SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v
Error
Default password
Job control language (JCL)
Computer server
2. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction
Magnetic ink character recognition (MICR)
Middleware
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Initial program load (IPL)
3. Consists of one or more web pages that may originate at one or more web server computers. A person can view the pages of a website in any order; as he or she would a magazine.
Redo logs
Web site
Content filtering
Variable sampling
4. The central database that stores and organizes data
Bypass label processing (BLP)
Interface testing
Repository
Open systems
5. An interface between data terminal equipment (DTE) and data circuit-terminating equipment (DCE) for terminals operating in the packet mode on some public data networks
X.25 interface
Web page
Structured programming
Encapsulation (objects)
6. The act or function of developing and maintaining applications programs in production
Reasonable assurance
Application programming
Budget organization
Access method
7. A hierarchical database that is distributed across the Internet that allows names to be resolved into IP addresses (and vice versa) to locate services such as web and e-mail servers
SMTP (Simple Mail Transport Protocol)
DNS (domain name system)
Screening routers
Fail-safe
8. A proxy service that connects programs running on internal networks to services on exterior networks by creating two connections; one from the requesting client and another to the destination service
Assembler
Business-to-consumer e-commerce (B2C)
Audit risk
Application proxy
9. These controls deal with the everyday operation of a company or organization to ensure all objectives are achieved.
Operational control
Source code
Monitoring policy
File layout
10. Cooperating packages of executable software that make their services available through defined interfaces. Components used in developing systems may be commercial off-the-shelf software (COTS) or may be purposely built. However; the goal of component
Full duplex
Indexed sequential access method (ISAM)
Mapping
Components (as in component-based development)
11. An independent audit of the control structure of a service organization; such as a service bureau; with the objective of providing assurances to the users of the service organization that the internal control structure is adequate; effective and soun
Third-party review
Hot site
Duplex routing
Coverage
12. These controls exist to detect and report when errors; omissions and unauthorized uses or entries occur.
Noise
Card swipes
Decryption key
Detective controls
13. A security technique that verifies an individual's identity by analyzing a unique physical attribute; such as a handprint
Hot site
Downloading
Biometrics
Black box testing
14. In a passive assault; intruders attempt to learn some characteristic of the data being transmitted. They may be able to read the contents of the data so the privacy of the data is violated. Alternatively; although the content of the data itself may r
Extended Binary-coded Decimal Interchange Code (EBCDIC)
Salami technique
UNIX
Passive assault
15. Disconnecting from the computer
Operating system
External router
HTTPS (hyper text transfer protocol secure)
Logoff
16. A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source
Random access memory (RAM)
System exit
Inheritance (objects)
Audit trail
17. Is present when a financial asset or liability is denominated in a foreign currency or is funded by borrowings in another currency
UDP (User Datagram Protocol)
Appearance
Foreign exchange risk
Budget
18. The ability of end users to design and implement their own information system utilizing computer software products
End-user computing
Misuse detection
Compensating control
DoS (denial-of-service) attack
19. A group of computers connected by a communications network; where the client is the requesting machine and the server is the supplying machine. Software is specialized at both ends. Processing may take place on either the client or the server but it
Client-server
LDAP (Lightweight Directory Access Protocol)
Procedure
Source code
20. Applications that detect; prevent and possibly remove all known viruses from files located in a microcomputer hard drive
Antivirus software
Random access memory (RAM)
Audit risk
Generalized audit software
21. A third party that provides organizations with a variety of Internet; and Internet-related services
DMZ (demilitarized zone)
ISP (Internet service provider)
Service provider
Middleware
22. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems
RADIUS
Audit sampling
Network
Risk
23. The individual responsible for the safeguard and maintenance of all program and data files
Librarian
Multiplexor
Network
Tuple
24. Those controls that seek to maintain confidentiality; integrity and availability of information
liquidity risk
Data security
Console log
IP (Internet protocol)
25. A web-based version of the traditional phone book's yellow and white pages enabling businesses to be publicly listed in promoting greater e-commerce activities.
Magnetic card reader
System software
Auditability
Universal Description; Discovery and Integration (UDDI)
26. A programmed edit or routine that detects transposition and transcription errors by calculating and checking the check digit
Handprint scanner
Check digit verification (self-checking digit)
Screening routers
Interest rate risk
27. An evaluation of an application system being acquired or evaluated; which considers such matters as: appropriate controls are designed into the system; the application will process information in a complete; accurate and reliable manner; the applicat
COCO
Source documents
Application acquisition review
Recovery testing
28. A fail-over process in which there are two nodes (as in idle standby but without priority). The node that enters the cluster first owns the resource group; and the second will join as a standby node.
Application
Error risk
Audit charter
Rotating standby
29. A computer program that enables the user to retrieve information that has been made publicly available on the Internet; also; that permits multimedia (graphics) applications on the World Wide Web
Strategic risk
Due care
browser
Judgment sampling
30. A set of protocols that allow systems to communicate information about the state of services on other systems. It is used; for example; in determining whether systems are up; maximum packet sizes on links; whether a destination host/network/port is a
COSO
Brouters
Field
ICMP (internet control message protocol)
31. Universal Description; Discovery and Integration
Audit plan
Independence
UDDI
Hot site
32. An extension to PPP to facilitate the creation of VPNs. L2TP merges the best features of PPTP (from Microsoft) and L2F (from Cisco).
L2TP (Layer 2 tunneling protocol)
Data security
Salami technique
HTTPS (hyper text transfer protocol secure)
33. A device used for combining several lower-speed channels into a higher-speed channel
Multiplexor
ASCII (American Standard Code for Information Interchange)
Registration authority (RA)
Node
34. A router that is configured to control network access by comparing the attributes of the incoming or outgoing packets to a set of rules
Filtering router
Security perimeter
Initial program load (IPL)
Budget organization
35. Expert or decision support systems that can be used to assist IS auditors in the decision-making process by automating the knowledge of experts in the field. This technique includes automated risk analysis; systems software and control objectives sof
World Wide Web Consortium (W3C)
Audit expert systems
Operational risk
Packet switching
36. An automated function that can be operating system or application based in which electronic data being transmitted between storage areas are spooled or stored until the receiving device or storage area is prepared and able to receive the information.
Spool (simultaneous peripheral operations online)
Audit evidence
Web site
Multiplexor
37. An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals
Personal identification number (PIN)
Segregation/separation of duties
Access control table
Internet Engineering Task Force (IETF)
38. Systems for which detailed specifications of their components composition are published in a nonproprietary environment; thereby enabling competing organizations to use these standard components to build competitive systems. The advantages of using o
Router
Fraud risk
Open systems
Objectivity
39. An Internet standard that allows a network to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. The server; providing the NAT service; changes the source address of outgoing packets from the internal
E-mail/interpersonal messaging
NAT (Network Address Translation)
Cryptography
Packet
40. An automated detail report of computer system activity
DMZ (demilitarized zone)
Wide area network (WAN)
Console log
Confidentiality
41. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.
Bus topology
Partitioned file
e-commerce
Allocation entry
42. Specifies the format of packets and the addressing scheme
IP (Internet protocol)
Security policy
Subject matter (Area of activity)
Residual risk
43. A terminal with built-in processing capability. It has no disk or tape storage but has memory. The terminal interacts with the user by editing and validating data as they are entered prior to final processing.
Intelligent terminal
Topology
Project sponsor
World Wide Web Consortium (W3C)
44. An empowering method/process by which management and staff of all levels collectively identify and evaluate IS related risks and controls under the guidance of a facilitator who could be an IS auditor. The IS auditor can utilise CRSA for gathering re
Control risk self-assessment
Privacy
RFC (request for comments)
Monitor
45. Software that is being used and executed to support normal and authorized organizational operations. Such software is to be distinguished from test software; which is being developed or modified; but has not yet been authorized for use by management.
Bus topology
Repudiation
Production software
Edit controls
46. Detects transmission errors by appending calculated bits onto the end of each segment of data
Corrective controls
IPSec (Internet protocol security)
Redundancy check
Audit accountability
47. Encapsulation is the technique used by layered protocols in which a lower layer protocol accepts a message from a higher layer protocol and places it in the data portion of a frame in the lower layer.
Encapsulation (objects)
Rootkit
Node
Spoofing
48. The person responsible for implementing; monitoring and enforcing security rules established and authorized by management
Data leakage
Local area network (LAN)
business process integrity
Security administrator
49. A file format in which the file is divided into multiple subfiles and a directory is established to locate each subfile
Point-of-presence (POP)
Partitioned file
DDoS (distributed denial-of-service) attack
Asynchronous Transfer Mode (ATM)
50. A networking device that can send (route) data packets from one local area network (LAN) or wide area network (WAN) to another; based on addressing at the network layer (Layer 3) in the OSI model. Networks connected by routers can use different or si
Verification
Rounding down
Router
Attitude
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests