Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A consortium with more than 700 affiliates from the software industry. Its purpose is to provide a common framework for developing applications using object-oriented programming techniques. For example; OMG is known principally for promulgating the C






2. A card reader that reads cards with a magnetizable surface on which data can be stored and retrieved






3. The act of transferring computerized information from one computer to another computer






4. This approach allows IS auditors to monitor system reliability on a continuous basis and to gather selective audit evidence through the computer.






5. The level of trust with which a system object is imbued






6. Way of thinking; behaving; feeling; etc.






7. The probability that the IS auditor has reached an incorrect conclusion because an audit sample; rather than the whole population; was tested. While sampling risk can be reduced to an acceptably low level by using an appropriate sample size and selec






8. Software used to administer logical security. It usually includes authentication of users; access granting according to predefined rules; monitoring and reporting functions.






9. Used to electronically scan and input written information from a source document






10. The physical layout of how computers are linked together. Examples include ring; star and bus.






11. Expert systems are the most prevalent type of computer systems that arise from the research of artificial intelligence. An expert system has a built in hierarchy of rules; which are acquired from human experts in the appropriate field. Once input is






12. A process involving the extraction of components from existing systems and restructuring these components to develop new systems or to enhance the efficiency of existing systems. Existing software systems thus can be modernized to prolong their funct






13. An audit designed to evaluate the various internal controls; economy and efficiency of a function or department






14. Refers to the security of the infrastructure that supports the ERP networking and telecommunications; operating systems and databases.






15. A communications channel over which data can be sent and received simultaneously






16. A group of items that is waiting to be serviced or processed






17. The risk that activities will include deliberate circumvention of controls with the intent to conceal the perpetuation of irregularities. The unauthorized use of assets or services and abetting or helping to conceal.






18. In an asymmetric cryptographic scheme; the key that may be widely published to enable the operation of the scheme






19. ATM is a high-bandwidth low-delay switching and multiplexing technology. It is a data link layer protocol. This means that it is a protocol-independent transport mechanism. ATM allows integration of real-time voice and video as well as data. ATM allo






20. A fail-over process; in which all nodes run the same resource group (there can be no IP or MAC addresses in a concurrent resource group) and access the external storage concurrently






21. The process of determining what types of activities are permitted. Ordinarily; authorisation is in the context of authentication: once you have authenticated a user; he/she may be authorised to perform different types of access or activity






22. The application of audit procedures to less than 100 percent of the items within a population to obtain audit evidence about a particular characteristic of the population






23. Expert or decision support systems that can be used to assist IS auditors in the decision-making process by automating the knowledge of experts in the field. This technique includes automated risk analysis; systems software and control objectives sof






24. A set of protocols developed by the IETF to support the secure exchange of packets






25. The relationships among files in a database and among data items within each file






26. The rules by which a network operates and controls the flow and priority of transmissions






27. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur






28. Program flowcharts show the sequence of instructions in a single program or subroutine. The symbols used should be the internationally accepted standard. Program flowcharts should be updated when necessary.






29. An implementation of DNS intended to secure responses provided by the server such that different responses are given to internal vs. external users






30. The assurance that a party cannot later deny originating data; that it is the provision of proof of the integrity and origin of the data which can be verified by a third party. Nonrepudiation may be provided by a digital signature.






31. Any sample that is selected subjectively or in such a manner that the sample selection process is not random or the sampling results are not evaluated mathematically






32. A fail-over process in which there are two nodes (as in idle standby but without priority). The node that enters the cluster first owns the resource group; and the second will join as a standby node.






33. A networking device that can send (route) data packets from one local area network (LAN) or wide area network (WAN) to another; based on addressing at the network layer (Layer 3) in the OSI model. Networks connected by routers can use different or si






34. An electronic form functionally equivalent to cash in order to make and receive payments in cyberbanking






35. The transmission of more than one signal across a physical channel






36. A display terminal without processing capability. Dumb terminals are dependent upon the main computer for processing. All entered data are accepted without further editing or validation.






37. The exchange of money via telecommunications. EFT refers to any financial transaction that originates at a terminal and transfers a sum of money from one account to another.






38. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th






39. Computer programs provided by a computer hardware manufacturer or software vendor and used in running the system. This technique can be used to examine processing activities; to test programs; system activities and operational procedures; to evaluate






40. A testing technique that is used to evaluate output from one application; while the information is sent as input to another application






41. Common path or channel between hardware devices. It can be between components internal to a computer or between external computers in a communications network.






42. An auditing concept regarding the importance of an item of information with regard to its impact or effect on the functioning of the entity being audited. An expression of the relative significance or importance of a particular matter in the context






43. Glass fibers that transmit binary signals over a telecommunications network. Fiber optic systems have low transmission losses as compared to twisted-pair cables. They do not radiate energy or conduct electricity. They are free from corruption and lig






44. Refers to the controls that support the process of transformation of the organisation's legacy information systems into the ERP applications. This would largely cover all aspects of systems implementation and configuration; such as change management






45. A type of local area network (LAN) architecture in which each station is directly attached to a common communication channel. Signals transmitted over the channel take the form of messages. As each message passes along the channel; each station recei






46. Small computers used to connect and coordinate communication links between distributed or remote devices and the main computer; thus freeing the main computer from this overhead function






47. A telecommunications carrier's facilities in a local area in which service is provided where local service is switched to long distance






48. A testing approach that uses knowledge of a program/module's underlying implementation and code intervals to verify its expected behavior.






49. An organized assembly of resources and procedures required to collect; process and distribute data for use in decision making






50. Source lines of code are often used in deriving single-point software-size estimations.