SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA: Certified Information Systems Auditor
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Framework for auditing and measuring IT Service Management Processes.
Current and most up-to-date
ISO 20000 Standard:
ITIL - IT Infrastructure Library
Six steps of the Release Management process
2. An organization experiences frequent malware infections on end-user workstations that are received through email - despite the tact that workstations have anti-virus software. To reducing malware - Implementing ________________ will provide an effect
Examples of IT General Controls
Antivirus software on the email servers
Risk Management
OSI Layer 7: Application
3. The annual expected loss to an asset. It is calculated as the single loss expectancy (SLE) X the annualized rate of occurrence (ARO.)
Power system controls
Substantive Testing
Sampling Risk
Annualized Loss Expectance (ALE)
4. During an audit - the auditor should obtain 6 types of documents - (1.) Org charts (2.) ___________ (3.) third-party contracts (4.) policies and procedures (5.) standards (6.) system documentation
Frameworks
Statement of Impact
OSI Layer 6: Presentation
Department Charters
5. (1.) Executive Summary (2.) Governance and control framework (3.) Control Objectives (4.) Management Guidelines (5.) Implementation Guide (6.) IT Assurance Guide
Department Charters
Elements of the COBIT Framework
Stop-or-go Sampling
CPU
6. A software developer has informed the project manager that a portion of the application development is going to take five additional days to complete. The project manager make a __________________ to document the reason for the change.
A Forensic Audit
The appropriate role of an IS auditor in a control self-assessment
Project change request
Control Unit
7. Aids in the coordinating of business processes using a sequence of three events -(1.) Business process creation (2.) Implementation (3.) Maintenance 3a. Benchmarking: Facilitates continuous improvement within the BPLC
The Business Process Life Cycle
The Release process
Personnel involved in the requirements phase of a software development project
Segregation of duties issue in a high value process
8. Defines internal controls and provides guidance for assessing and improving internal control systems.
Input validation checking
(1.) Man-made (2.) Natural
Frameworks
COSO (Committee of Sponsoring Organizations of the Treadway Commission)
9. Information is arranged in frames and transported across the medium. Collision detection. Checksum verification of delivery.
Types of sampling an auditor can perform.
OSI: Data Link Layer
Registers
Personnel involved in the requirements phase of a software development project
10. Guide program execution through organization of resources and development of clear project objectives.
Business Continuity
Project Management Strategies
Employees with excessive privileges
Stay current with technology
11. (1.) Observations (2.) Written Notes (3.) Correspondence (4.) Process and Procedure documentation (5.) Business records
Business Continuity
Employee termination process
Blade Computer Architecture
The 5 types of Evidence that the auditor will collect during an audit.
12. Consists of main chassis component that is equipped with slots are fitted with individual cpu modules. Main advantage is lower cost per unit.
Assess the maturity of its business processes
Blade Computer Architecture
PERT Diagram?
Sampling
13. (1.) Physical (2.) Technical (4.) Administrative
Audit logging
Application Controls
Concentrate on samples known to represent high risk
Three Types of Controls
14. 1.) Executive Support (2.) Well-defined roles and responsibilities.
Split custody
Business Realization
Examples of IT General Controls
Information security policy
15. Define 10 elements of an Audit - (1.) Subject of audit (2.) Audit Objective (3.) Type of audit (4.) Audit scope (5.) Pre-audit planning (6.) Audit procedures (7.) Communication plan (8.) Report Preparation (9.) Wrap-up (10.) Post-audit follow-up
less than 24 hours
OSI: Physical Layer
Assess the maturity of its business processes
Audit Methodologies
16. The process to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes.
ITIL definition of CHANGE MANAGEMENT
Gantt Chart
Controls
Department Charters
17. Gantt: used to display ______________.
Recovery time objective
Resource details
Annualized Loss Expectance (ALE)
The availability of IT systems
18. A computation of the variance of sample values from the sample mean. This is a measurement of the spread of values in a sample
Information security policy
Employee termination process
Sample Standard Deviation
The appropriate role of an IS auditor in a control self-assessment
19. An audit report usually includes the following 10 elements: (1.) Cover letter (2.) Introduction (3.) Summary (4.) Audit description (5.) _______________ (6.) Interviewees (7.) Evidence (8.) Explanation of sampling techniques (9.) Findings (10.) Recom
List of systems examined
Statistical Sampling
Background checks performed
OSI: Network Layer
20. A sampling technique used to study the characteristics of a population to determine how many samples possess a specific characteristic.
Attribute Sampling
Network Layer Protocols
TCP/IP Link Layer
The availability of IT systems
21. What type of testing is performed to verify the accuracy and integrity of transactions as they flow through a system?
Service Continuity Management
Substantive Testing
Frameworks
Emergency Changes
22. Any event which is not part of the standard operation of service and which causes or may cause an interruption to or reduction in quality of that service. Includes THREE incident types: (1.) Service Outage (2.) Service Slowdown (3.) Software Bug
Emergency Changes
The Eight Types of Audits
Substantive Testing (test of transaction integrity)
Incident Management
23. An auditor has discovered several errors in user account management: many terminated employees' computer accounts are still active. The best course of action - To improve the _________________ to reduce the number of exceptions. For a time - the proc
Employee termination process
Information systems access
Registers
ITIL definition of PROBLEM
24. The result of strategic planning - process development - and systems development - which all contribute towards a launch of business operations to reach a set of business objectives.
Elements of the COSO pyramid
Business Realization
An IS audit
Annualized Loss Expectance (ALE)
25. A tightly coupled collection of computers that are used to solve a common task. One or more actively perform tasks - while zero or more may be in a standby state.
An Operational Audit
TCP/IP Internet Layer
A Server Cluster
OSI: Network Layer
26. (1.) TCP (2.) UDP
Transport Layer Protocols
Formal waterfall
General Controls
Information systems access
27. Used to schedule and sequence activities in a waterfall-type representation. Planned activities are shown flowing downward to completion. More simplistic than a PERT Diagram.
Power system controls
Gantt Chart
Dimensions of the COSO cube
Function Point Analysis
28. Disasters are generally grouped in terms of type: ______________.
Prblem Management
IT executives and the Board of Directors
Information systems access
(1.) Man-made (2.) Natural
29. An organization has discovered that some of its employees have criminal records. The best course of action for the organization to take - The organization should have ___________________ on all of its existing employees and also begin instituting bac
Structural fires and transportation accidents
Background checks performed
IT Service Management
The Business Process Life Cycle
30. (1.) Feasibility (2.) Requirements (3.) Design (4.) Development (5.) Testing (6.) Implementation (7.) Post-implementation
Risk Management
Sample Standard Deviation
Criticality analysis
The 7 phases and their order in the SDLC
31. What activity involves the identification of potential risk and the appropriate response for each threat based on impact assessment using qualitative and/or quantitative measures for an enterprise-wide risk management strategy?
Recovery time objective
The Internet Layer in the TCP/IP model
A gate process
Risk Management
32. The risk that there are material weaknesses in existing business processes and no compensating controls to detect or prevent them
Rating Scale for Process Maturity
Formal waterfall
Inherent Risk
Balanced Scorecard
33. The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage - the numeric inverse of the confidence coefficient
Advantages of outsourcing
Audit logging
Sampling Risk
Inform the auditee
34. An audit of a third-party organization that provides services to other organizations.
Control Risk
A Service Provider audit
Split custody
Criticality analysis
35. An organization that has experienced a sudden increase in its long-distance charges has asked an auditor to investigate. The auditor is most likely to suspect that intruders have discovered a ______________________and is committing toll fraud.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. 0. No process at all (1.) Process are ad hoc and disorganized (2.) Consistent processes (3.) Documented processes (4.) Measured and managed processes (5.) Processes are continuously improved
The best approach for identifying high risk areas for an audit
IT standards are not being reviewed often enough
Rating Scale for Process Maturity
Testing activities
37. A computer uses RAM for several purposes: (1.) Operating System - to store info regarding running processes (2.) ____________ - that are used to temporarily store information retrieved from hard disks (3.) Storage of program code (4.) Storage of prog
The first step in a business impact analysis
ITIL definition of CHANGE MANAGEMENT
Buffers
Information security policy
38. Used to determine which business processes are the most critical - by ranking them in order of criticality
Inherent Risk
Balanced Scorecard
Vulnerability in the organization's PBX
Criticality analysis
39. An IS auditor needs to perform an audit of a financial system and needs to trace individual transactions through the system. What type of testing should the auditor perform?
SDLC Phases
less than 24 hours
Substantive Testing (test of transaction integrity)
Business Realization
40. Must be tested to validate effectiveness through: (1.) Document Review (2.) Walkthrough (3.) Simulation (4.) Parallel testing (5.) Cutover testing practices
BCP Plans
Assess the maturity of its business processes
Incident Management
List of systems examined
41. One of a database table's fields - whose value is unique.
Control Unit
Cloud computing
Database primary key
Transport Layer Protocols
42. The probability that a sample selected actually represents the entire population. This is usually expressed as a percentage.
Confidence coefficient
The 5 types of Evidence that the auditor will collect during an audit.
CPU
Referential Integrity
43. A sampling technique where items are chosen at random; each item has a statistically equal probability of being chosen.
Employees with excessive privileges
Statistical Sampling
Assess the maturity of its business processes
Business impact analysis
44. A field in a record in one table that can reference a primary key in another table that can reference a primary key in another table.
The first step in a business impact analysis
Foreign Key
Prblem Management
Audit logging
45. (1.) MPLS (2.) SONET (3.) T-Carrier (4.) Frame Relay (5.) ISDN (6.) X.25
Business impact analysis
Discovery Sampling
WAN Protocols
Organizational culture and maturity
46. Application controls limit ___________ in three ways: (1.) Point of Entry (Input Controls) (2.) During consumption (process controls) (3.) At the point of expression (Output Controls)
Information systems access
The first step in a business impact analysis
Annualized Loss Expectance (ALE)
Categories of risk treatment
47. The risk that an IS auditor will overlook errors or exceptions during an audit.
The Business Process Life Cycle
Sampling Risk
Detection Risk
Criticality analysis
48. A sampling technique where at least one exception is sought in a population
Statement of Impact
Discovery Sampling
Expected Error Rate
The Software Program Library
49. A maturity model that represents the aggregations of other maturity models.
Capability Maturity Model Integration (CMMI)
Project change request
The Software Program Library
TCP/IP Transport Layer
50. Concerns the reliability of data transfer between systems. (1.) Connection Oriented (2.) Guaranteed Delivery (3.) Order of Delivery
Sampling Risk
OSI: Transport Layer
The Release process
Service Continuity Management
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests