Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A point in a routine at which sufficient information can be stored to permit restarting the computation from that point. NOTE: seems to pertain to recover - shutting down database after all records have been committed for example






2. In vulnerability analysis; gaining information by performing checks that affects the normal operation of the system; even crashing the system






3. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur






4. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.






5. The probability that the IS auditor has reached an incorrect conclusion because an audit sample; rather than the whole population; was tested. While sampling risk can be reduced to an acceptably low level by using an appropriate sample size and selec






6. An interactive system that provides the user with easy access to decision models and data; to support semistructured decision-making tasks






7. A sampling technique used to estimate the average or total value of a population based on a sample; a statistical model used to project a quantitative characteristic; such as a dollar amount






8. An individual using a terminal; PC or an application can access a network to send an unstructured message to another individual or group of people.






9. The act of transferring computerized information from one computer to another computer






10. A high-capacity disk storage device or a computer that stores data centrally for network users and manages access to that data. File servers can be dedicated so that no process other than network management can be executed while the network is availa






11. A utility program that combines several separately compiled modules into one; resolving internal references between them






12. The transmission of more than one signal across a physical channel






13. Modern expression for organizational development stemming from IS/IT impacts. The ultimate goal of BPR is to yield a better performing structure; more responsive to the customer base and market conditions; while yielding material cost savings. To ree






14. Using telecommunications facilities for handling and processing of computerized information






15. An IS backup facility that has the necessary electrical and physical components of a computer facility; but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user






16. A program designed to detect computer viruses






17. The process of distributing computer processing to different locations within an organization






18. A special terminal used by computer operations personnel to control computer and systems operations functions. These terminals typically provide a high level of computer access and should be properly secured.






19. A master control program that runs the computer and acts as a scheduler and traffic controller. It is the first program copied into the computer's memory after the computer is turned on and must reside in memory at all times. It is the software that






20. The accuracy and completeness of information as well as to its validity in accordance with business values and expectations






21. In broadband; multiple channels are formed by dividing the transmission medium into discrete frequency segments. It generally requires the use of a modem.






22. A resource whose loss will result in the loss of service or production






23. The method used to identify the location of a participant in a network. Ideally; addressing specifies where the participant is located rather than who they are (name) or how to get there (routing).






24. The router at the extreme edge of the network under control; usually connected to an ISP or other service provider; also known as border router






25. Advanced computer systems that can simulate human capabilities; such as analysis; based on a predetermined set of rules






26. Encapsulation is the technique used by layered protocols in which a lower layer protocol accepts a message from a higher layer protocol and places it in the data portion of a frame in the lower layer.






27. Risks that could impact the organization's ability to perform business or provide a service. They can be financial; regulatory or control oriented.






28. An audit designed to determine the accuracy of financial records; as well as evaluate the internal controls of a function or department






29. A system's level of resilience to seamlessly react from hardware and/or software failure






30. An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing






31. The traditional Internet service protocol widely used for many years on UNIX-based operating systems and supported by the Internet Engineering Task Force (IETF) that allows a program on one computer to execute a program on another (e.g.; server). The






32. A private network that is configured within a public network. For years; common carriers have built VPNs that appear as private national or international networks to the customer; but physically share backbone trunks with other customers. VPNs enjoy






33. Verifies that the control number follows sequentially and any control numbers out of sequence are rejected or noted on an exception report for further research (can be alpha or numeric and usually utilizes a key field)






34. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display






35. A formal agreement with a third party to perform an IS function for an organization






36. Organizations that have no official physical site presence and are made up of diverse geographically dispersed or mobile employees.






37. The specific goal(s) of an audit. These often center on substantiating the existence of internal controls to minimize business risk.






38. A high level description of the audit work to be performed in a certain period of time (ordinarily a year). It includes the areas to be audited; the type of work planned; the high level objectives and scope of the work; and topics such as budget; res






39. A set of protocols developed by the IETF to support the secure exchange of packets






40. The use of software packages that aid in the development of all phases of an information system. System analysis; design programming and documentation are provided. Changes introduced in one CASE chart will update all other related charts automatical






41. A data recovery strategy that allows organizations to recover data within hours after a disaster. It includes recovery of data from an offsite storage media that mirrors data via a communication link. Typically used for batch/journal updates to criti






42. Diligence which a person; who possesses a special skill; would exercise under a given set of circumstances






43. The process of feeding test data into two systems; the modified system and an alternative system (possibly the original system) and comparing results






44. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.






45. A recovery solution provided by recovery and/or hardware vendors and includes a pre-established contract to deliver hardware resources within a specified number amount of hours after a disaster occurs. This solution usually provides organizations wit






46. Expert systems are the most prevalent type of computer systems that arise from the research of artificial intelligence. An expert system has a built in hierarchy of rules; which are acquired from human experts in the appropriate field. Once input is






47. Detects line errors by retransmitting data back to the sending device for comparison with the original transmission






48. An authentication protocol; often used by remote-access servers






49. A destructive computer program that spreads from computer to computer using a range of methods; including infecting floppy disks and other programs. Viruses typically attach themselves to a program and modify it so that the virus code runs when the p






50. Expert or decision support systems that can be used to assist IS auditors in the decision-making process by automating the knowledge of experts in the field. This technique includes automated risk analysis; systems software and control objectives sof