Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A data transmission service requiring the establishment of a circuit-switched connection before data can be transferred from source data terminal equipment (DTE) to a sink DTE. A circuit-switched data transmission service uses a connection network.






2. The practice of eavesdropping on information being transmitted over telecommunications links






3. Freedom from unauthorized intrusion






4. Typically in large organisations where the quantum of data processed by the ERPs are extremely voluminous; analysis of patterns and trends prove to be extremely useful in ascertaining the efficiency and effectiveness of operations. Most ERPs provide






5. An evaluation of an application system being acquired or evaluated; which considers such matters as: appropriate controls are designed into the system; the application will process information in a complete; accurate and reliable manner; the applicat






6. A flag set in a packet to indicate that this packet is the final data packet of the transmission






7. Compares data to predefined reasonability limits or occurrence rates established for the data.






8. A method for downloading public files using the File Transfer Protocol (FTP). Anonymous FTP is called anonymous because users do not need to identify themselves before accessing files from a particular server. In general; users enter the word anonymo






9. A testing approach that uses knowledge of a program/module's underlying implementation and code intervals to verify its expected behavior.






10. The technique used for selecting records in a file; one at a time; for processing; retrieval or storage. The access method is related to; but distinct from; the file organization that determines how the records are stored.






11. Commonly it is the network segment between the Internet and a private network. It allows access to services from the Internet and the internal private network; while denying access from the Internet directly to the private network.






12. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.






13. In broadband; multiple channels are formed by dividing the transmission medium into discrete frequency segments. It generally requires the use of a modem.






14. Hardware devices; such as asynchronous and synchronous transmissions; that convert between two different types of transmission






15. A software engineering technique whereby an existing application system code can be redesigned and coded using computer-aided software engineering (CASE) technology






16. A protocol used for transmitting data between two ends of a connection






17. Transactions that cannot be denied after the fact






18. The specific information subject to the IS auditor's report and related procedures which can include things such as the design or operation of internal controls and compliance with privacy practices or standards or specified laws and regulations.






19. The processing of a group of transactions at the same time. Transactions are collected and processed against the master files at a specified time.






20. The assurance that a party cannot later deny originating data; that it is the provision of proof of the integrity and origin of the data which can be verified by a third party. Nonrepudiation may be provided by a digital signature.






21. The structure through which the objectives of an organization are set; and the means of attaining those objectives; and determines monitoring performance guidelines. Good corporate governance should provide proper incentives for board and management






22. Any automated audit technique; such as generalized audit software; test data generators; computerized audit programs and specialized audit utilities






23. These controls deal with the everyday operation of a company or organization to ensure all objectives are achieved.






24. An individual who attempts to gain unauthorized access to a computer system






25. Integral part of an application system that is designed to identify and report specific transactions or other information based on pre-determined criteria. Identification of reportable items occurs as part of real-time processing. Reporting may be re






26. Any technique designed to provide the electronic equivalent of a handwritten signature to demonstrate the origin and integrity of specific data. Digital signatures are an example of electronic signatures.






27. A numbering system that uses a base of 16 and uses 16 digits: 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; A; B; C; D; E and F. Programmers use hexadecimal numbers as a convenient way of representing binary numbers.






28. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur






29. A biometric device that is used to authenticate a user through palm scans






30. Specifies the format of packets and the addressing scheme






31. An organized assembly of resources and procedures required to collect; process and distribute data for use in decision making






32. Refers to the security of the infrastructure that supports the ERP networking and telecommunications; operating systems and databases.






33. A type of LAN architecture in which the cable forms a loop; with stations attached at intervals around the loop. Signals transmitted around the ring take the form of messages. Each station receives the messages and each station determines; on the bas






34. A physical control technique that uses a secured card or ID to gain access to a highly sensitive location. Card swipes; if built correctly; act as a preventative control over physical access to those sensitive locations. After a card has been swiped;






35. The process of converting a digital computer signal into an analog telecommunications signal






36. A weakness in system security procedures; system design; implementation or internal controls that could be exploited to violate system security.






37. A method of user authentication. Challenge response authentication is carried out through use of the Challenge Handshake Authentication Protocol (CHAP). When a user tries to log into the server; the server sends the user a ''challenge;'' which is a r






38. An exercise that determines the impact of losing the support of any resource to an organization and establishes the escalation of that loss over time; identifies the minimum resources needed to recover and prioritizes the recovery of processes and su






39. A cipher technique whereby different cryptographic keys are used to encrypt and decrypt a message (see public key cryptosystems)






40. English-like; user friendly; nonprocedural computer languages used to program and/or read and process computer files






41. A named collection of related records






42. An audit designed to determine the accuracy of financial records; as well as evaluate the internal controls of a function or department






43. Analysis of the security state of a system or its compromise on the basis of information collected at intervals






44. An interactive system that provides the user with easy access to decision models and data; to support semistructured decision-making tasks






45. The physical layout of how computers are linked together. Examples include ring; star and bus.






46. Used to ensure that input data agree with predetermined criteria stored in a table






47. A set of protocols that allow systems to communicate information about the state of services on other systems. It is used; for example; in determining whether systems are up; maximum packet sizes on links; whether a destination host/network/port is a






48. A communications terminal control hardware unit that controls a number of computer terminals. All messages are buffered by the controller and then transmitted to the receiver.






49. Intentional violations of established management policy or regulatory requirements. Deliberate misstatements or omissions of information concerning the area under audit or the organization as a whole; gross negligence or unintentional illegal acts.






50. A system software tool that logs; monitors and directs computer tape usage







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests