SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA: Certified Information Systems Auditor
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage - the numeric inverse of the confidence coefficient
Sampling Risk
Structural fires and transportation accidents
Gantt Chart
Network Layer Protocols
2. An auditor has detected potential fraud while testing a control objective - He should ___________________. Because Audit committee members are generally not involved in business operations - they will be sufficiently remove from the matter - and they
A Server Cluster
Examples of IT General Controls
A Financial Audit
Notify the Audit Committee
3. The risk that there are material weaknesses in existing business processes and no compensating controls to detect or prevent them
The Internet Layer in the TCP/IP model
Split custody
Registers
Inherent Risk
4. An organization is building a data center in an area frequented by power outages. The organization cannot tolerate power outages. The best _________________solution is an electric generator and an uninterruptible power supply. The UPS responds to the
PERT Diagram?
less than 24 hours
Project change request
Power system controls
5. A sampling technique where a population is divided into classes or strata - based upon the value of one of the attributes. Samples are then selected from each class.
Stratified Sampling
A Virtual Server
Statement of Impact
Statistical Sampling
6. Lowest layer. Delivers messages (frames) from one station to another vial local network.
TCP/IP Link Layer
Referential Integrity
OSI: Network Layer
Critical Path Methodology
7. An IS auditor is auditing the change management process for a financial application. The auditor has two primary pieces of evidence: change logs and a written analysis of the change logs performed by a business analyst. The change log is best because
A Forensic Audit
objective and unbiased
Antivirus software on the email servers
Application Controls
8. Guide program execution through organization of resources and development of clear project objectives.
Foreign Key
Capability Maturity Model
Project Management Strategies
Lacks specific expertise or resources to conduct an internal audit
9. A Fire sprinkler system has water in its pipes - and sprinkler heads emit water only if the ambient temperature reaches 220 deg. F. This is a ________________. The system is charged with water and will discharge water out of any sprinkler head whose
Transport Layer Protocols
Wet pipe fire sprinkler system
Overall audit risk
Blade Computer Architecture
10. An estimate that expresses the percent of errors or exceptions that may exist in an entire population
Precision means
Expected Error Rate
A gate process
List of systems examined
11. The purpose of an auditor doing interviews - To observe personnel to better understand their discipline - as well as ______________.
Organizational culture and maturity
Frameworks
Business Continuity
General Controls
12. (1.) Access controls (2.) Encryption (3.) Audit logging
Variable Sampling
Primary security features of relational databases
Emergency Changes
An Operational Audit
13. An IS auditor has discovered a high-risk exception during control testing. The best course of action for the IS auditor to take - The IS auditor should immediately ________________ when any high-risk situation is discovered.
Inform the auditee
The Software Program Library
Application Layer protocols
Risk Management
14. A programmer is updating an application that saves passwords in plaintext. In this case - Passwords should be stored in a _____. This makes it impossible for any person to retrieve a password - which could lead to account compromise.
Critical Path Methodology
Hash
The Internet Layer in the TCP/IP model
Separate administrative accounts
15. Collections of Controls that work together to achieve an entire range of an organization's objectives.
(1.) Man-made (2.) Natural
Frameworks
Referential Integrity
The Internet Layer in the TCP/IP model
16. n audit strategy and plans that include: (1.) Scope (2.) Objectives (3.) Resources (4.) Procedures used to evaluation controls and processes
The audit program
Six steps of the Release Management process
The Eight Types of Audits
Department Charters
17. (1.) Executive Summary (2.) Governance and control framework (3.) Control Objectives (4.) Management Guidelines (5.) Implementation Guide (6.) IT Assurance Guide
Elements of the COBIT Framework
IT Services Financial Management
Inherent Risk
Separate administrative accounts
18. (1.) General (2.) Application
Main types of Controls
Examples of IT General Controls
Rating Scale for Process Maturity
Concentrate on samples known to represent high risk
19. Used to determine which business processes are the most critical - by ranking them in order of criticality
Split custody
The best approach for identifying high risk areas for an audit
Statistical Sampling
Criticality analysis
20. Used to translate or transform data from lower layers into formats that the application layer can work with.
Six steps of the Release Management process
Frameworks
OSI Layer 6: Presentation
Expected Error Rate
21. What three elements allow validation of business practices against acceptable measures of regulatory compliance - performance - and standard operational guidelines.
Service Continuity Management
Inherent Risk
(1.) Polices (2.) Procedures (3.) Standards
Statement of Impact
22. Concerns the reliability of data transfer between systems. (1.) Connection Oriented (2.) Guaranteed Delivery (3.) Order of Delivery
Department Charters
Types of sampling an auditor can perform.
Elements of the COSO pyramid
OSI: Transport Layer
23. The inventory of all in-scope business processes and systems
Three Types of Controls
Business impact analysis
Frameworks
The first step in a business impact analysis
24. What activity involves the identification of potential risk and the appropriate response for each threat based on impact assessment using qualitative and/or quantitative measures for an enterprise-wide risk management strategy?
Risk Management
Cloud computing
A Server Cluster
Sampling
25. A sampling technique where items are chosen at random; each item has a statistically equal probability of being chosen.
Statistical Sampling
Notify the Audit Committee
Business impact analysis
The availability of IT systems
26. A four-step quality control process known as PDSA - or PDCA. Steps: (1.) Plan (2.) Do (3.) Study (4.) Act
Lacks specific expertise or resources to conduct an internal audit
Formal waterfall
Deming Cycle
Cloud computing
27. A software developer has informed the project manager that a portion of the application development is going to take five additional days to complete. The project manager make a __________________ to document the reason for the change.
The BCP process
Deming Cycle
Main types of Controls
Project change request
28. The party that performs strategic planning - addresses near-term and long-term requirements aligning business objectives - and technology strategies.
Advantages of outsourcing
Confidence coefficient
Stop-or-go Sampling
The Steering Committee
29. Used to illustrate the relationship between planned activities. PERT diagrams show multiple routes through the project activities - as necessary for accomplishing a goal.
PERT Diagram?
Types of sampling an auditor can perform.
Server cluster
Capability Maturity Model Integration (CMMI)
30. Any event which is not part of the standard operation of service and which causes or may cause an interruption to or reduction in quality of that service. Includes THREE incident types: (1.) Service Outage (2.) Service Slowdown (3.) Software Bug
IT Strategy
Incident Management
ITIL definition of CHANGE MANAGEMENT
Wet pipe fire sprinkler system
31. In Release Management - _________________ means that each step of the release process undergoes formal review and approval before the next step is allowed to begin.
A gate process
The Software Program Library
A Problem
Assess the maturity of its business processes
32. Gantt: used to display ______________.
Stop-or-go Sampling
The audit program
Resource details
Audit Methodologies
33. What type of testing is performed to determine if control procedures have proper design and are operating properly?
An Integrated Audit
Balanced Scorecard
Criticality analysis
Compliance Testing
34. The process of recording the configuration of IT systems. Each configuration setting is known in ITSM parlance as a Configuration Item.
Configuration Management
Prblem Management
Gantt Chart
Recovery time objective
35. Aids in the coordinating of business processes using a sequence of three events -(1.) Business process creation (2.) Implementation (3.) Maintenance 3a. Benchmarking: Facilitates continuous improvement within the BPLC
Sampling
Blade Computer Architecture
Structural fires and transportation accidents
The Business Process Life Cycle
36. A large number of loosely coupled computers that are used to solve a common task may be in close proximity to each other or scattered over a large geographical area.
A Compliance audit
Grid Computing
The typical Configuration Items in Configuration Management
COSO (Committee of Sponsoring Organizations of the Treadway Commission)
37. An auditor has reviewed access privileges of some employees and has discovered that employees with longer terms of service have excessive privileges. This means User privileges are not being removed from their old position when they transfer to a new
TCP/IP Transport Layer
Compliance Testing
Employees with excessive privileges
IT Strategy
38. An audit of operational efficiency.
Stay current with technology
Types of sampling an auditor can perform.
An Administrative
Primary security features of relational databases
39. An organization wants to reduce the number of user IDs and passwords that its employees need to remember. The best available solution to this - _______________. This provides a single authentication service (such as LDAP or AD) that many applications
Examples of Application Controls
Primary security features of relational databases
Detection Risk
Reduced sign-on
40. Subjective sampling is used when the auditor wants to _________________________.
Concentrate on samples known to represent high risk
TCP/IP Network Model
Discovery Sampling
Sampling
41. The delivery of messages from one station to another via one or more networks.. Routes packets between networks.
OSI: Network Layer
The typical Configuration Items in Configuration Management
The 5 types of Evidence that the auditor will collect during an audit.
Sampling Risk
42. Change Management includes a _____________ of six steps: (1.) Proposal or Request (2.) Review (3.) Approval (4.) Implementation (5.) Verification (6.) Post-change Review
Formal waterfall
OSI: Network Layer
Cloud computing
An IS audit
43. A computer uses RAM for several purposes: (1.) Operating System - to store info regarding running processes (2.) ____________ - that are used to temporarily store information retrieved from hard disks (3.) Storage of program code (4.) Storage of prog
TCP/IP Link Layer
Lacks specific expertise or resources to conduct an internal audit
Buffers
Capability Maturity Model Integration (CMMI)
44. The 5 types of risks that are related to audits include: (1.) Control Risk (2.) Detection Risk (3.) Inherent risk (4.) _____________ (5.) Sampling risk
Overall audit risk
Business impact analysis
(1.) Polices (2.) Procedures (3.) Standards
Confidence coefficient
45. An audit report usually includes the following 10 elements: (1.) Cover letter (2.) Introduction (3.) Summary (4.) Audit description (5.) _______________ (6.) Interviewees (7.) Evidence (8.) Explanation of sampling techniques (9.) Findings (10.) Recom
List of systems examined
Volumes of COSO framework
TCP/IP Transport Layer packet delivery
Critical Path Methodology
46. One of a database table's fields - whose value is unique.
Configuration Management
An Administrative
TCP/IP Internet Layer
Database primary key
47. Contains programs that communicate directly with the end user.
Cloud computing
The 5 types of Evidence that the auditor will collect during an audit.
OSI Layer 7: Application
To identify the tasks that are responsible for project delays
48. Used to schedule and sequence activities in a waterfall-type representation. Planned activities are shown flowing downward to completion. More simplistic than a PERT Diagram.
The 5 types of Evidence that the auditor will collect during an audit.
Capability Maturity Model
Prblem Management
Gantt Chart
49. An organization has discovered that some of its employees have criminal records. The best course of action for the organization to take - The organization should have ___________________ on all of its existing employees and also begin instituting bac
Background checks performed
Insourcing
Configuration Management
Critical Path Methodology
50. (1.) MPLS (2.) SONET (3.) T-Carrier (4.) Frame Relay (5.) ISDN (6.) X.25
Transport Layer Protocols
WAN Protocols
objective and unbiased
(1.) Polices (2.) Procedures (3.) Standards
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests