SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A vacuum tube that displays data by means of an electron beam striking the screen; which is coated with suitable phosphor material or a device similar to a television screen upon which data can be displayed
Cathode ray tube (CRT)
Run-to-run totals
RS-232 interface
Geographic disk mirroring
2. Is present when a financial asset or liability is denominated in a foreign currency or is funded by borrowings in another currency
Trusted systems
Degauss
Foreign exchange risk
Active response
3. A group of computers connected by a communications network; where the client is the requesting machine and the server is the supplying machine. Software is specialized at both ends. Processing may take place on either the client or the server but it
Comprehensive audit
e-commerce
Client-server
Compensating control
4. Computer hardware that houses the electronic circuits that control/direct all operations of the computer system
Central processing unit (CPU)
Default deny policy
Threat
Default password
5. The systems development phase in which systems specifications and conceptual designs are developed; based on end-user needs and requirements
Systems analysis
Queue
Concurrent access
Brouters
6. Advanced computer systems that can simulate human capabilities; such as analysis; based on a predetermined set of rules
Inheritance (objects)
UDP (User Datagram Protocol)
Audit plan
Artificial intelligence
7. The name given to a class of algorithms that repeatedly try all possible combinations until a solution is found
Brute force
Project team
Object Management Group (OMG)
Program narratives
8. A type of password (i.e.; a secret number assigned to an individual) that; in conjunction with some means of identifying the individual; serves to verify the authenticity of the individual. PINs have been adopted by financial institutions as the prim
Personal identification number (PIN)
Availability
Consumer
Detailed IS ontrols
9. The process of converting an analog telecommunications signal into a digital computer signal
Wide area network (WAN)
Information engineering
Demodulation
Performance indicators
10. Used in data encryption; it uses a secret key to encrypt the plaintext to the ciphertext. It also uses the same key to decrypt the ciphertext to the corresponding plaintext. In this case; the key is symmetric such that the encryption key is equivalen
RADIUS (remote authentication dial-in user service)
Private key cryptosystems
Real-time processing
Hardware
11. Tests of specified amount fields against stipulated high or low limits of acceptability. When both high and low values are used; the test may be called a range check.
Indexed sequential access method (ISAM)
Sampling risk
Limit check
Record; screen and report layouts
12. The process of electronically sending computerized information from one computer to another computer. Most often; the transfer is from a smaller computer to a larger one.
Sniffing
Uploading
Parallel simulation
Automated teller machine (ATM)
13. In vulnerability analysis; passive monitoring approaches in which passwords or other access credentials are required. This sort of check usually involves accessing a system data object.
Hash total
Batch control
Credentialed analysis
Link editor (linkage editor)
14. A storage facility located away from the building housing the primary information processing facility (IPF); used for storage of computer media such as offline backup data and storage files
Detection risk
Accountability
Repository
Offsite storage
15. A system development methodology that is organised around ''objects'' rather than ''actions;' and 'data ' rather than 'logic.' Object-oriented analysis is an assessment of a physical system to determine which objects in the real world need to be repr
Object-oriented system development
Assembler
price risk
Tape management system (TMS)
16. A testing technique that is used to test program logic within a particular program or module. The purpose of the test is to ensure that the program meets system development guidelines and does not abnormally end during processing.
Components (as in component-based development)
Network
Unit testing
Appearance of independence
17. Checks the accuracy of the results produced by a test run. There are three types of checks that an output analyzer can perform. First; if a standard set of test data and test results exists for a program; the output of a test run after program mainte
L2F (Layer 2 forwarding)
Passive assault
Output analyzer
Token ring topology
18. A protocol and program that allows the remote identification of users logged into a system
Broadband
Finger
Idle standby
Format checking
19. The process of generating; recording and reviewing a chronological record of system events to ascertain their accuracy
Audit
Proxy server
Internet banking
Handprint scanner
20. Control Objectives for Information and related Technology; the international set of IT control objectives published by ISACF;® 2000; 1998; 1996
Error
COBIT
Production software
Data diddling
21. In intrusion detection; an error that occurs when an attack is misdiagnosed as a normal activity
Evidence
False negative
Manual journal entry
Due professional care
22. The risk that the IS auditor's substantive procedures will not detect an error which could be material; individually or in combination with other errors
Detection risk
Object code
Substantive testing
Hierarchical database
23. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur
X.25 interface
Job control language (JCL)
Materiality
Benchmark
24. A phase of an SDLC methodology where the affected user groups define the requirements of the system for meeting the defined needs
Requirements definition
Integrated test facilities (ITF)
Continuity
Source code compare programs
25. Any technique designed to provide the electronic equivalent of a handwritten signature to demonstrate the origin and integrity of specific data. Digital signatures are an example of electronic signatures.
Electronic signature
Twisted pairs
Piggy backing
Foreign exchange risk
26. A journal entry entered at a computer terminal. Manual journal entries can include regular; statistical; inter-company and foreign currency entries
System software
Circular routing
Manual journal entry
Engagement letter
27. A program that translates programming language (source code) into machine executable instructions (object code)
virtual organizations
Duplex routing
Password
Compiler
28. The boundary that defines the area of security concern and security policy coverage
Electronic funds transfer (EFT)
Limit check
Data-oriented systems development
Security perimeter
29. The specific information subject to the IS auditor's report and related procedures which can include things such as the design or operation of internal controls and compliance with privacy practices or standards or specified laws and regulations.
Subject matter (Area of activity)
DDoS (distributed denial-of-service) attack
Central office (CO)
Integrity
30. Patterns indicating misuse of a system
Field
Optical scanner
Signatures
Enterprise governance
31. A data dictionary is a database that contains the name; type; range of values; source and authorization for access for each data element in a database. It also indicates which application programs use that data so that when a data structure is contem
Reengineering
Access control
Data dictionary
e-commerce
32. The level of trust with which a system object is imbued
Recovery time objective (RTO)
Privilege
Passive assault
Service provider
33. Specialized tools that can be used to analyze the flow of data; through the processing logic of the application software; and document the logic; paths; control conditions and processing sequences. Both the command language or job control statements
Surge suppressor
Consumer
Sampling risk
Application software tracing and mapping
34. An attack strategy in which the attacker intercepts the communications stream between two parts of the victim system and then replaces the traffic between the two components with the intruder's own; eventually assuming control of the communication
Man-in-the-middle attack
Bus
Datagram
Librarian
35. A high-capacity disk storage device or a computer that stores data centrally for network users and manages access to that data. File servers can be dedicated so that no process other than network management can be executed while the network is availa
File server
Smart card
Tuple
Optical character recognition
36. A platform-independent XML-based formatted protocol enabling applications to communicate with each other over the Internet. Use of this protocol may provide a significant security risk to web application operations; since use of SOAP piggybacks onto
Detective controls
Password cracker
Benchmark
Simple Object Access Protocol (SOAP)
37. A policy whereby access is denied unless it is specifically allowed. The inverse of default allow.
Budget organization
Redundancy check
Default deny policy
Logs/Log file
38. A display terminal without processing capability. Dumb terminals are dependent upon the main computer for processing. All entered data are accepted without further editing or validation.
Dumb terminal
Password
Intelligent terminal
Verification
39. An attack strategy in which the attacker successively hacks into a series of connected systems; obscuring his/her identify from the victim of the attack
Network hop
Telnet
Output analyzer
Baseband
40. A system of storing messages in a private recording medium where the called party can later retrieve the messages
Security management
Embedded audit module
implementation life cycle review
Voice mail
41. Analysis that is performed in real time or in continuous form
Packet filtering
Third-party review
Dynamic analysis
Default password
42. A private network that uses the infrastructure and standards of the Internet and World Wide Web; but is isolated from the public Internet by firewall barriers.
Computer-aided software engineering (CASE)
Application program
Non-intrusive monitoring
Intranet
43. In a passive assault; intruders attempt to learn some characteristic of the data being transmitted. They may be able to read the contents of the data so the privacy of the data is violated. Alternatively; although the content of the data itself may r
Object code
Format checking
Signatures
Passive assault
44. The application of audit procedures to less than 100 percent of the items within a population to obtain audit evidence about a particular characteristic of the population
Audit sampling
Relevant audit evidence
X.25
Virtual private network (VPN)
45. First; it denotes the planning and management of resources in an enterprise. Second; it denotes a software system that can be used to manage whole business processes; integrating purchasing; inventory; personnel; customer service; shipping; financial
Professional competence
Enterprise resource planning
Third-party review
Normalization
46. A private key cryptosystem published by the National Bureau of Standards (NBS); the predecessor of the US National Institute of Standards and Technology (NIST). DES has been used commonly for data encryption in the forms of software and hardware impl
Data Encryption Standard (DES)
DDoS (distributed denial-of-service) attack
Reputational risk
Procedure
47. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th
Wide area network (WAN)
Port
Database replication
System flowcharts
48. A standardized body of data created for testing purposes. Users normally establish the data. Base case validates production application systems and tests the ongoing accurate operation of the system.
Application proxy
Validity check
Audit responsibility
Bar case
49. Diagramming data that are to be exchanged electronically; including how it is to be used and what business management systems need it. It is a preliminary step for developing an applications link. (Also see application tracing and mapping.)
DMZ (demilitarized zone)
Mapping
Trust
Public key
50. A language; which enables electronic documents that present information that can be connected together by links instead of being presented sequentially; as is the case with normal text.
Reliable audit evidence
Comprehensive audit
Operational control
Hypertext
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests