Test your basic knowledge |

CISA: Certified Information Systems Auditor

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Support the functioning of the application controls






2. To determine effectiveness of a disaster recovery program - an IT auditor should examine _____________.






3. Use of a set of monitoring and review activities that confirm whether IS operations is providing service to its customers.






4. An audit to determine the level and degree of compliance to a law - regulation - standard - contract provision - or internal control.






5. External auditors are needed under these conditions: (1.) When the organization ________________________. (2.) Some regulations and standards require external - independent auditors






6. The purpose of an auditor doing interviews - To observe personnel to better understand their discipline - as well as ______________.






7. One of a database table's fields - whose value is unique.






8. (1.) Reliable delivery (2.) Connection oriented (persistent connection) (3.) Order of Delivery (4.) Flow Control (transfer rate is throttled) (5.) Port Number






9. Subjective sampling is used when the auditor wants to _________________________.






10. Risk Mitigation Risk Avoidance Risk Transfer Risk Acceptance






11. Aids in the coordinating of business processes using a sequence of three events -(1.) Business process creation (2.) Implementation (3.) Maintenance 3a. Benchmarking: Facilitates continuous improvement within the BPLC






12. An auditor has discovered several errors in user account management: many terminated employees' computer accounts are still active. The best course of action - To improve the _________________ to reduce the number of exceptions. For a time - the proc






13. An audit report usually includes the following 10 elements: (1.) Cover letter (2.) Introduction (3.) Summary (4.) Audit description (5.) _______________ (6.) Interviewees (7.) Evidence (8.) Explanation of sampling techniques (9.) Findings (10.) Recom






14. Gantt: used to display ______________.






15. (1.) Developers (2.) Architects (3.) Analysts (4.) Users






16. A maturity model that represents the aggregations of other maturity models.






17. What type of testing is performed to verify the accuracy and integrity of transactions as they flow through a system?






18. A collection of two or more servers that is designed to appear as a single server.






19. An audit of an accounting system - accounting department processes - and procedures to determine if business controls are sufficient to ensure the integrity of financial statements.






20. Used to translate or transform data from lower layers into formats that the application layer can work with.






21. The process of recording the configuration of IT systems. Each configuration setting is known in ITSM parlance as a Configuration Item.






22. (1.) Financial (2.) Customer (3.) Internal processes (4.) Innovation / Learning






23. Focuses on: post-event recovery and restoration of services






24. (1.) Objectives (2.) Components (3.) Business Units / Areas






25. (1.) Operational (2.) Financial (3.) Integrated (4.) IS (5.) Administrative (6.) Compliance (7.) Forensic (8.) Service Provider






26. An organization wants to reduce the number of user IDs and passwords that its employees need to remember. The best available solution to this - _______________. This provides a single authentication service (such as LDAP or AD) that many applications






27. (1.) Monitoring (2.) Control Environment (3.) Risk Assessment and Control (4.) Information and Communication






28. An audit that combines an operational audit and a financial audit.






29. ____________________ of the hot site is most important consideration for site selection. IF they are too close together then a single event may involve both locations






30. Consists of two main packet transport protocols: TCP and UDP.






31. The portion of IT management that tracks the financial value of IT services that support organizational objectives. It includes 4 activities: (1.) Budgeting (2.) Capital Investment (3.) Expense Management (4.) Project accounting and project ROI (Ret






32. A technique that is used to identify the most critical path in a project to understand which tasks are most likely to affect the project schedule.






33. The process to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes.






34. Guide program execution through organization of resources and development of clear project objectives.






35. An external IS auditor has discovered a _______________________ - The external auditor can only document the finding in the audit report. An external auditor is not in a position to implement controls.






36. Disasters are generally grouped in terms of type: ______________.






37. (1.) Utility (DNS - SNMP - DHCP (2.) Messaging protocols (SMTP) (3.) Data Transfer protocols (NFS - FTP) (4.) Interactive protocols (Telnet)






38. Governed by: (1.) Effective Change Management (2.) Effective Application Testing (3.) Resilient Architecture (4.) Serviceable Components






39. (1.) Physical (2.) Technical (4.) Administrative






40. An organization has chosen to open a business office in another country where labor costs are lower and has hired workers to perform business functions there. - The organization is ___________ - while they may have opened the office in a foreign coun






41. A large number of loosely coupled computers that are used to solve a common task may be in close proximity to each other or scattered over a large geographical area.






42. Used to measure the relative maturity of an organization and its processes.






43. An estimate that expresses the percent of errors or exceptions that may exist in an entire population






44. (1.) Executive Summary (2.) Framework (3.) Reporting to External Parties (4.) Evaluation Tools






45. (1.) LAN protocols (2.) 80 (2.) 11 MAC/LLC (WiFi) (3.) Common Carrier packet networks (4.) ARP (5.) PPP and SLIP (6.) Tunneling - PPTP - L2TP






46. A facility that is used to store and manage access to an organization's application source and object code. It consists of 5 parts: (1.) Access and authorization controls (2.) Program checkout (3.) Program Check-in (4.) Version Control (5.) Code Ana






47. An auditor is examining a key management process and has found that the IT department is not following its split-custody procedure. As a result - Someone may be in possession of the _________________.






48. (1.) Executive Summary (2.) Governance and control framework (3.) Control Objectives (4.) Management Guidelines (5.) Implementation Guide (6.) IT Assurance Guide






49. An alternate processing center that contains no information processing equipment.






50. The highest number of errors that can exist without a result being materially misstated.






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests