SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA: Certified Information Systems Auditor
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An active - instance of a server operating system running on a machine that is designed to house two or more such virtual servers.
IT Services Financial Management
An Operational Audit
A Virtual Server
Audit Methodologies
2. Contains programs that communicate directly with the end user.
OSI Layer 7: Application
Options for Risk Treatment
Antivirus software on the email servers
Sample Standard Deviation
3. Deliver messages from one station to another on the same network or on different networks. Messaging at this layer is not guaranteed.
Compliance Testing
The audit program
Control Risk
TCP/IP Internet Layer
4. Consists of 11 distinct activities: (1.) Service Desk (2.) Incident Management (3.) Problem Management (4.) Change Management (5.) Configuration Management (6.) Release Management (7.) Service-level Management (8.) Financial Management (9.) Capacity
Application Layer protocols
TCP/IP Transport Layer
Judgmental sampling
IT Service Management
5. An auditor has discovered several errors in user account management: many terminated employees' computer accounts are still active. The best course of action - To improve the _________________ to reduce the number of exceptions. For a time - the proc
Employee termination process
A Service Provider audit
A Financial Audit
Discovery Sampling
6. To communication security policies - procedures - and other security-related information to an organization's employees.
The availability of IT systems
Confidence coefficient
Security Awareness program
Expected Error Rate
7. (1.) Access controls (2.) Encryption (3.) Audit logging
Confidence coefficient
Variable Sampling
More difficult to perform
Primary security features of relational databases
8. The probability that a sample selected actually represents the entire population. This is usually expressed as a percentage.
Input validation checking
Concentrate on samples known to represent high risk
Confidence coefficient
A Service Provider audit
9. A critical application is backed up once per day. The recovery point objective (RPO) for an application that is backed up once per day cannot be ________.
less than 24 hours
Confidence coefficient
Employee termination process
The BCP process
10. Used to determine which business processes are the most critical - by ranking them in order of criticality
Criticality analysis
OSI Layer 5: Session
Control Unit
A Virtual Server
11. (1.) Requirements (2.) Design (3.) Development (4.) Testing (5.) Release preparation (packaging) (6.) Release Deployment
Frameworks
Six steps of the Release Management process
Wet pipe fire sprinkler system
ITIL definition of CHANGE MANAGEMENT
12. An audit that combines an operational audit and a financial audit.
OSI: Data Link Layer
ISO 20000 Standard:
Project change request
An Integrated Audit
13. An organization experiences frequent malware infections on end-user workstations that are received through email - despite the tact that workstations have anti-virus software. To reducing malware - Implementing ________________ will provide an effect
A gate process
Antivirus software on the email servers
An Operational Audit
Judgmental sampling
14. (1.) General (2.) Application
Main types of Controls
Project Management Strategies
Lacks specific expertise or resources to conduct an internal audit
Three Types of Controls
15. Lowest layer. Delivers messages (frames) from one station to another vial local network.
Capability Maturity Model
TCP/IP Link Layer
A Financial Audit
Stratified Sampling
16. Focuses on: maintaining service availability with the least disruption to standard operating parameters during an event
(1.) Polices (2.) Procedures (3.) Standards
Business Continuity
ITIL definition of CHANGE MANAGEMENT
Six steps of the Release Management process
17. An organization has discovered that some of its employees have criminal records. The best course of action for the organization to take - The organization should have ___________________ on all of its existing employees and also begin instituting bac
Statement of Impact
Control Risk
Background checks performed
List of systems examined
18. The maximum period of downtime for a process or application
A Problem
Volumes of COSO framework
Recovery time objective
TCP/IP Transport Layer
19. An audit that is performed in support of an anticipated or active legal proceeding.
A Forensic Audit
Information systems access
A Compliance audit
Inform the auditee
20. Gantt: used to display ______________.
List of systems examined
OSI: Physical Layer
Resource details
WAN Protocols
21. A maturity model that represents the aggregations of other maturity models.
Variable Sampling
Capability Maturity Model Integration (CMMI)
Entire password for an encryption key
Frameworks
22. (1.) Statistical (2.) Judgmental (3.) Attribute (4.) Variable (5.) Stop-or-Go (6.) Discovery (7.) Stratified
The BCP process
Assess the maturity of its business processes
The 4-item focus of a Balanced Scorecard
Types of sampling an auditor can perform.
23. A database administrator has been asked to configure a database management system so that it records all changes made by users - The DBA should implement ___________. This will cause the database to record every change that is made to it.
Department Charters
Stay current with technology
Structural fires and transportation accidents
Audit logging
24. An IS auditor is examining the IT standards document for an organization that was last reviewed two years earlier. The best course of action for the IS auditor is: Report that the ____________________________. Two years is far too long between revie
ISO 20000 Standard:
TCP/IP Transport Layer packet delivery
(1.) Man-made (2.) Natural
IT standards are not being reviewed often enough
25. A technique that is used to select a portion of a population when it is not feasible to test an entire population.
Grid Computing
(1.) Polices (2.) Procedures (3.) Standards
Segregation of duties issue in a high value process
Sampling
26. Framework for auditing and measuring IT Service Management Processes.
ISO 20000 Standard:
Buffers
Personnel involved in the requirements phase of a software development project
Main types of Controls
27. (1.) Executive Summary (2.) Framework (3.) Reporting to External Parties (4.) Evaluation Tools
Volumes of COSO framework
Critical Path Methodology
Options for Risk Treatment
Geographic location
28. The purpose of an auditor doing interviews - To observe personnel to better understand their discipline - as well as ______________.
Organizational culture and maturity
Separate administrative accounts
Stay current with technology
Wet pipe fire sprinkler system
29. The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage - the numeric inverse of the confidence coefficient
Sampling Risk
Stratified Sampling
Six steps of the Release Management process
Department Charters
30. The portion of IT management that tracks the financial value of IT services that support organizational objectives. It includes 4 activities: (1.) Budgeting (2.) Capital Investment (3.) Expense Management (4.) Project accounting and project ROI (Ret
Employees with excessive privileges
IT Services Financial Management
TCP/IP Link Layer
(1.) Polices (2.) Procedures (3.) Standards
31. 1.) Executive Support (2.) Well-defined roles and responsibilities.
To identify the tasks that are responsible for project delays
Information security policy
Notify the Audit Committee
Deming Cycle
32. (1.) Feasibility (2.) Requirements (3.) Design (4.) Development (5.) Testing (6.) Implementation (7.) Post-implementation
Input validation checking
A Cold Site
General Controls
The 7 phases and their order in the SDLC
33. (1.) Develop a BC Policy (2.) Conduct BIA (3.) Perform critical analysis (4.) Establish recovery targets (5.) Develop recovery and continuity strategies and plans (6.) Test recovery and continuity plans and procedures Train personnel Maintain strateg
Background checks performed
TCP/IP Transport Layer packet delivery
The BCP process
The audit program
34. Who is responsible for imposing an IT governance model encompassing IT strategy - information security - and formal enterprise architectural mandates?
Antivirus software on the email servers
IT executives and the Board of Directors
Registers
Geographic location
35. An organization has chosen to open a business office in another country where labor costs are lower and has hired workers to perform business functions there. - The organization is ___________ - while they may have opened the office in a foreign coun
Insourcing
An Operational Audit
Recovery time objective
Configuration Management
36. The primary source for test plans in a software development project is: ________________ that are developed for a project should be the primary source for detailed tests.
Data Link Layer Standards
More difficult to perform
Service Continuity Management
The Requirements
37. A sampling technique where a population is divided into classes or strata - based upon the value of one of the attributes. Samples are then selected from each class.
The appropriate role of an IS auditor in a control self-assessment
Application Layer protocols
Stratified Sampling
Confidence coefficient
38. IT Governance is most concerned with ________.
IT Strategy
Elements of the COSO pyramid
Sampling Risk
Geographic location
39. A facility that is used to store and manage access to an organization's application source and object code. It consists of 5 parts: (1.) Access and authorization controls (2.) Program checkout (3.) Program Check-in (4.) Version Control (5.) Code Ana
The availability of IT systems
Antivirus software on the email servers
Reduced sign-on
The Software Program Library
40. Collections of Controls that work together to achieve an entire range of an organization's objectives.
Frameworks
The 7 phases and their order in the SDLC
OSI Layer 5: Session
Disaster Recovery
41. An auditor has discovered that several administrators in an application share an administrative account. The auditor should recommend that - Several __________________ should be used. This will enforce accountability for each administrator's actions.
Project Management Strategies
Stratified Sampling
Separate administrative accounts
Documentation and interview personnel
42. Used to translate or transform data from lower layers into formats that the application layer can work with.
The Eight Types of Audits
OSI Layer 6: Presentation
Sampling
Background checks performed
43. The risk that a material error exists that will not be prevented or detected by the organization's control framework - The possibility that a process or procedure will be unable to prevent or deter serious errors and wrongdoing.
(1.) Polices (2.) Procedures (3.) Standards
Control Risk
The Steering Committee
OSI: Physical Layer
44. An audit of an IS department's operations and systems.
Stay current with technology
Assess the maturity of its business processes
Organizational culture and maturity
An IS audit
45. An alternate processing center that contains no information processing equipment.
A Cold Site
Options for Risk Treatment
The Steering Committee
Power system controls
46. The process of recording the configuration of IT systems. Each configuration setting is known in ITSM parlance as a Configuration Item.
Six steps of the Release Management process
Registers
Configuration Management
ITIL - IT Infrastructure Library
47. To measure organizational performance and effectiveness against strategic goals.
OSI: Transport Layer
WAN Protocols
A Compliance audit
Balanced Scorecard
48. IT Service Management is defined in ___________________ framework.
IT Services Financial Management
Resource details
Types of sampling an auditor can perform.
ITIL - IT Infrastructure Library
49. An external IS auditor has discovered a _______________________ - The external auditor can only document the finding in the audit report. An external auditor is not in a position to implement controls.
Gantt Chart
Notify the Audit Committee
Structural fires and transportation accidents
Segregation of duties issue in a high value process
50. Disasters are generally grouped in terms of type: ______________.
Grid Computing
Audit Methodologies
(1.) Man-made (2.) Natural
BCP Plans
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests