Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Individuals and departments responsible for the storage and safeguarding of computerized information. This typically is within the IS organization.






2. A program that translates programming language (source code) into machine executable instructions (object code)






3. An auditing concept regarding the importance of an item of information with regard to its impact or effect on the functioning of the entity being audited. An expression of the relative significance or importance of a particular matter in the context






4. Refers to the security aspects supported by the ERP; primarily with regard to the roles or responsibilities and audit trails within the applications






5. Programs that are tested and evaluated before approval into the production environment. Test programs; through a series of change control moves; migrate from the test environment to the production environment and become production programs.






6. A project management technique used in the planning and control of system projects






7. A high-capacity disk storage device or a computer that stores data centrally for network users and manages access to that data. File servers can be dedicated so that no process other than network management can be executed while the network is availa






8. The number of distinct locations that may be referred to with the machine address. For most binary machines; it is equal to 2n; where n is the number of bits in the machine address.






9. A flag set in the initial setup packets to indicate that the communicating parties are synchronizing the sequence numbers used for the data transmission






10. A programmed edit or routine that detects transposition and transcription errors by calculating and checking the check digit






11. Asoftware testing technique whereby the internal workings of the item being tested are not known by the tester. For example - in a black box test on a software design the tester only knows the inputs and what the expected outcomes should be and not h






12. Source lines of code are often used in deriving single-point software-size estimations.






13. A debit or credit to a general ledger account. See also manual journal entry.






14. Disturbances; such as static; in data transmissions that cause messages to be misinterpreted by the receiver






15. A system that authentically distributes users' public keys using certificates






16. The transmission of job control language (JCL) and batches of transactions from a remote terminal location






17. A report on Internal Control--An Integrated Framework sponsored by the Committee of Sponsoring Organizations of the Treadway Commission in 1992. It provides guidance and a comprehensive framework of internal control for all organizations.'






18. A terminal with built-in processing capability. It has no disk or tape storage but has memory. The terminal interacts with the user by editing and validating data as they are entered prior to final processing.






19. A third party that delivers and manages applications and computer services; including security services to multiple users via the Internet or a private network






20. 1) The process of establishing and maintaining security in a computer or network system. The stages of this process include prevention of security problems; detection of intrusions; investigation of intrusions and resolution.2) In network management;






21. An individual data element in a computer record. Examples include employee name; customer address; account number; product unit price and product quantity in stock.






22. Group of people responsible for a project; whose terms of reference may include the development; acquisition; implementation or maintenance of an application system. The team members may include line management; operational line staff; external contr






23. A methodology that enables organisations to develop strategically important systems faster; while reducing development costs and maintaining quality by using a series of proven application development techniques; within a well-defined methodology.






24. A biometric device that is used to authenticate a user through palm scans






25. Detection on the basis of whether the system activity matches that defined as bad






26. An attack strategy in which the attacker intercepts the communications stream between two parts of the victim system and then replaces the traffic between the two components with the intruder's own; eventually assuming control of the communication






27. A form of modulation in which data signals are pulsed directly on the transmission medium without frequency division and usually utilize a transceiver. In baseband the entire bandwidth of the transmission medium (e.g.; coaxial cable) is utilized for






28. Recovery strategy that involves two active sites; each capable of taking over the other's workload in the event of a disaster. Each site will have enough idle processing power to restore data from the other site and to accommodate the excess workload






29. The systems development phase in which systems specifications and conceptual designs are developed; based on end-user needs and requirements






30. The person responsible for maintaining a LAN and assisting end users






31. Modern expression for organizational development stemming from IS/IT impacts. The ultimate goal of BPR is to yield a better performing structure; more responsive to the customer base and market conditions; while yielding material cost savings. To ree






32. Organizations that have no official physical site presence and are made up of diverse geographically dispersed or mobile employees.






33. A group of items that is waiting to be serviced or processed






34. 1) Following an authorized person into a restricted access area; 2) electronically attaching to an authorized telecommunications link to intercept and possibly alter transmissions.






35. Software used to create data to be used in the testing of computer programs






36. Promulgated through the World Wide Web Consortium; XML is a web-based application development technique that allows designers to create their own customized tags; thus; enabling the definition; transmission; validation and interpretation of data betw






37. A series of tests designed to ensure that the modified program interacts correctly with other system components. These test procedures typically are performed by the system maintenance staff in their development library.






38. The person responsible for implementing; monitoring and enforcing security rules established and authorized by management






39. A computer network connecting different remote locations that may range from short distances; such as a floor or building; to extremely long transmissions that encompass a large region or several countries






40. Disconnecting from the computer






41. A fail-over process in which the primary node owns the resource group. The backup node runs idle; only supervising the primary node. In case of a primary node outage; the backup node takes over. The nodes are prioritized; which means the surviving no






42. The current and prospective effect on earnings or capital arising from adverse business decisions; improper implementation of decisions or lack of responsiveness to industry changes.






43. An IS backup facility that has the necessary electrical and physical components of a computer facility; but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user






44. Audit evidence is sufficient if it is adequate; convincing and would lead another IS auditor to form the same conclusions.






45. A system development technique that enables users and developers to reach agreement on system requirements. Prototyping uses programmed simulation techniques to represent a model of the final system to the user for advisement and critique. The emphas






46. The list of rules and/or guidance that is used to analyze event data






47. The physical layout of how computers are linked together. Examples include ring; star and bus.






48. The flow of data from the input (in Internet banking; ordinarily user input at his/her desktop) to output (in Internet banking; ordinarily data in a bank's central database). Data flow includes travelling through the communication lines; routers; swi






49. The actions/controls dealing with operational effectiveness; efficiency and adherence to regulations and management policies






50. A method used in the information processing facility (IPF) to determine and establish the sequence of computer job processing







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests