SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Refer to the transactions and data relating to each computer-based application system and are therefore specific to each such application. The objectives of application controls; which may be manual; or programmed; are to ensure the completeness and
Coupling
Base case
Application controls
Source code compare programs
2. Software packages that sequentially dial telephone numbers; recording any numbers that answer
Multiplexing
War dialler
UDDI
Geographic disk mirroring
3. A private network that uses the infrastructure and standards of the Internet and World Wide Web; but is isolated from the public Internet by firewall barriers.
Cross-certification
Database
Application
Intranet
4. Data-oriented development techniques that work on the premise that data are at the center of information processing and that certain data relationships are significant to a business and must be represented in the data structure of its systems
DoS (denial-of-service) attack
Appearance
File server
Information engineering
5. Estimated cost and revenue amounts for a given range of periods and set of books. There can be multiple budget versions for the same set of books.
Budget
Misuse detection
Idle standby
Program flowcharts
6. Intentional violations of established management policy or regulatory requirements. Deliberate misstatements or omissions of information concerning the area under audit or the organization as a whole; gross negligence or unintentional illegal acts.
Recovery testing
Terminal
Passive response
Irregularities
7. Behavior adequate to meet the situations occurring during audit work (interviews; meetings; reporting; etc.). The IS auditor should be aware that appearance of independence depends upon the perceptions of others and can be influenced by improper acti
Audit accountability
Data dictionary
Appearance of independence
Logs/Log file
8. Machine-readable instructions produced from a compiler or assembler program that has accepted and translated the source code
Sampling risk
Access path
Content filtering
Object code
9. Identified by one central processor and databases that form a distributed processing configuration
Centralized data processing
System exit
SMTP (Simple Mail Transport Protocol)
Incremental testing
10. A software suite designed to aid an intruder in gaining unauthorized administrative access to a computer system
Central office (CO)
Rootkit
Non-intrusive monitoring
Private key cryptosystems
11. Another term for an application programmer interface (API). It refers to the interfaces that allow programmers to access lower- or higher-level services by providing an intermediary layer that includes function calls to the services.
Middleware
Attribute sampling
Ring topology
L2TP (Layer 2 tunneling protocol)
12. A testing approach that uses knowledge of a program/module's underlying implementation and code intervals to verify its expected behavior.
Split data systems
Whitebox testing
Rotating standby
Protocol
13. The act of transferring computerized information from one computer to another computer
Prototyping
E-mail/interpersonal messaging
Downloading
Parallel simulation
14. A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population
Monitoring policy
Discovery sampling
Run instructions
Vaccine
15. Audit evidence is reliable if; in the IS auditor's opinion; it is valid; factual; objective and supportable.
Reliable audit evidence
Service provider
Polymorphism (objects)
Sufficient audit evidence
16. To record details of information or events in an organized record-keeping system; usually sequenced in the order they occurred
Reasonableness check
Database management system (DBMS)
Cleartext
Log
17. Encapsulation is the technique used by layered protocols in which a lower layer protocol accepts a message from a higher layer protocol and places it in the data portion of a frame in the lower layer.
Internal control structure
Encapsulation (objects)
Interest rate risk
Audit trail
18. Audit evidence is sufficient if it is adequate; convincing and would lead another IS auditor to form the same conclusions.
Addressing
Business process reengineering (BPR)
Decision support systems (DSS)
Sufficient audit evidence
19. A system development methodology that is organised around ''objects'' rather than ''actions;' and 'data ' rather than 'logic.' Object-oriented analysis is an assessment of a physical system to determine which objects in the real world need to be repr
Payment system
Object-oriented system development
Bar code
Objectivity
20. In vulnerability analysis; passive monitoring approaches in which passwords or other access credentials are required. This sort of check usually involves accessing a system data object.
Circuit-switched network
Application security
Credentialed analysis
Appearance of independence
21. A report on Internal Control--An Integrated Framework sponsored by the Committee of Sponsoring Organizations of the Treadway Commission in 1992. It provides guidance and a comprehensive framework of internal control for all organizations.'
