Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An XML-formatted language used to describe a web service's capabilities as collections of communication endpoints capable of exchanging messages. WSDL is the language that UDDI uses. (Also see Universal Description; Discovery and Integration (UDDI))






2. In vulnerability analysis; gaining information by performing checks that affects the normal operation of the system; even crashing the system






3. A computer file storage format in which one record follows another. Records can be accessed sequentially only. It is required with magnetic tape.






4. A layer within the International Organization for Standardization (ISO)/Open Systems Interconnection (OSI) model. It is used in information transfers between users through application programs and other devices. In this layer various protocols are ne






5. Any situation or event that has the potential to harm a system






6. Commonly it is the network segment between the Internet and a private network. It allows access to services from the Internet and the internal private network; while denying access from the Internet directly to the private network.






7. Software that is being used and executed to support normal and authorized organizational operations. Such software is to be distinguished from test software; which is being developed or modified; but has not yet been authorized for use by management.






8. Unusual or statistically rare






9. A measurement of the point prior to an outage to which data are to be restored






10. The risk of errors occurring in the area being audited






11. The name given to a class of algorithms that repeatedly try all possible combinations until a solution is found






12. Point at which terminals are given access to a network






13. Analysis of the security state of a system or its compromise on the basis of information collected at intervals






14. Files maintained by a system; primarily a database management system; for the purposed of reapplying changes following an error or outage recovery






15. The computer room and support areas






16. A series of tests designed to ensure that the modified program interacts correctly with other system components. These test procedures typically are performed by the system maintenance staff in their development library.






17. The number of distinct locations that may be referred to with the machine address. For most binary machines; it is equal to 2n; where n is the number of bits in the machine address.






18. An empowering method/process by which management and staff of all levels collectively identify and evaluate IS related risks and controls under the guidance of a facilitator who could be an IS auditor. The IS auditor can utilise CRSA for gathering re






19. The act of verifying the identity of a system entity (e.g.; a user; a system; a network node) and the entity's eligibility to access computerized information. Designed to protect against fraudulent logon activity. Authentication can also refer to the






20. The logical language a computer understands






21. A document which defines the IS audit function's responsibility; authority and accountability






22. Another term for an application programmer interface (API). It refers to the interfaces that allow programmers to access lower- or higher-level services by providing an intermediary layer that includes function calls to the services.






23. A telecommunications carrier's facilities in a local area in which service is provided where local service is switched to long distance






24. A row or record consisting of a set of attribute value pairs (column or field) in a relational data structure






25. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction






26. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display






27. A set of utilities that implement a particular network protocol. For instance; in Windows machines a TCP/IP stack consists of TCP/IP software; sockets software and hardware driver software.






28. The act of connecting to the computer. It typically requires entry of a user ID and password into a computer terminal.






29. An individual or department responsible for the security and information classification of the shared data stored on a database system. This responsibility includes the design; definition and maintenance of the database.






30. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).






31. To the basic border firewall; add a host that resides on an untrusted network where the firewall cannot protect it. That host is minimally configured and carefully managed to be as secure as possible. The firewall is configured to require incoming an






32. The process of electronically inputting source documents by taking an image of the document; thereby eliminating the need for key entry






33. A fail-over process in which the primary node owns the resource group. The backup node runs a non-critical application (e.g.; a development or test environment) and takes over the critical resource group but not vice versa.






34. A device that connects two similar networks together






35. Detection on the basis of whether the system activity matched that defined as abnormal






36. A device that forms a barrier between a secure and an open environment. Usually; the open environment is considered hostile. The most notable hostile environment is the Internet. In other words; a firewall enforces a boundary between two or more netw






37. A method of selecting a portion of a population; by means of mathematical calculations and probabilities; for the purpose of making scientifically and mathematically sound inferences regarding the characteristics of the entire population






38. Any yearly accounting period without regard to its relationship to a calendar year.






39. Asoftware testing technique whereby the internal workings of the item being tested are not known by the tester. For example - in a black box test on a software design the tester only knows the inputs and what the expected outcomes should be and not h






40. A phone number that represents the area in which the communications provider or Internet service provider (ISP) provides service






41. ATM is a high-bandwidth low-delay switching and multiplexing technology. It is a data link layer protocol. This means that it is a protocol-independent transport mechanism. ATM allows integration of real-time voice and video as well as data. ATM allo






42. An algorithm that maps or translates one set of bits into another (generally smaller) so that a message yields the same result every time the algorithm is executed using the same message as input. It is computationally infeasible for a message to be






43. A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population






44. A statement of the position within the organization; including lines of reporting and the rights of access






45. Programs that are tested and evaluated before approval into the production environment. Test programs; through a series of change control moves; migrate from the test environment to the production environment and become production programs.






46. Consists of one or more web pages that may originate at one or more web server computers. A person can view the pages of a website in any order; as he or she would a magazine.






47. Behavior adequate to meet the situations occurring during audit work (interviews; meetings; reporting; etc.). The IS auditor should be aware that appearance of independence depends upon the perceptions of others and can be influenced by improper acti






48. Audit evidence is sufficient if it is adequate; convincing and would lead another IS auditor to form the same conclusions.






49. In broadband; multiple channels are formed by dividing the transmission medium into discrete frequency segments. It generally requires the use of a modem.






50. An Internet standard that allows a network to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. The server; providing the NAT service; changes the source address of outgoing packets from the internal







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests