Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A packet (encapsulated with a frame containing information); which is transmitted in a packet-switching network from source to destination






2. Diagramming data that are to be exchanged electronically; including how it is to be used and what business management systems need it. It is a preliminary step for developing an applications link. (Also see application tracing and mapping.)






3. A connectionless Internet protocol that is designed for network efficiency and speed at the expense of reliability. A data request by the client is served by sending packets without testing to verify if they actually arrive at the destination; not if






4. The act or function of developing and maintaining applications programs in production






5. The act of giving the idea or impression of being or doing something






6. Specifies the format of packets and the addressing scheme






7. A top-down technique of designing programs and systems. It makes programs more readable; more reliable and more easily maintained.






8. The transmission of job control language (JCL) and batches of transactions from a remote terminal location






9. A flag set in the initial setup packets to indicate that the communicating parties are synchronizing the sequence numbers used for the data transmission






10. The act of transferring computerized information from one computer to another computer






11. A testing technique that is used to evaluate output from one application; while the information is sent as input to another application






12. The process of electronically inputting source documents by taking an image of the document; thereby eliminating the need for key entry






13. Is the risk to earnings or capital arising from changes in the value of portfolios of financial instruments. Price risk arises from market making; dealing and position taking in interest rate; foreign exchange; equity and commodities markets. Banks m






14. Modern expression for organizational development stemming from IS/IT impacts. The ultimate goal of BPR is to yield a better performing structure; more responsive to the customer base and market conditions; while yielding material cost savings. To ree






15. A data recovery strategy that allows organizations to recover data within hours after a disaster. It includes recovery of data from an offsite storage media that mirrors data via a communication link. Typically used for batch/journal updates to criti






16. The organization providing the outsourced service






17. Generally; the assumption that an entity will behave substantially as expected. Trust may apply only for a specific function. The key role of this term in an authentication framework is to describe the relationship between an authenticating entity an






18. Programs that provide assurance that the software being audited is the correct version of the software; by providing a meaningful listing of any discrepancies between the two versions of the program






19. A set of protocols that allow systems to communicate information about the state of services on other systems. It is used; for example; in determining whether systems are up; maximum packet sizes on links; whether a destination host/network/port is a






20. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes






21. A report that identifies the elapsed time when a computer is not operating correctly because of machine failure






22. A communications channel that can handle only one signal at a time. The two stations must alternate their transmissions.






23. Interface between data terminal equipment and data communications equipment employing serial binary data interchange






24. The level of trust with which a system object is imbued






25. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems






26. One who obtains products or services from a bank to be used primarily for personal; family or household purposes.






27. Permanent reference data used in transaction processing. These data are changed infrequently; such as a product price file or a name and address file.






28. Software packages that sequentially dial telephone numbers; recording any numbers that answer






29. With respect to security; a special type of virus that does not attach itself to programs; but rather spreads via other methods such as e-mail (also see virus)






30. The standard e-mail protocol on the Internet






31. A complex set of software programs that control the organization; storage and retrieval of data in a database. It also controls the security and integrity of the database.






32. A common connection point for devices in a network; hubs commonly are used to connect segments of a LAN. A hub contains multiple ports. When a packet arrives at one port; it is copied to the other ports so that all segments of the LAN can see all pac






33. An interactive online system capability that immediately updates computer files when transactions are initiated through a terminal






34. Programmed checking of data validity in accordance with predetermined criteria






35. An eight-digit/seven-bit code representing 128 characters; used in most small computers






36. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.






37. The quality or state of not being named or identified






38. A language used to control run routines in connection with performing tasks on a computer






39. A type of service providing an authentication and accounting system often used for dial-up and remote access security






40. The risk associated with an event when the control is in place to reduce the effect or likelihood of that event being taken into account






41. The area of the system that the intrusion detection system is meant to monitor and protect






42. The assurance that a party cannot later deny originating data; that it is the provision of proof of the integrity and origin of the data which can be verified by a third party. Nonrepudiation may be provided by a digital signature.






43. Defined by ISACA as the processes by which organisations conduct business electronically with their customers; suppliers and other external business partners; using the Internet as an enabling technology. It therefore encompasses both business-to-bus






44. A process used to identify and evaluate risks and their potential effects






45. Detects line errors by retransmitting data back to the sending device for comparison with the original transmission






46. Authorized users of a computer system who overstep their legitimate access rights. This category is divided into masqueraders and clandestine users.






47. Detection on the basis of whether the system activity matched that defined as abnormal






48. Specifies the length of the file's record and the sequence and size of its fields. A file layout also will specify the type of data contained within each field. For example; alphanumeric; zoned decimal; packed and binary are types of data.






49. A certificate identifying a public key to its subscriber; corresponding to a private key held by that subscriber. It is a unique code that typically is used to allow the authenticity and integrity of communicated data to be verified.






50. The process of transmitting messages in convenient pieces that can be reassembled at the destination