Logs/Log file
COSO
Circuit-switched network
Demodulation
22. The list of rules and/or guidance that is used to analyze event data
Rulebase
System flowcharts
Operational risk
Log
23. A device for sending and receiving computerized data over transmission lines
Computer-aided software engineering (CASE)
Corporate governance
Terminal
Check digit verification (self-checking digit)
24. The application of an edit; using a predefined field definition to a submitted information stream; a test to ensure that data conform to a predefined format
Data Encryption Standard (DES)
Consumer
Format checking
Production software
25. A manual or automated log of all updates to data files and databases
Project team
Degauss
Transaction log
Audit authority
26. A fail-over process; in which all nodes run the same resource group (there can be no IP or MAC addresses in a concurrent resource group) and access the external storage concurrently
HTTPS (hyper text transfer protocol secure)
Redo logs
Concurrent access
Fscal year
27. Audit evidence is useful if it assists the IS auditors in meeting their audit objectives.
Artificial intelligence
Ethernet
Object orientation
Useful audit evidence
28. The current and prospective effect on earnings or capital arising from adverse business decisions; improper implementation of decisions or lack of responsiveness to industry changes.
Strategic risk
Local area network (LAN)
Offsite storage
Partitioned file
29. A statement of the position within the organization; including lines of reporting and the rights of access
Untrustworthy host
Audit authority
Anonymous File Transfer Protocol (FTP)
Record
30. A packet (encapsulated with a frame containing information); which is transmitted in a packet-switching network from source to destination
Application programming interface (API)
Record; screen and report layouts
Datagram
Operational control
31. Attackers that penetrate systems by using user identifiers and passwords taken from legitimate users
World Wide Web Consortium (W3C)
Voice mail
Masqueraders
Wide area network (WAN)
32. The accuracy and completeness of information as well as to its validity in accordance with business values and expectations
Single point of failure
Integrity
Dynamic analysis
Application program
33. Faking the sending address of a transmission in order to gain illegal entry into a secure system
Spoofing
Untrustworthy host
Parallel testing
Analog
34. A low-level computer programming language which uses symbolic code and produces machine instructions
Broadband
Assembly language
Token ring topology
Interest rate risk
35. A flag set in the initial setup packets to indicate that the communicating parties are synchronizing the sequence numbers used for the data transmission
Cathode ray tube (CRT)
Trust
SYN (synchronize)
False positive
36. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.
Screening routers
Control perimeter
HTTP (hyper text transfer protocol)
System testing
37. A protocol and program that allows the remote identification of users logged into a system
Database
Datagram
Finger
Management information system (MIS)
38. Checks that data are entered correctly
Central processing unit (CPU)
Internet banking
Verification
Concurrent access
39. Verifies that the control number follows sequentially and any control numbers out of sequence are rejected or noted on an exception report for further research (can be alpha or numeric and usually utilizes a key field)
Business impact analysis (BIA)
Repudiation
Sequence check
Application development review
40. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.
Audit expert systems
Data owner
Due care
Software
41. An ASP that also provides outsourcing of business processes such as payment processing; sales order processing and application development
BSP (business service provider)
Binary code
Private key
Web site
42. A live test of the effectiveness of security defenses through mimicking the actions of real-life attackers
Edit controls
Penetration testing
Source documents
Partitioned file
43. A document that has been approved by the IETF becomes an RFC and is assigned a unique number once published. If it gains enough interest; it may evolve into an Internet standard.
RFC (request for comments)
Token ring topology
RS-232 interface
Partitioned file
44. A data dictionary is a database that contains the name; type; range of values; source and authorization for access for each data element in a database. It also indicates which application programs use that data so that when a data structure is contem
Rootkit
Data dictionary
Spoofing
Console log
45. The level of trust with which a system object is imbued
Middleware
Sequential file
Software
Privilege
46. A file format in which records are organized and can be accessed; according to a preestablished key that is part of the record
Password
Fail-over
Addressing
Indexed sequential file
47. An exchange rate; which can be used optionally to perform foreign currency conversion. The corporate exchange rate is generally a standard market rate determined by senior financial management for use throughout the organization.
Internal penetrators
ISP (Internet service provider)
Corporate exchange rate
Librarian
48. These controls are designed to prevent or restrict an error; omission or unauthorized intrusion.
Anonymity
Assembler
Preventive controls
Coverage
49. 1) Two or more networks connected by a router 2) The world's largest network using TCP/IP protocols to link government; university and commercial institutions
Fail-safe
Internet
Dynamic analysis
Field
50. Refers to the security of the infrastructure that supports the ERP networking and telecommunications; operating systems and databases.
Technical infrastructure security
Operational risk
Data-oriented systems development
Default password
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests