Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A computer facility that provides data processing services to clients on a continual basis






2. Character-at-a-time transmission






3. A testing technique that is used to evaluate output from one application; while the information is sent as input to another application






4. Software that is being used and executed to support normal and authorized organizational operations. Such software is to be distinguished from test software; which is being developed or modified; but has not yet been authorized for use by management.






5. An XML-formatted language used to describe a web service's capabilities as collections of communication endpoints capable of exchanging messages. WSDL is the language that UDDI uses. (Also see Universal Description; Discovery and Integration (UDDI))






6. An international standard that defines information confidentiality; integrity and availability controls






7. Individuals and departments responsible for the storage and safeguarding of computerized information. This typically is within the IS organization.






8. Verifies that the control number follows sequentially and any control numbers out of sequence are rejected or noted on an exception report for further research






9. An attack strategy in which the attacker successively hacks into a series of connected systems; obscuring his/her identify from the victim of the attack






10. Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective; a bank focuses on the sensitivity of the value of its assets; liabilities and revenues to changes in interest rates. Internet banking may attra






11. ATM is a high-bandwidth low-delay switching and multiplexing technology. It is a data link layer protocol. This means that it is a protocol-independent transport mechanism. ATM allows integration of real-time voice and video as well as data. ATM allo






12. Estimated cost and revenue amounts for a given range of periods and set of books. There can be multiple budget versions for the same set of books.






13. An interactive system that provides the user with easy access to decision models and data; to support semistructured decision-making tasks






14. A code whose representation is limited to 0 and 1






15. Analysis of the security state of a system or its compromise on the basis of information collected at intervals






16. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur






17. A public key cryptosystem developed by R. Rivest; A. Shamir and L. Adleman. The RSA has two different keys; the public encryption key and the secret decryption key. The strength of the RSA depends on the difficulty of the prime number factorization.






18. Glass fibers that transmit binary signals over a telecommunications network. Fiber optic systems have low transmission losses as compared to twisted-pair cables. They do not radiate energy or conduct electricity. They are free from corruption and lig






19. These controls exist to detect and report when errors; omissions and unauthorized uses or entries occur.






20. A data recovery strategy that allows organizations to recover data within hours after a disaster. It includes recovery of data from an offsite storage media that mirrors data via a communication link. Typically used for batch/journal updates to criti






21. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame






22. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).






23. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes






24. Used to electronically scan and input written information from a source document






25. A cipher technique whereby different cryptographic keys are used to encrypt and decrypt a message (see public key cryptosystems)






26. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v






27. A technique of reading a computer file while bypassing the internal file/data set label. This process could result in bypassing of the security access control system.






28. Any information collection mechanism utilized by an intrusion detection system






29. The process of taking an unencrypted message (plaintext); applying a mathematical function to it (encryption algorithm with a key) and producing an encrypted message (ciphertext)






30. A technique used to recover the original plaintext from the ciphertext such that it is intelligible to the reader. The decryption is a reverse process of the encryption.






31. Emergency processing agreements between two or more organizations with similar equipment or applications. Typically; participants promise to provide processing time to each other when an emergency arises.






32. The process of converting a digital computer signal into an analog telecommunications signal






33. A type of service providing an authentication and accounting system often used for dial-up and remote access security






34. Door and entry locks that are activated by such biometric features as voice; eye retina; fingerprint or signature






35. A program designed to detect computer viruses






36. An approach to system development where the basic unit of attention is an object; which represents an encapsulation of both data (an object's attributes) and functionality (an object's methods). Objects usually are created using a general template ca






37. The processing of a group of transactions at the same time. Transactions are collected and processed against the master files at a specified time.






38. A piece of information; in a digitized form; used by an encryption algorithm to convert the plaintext to the ciphertext






39. An audit designed to determine the accuracy of financial records and information






40. A language; which enables electronic documents that present information that can be connected together by links instead of being presented sequentially; as is the case with normal text.






41. The risk that an error which could occur in an audit area; and which could be material; individually or in combination with other errors; will not be prevented or detected and corrected on a timely basis by the internal control system






42. A discussion document which sets out an ''Enterprise Governance Model'' focusing strongly on both the enterprise business goals and the information technology enablers which facilitate good enterprise governance; published by the Information Systems






43. An attack using packets with the spoofed source Internet packet (IP) addresses. This technique exploits applications that use authentication based on IP addresses. This technique also may enable an unauthorized user to gain root access on the target






44. An exchange rate; which can be used optionally to perform foreign currency conversion. The corporate exchange rate is generally a standard market rate determined by senior financial management for use throughout the organization.






45. Data-oriented development techniques that work on the premise that data are at the center of information processing and that certain data relationships are significant to a business and must be represented in the data structure of its systems






46. A stored collection of related data needed by organizations and individuals to meet their information processing and retrieval requirements






47. A recovery solution provided by recovery and/or hardware vendors and includes a pre-established contract to deliver hardware resources within a specified number amount of hours after a disaster occurs. This solution usually provides organizations wit






48. A low-level computer programming language which uses symbolic code and produces machine instructions






49. An individual using a terminal; PC or an application can access a network to send an unstructured message to another individual or group of people.






50. The most important types of operational risk involve breakdowns in internal controls and corporate governance. Such breakdowns can lead to financial losses through error; fraud or failure to perform in a timely manner or cause the interests of the ba







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests