SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA: Certified Information Systems Auditor
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An auditor has detected potential fraud while testing a control objective - He should ___________________. Because Audit committee members are generally not involved in business operations - they will be sufficiently remove from the matter - and they
The Eight Types of Audits
The 7 phases and their order in the SDLC
Notify the Audit Committee
Control Risk
2. The annual expected loss to an asset. It is calculated as the single loss expectancy (SLE) X the annualized rate of occurrence (ARO.)
Recovery time objective
Annualized Loss Expectance (ALE)
Department Charters
Judgmental sampling
3. The process to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes.
Expected Error Rate
Prblem Management
ITIL definition of CHANGE MANAGEMENT
An Integrated Audit
4. An audit that combines an operational audit and a financial audit.
OSI: Physical Layer
Assess the maturity of its business processes
An Integrated Audit
less than 24 hours
5. (1.) Requirements (2.) Design (3.) Development (4.) Testing (5.) Release preparation (packaging) (6.) Release Deployment
OSI: Data Link Layer
A Virtual Server
Overall audit risk
Six steps of the Release Management process
6. A sampling technique where items are chosen at random; each item has a statistically equal probability of being chosen.
Split custody
Overall audit risk
(1.) Polices (2.) Procedures (3.) Standards
Statistical Sampling
7. An audit report usually includes the following 10 elements: (1.) Cover letter (2.) Introduction (3.) Summary (4.) Audit description (5.) _______________ (6.) Interviewees (7.) Evidence (8.) Explanation of sampling techniques (9.) Findings (10.) Recom
Overall audit risk
List of systems examined
An Integrated Audit
Sampling Risk
8. Used to estimate the effort required to develop a software program.
Function Point Analysis
Dimensions of the COSO cube
Audit Methodologies
Attribute Sampling
9. Describes the effect on the business if a process is incapacitated for any appreciable time
Statement of Impact
Organizational culture and maturity
Database primary key
Control Unit
10. A software developer has informed the project manager that a portion of the application development is going to take five additional days to complete. The project manager make a __________________ to document the reason for the change.
TCP/IP Transport Layer
A Sample Mean
Information systems access
Project change request
11. The first major task in a disaster recovery or business continuity planning project.
The Eight Types of Audits
Business impact analysis
Emergency Changes
Stay current with technology
12. A facility that is used to store and manage access to an organization's application source and object code. It consists of 5 parts: (1.) Access and authorization controls (2.) Program checkout (3.) Program Check-in (4.) Version Control (5.) Code Ana
Tolerable Error Rate
Control Risk
The Software Program Library
Overall audit risk
13. What three elements allow validation of business practices against acceptable measures of regulatory compliance - performance - and standard operational guidelines.
An Operational Audit
SDLC Phases
TCP/IP Internet Layer
(1.) Polices (2.) Procedures (3.) Standards
14. The 5 types of risks that are related to audits include: (1.) Control Risk (2.) Detection Risk (3.) Inherent risk (4.) _____________ (5.) Sampling risk
Overall audit risk
An IS audit
IT Service Management
Information systems access
15. An organization is building a data center in an area frequented by power outages. The organization cannot tolerate power outages. The best _________________solution is an electric generator and an uninterruptible power supply. The UPS responds to the
The Release process
TCP/IP Network Model
Discovery Sampling
Power system controls
16. In Release Management - _________________ means that each step of the release process undergoes formal review and approval before the next step is allowed to begin.
A gate process
OSI Layer 5: Session
Detection Risk
Three Types of Controls
17. Individual events may often create combined threats to enterprise operations: A tornado might also spawn ____________________.
Confidence coefficient
Structural fires and transportation accidents
An Administrative
Service Level Management
18. (1.) Develop a BC Policy (2.) Conduct BIA (3.) Perform critical analysis (4.) Establish recovery targets (5.) Develop recovery and continuity strategies and plans (6.) Test recovery and continuity plans and procedures Train personnel Maintain strateg
Testing activities
The Steering Committee
The BCP process
Segregation of duties issue in a high value process
19. A large number of loosely coupled computers that are used to solve a common task may be in close proximity to each other or scattered over a large geographical area.
BCP Plans
More difficult to perform
The 5 types of Evidence that the auditor will collect during an audit.
Grid Computing
20. (1.) Physical (2.) Technical (4.) Administrative
Assess the maturity of its business processes
Three Types of Controls
OSI: Transport Layer
Elements of the COSO pyramid
21. A technique that is used to select a portion of a population when it is not feasible to test an entire population.
The audit program
Sampling
The appropriate role of an IS auditor in a control self-assessment
OSI: Data Link Layer
22. (1.) Executive Summary (2.) Framework (3.) Reporting to External Parties (4.) Evaluation Tools
List of systems examined
Testing activities
Volumes of COSO framework
Elements of the COBIT Framework
23. A condition often identified as a result of multiple incidents that exhibit common symptoms. Problems can also be identified from a single significant incident for which the impact is significant.
Employees with excessive privileges
Main types of Controls
Power system controls
ITIL definition of PROBLEM
24. An audit to determine the level and degree of compliance to a law - regulation - standard - contract provision - or internal control.
The appropriate role of an IS auditor in a control self-assessment
Stay current with technology
OSI: Transport Layer
A Compliance audit
25. A computation of the variance of sample values from the sample mean. This is a measurement of the spread of values in a sample
PERT Diagram?
Sample Standard Deviation
Variable Sampling
Employees with excessive privileges
26. Application controls limit ___________ in three ways: (1.) Point of Entry (Input Controls) (2.) During consumption (process controls) (3.) At the point of expression (Output Controls)
Assess the maturity of its business processes
Grid Computing
The Business Process Life Cycle
Information systems access
27. Governed by: (1.) Effective Change Management (2.) Effective Application Testing (3.) Resilient Architecture (4.) Serviceable Components
The availability of IT systems
Function Point Analysis
Confidence coefficient
Transport Layer Protocols
28. (1.) Utility (DNS - SNMP - DHCP (2.) Messaging protocols (SMTP) (3.) Data Transfer protocols (NFS - FTP) (4.) Interactive protocols (Telnet)
Volumes of COSO framework
Foreign Key
IT executives and the Board of Directors
Application Layer protocols
29. Consists of two main packet transport protocols: TCP and UDP.
A Forensic Audit
TCP/IP Transport Layer
The Steering Committee
Elements of the COSO pyramid
30. An audit of operational efficiency.
An Administrative
Transport Layer Protocols
OSI: Data Link Layer
Variable Sampling
31. (1.) Operational (2.) Financial (3.) Integrated (4.) IS (5.) Administrative (6.) Compliance (7.) Forensic (8.) Service Provider
An Operational Audit
The Eight Types of Audits
Insourcing
General Controls
32. Critical Path Methodology helps a project manager determine which activities are on a project's critical list - ________________________.
Current and most up-to-date
A Cold Site
OSI: Data Link Layer
To identify the tasks that are responsible for project delays
33. An organization that has experienced a sudden increase in its long-distance charges has asked an auditor to investigate. The auditor is most likely to suspect that intruders have discovered a ______________________and is committing toll fraud.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. 0. No process at all (1.) Process are ad hoc and disorganized (2.) Consistent processes (3.) Documented processes (4.) Measured and managed processes (5.) Processes are continuously improved
An Integrated Audit
Gantt Chart
Substantive Testing
Rating Scale for Process Maturity
35. Framework for auditing and measuring IT Service Management Processes.
A Financial Audit
Primary security features of relational databases
Overall audit risk
ISO 20000 Standard:
36. Define 10 elements of an Audit - (1.) Subject of audit (2.) Audit Objective (3.) Type of audit (4.) Audit scope (5.) Pre-audit planning (6.) Audit procedures (7.) Communication plan (8.) Report Preparation (9.) Wrap-up (10.) Post-audit follow-up
Audit Methodologies
Confidence coefficient
Variable Sampling
Examples of IT General Controls
37. The maximum period of downtime for a process or application
Recovery time objective
Options for Risk Treatment
Examples of IT General Controls
Types of sampling an auditor can perform.
38. An auditor has discovered several errors in user account management: many terminated employees' computer accounts are still active. The best course of action - To improve the _________________ to reduce the number of exceptions. For a time - the proc
Inherent Risk
Employee termination process
The 5 types of Evidence that the auditor will collect during an audit.
An Administrative
39. Focuses on: maintaining service availability with the least disruption to standard operating parameters during an event
PERT Diagram?
Business Continuity
Options for Risk Treatment
Examples of IT General Controls
40. External auditors are needed under these conditions: (1.) When the organization ________________________. (2.) Some regulations and standards require external - independent auditors
Employee termination process
Organizational culture and maturity
Statistical Sampling
Lacks specific expertise or resources to conduct an internal audit
41. An alternate processing center that contains no information processing equipment.
Concentrate on samples known to represent high risk
Stratified Sampling
Current and most up-to-date
A Cold Site
42. A computer uses RAM for several purposes: (1.) Operating System - to store info regarding running processes (2.) ____________ - that are used to temporarily store information retrieved from hard disks (3.) Storage of program code (4.) Storage of prog
The 5 types of Evidence that the auditor will collect during an audit.
Grid Computing
Buffers
OSI: Network Layer
43. Gantt: used to display ______________.
A Financial Audit
Resource details
SDLC Phases
List of systems examined
44. A four-step quality control process known as PDSA - or PDCA. Steps: (1.) Plan (2.) Do (3.) Study (4.) Act
A gate process
The Steering Committee
The first step in a business impact analysis
Deming Cycle
45. A CMM helps an organization to _______________ - which is an important first step to any large-scale process improvement effort.
OSI Layer 6: Presentation
Assess the maturity of its business processes
TCP/IP Link Layer
Buffers
46. A sampling technique used to study the characteristics of a population to determine the numeric total of a specific attribute from the entire population.
The first step in a business impact analysis
Precision means
The Requirements
Variable Sampling
47. An audit of an IS department's operations and systems.
OSI: Data Link Layer
Overall audit risk
An IS audit
A Forensic Audit
48. (1.) Financial (2.) Customer (3.) Internal processes (4.) Innovation / Learning
The 4-item focus of a Balanced Scorecard
The 7 phases and their order in the SDLC
TCP/IP Transport Layer packet delivery
Stop-or-go Sampling
49. When several incidents have occurred that appear to have the same or a similar root cause - a PROBLEM is occurring.
Prblem Management
Control Unit
Stay current with technology
Project Management Strategies
50. The sum of all samples divided by the number of samples.
Capability Maturity Model
Application Layer protocols
A Sample Mean
Audit logging
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests