to write a computer program, the programmer is following: A. A Workbench B. A Procedure C. A Standard D. Entry Criteria E. Exit Criteria"

B

78 "Unit testing, system testing and user acceptance testing are examples of: A. Verification B. Validation"

B

80 "In statistics, the mean and median are called: A. SPC B. Measures of Central Tendency C. Variance D. Standard Deviation E. Control Chart"

B

83 "Management tools: A. Have a Mathematical Focus B. Facilitate Decision Making C. Require Automation"

B

9 "Which of the following would be considered an important prerequisite to quality planning? A. Establishing a Quality Assurance Function B. Defining the IT Vision, Mission, and Goals C. Defining the Quality Assurance Mission and Goals D. Adopting the Six Sigma Concept E. Calculating Cost-of-Quality for the IT Organization"

B

93 "While unit testing should be done, it is not necessary to spend the time and effort to develop and document the unit test plan and cases because it is conducted by the developers themselves. A. True B. False"

B

96 "The loss associated with risks can be calculated as follows: A. The cost of controls to minimize the risk B. The probability of an undesirable event occurring times the loss associated with the event C. Implement cost-of-quality accounting D. Obtain loss from a control chart E. Use budgetary accounting"

B

10 "The step which evaluates whether people possess the skills necessary to effectively use the COTS software in their day-to-day work is referred as: A. Demonstrate the Software in Operation B. Acceptance Test the Software Process C. Evaluate People Fit D. Define Critical Success Factor"

C

100 "Conducting software inspections would be considered which of the following cost-of-quality categories? A. Prevention B. Failure C. Appraisal"

C

102 "You have observed a high failure rate in production due to defects in the computer programs. If you follow good quality practices, the approach you would take to reduce the incidence of failure is to: A. Initiate code inspections to identify defects in code B. Increase the type and extent of testing to remove defects before production C. Classify and count the defects so that you can identify and eliminate the root cause D. Encourage the programmers to try harder to make fewer defects E. Include individual defect rates in the performance appraisal system"

C

103 "Which of the following is NOT included in the system specifications used to evaluate the feasibility of an outside organization to develop the software? A. The input needed by the system B. Required processing C. Training to the staff D. Volumes of data processed E. The output to be produced by the system"

C

104 "Which of the following is the most difficult component of the decision making process? A. Identifying the individual to make a decision B. The decision voting process C. Achieving consensus among the involved parties D. Setting time to implement the decisions E. Encouraging the involved parties to contribute to the process"

C

109 "Transaction Flow is used as a basis to: A. Assure compliance with the COSO internal control model B. Assure compliance with the CobiT model C. Identify the points during transaction processing where controls should be placed D. Quantify the risks associated with processing a transaction E. Meet governmental control standards"

C

121 "The person who accepts personal responsibility for the success of quality management without being assigned the responsibility is called____________ . A. Quality Analyst B. Quality Manager C. Quality Champion D. Quality Controller"

C

124 "To reduce the cost of quality, the QA Analyst could: A. Increase Build Cost B. Decrease Preventive Costs C. Increase Preventive Costs D. None of the above"

C

130 "Therapeutic Listening is when the listener is: A. Directed at selecting specific pieces of information B. Gathering the complete message with minimal distortion C. Sympathetic to the speaker's point of view D. Performing an analysis of what the speaker said"

C

134 "As per Crosby, the first step for building an effective quality program is to: A. Set quality goals B. Set up quality measurement system C. Establish management commitment D. Establish quality function"

C

141 "For contracted software development, defining within the contract the dates on which the contractor must provide the contracted software addresses: A. What is done? B. Who does it? C. When it is done? D. How it is done?"

C

146 "The objective of a Pareto Chart is to: A. Show the present value of money B. Identify the cause of problems C. Rank the cause of problems by frequency D. Determine the return on investment E. Show the root cause of problems"

C

150 "Many contracts contain provisions to determine how the contract will be changed in the event that some undetermined circumstance occurs. This provision in a contract is called: A. Compensation for Error B. Exercising Options C. Renegotiation D. Termination Provisions E. Cost Limitations"

C

161 "Baselines should NOT be conducted: A. To determine where detailed investigation is required B. To identify problems /areas for quality improvement C. To evaluate individual performance D. To compare against external organizations"

C

162 "Project objectives and goals expressed in quantitative terms is part of which planning activity? A. Business / Activity Planning B. Environment Planning C. Objective / Goal Planning D. Policies /Procedures Planning"

C

168 "A review that evaluates a preliminary statement of high-level market requirements is a: A. Requirements Review B. Checkpoint Review C. Feasibility Review D. Contract Review E. In-Process Review"

C

174 "The process of implementing a new or improved approach is called: A. Change Process B. Improvement Process C. Deployment Process D. Definition Process"

C

175 "As COTS software is demonstrated in operation and the evaluators watch and listen to the demonstration to evaluate the ease with which the operation process can be learned, they are evaluating what aspect of computer software? A. Quality of Communication B. Ease of Use of Instruction Manual C. Understandability D. Knowledge to Execute E. Effectiveness of Help Routines"

C

176 "Which of the following is NOT an example of a key indicator? A. Productivity B. Customer Satisfaction C. Estimated Size D. Defect Rates"

C

178 "The step-by-step methods used to ensure that standards are met is called: A. A Policy B. Standards C. Procedures D. Accelerates during the higher levels of maturity E. A Process"

C

181 "If a measure is considered valid, it means that: A. It is easy to be obtained B. It is objective C. It measures what it is intended to measure D. Two or more people can collect the same number E. It is robust"

C

188 "What is the primary responsibility of an internal auditor in maintaining the security system? A. Define internal controls B. Conduct training on internal controls C. Examine internal controls and recommend improvements"

C

189 "Stress-testing subjects a system to which of the following types of tests? A. Test Scripts B. System Requirements C. Large Volumes of Transactions D. Change to Transactions E. Error Conditions"

C

190 "Which of the following tools category has a mathematical focus and is related to data collection or interpretation? A. Management Tools B. Presentation Tools C. Statistical Tools D. None of the above"

C

192 "The system having adequate safeguards to protect the data against damage refers to which CSF? A. Maintainability B. Cost-effectiveness C. Security D. Reliability"

C

195 "Which of the following Dynamic Testing techniques produces the highest defect yield? A. Sliver Testing B. Black-Box Testing C. White-Box Testing D. Thread Testing E. Incremental Testing"

C

196 "There are many benefits associated with maturing work processes. As work processes mature, which of the following would be expected to decrease: A. Training B. Management Support C. Defect Rates D. Customer Satisfaction E. Confidence in the Process"

C

203 "What is the correct definition for the term ""testable requirements""? A. A requirement with a test B. A requirement with a minimum of two tests C. A requirement that can be validated to be incorrect or correct D. A requirement that will be tested during test execution E. A requirement that will be assigned to a tester to test"

C

22 "Which of the following is NOT a QFD Horizontal Deployment? A. Functional Deployment B. Information Deployment C. Customer Deployment D. Task Deployment"

C

225 "When a computer operator verifies that the jobs to be run that day have been run is called: A. Walkthrough B. Disaster Recovery C. Quality Control D. Production Planning E. Quality Assurance"

C

237 "If a software project produced over 100 defects, would you state: A. The project was poorly implemented B. The project implemented was acceptable C. You do not have enough information to state an opinion D. The project is not under statistical control"

C

238 "Which of the following is not included in 'Failure Cost' under 'Cost of Quality'? A. Rework Cost B. Complaints C. Inspection Cost D. Damage Claims"

C

26 "SEI's CMMi maturity level 5 is also known as: A. Managed B. Defined C. Optimizing D. Quantitatively Managed"

C

261 "The effort required for testing a program to insure it performs its intended function is called: A. Correctness B. Reliability C. Testability D. Flexibility E. Efficiency"

C

264 "In the CobiT Model, defining and managing service levels, performance, problems and incidences is a component of: A. Plan and Organize B. Acquire and Implement C. Deliver and Support D. Monitor"

C

266 "Effective QA reports written to management ___________. A. Convey Information B. Change the Behavior C. Convey Information and Change Behavior D. Demonstrate the Value of QA"

C

267 "If your IT organization does not have a measurement program, what would be a good prerequisite(s) to implementing a measurement program in your IT organization? A. Train the Quality Assurance staff in measurement B. Select a critical metric set C. Find a champion to promote measurement D. Determine how to correct quantitative data E. All of the above"

C

288 "Which of the following should be the selection criteria for COTS software regarding the integration of the software into an organization's business system work flow? A. It should not be a selection criteria B. It does not need full integration into an organization's business system work flow C. It should be able to be effectively integrated into an organization's business system work flow"

C

290 "In a cost-of-quality analysis, the costs required to avoid errors to do the job right the first time are called: A. Appraisal Costs B. Rework Costs C. Prevention Costs D. Direct Costs"

C

294 "Which of the following would be measured subjectively to develop a baseline: A. Number of people assigned a project B. Projects completed on schedule C. Understandability of training material D. Lines of code"

C

296 "There are two systems in every business application. The first is the system that ___________ business transactions, and the second is the system that _________ the processing of business transactions. A. Interfaces, Activities B. Combines, Activities C. Processes, Controls D. Controls, Processing"

C

310 """Establish Functional Improvement Objectives"" is a step in the ____________ of benchmarking. A. Planning Phase B. Analysis Phase C. Integration Phase D. Action Phase"

C

318 "When there is modification to the structure of a system, which testing type should be used? A. Recovery Testing B. Cycle Testing C. Regression Testing D. Equivalency Class Testing E. Structural Testing"

C

328 "Risk can be mitigated by: A. Developing a contingency plan that would be executed if the risk occurs B. Allow the risk event to occur C. Minimizing the probability of occurrence and the value of the impact D. Avoiding the consequences by eliminating the possibility of the event"

C

33 "What should post-implementation audits NOT be used for? A. Determine if system objectives were met B. Determine if standards were followed C. Determine who is to blame for project problems D. Determine if IT quality objectives were achieved"

C

330 "The variable COUNTRY can have the response Afghanistan, Albania, ... , Zimbabwe. The data type of the variable COUNTRY is: A. Ratio B. Ordinal C. Nominal D. Interval"

C

331 "Which ISO model covers the software life cycle from concept through retirement? A. ISO / IEC 15504 B. ISO 9001 C. ISO / IEC 12207 D. ISO 9000 Family of Standards"

C

332 "If the data in a pie chart represent five components of a total population and four of the five sections of the pie chart represent 15%, 25%, 20%, and 20% of the total population, what percentage of the total population is the fifth section? A. 100% B. 40% C. 20% D. 5% E. None of the above"

C

335 "From a control perspective, there are two systems that are needed to process business transactions. One is a system that processes transactions and the other is: A. System that documents transaction processing B. System that trains the users in the software system C. System that controls the transaction processing D. System that tracks defects in the business system E. System that measures performance"

C

342 "What type of graphical chart of individual measured values is organized by frequency of occurrence (from high to low frequency)? A. Pie Chart B. Chart C. Pareto Chart D. Bar Chart E. Quality Function Deployment Chart"

C

347 "Management expresses their commitment to quality through: A. Total Quality Management B. Cost-of-Quality C. Quality Policy D. Vision"

C

357 "The variable ""gender"" can have the response MALE or FEMALE. The data type of the variable "gender" is: A. Ratio B. Ordinal C. Nominal D. Interval"

C

367 "Three fundamental types of mistakes that IT leaders make are: A. Isolation, lack of modeling, lack of business perspective B. Isolation, inability to reward, lack of dedication C. Isolation, inability to reward, lack of business perspective D. None of the above"

C

37 "A process is a vehicle of communication, specifying the methods used to produce: A. A Service B. A Product C. Both Product and Service D. None of the above"

C

370 "At low levels of process maturity, people believe they are subjectively evaluated and focus their attention on: A. Specific Standards B. Work Environment C. Organizational Politics D. HR Policies E. None of the above"

C

372 "Severity levels for defects should be defined at the start of the project: A. To maintain common understanding B. To assign severity of defects consistently C. To maintain common understanding and assign severity consistently D. None of the above"

C

374 "A brainstorming session should be used to develop a cause-and-effect diagram identifying all possible causes of _________________. A. Standard Deviations B. Measurements Variations C. Process Input Variations D. None of the above"

C

378 "Which of the following attributes of a process are associated with measurement? A. Policy B. Procedure C. Standard D. Guideline E. Charter"

C

384 "Mode is the measures of central tendency. What does it represent? A. Average of the items in the population B. Sum of the items in the population C. Items are repeated most frequently D. Item at which half the items in the population are below this item and half the items are above this item"

C

386 "Consensus is reached when all participants: A. Unanimously agree B. Refuse to agree C. Accept the agreed-upon resolution D. Allow the majority to decide"

C

387 "Which of the following is NOT a QFD vertical deployment? A. Technology Deployment B. Reliability Deployment C. Customer Deployment D. Cost and Schedule Deployment"

C

395 "Which of the following three questions would NOT be answered by establishing a security baseline? A. What are we doing about computer security? B. How effective is our computer security program? C. Who is responsible for software system security?"

C

402 "Which of the following is NOT one of the five types of listening? A. Therapeutic Listening B. Critical Listening C. Structured Listening D. Comprehensive Listening E. Discriminative Listening"

C

403 "Process ___________ allows priorities to be set for defining or improving processes. A. Execution B. Management C. Planning D. Monitoring"

C

406 "The primary responsibility of a quality program, from a consumer's standpoint, is that the product should be: A. Gold plated B. Is completed on time C. Fit for use by the end user or consumer D. Does not exceed budgeted costs"

C

409 "After establishing the team for conducting security baseline, the first step should be to: A. Set up the process B. Set the measures C. Set the requirements and goals"

C

410 "Which management tool would you use if your QA team needed to prioritize issues? A. Cause-and-Effect Diagram B. Affinity Diagram C. Nominal Group Technique D. Force Field Analysis E. Process Map"

C

412 "Which of the following would be considered a verification technique? A. Boundary Analysis B. Equivalence Partitioning C. Code Inspections D. Thread Testing E. Regression Testing"

C

413 "Three of the four interconnected project variables are: scope, resources, and schedule. What is the fourth variable? A. Requirements B. Budget C. Quality D. Function Points E. Constraints"

C

430 "Which of the following is NOT an example of Programmed Controls? A. A Control Total B. A Hash Total C. Logic Test D. Limit Checks"

C

431 "The guarantee provided by the contractor of software development that the deliverables will meet the specification is called: A. Contractor Support B. Penalties C. Warranty D. Fairness of Contract E. Acceptance Test Criteria"

C

433 "Which of the following management philosophies would be associated with a quality management philosophy as opposed to the traditional management philosophy? A. Competition B. Focus on Detection C. Teamwork D. Controlling E. Fire Fighting"

C

435 "A good security mechanism should be: A. Complicated B. Complex C. Layered D. None of the above"

C

439 "Planning for system test process begins when: A. After coding phase B. At start of system testing phase C. At project start D. After design phase"

C

44 "This approach sends the message that quality management is something for the employees, but not necessarily for management. A. Top-down B. Middle-out C. Bottom-up D. Pyramid"

C

455 "The purpose of a security awareness program is to achieve all of the following objectives, EXCEPT: A. Have individuals understand their security roles or responsibility B. Have individuals understand the organization's security policy C. Have individuals implement security practices into their software D. Have individuals understand the security controls in place to protect IT resources"

C

459 "In the diagram of the tester's work bench (refer sheet #459), the box labeled (2) is the: A. Input(s) B. Standard(s) C. Policy D. Check Procedures E. Do Procedures"

C

464 "Which layer of management is the weakest link in a successful quality management program? A. Top B. Quality Champion C. Middle"

C

465 "Which party(s) is responsible to ensure protection of intellectual property rights included within a contract for software development? A. The contracting organization B. The organization that will develop software C. Both the contracting organization and the organization that will develop the software"

C

469 "In the new quality management philosophy, the emphasis must be on: A. Defect Identification B. Quality Control C. Reducing Rework D. Catching Defects"

C

47 "Which is NOT an objective baseline measure? A. Lines of code B. Number of abnormal terminations C. Help desk empathy with customer's situation D. Number of programs"

C

471 "If you were to read in a publication that an IT organization could build software at a rate of 4 lines of code per programmer hour, but in your organization you can only write 2 lines of code per programmer hour, what conclusion could you draw? A. My organization is less efficient than the other B. My organization's programmers are not as well trained C. There is no accepted standard for lines of code D. My organization is a candidate for outsourcing E. My organization needs more experienced programmers"

C

48 """Toyota production system"" is also known as: A. COQ B. Six Sigma C. JIT D. Benchmarking"

C

5 "The two common types of Matrixes are: A. L-Type and Y-Type B. T-Type and X-Type C. L-Type and T-Type D. Y-Type and X-Type"

C

52 "Quality Assurance methods are usually considered: A. Detective B. Corrective C. Preventive D. Protective"

C

56 "In the broad context of comparing quality assurance activities and quality control activities in an IT organization, which of the following would be considered a quality assurance activity? A. Developing Test Plans B. Conducting Design Inspections C. Developing Test Processes D. Performing Acceptance Testing E. Performing Regression Testing"

C

6 "If you use the PDCA cycle for managing processes, which activity is associated with the CHECK component? A. Process Definition B. Process Mapping C. Process Measurement D. Process Improvement E. Process Controls"

C

62 "The team member is told what to do, and then how to check that what was done was done correctly. This statement shows relationship between: A. Plan and Do Processes B. Plan and Check Processes C. Do and Check Processes D. Do and Act Processes"

C

73 "Which one of the following best describes ""mission statement"" for a company or an organization? A. How will we show success? B. How will we achieve objectives? C. Why do we exist? D. What is our long term program?"

C

86 "In control charts, accepted practice uses a width of _________________________around the population mean (?) to establish the control limits. A. Plus or minus one standard deviation B. Plus or minus two standard deviations C. Plus or minus three standard deviations D. Plus or minus four standard deviations E. Plus or minus five standard deviations"

C

87 "The acronym CMM stands for: A. Continuous Maturity Model B. Computer Methods and Models C. Capability Maturity Model D. Change Management Model E. Continuous Maturity Methods"

C

88 "Out of the three critical aspects of Toyota's JIT concept, which one is the most important? A. Reduction of Waste B. Perfect Quality C. Employee Involvement D. None of the above"

C

91 "_____________ is a process that transfers decision making from management to employees. A. Coaching B. Mentoring C. Empowerment D. Modeling"

C

94 "The rules used to evaluate products and identify non-conformance are: A. Audits B. Policies C. Standards D. Templates"

C

95 "Organizations use many ways to determine the size of a program. Which of the following methods for measuring the size of a program can be used before the coding process is complete? A. Lines of code B. Programmer hours expended to write the code C. Function points D. Cyclomatic complexity"

C

99 "__________ are used to determine whether the standards have been adhered to or not A. Processes B. Templates C. Checklists D. Guidelines"

C

106 "The first step in the Complaint-Resolution Process is: A. Gather detailed supporting information B. Establish an action plan C. Judge the complaints validity D. Get on the customer's wavelength"

D

111 "Which of the following types of testing is considered Dynamic Testing? A. Code Inspections B. System Reviews C. Code Analyzers D. Unit Testing E. Checklists"

D

120 "Which of the following is not a major component for quality management for the workgroup? A. Improvement processes B. Disciplined approach on continuous improvement C. Changing the culture D. Accomplishing an organization's mission E. Integrating new management techniques into day-to-day activities"

D

122 "Which of the following is / are used for determining the magnitude of the Risk? A. Using Personal Opinion or Team Consensus B. Using a Risk Formula C. Using Annual Loss Expectation (ALE) Estimation D. All of the above E. None of the above"

D

13 "The main objectives of process mapping is /are to understand: A. How a process contributes to meeting the organization's mission and goals? B. Who is responsible for the process? C. How the process interfaces to produce the organization's outcomes? D. All of the above E. None of the above"

D

137 "It is important in developing a contract that the contract provisions are fair to both parties. The reason for this is: A. Contractual costs will be reduced B. Problems will not occur during development C. Acceptance testing will not be needed D. The probability of one party terminating the contract during execution will be minimized E. The developed software will perform better"

D

147 "Which has frequently been referred to as the most difficult task in getting people to use the process? A. Determining the need for a process B. Writing the process C. Testing the process D. Deploying the process E. Improving the process"

D

148 "Process inventories can be developed by: A. Referencing existing manuals B. Conduct affinity group sessions C. Survey employees D. All of the above E. A and C above"

D

153 "Which of the following planning activities is associated with the quality planning question ""where do we want to go""? A. Capabilities and Opportunity Planning B. Policies and Procedure Planning C. Priorities and Schedules Planning D. Objectives and Goals Planning E. Budgeting and Resource Planning"

D

156 "A payroll application requires that each new employee hired have a unique Employee ID and password and that all characters in a field are either numeric or alphabetic. This is an example of a: A. Logical Test B. Limit Test C. Validity Test D. Completeness Test E. None of the above"

D

157 "Determining which risks are likely to affect the project and documenting the characteristics of each is called ________ . A. Risk Assessment B. Risk Management C. Risk D. Risk Identification"

D

163 "Which one of the following is NOT one of the change control procedures? A. Proposed change should be formally approved B. Developers should make the program changes. C. An independent person, other than the person who made the change, should test the final revised program. D. Developer should provide access rights for the change in configuration management tool. E. The documentation system should be updated with all change sheets or change registers"

D

166 "Measurement provides ____________ feedback to an organization about whether it is achieving its goals. A. Qualitative B. Subjective C. Objective D. Quantitative"

D

167 "From a control perspective, detective controls are only effective when what other types of controls are implemented? A. Environmental Controls B. Preventive Controls C. Training Controls D. Corrective Controls E. Audit Controls"

D

172 "Identify the correct sequence of the 'Management Cycle'. A. Plan-Do-Act-Check B. Check-Act-Plan-Do C. Plan-Check-Do-Act D. Plan-Do-Check-Act"

D

186 "Within COTS software, attributes designed to ""get you out of trouble"" when you get into trouble is which aspect of a COTS software? A. Knowledge to Execute B. Understandability C. Quality of Communication D. Effectiveness of Help Routines"

D

197 "Getting the right change installed at the right time is a responsibility of what type of software management? A. Software Risk Management B. Risk Management C. Defect Management D. Software Configuration Management E. Software Test Management"

D

2 "Which item(s) below are measures of central tendency? A. Mean B. Median C. Mode D. All of the above E. A and C above"

D

201 "Which answer below is NOT one of the seven steps for implementing an IT quality function? A. Develop a charter B. Identify a quality manager C. Staff and train the quality function D. Audit the use of quality tools E. Build support for quality"

D

209 "The Pareto analysis statistical quality tool is more commonly known as: A. Fishbone Diagram B. Run Chart C. Scatter Diagram D. 80 / 20 Rule E. Tally Sheet"

D

214 "Which one of the following is NOT a responsibility of management committees (or process management committees)? A. Developing quality charter B. Deploying quality management practices C. Establish teams or work groups D. Defining mission and goals"

D

216 "What type of software testing is most closely associated with testing after a change has been made to the software or operational software has been changed to maintain the software? A. Stress Testing B. Thread Testing C. Reliability Testing D. Regression Testing E. Structural Testing"

D

220 "A ""master list"" of processes that support an organization in accomplishing its goals is known as a: A. Process Map B. Strategic Plan C. Tactical Work Plan D. Process Inventory E. Audit List"

D

231 "COTS software is _______ if correct results will be produced under actual business conditions. A. Maintainable B. Cost Effective C. Secured D. Reliable"

D

234 "Effort required to couple one system with another is called: A. Maintainability B. Flexibility C. Usability D. Interoperability"

D

239 "Which task or tasks are helpful in building support for quality? A. Estimate the cost of quality B. Meet daily on quality C. Reward quality work D. All of the above E. A and C above"

D

24 "Which of the following is considered a product measure? A. Overall development time B. Average level of experience of development staff C. Rate time D. Quality E. Time spent fixing errors"

D

245 "Which type of benchmark is used to set and validate objectives to measure performance? A. Process Benchmarking B. Product Benchmarking C. System Benchmarking D. Performance Benchmarking"

D

250 "It is recommended that a quality assurance group should develop a charter for the group. Which of the following is not normally included in the quality charter? A. Objectives B. Responsibilities C. Authority D. Quality Benchmarks E. On-going Quality Programs"

D

252 "If you had seven programs and the size in function points were 80, 20, 20, 60, 40, 50, and 150. What is the median size of those seven programs in function points? A. 20 B. 30 C. 40 D. 50 E. 60"

D

253 "Which of the following is not a planning activity? A. Environment Planning B. Capabilities and Opportunities Planning C. Assumptions and Potentials Planning D. Standards and Procedures Planning"

D

259 "Six Sigma quality is a statistical term defining the number of defects that have been established as a quality objective. A Six Sigma defect rate is: A. 3.4 defects per 1,000 opportunities B. 3.4 defects per 10,000 opportunities C. 3.4 defects per 100,000 opportunities D. 3.4 defects per 1,000,000 opportunities E. 3.4 defects per 10,000,000 opportunities"

D

27 "Which level(s) of the organization should be involved in both establishing and using processes in their daily work? A. Senior B. Mid-level C. Junior D. All of the above"

D

270 "Quality Assurance activities comes under: A. Cost of Quality B. Appraisal Costs C. Failure Costs D. Prevention Costs"

D

271 "Cause-and-Effect Diagrams are also referred to as a: A. Fishbone Diagram B. Ishikawa Diagram C. Why-why Diagram D. All of the above E. None of the above"

D

275 "Checking if the web page on a internet banking site comes up within 2 seconds is an example of: A. Functional Testing B. Structural Testing C. Stress Testing D. Performance Testing E. White-Box Testing"

D

278 "Prerequisites for quality planning is / are: A. IT vision, mission, and goals documented B. Management support for planning C. Planners competent in the planning process D. All of the above"

D

280 "SEI's CMMi maturity level 5 focuses on: A. Quantitative Project Management B. Customer Satisfaction C. Quantitative Process Management D. Continuous Process Improvement"

D

281 "Which of the following tool(s) can be applied to determine the change in process scope? A. Brainstorming B. Cause and Effect Diagram C. Flow Charts D. All of the above"

D

287 "Which is NOT commonly used to develop a baseline? A. Customer Surveys B. Industry Models C. Management Established Criteria D. Expected Defect Counts E. Benchmarking"

D

293 "Documenting or changing processes is part of which planning activity? A. Business / Activity Planning B. Environment Planning C. Objective / Goal Planning D. Policies/ Procedures Planning"

D

3 "The amount of effort required to intercouple or interconnect computer systems is referred to as: A. Reusability B. Flexibility C. Portability D. Interoperability"

D

313 "Successful IT security programs consist of all the following EXCEPT: A. Developing an IT security policy that reflects business needs B. Informing users of their IT security responsibilities C. Establishing processes for monitoring and reviewing the program D. Gathering data on violations only"

D

317 "Responsibility for resolving a noncompliance may be enforced automatically through____________. A. Processes B. Templates C. Checklists D. Controls"

D

319 "Which of the following is NOT classified as a management tool? A. Brainstorming B. Affinity Diagram C. Matrix D. Pie Chart"

D

323 "Which of the following is NOT one of the six steps commonly used to build a security baseline? A. Establish baseline team B. Set baseline requirements and objectives C. Train baseline participants D. Acquire software to document the security baseline E. Analyze and report computer security status"

D

327 "Before defining a new process, the scope of the process should be identified. Element(s) for process scope is(are): A. High-Level Process Flow B. Major Deliverables and Stakeholders C. High-Level Process Flow and Major Deliverables D. High-Level Process Flow, Major Deliverables, and Stakeholders"

D

34 "Which of the following processes is /are within the Defect Management level for maturing the Quality Control Processes? A. Defect Database B. Defect Reporting C. Defect Analysis D. All of the above"

D

340 "Which of the following factors should NOT be considered when defining a Control Method? A. Risk Severity B. Cost, Effort, and Cycle Time Impact C. Strength of the Control Method D. Unavailability of Appropriate Resources and People"

D

344 "As the management philosophy matures from 'authoritarian' to 'empowered teams', the role of a QA Analyst moves from 'quality control' to that of: A. Senior QA B. QA Manager C. Tester D. QA Consultant"

D

350 "Which item below is NOT a statistical process control technique? A. Root cause analysis B. Sophisticated statistical tools and analysis C. Dashboards to be used in managing processes D. Process mapping"

D

363 "When auditors are engaged by the Board of Directors to audit an organization is an example of ____________. A. Supervisor Monitoring B. Peer Monitoring C. Ongoing Monitoring D. Independent Monitoring"

D

379 "Which of the following would be associated with contracted software developed by a contractor in another country? A. Requirements missing B. Customer standards may not be met C. Quality practice not specified D. Communication barriers E. Training and deployment specified"

D

385 "Within ISO 9001, Resource Management includes: A. Only Human Resources B. Only Work Environment C. Human and Infrastructure Resources D. Human, Infrastructure, Work Environment, and Facilities"

D

394 "Which of the following is NOT an example of metrics used to manage and control the products? A. Mean time to failure B. Number of defects found C. Technical performance D. Lines of code (LOC)"

D

396 "There is a risk that products shipped will not be invoiced. If we were to assume that an average of two products will be shipped per day and not be invoiced and the average billing per invoice is $225.50, then the risk associated with not invoicing shipme A. $500 B. $750 C. $250 D. $451"

D

400 "Compliance Assessments can be done through: A. First party audit B. Second party audit C. Third party audit D. All of the above"

D

408 "Prior to TQM, the distinction between "little-Q" and "big-Q" was given by: A. Philip Crosby B. Edwards Deming C. Motorola D. Joseph Juran"

D

42 "Attribute of a product or service is called: A. Process B. Six Sigma C. JIT D. Quality"

D

440 "Many managers use a metrics dashboard to present measurement data to the user of that data. Another name for a dashboard is: A. Subjective Measures B. Objective Measures C. Valid Measures D. Key Indicators E. Reliable Measures"

D

442 "Checking if a date field on a screen gives an error on entering February 29 is an example of: A. Functional Testing B. Boundary Analysis C. White-Box Testing D. Error Guessing E. Performance Testing"

D

449 "Which type of testing focuses on minimizing the impact of a software change while still assuring that no new defects were introduced? A. Functional Testing B. Black-Box Testing C. White-Box Testing D. Regression Testing E. Incremental Testing"

D

451 "Which of the following is not a process within Level 4 for maturing Quality Assurance Processes? A. Processes Aligned to Objectives B. Processes Integrated C. Process Optimization D. Process History Database"

D

454 "Which of the following is / are level(s) for maturing the Deliverables Processes? A. Constraint Requirements B. Business Requirements C. Relational Requirements D. All of the above"

D

458 "The diagram in sheet #458 is called a: A. Run Chart B. Pie Chart C. Bar Chart D. Pareto Chart E. Control Chart"

