Test your basic knowledge |

CISA: Certified Information Systems Auditor

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Consists of 11 distinct activities: (1.) Service Desk (2.) Incident Management (3.) Problem Management (4.) Change Management (5.) Configuration Management (6.) Release Management (7.) Service-level Management (8.) Financial Management (9.) Capacity






2. One of a database table's fields - whose value is unique.






3. A condition often identified as a result of multiple incidents that exhibit common symptoms. Problems can also be identified from a single significant incident for which the impact is significant.






4. (1.) Executive Summary (2.) Framework (3.) Reporting to External Parties (4.) Evaluation Tools






5. Used to translate or transform data from lower layers into formats that the application layer can work with.






6. (1.) Hardware Complement (physical specifications) (2.) Hardware Configuration (firmware settings) (3.) Operating system version and configuration (4.) Software versions and configuration






7. An organization is building a data center in an area frequented by power outages. The organization cannot tolerate power outages. The best _________________solution is an electric generator and an uninterruptible power supply. The UPS responds to the






8. The CPU has: (1.) Arithmetic Logic Unit (2.) ______________ (3.) a small amount of memory (usually in to form of registers)






9. (1.) Access controls (2.) Encryption (3.) Audit logging






10. Consists of two main packet transport protocols: TCP and UDP.






11. 1.) Executive Support (2.) Well-defined roles and responsibilities.






12. (1.) Observations (2.) Written Notes (3.) Correspondence (4.) Process and Procedure documentation (5.) Business records






13. Requires that a password be broken into two or more parts - with each part in the possession of a separate person.






14. Used to determine which business processes are the most critical - by ranking them in order of criticality






15. (1.) MPLS (2.) SONET (3.) T-Carrier (4.) Frame Relay (5.) ISDN (6.) X.25






16. To determine effectiveness of a disaster recovery program - an IT auditor should examine _____________.






17. Subjective sampling is used when the auditor wants to _________________________.






18. An audit to determine the level and degree of compliance to a law - regulation - standard - contract provision - or internal control.






19. (1.) Operational (2.) Financial (3.) Integrated (4.) IS (5.) Administrative (6.) Compliance (7.) Forensic (8.) Service Provider






20. A condition that is the result of multiple incidents that exhibit common symptoms e.g. A web application is displaying information incorrectly and many users have contacted the IT service desk.






21. The IS auditor should act as a SME in the control self-assessment - but should not play a major role in the process.






22. The probability that a sample selected actually represents the entire population. This is usually expressed as a percentage.






23. The memory locations in the CPU where arithmetic values are stored.






24. Concerns the reliability of data transfer between systems. (1.) Connection Oriented (2.) Guaranteed Delivery (3.) Order of Delivery






25. PERT: shows the ______________ critical path.






26. (1.) IP (2.) ICMP (3.) RRC (Radio Resource Control) (4.) AppleTalk






27. (1.) Develop a BC Policy (2.) Conduct BIA (3.) Perform critical analysis (4.) Establish recovery targets (5.) Develop recovery and continuity strategies and plans (6.) Test recovery and continuity plans and procedures Train personnel Maintain strateg






28. (1.) Monitoring (2.) Control Environment (3.) Risk Assessment and Control (4.) Information and Communication






29. A sampling technique used to study the characteristics of a population to determine how many samples possess a specific characteristic.






30. The process of recording the configuration of IT systems. Each configuration setting is known in ITSM parlance as a Configuration Item.






31. A quantitative risk analysis is __________________ because: It is difficult to get accurate figures on the frequency of specific threats. It is difficult to determine the probability that a threat will be realized. It is relatively easy to determine






32. IT Service Management is defined in ___________________ framework.






33. An external IS auditor has discovered a _______________________ - The external auditor can only document the finding in the audit report. An external auditor is not in a position to implement controls.






34. An auditor has reviewed access privileges of some employees and has discovered that employees with longer terms of service have excessive privileges. This means User privileges are not being removed from their old position when they transfer to a new






35. External auditors are needed under these conditions: (1.) When the organization ________________________. (2.) Some regulations and standards require external - independent auditors






36. Describes the effect on the business if a process is incapacitated for any appreciable time






37. A software developer has informed the project manager that a portion of the application development is going to take five additional days to complete. The project manager make a __________________ to document the reason for the change.






38. Delivery of packets from one station to another - on the same network or on different networks.






39. An organization has chosen to open a business office in another country where labor costs are lower and has hired workers to perform business functions there. - The organization is ___________ - while they may have opened the office in a foreign coun






40. What type of testing is performed to determine if control procedures have proper design and are operating properly?






41. The primary source for test plans in a software development project is: ________________ that are developed for a project should be the primary source for detailed tests.






42. A Fire sprinkler system has water in its pipes - and sprinkler heads emit water only if the ambient temperature reaches 220 deg. F. This is a ________________. The system is charged with water and will discharge water out of any sprinkler head whose






43. The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage - as the numeric inverse of the confidence coefficient.






44. An alternate processing center that contains no information processing equipment.






45. An audit that combines an operational audit and a financial audit.






46. The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage - the numeric inverse of the confidence coefficient






47. (1.) TCP (2.) UDP






48. A sampling technique where at least one exception is sought in a population






49. In Release Management - _________________ means that each step of the release process undergoes formal review and approval before the next step is allowed to begin.






50. Consists of main chassis component that is equipped with slots are fitted with individual cpu modules. Main advantage is lower cost per unit.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests