Test your basic knowledge |

CISA: Certified Information Systems Auditor

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Consists of main chassis component that is equipped with slots are fitted with individual cpu modules. Main advantage is lower cost per unit.






2. (1.) LAN protocols (2.) 80 (2.) 11 MAC/LLC (WiFi) (3.) Common Carrier packet networks (4.) ARP (5.) PPP and SLIP (6.) Tunneling - PPTP - L2TP






3. (1.) General (2.) Application






4. An IS auditor needs to perform an audit of a financial system and needs to trace individual transactions through the system. What type of testing should the auditor perform?






5. The 5 types of risks that are related to audits include: (1.) Control Risk (2.) Detection Risk (3.) Inherent risk (4.) _____________ (5.) Sampling risk






6. The highest number of errors that can exist without a result being materially misstated.






7. The portion of IT management that tracks the financial value of IT services that support organizational objectives. It includes 4 activities: (1.) Budgeting (2.) Capital Investment (3.) Expense Management (4.) Project accounting and project ROI (Ret






8. An organization wants to reduce the number of user IDs and passwords that its employees need to remember. The best available solution to this - _______________. This provides a single authentication service (such as LDAP or AD) that many applications






9. The means by which management establishes and measures processes by which organizational objectives are achieved






10. An audit of an accounting system - accounting department processes - and procedures to determine if business controls are sufficient to ensure the integrity of financial statements.






11. A computer uses RAM for several purposes: (1.) Operating System - to store info regarding running processes (2.) ____________ - that are used to temporarily store information retrieved from hard disks (3.) Storage of program code (4.) Storage of prog






12. An auditor has discovered that several administrators in an application share an administrative account. The auditor should recommend that - Several __________________ should be used. This will enforce accountability for each administrator's actions.






13. A technique that is used to select a portion of a population when it is not feasible to test an entire population.






14. (1.) TCP (2.) UDP






15. A tightly coupled collection of computers that are used to solve a common task. One or more actively perform tasks - while zero or more may be in a standby state.






16. An audit that is performed in support of an anticipated or active legal proceeding.






17. When several incidents have occurred that appear to have the same or a similar root cause - a PROBLEM is occurring.






18. To communication security policies - procedures - and other security-related information to an organization's employees.






19. Used to translate or transform data from lower layers into formats that the application layer can work with.






20. (1.) Executive Summary (2.) Governance and control framework (3.) Control Objectives (4.) Management Guidelines (5.) Implementation Guide (6.) IT Assurance Guide






21. Disasters are generally grouped in terms of type: ______________.






22. Delivery of packets from one station to another - on the same network or on different networks.






23. An organization experiences frequent malware infections on end-user workstations that are received through email - despite the tact that workstations have anti-virus software. To reducing malware - Implementing ________________ will provide an effect






24. Deliver messages from one station to another on the same network or on different networks. Messaging at this layer is not guaranteed.






25. Used to estimate the effort required to develop a software program.






26. The probability that a sample selected actually represents the entire population. This is usually expressed as a percentage.






27. Consists of two main packet transport protocols: TCP and UDP.






28. The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage - the numeric inverse of the confidence coefficient






29. An auditor has discovered several errors in user account management: many terminated employees' computer accounts are still active. The best course of action - To improve the _________________ to reduce the number of exceptions. For a time - the proc






30. The IS auditor should act as a SME in the control self-assessment - but should not play a major role in the process.






31. IT Governance is most concerned with ________.






32. Lowest layer. Delivers messages (frames) from one station to another vial local network.






33. (1.) MPLS (2.) SONET (3.) T-Carrier (4.) Frame Relay (5.) ISDN (6.) X.25






34. Focuses on: maintaining service availability with the least disruption to standard operating parameters during an event






35. A CMM helps an organization to _______________ - which is an important first step to any large-scale process improvement effort.






36. The result of strategic planning - process development - and systems development - which all contribute towards a launch of business operations to reach a set of business objectives.






37. (1.) Access controls (2.) Encryption (3.) Audit logging






38. Describes the effect on the business if a process is incapacitated for any appreciable time






39. To review and approve proposed changes to systems and infrastructure. This helps to reduce the risk of unintended events and unplanned downtime.






40. Support the functioning of the application controls






41. An organization has discovered that some of its employees have criminal records. The best course of action for the organization to take - The organization should have ___________________ on all of its existing employees and also begin instituting bac






42. (1.) Utility (DNS - SNMP - DHCP (2.) Messaging protocols (SMTP) (3.) Data Transfer protocols (NFS - FTP) (4.) Interactive protocols (Telnet)






43. Used to determine which business processes are the most critical - by ranking them in order of criticality






44. IT Service Management is defined in ___________________ framework.






45. A four-step quality control process known as PDSA - or PDCA. Steps: (1.) Plan (2.) Do (3.) Study (4.) Act






46. The inventory of all in-scope business processes and systems






47. (1.) Executive Summary (2.) Framework (3.) Reporting to External Parties (4.) Evaluation Tools






48. Used to measure the relative maturity of an organization and its processes.






49. Information is arranged in frames and transported across the medium. Collision detection. Checksum verification of delivery.






50. The delivery of messages from one station to another via one or more networks.. Routes packets between networks.