D

51 "Which of the following factor does NOT have any impact on an organization's internal control needs? A. Type of Industry B. Size of the Company C. Management Philosophy D. Employee Morale"

D

54 "In transaction processing, the accuracy and completeness of database storage, data security and privacy, error handling, backup, recovery, and retention is governed by: A. Transaction Origination Controls B. Transaction Processing Controls C. Transaction Output Controls D. Database Storage and Retrieval Controls"

D

60 "Which of the following is the correct definition of a policy? A. The intended future state of the organization B. Managerial control over processes C. The step-by-step methods followed to ensure that standards are met D. Managerial desires and intents concerning processes and products E. A standard that is enforced"

D

77 "If your IT organization adopted function points as the means to measure program size, this would enable you to estimate programming staff because you would know a program of 200 function points is twice as large as a program of 100 function points. This type of data is called: A. Nominal Data B. Ordinal Data C. Interval Data D. Ratio Data"

D

79 "The core activity of Process Definition is not only defining the process but also: A. Performing walkthroughs of the process before publication B. Piloting the process C. Marketing the process D. All of the above E. None of the above"

D

81 "One of the attributes of an effective security control is dividing responsibility for any event among two or more people. This security attribute is called: A. Simplicity B. Fail Safe C. Open Design D. Separation of Privilege E. Psychological Acceptability"

D

84 "Tracking the status of each requirement throughout the development and test phases is called: A. Requirements Checking B. Requirements Verification C. In-Process Review D. Requirements Tracing E. Phase-End Review"

D

85 "Acceptance Testing is normally designed and performed by: A. The Developer B. The Quality Control Manager C. The Product Development Manager D. The User"

D

89 "Security passwords should be changed: A. On a regular basis B. Whenever somebody leaves an area C. When password compromise is suspected D. All of the above E. None of the above"

D

90 "Which of the following is considered a metric? A. Lines of code B. Hours worked C. Pages of documentation D. Mean time to failure E. Number of staff assigned to a project"

D

98 "Quality Control practices should be performed during which of the following product phases? A. Product Acquisition B. Product Development C. Product Operation D. All of the above E. None of the above"

D

113 "If you acquired COTS software and were attending a demonstration of that software, what aspects of that software would you want to observe during the demonstration? A. Understandability B. Clarity of Communication C. Functionality of the Software D. Effectiveness of Help Routines E. All the above"

E

12 "The purpose of a Risk Analysis Process is to answer the question: A. How big is the risk? B. Is this an acceptable risk? C. What exactly is being exposed to the risk? D. What alternatives are there? E. All of the above"

E

151 "Which product metric would be used to predict the probability of a software failure, or the rate at which software errors will occur? A. Cyclomatic Complexity B. Function Points C. Quality D. Correctness E. Reliability"

E

164 "Outsourced software can be developed by an organization within the country of use or developed in another country. Which of the following is a difference associated with software developed by an organization in another country? A. Missing requirements B. Customer standards may not be met C. Non-testable requirements D. Training and deployment may be difficult E. Cultural differences"

E

17 "Which of the following Quality Management principle(s) are incorporated into the ISO 9001 standard? A. System approach to management B. Process approach C. Mutually beneficial supplier relationships D. Factual approach decision making E. All of the above"

E

180 "Which of the following are considered distinguishing characteristics of Risk? A. Situational B. Time Based C. Magnitude Dependent D. Value Based E. All the above"

E

184 "What is the risk that an organization faces if management does not take action to alter the risk's likelihood or impact? A. Risk Management B. Risk Appetite C. Enterprise Risk Management D. Residual Risk E. Inherent Risk"

E

194 "If you want to ensure that individuals can effectively perform work processes, which activity would you implement to achieve that goal? A. Measurement B. Team Building C. Performance Reviews D. Career Development E. Training"

E

204 "If your customer complains that you made an error, you need to do the following: A. If you are wrong, admit the error B. Negotiate a satisfactory resolution C. State solution and get agreement D. Take action to implement a solution E. All of the above"

E

207 "If the data in a pie chart represent five components of a total population and four of the five sections of the pie chart represent 5%, 25%, 50%, and 10% of the total population, what percentage of the total population is the fifth section? A. 100% B. 40% C. 20% D. 5% E. None of the above"

E

217 "Which of the following is an important component of a complaint resolution process? A. Get on your opposing party's wavelength B. Get the facts C. Establish and initiate an action program D. Follow-up E. All of the above"

E

228 "Which tool is used by teams to help create order out of chaos, by categorizing large numbers of ideas? A. Nominal Group Technique B. Cause and Effect Diagram C. Quality Function Deployment D. Force field analysis E. Affinity Diagram"

E

269 "Which of the criteria should be followed to select a process model such as CMMI or ISO? A. Applicability of the model to the organization's goals and objectives B. Management commitment C. Need for baseline assessments D. Need for measurable goals and objectives E. All of the above"

E

279 "A contract that will assure the contracting organization of effective ongoing operation maintenance of the contracted software should include which of the following contractual provisions? A. Speed of service B. Nearness of service C. Cost of service D. Competency of service personnel E. All of the above"

