SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Tests of specified amount fields against stipulated high or low limits of acceptability. When both high and low values are used; the test may be called a range check.
Limit check
Log
Spool (simultaneous peripheral operations online)
Hyperlink
2. Diligence which a person; who possesses a special skill; would exercise under a given set of circumstances
Data analysis
Field
Due professional care
Feasibility study
3. Purposefully hidden malicious or damaging code within an authorized computer program. Unlike viruses; they do not replicate themselves; but they can be just as destructive to a single computer.
General computer controls
Trojan horse
Subject matter (Area of activity)
System software
4. A method of computer fraud involving a computer code that instructs the computer to remove small amounts of money from an authorized computer transaction by rounding down to the nearest whole value denomination and rerouting the rounded off amount to
Masqueraders
Dial-back
Smart card
Rounding down
5. An organized assembly of resources and procedures required to collect; process and distribute data for use in decision making
Management information system (MIS)
Coaxial cable
Control group
Frame relay
6. A communication network that serves several users within a specified geographic area. It is made up of servers; workstations; a network operating system and a communications link. Personal computer LANs function as distributed processing systems in w
Local area network (LAN)
Limit check
Decentralization
IPSec (Internet protocol security)
7. Emergency processing agreements between two or more organizations with similar equipment or applications. Typically; participants promise to provide processing time to each other when an emergency arises.
Reciprocal agreement
Due care
Database specifications
Magnetic card reader
8. The interface between the user and the system
Detection risk
Plaintext
Local loop
Shell
9. Auxiliary computer hardware equipment used for input; output and data storage. Examples include disk drives and printers.
Peripherals
Hexadecimal
Integrated test facilities (ITF)
Microwave transmission
10. It is composed of an insulated wire that runs through the middle of each cable; a second wire that surrounds the insulation of the inner wire like a sheath; and the outer insulation which wraps the second wire. Coaxial cable has a greater transmissio
Rootkit
Coaxial cable
Parallel testing
Address space
11. Tests of control designed to obtain audit evidence on both the effectiveness of the controls and their operation during the audit period
Geographic disk mirroring
Concurrent access
Compliance testing
Remote procedure calls (RPCs)
12. Risks that could impact the organization's ability to perform business or provide a service. They can be financial; regulatory or control oriented.
Business risk
Access method
Image processing
Security administrator
13. The standard e-mail protocol on the Internet
Prototyping
Statistical sampling
Spoofing
SMTP (Simple Mail Transport Protocol)
14. A mathematical key (kept secret by the holder) used to create digital signatures and; depending upon the algorithm; to decrypt messages or files encrypted (for confidentiality) with the corresponding public key
Reverse engineering
COCO
Audit accountability
Private key
15. A phase of an SDLC methodology that researches the feasibility and adequacy of resources for the development or acquisition of a system solution to a user need
IPSec (Internet protocol security)
Executable code
Feasibility study
Static analysis
16. A viewable screen displaying information; presented through a web browser in a single view sometimes requiring the user to scroll to review the entire page. A bank web page may display the bank's logo; provide information about bank products and serv
Security/transaction risk
Web page
Budget formula
IP (Internet protocol)
17. A port configured on a network switch to receive copies of traffic from one or more other ports on the switch
Operating system audit trails
Appearance of independence
Spanning port
Virtual private network (VPN)
18. The current and prospective risk to earnings and capital arising from fraud; error and the inability to deliver products or services; maintain a competitive position and manage information. Security risk is evident in each product and service offered
Repository
Trusted systems
PPTP (point-to-point tunneling protocol)
Security/transaction risk
19. An organization composed of engineers; scientists and students. The IEEE is best known for developing standards for the computer and electronics industry.
Point-of-sale systems (POS)
IEEE (Institute of Electrical and Electronics Engineers)--Pronounced I-triple-E
HTTPS (hyper text transfer protocol secure)
Port
20. Defined by ISACA as the processes by which organisations conduct business electronically with their customers; suppliers and other external business partners; using the Internet as an enabling technology. It therefore encompasses both business-to-bus
Reasonableness check
e-commerce
Handprint scanner
Signatures
21. A sampling technique that estimates the amount of overstatement in an account balance
Hot site
Transaction
UNIX
Monetary unit sampling
22. A specially configured server; designed to attract intruders so that their actions do not affect production systems; also known as a decoy server
Honey pot
Capacity stress testing
Edit controls
Standing data
23. A language used to control run routines in connection with performing tasks on a computer
Job control language (JCL)
Encryption key
Discovery sampling
Combined Code on Corporate Governance
24. The computer's primary working memory. Each byte of memory can be accessed randomly regardless of adjacent bytes.
Expert systems
Continuity
Fscal year
Random access memory (RAM)
25. Analysis that is performed on a continuous basis; with results gained in time to alter the run-time system
Taps
Real-time analysis
Systems analysis
Monitor
26. Polymorphism refers to database structures that send the same command to different child objects that can produce different results depending on their family hierarchical tree structure.
Cleartext
Application controls
Audit trail
Polymorphism (objects)
27. A popular local area network operating system developed by the Novell Corp.
Modem (modulator-demodulator)
Protocol
Standing data
Netware
28. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).
Baud rate
Attitude
Decentralization
Control group
29. A program that translates programming language (source code) into machine executable instructions (object code)
Compiler
Test programs
Magnetic card reader
Database replication
30. The ability of end users to design and implement their own information system utilizing computer software products
Residual risk
End-user computing
Subject matter (Area of activity)
Format checking
31. An evaluation of an application system under development which considers matters such as: appropriate controls are designed into the system; the application will process information in a complete; accurate and reliable manner; the application will fu
Parallel simulation
Queue
Interface testing
Application development review
32. The practice of eavesdropping on information being transmitted over telecommunications links
Wiretapping
Audit
Audit risk
Data communications
33. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.
HTTP (hyper text transfer protocol)
Range check
Point-of-sale systems (POS)
Electronic funds transfer (EFT)
34. In intrusion detection; an error that occurs when a normal activity is misdiagnosed as an attack
Assembly language
False positive
Posting
Promiscuous mode
35. The level to which transactions can be traced and audited through a system
Simple Object Access Protocol (SOAP)
Reasonableness check
Auditability
Uninterruptible power supply (UPS)
36. A permanent connection between hosts in a packet switched network
Permanent virtual circuit (PVC)
Bus topology
Passive assault
Surge suppressor
37. The calendar can contain 'real' accounting periods and/or adjusting accounting periods. The 'real' accounting periods must not overlap; and cannot have any gaps between 'real' accounting periods. Adjusting accounting periods can overlap with other ac
System testing
Adjusting period
Voice mail
Antivirus software
38. A protected; generally computer-encrypted string of characters that authenticate a computer user to the computer system
Password
Non-intrusive monitoring
Web site
Sniffing
39. Individuals; normally managers or directors; who have responsibility for the integrity; accurate reporting and use of computerized data
legal risk
SYN (synchronize)
Data owner
Master file
40. The physical layout of how computers are linked together. Examples include ring; star and bus.
False positive
Content filtering
Topology
Cryptography
41. Machine-readable instructions produced from a compiler or assembler program that has accepted and translated the source code
Salami technique
Distributed data processing network
Fscal year
Object code
42. These controls deal with the everyday operation of a company or organization to ensure all objectives are achieved.
Bus
Operational control
Public key
Black box testing
43. Promulgated through the World Wide Web Consortium; XML is a web-based application development technique that allows designers to create their own customized tags; thus; enabling the definition; transmission; validation and interpretation of data betw
Error risk
Extensible Markup Language (XML)
Data communications
Reputational risk
44. A computer program or set of programs that perform the processing of records for a specific function
Electronic signature
Application
Access rights
Budget
45. Another term for an application programmer interface (API). It refers to the interfaces that allow programmers to access lower- or higher-level services by providing an intermediary layer that includes function calls to the services.
Data flow
Middleware
Automated teller machine (ATM)
Rotating standby
46. A security technique that verifies an individual's identity by analyzing a unique physical attribute; such as a handprint
Audit authority
Biometrics
Data owner
LDAP (Lightweight Directory Access Protocol)
47. Advanced computer systems that can simulate human capabilities; such as analysis; based on a predetermined set of rules
Comparison program
Artificial intelligence
Object-oriented system development
HTTPS (hyper text transfer protocol secure)
48. A top-down technique of designing programs and systems. It makes programs more readable; more reliable and more easily maintained.
Security testing
Data structure
Structured programming
Addressing
49. A formal agreement with a third party to perform an IS function for an organization
HTTP (hyper text transfer protocol)
Outsourcing
Corporate exchange rate
Tuple
50. A group of budgets linked together at different levels such that the budgeting authority of a lower-level budget is controlled by an upper-level budget.
Database management system (DBMS)
Network administrator
Check digit
Budget hierarchy