E

289 "Which of the following models uses this four part cyclE. (part one - plan and organize; part two - acquire and implement; part three - deliver and support; part four - monitor)? A. COSO Model B. ISO Model C. Malcolm Baldrige National Quality Award Model D. Enterprise Risk and Management Model E. CobiT Model"

E

292 "Which of the following artifacts should be subjected to Quality Control? A. Test Cases B. Design Documents C. Project Management Plans D. Code E. All of the above"

E

308 "Preventive Controls include: A. Standards and Training B. Segregation of Duties and Authorization C. Forms Design and Documentation D. Consistency of Operations E. All of the above"

E

311 "Function points are used to measure what aspects of software? A. Complexity B. Quality Function Deployment C. Defect Rates D. Number of Requirements E. Size"

E

315 "A ""task force"" is a cross-functional group organized for a specific purpose. Task force management principles include: A. Task force leader should be an expert in leading groups B. Task force should be organized for multiple purposes C. Task force needs a clear description of what is to be addressed D. All of the above E. A and C above"

E

32 "Which of the following activities should occur before processes are defined to ensure that the most critical processes are defined first. A. Do B. Design C. Implementation D. Check E. None of the above"

E

329 "Regression Testing can be performed in which test stage(s)? A. Unit Test B. String / Integration Test C. System Test D. None of the above E. All of the above"

E

341 "Though priority assigned to a defect is usually subjective, but are dependent on user input(s) or factor(s) such as: A. Importance of the defect B. Resources available to fix C. Risk D. A and B E. A, B, and C"

E

346 "Determining that the COTS software selected is compatible with the acquiring organization's computer environment addresses: A. Compatibility with other COTS software packages B. Compatibility with the acquiring organization's computer language C. Compatibility with the SEI CMMI level of the organization that built the COTS software D. Compatibility of the acquiring organization's acceptance test process E. Compatibility with the acquiring organization's hardware and operating system"

E

348 "Which of the following quality control practices would be considered a validation method? A. Code Inspections B. Desk Checking C. Design Reviews D. Error Guessing E. Unit Testing"

E

35 "What company developed the concept known as ""Six Sigma Quality""? A. IBM B. Microsoft C. Infosys D. Apple E. Motorola"

E

351 "The definition for Reliability is: A. The amount of computing resources and code required by a program to perform a function. -> Efficiency B. Extent to which access to software or data by unauthorized persons can be controlled. -> Integrity C. Effort required learning, operating, preparing input, and interpreting output of a program. -> Usability D. Effort required locating and fixing an error in an operational program.-> Maintainability E. None of the above"

E

358 "When developing testing tactics for a project, which of the following should be considered? A. Determine the project scope B. Determine the type of development project C. Identify the tactical risks D. A and C E. A, B, and C"

E

362 "Which of the following question(s) is associated with the post-implementation review? A. Is the quality what we wanted? B. Did the process work? C. Did buying a tool help improve the process? D. Did automation help speed up the process? E. All of the above"

E

377 "The objective for having a common body of knowledge for quality assurance is: A. Define needed skills B. Define a profession C. Basis for developing the examination D. Lead a profession E. All of the above"

E

382 "Which of the following is NOT a component of a workbench? (A workbench is a graphic representation of a process.) A. Entrance Criteria (Inputs) B. Exit Criteria (Deliverables) C. Work Procedures D. Check Procedures E. Process Contract"

E

401 "Which of the following is NOT normally considered one of the questions that must be answered in performing quality planning? A. Where are we? B. Where do we want to go? C. How are we going to get there? D. When will it be done? E. If it fails, who is responsible?"

E

416 "Good attributes of constructive criticism include: A. Do it privately B. Have the facts C. Be specific D. State the positive first E. All of the above"

E

444 "Continuing process improvement techniques should be applied to which of the following IT work processes? A. Systems Development Process B. Software Testing Process C. Code Inspection Process D. Estimating Process E. All of the above"

E

460 "The diagram in sheet #460 is an example of a(n): A. Process Map Diagram B. Affinity Diagram C. Force Field Diagram D. Flowchart E. Cause-and-Effect Diagram"

E

461 "In the diagram of the tester's work bench (Sheet #461), the box labeled (4) is the: A. Input(s) B. Deliverable(s) C. Policy D. Check Procedures E. Do Procedures"

E

468 "Special concerns during acceptance testing of software developed by a vendor are: A. Meets Specifications B. Adequate Test Data C. Preparation for Operation D. On Time E. All of the above"

E

58 "At a minimum, the acceptance test for contracted software should validate: A. The documentation is consistent with the software execution B. The documentation is understandable C. Users will be adequately trained in the software D. It is operable within the operational constraints of the organization E. All of the above "

E

69 "Which of the following should be kept under version control? A. Code B. Procedures C. Plans D. Operating Systems E. All of the above"

E

75 "When dealing with a complaint, to get on the same physical wavelength with a client you should: A. Stand if they are standing B. Provide your undivided attention C. Physically show interest D. React positively E. All of the above"

E

8 "Which of the following activities occur when the software developed by an outside organization is ready for delivery? A. Contractual Relations B. Acceptance Testing C. Operation and Maintenance D. B and C only E. A, B, and C"

E


Set pelajaran terkait

Med surg exam 3 practice questions

View Set

AS 221 Instrument Pilot - Stage 1 Exam Questions

View Set

Psych chapter 9, 10, 11, 12 quizzes

View Set