Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A testing technique used to retest earlier program abends or logical errors that occurred during the initial testing phase






2. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems






3. An Internet standard that allows a network to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. The server; providing the NAT service; changes the source address of outgoing packets from the internal






4. The area of the central processing unit (CPU) that executes software; allocates internal memory and transfers operations between the arithmetic-logic; internal storage and output sections of the computer






5. Used to electronically scan and input written information from a source document






6. The roles; scope and objectives documented in the service level agreement between management and audit






7. The transfer of data between separate computer processing sites/devices using telephone lines; microwave and/or satellite links






8. Glass fibers that transmit binary signals over a telecommunications network. Fiber optic systems have low transmission losses as compared to twisted-pair cables. They do not radiate energy or conduct electricity. They are free from corruption and lig






9. A security technique that verifies an individual's identity by analyzing a unique physical attribute; such as a handprint






10. An organized assembly of resources and procedures required to collect; process and distribute data for use in decision making






11. An audit designed to determine the accuracy of financial records; as well as evaluate the internal controls of a function or department






12. An extension to PPP to facilitate the creation of VPNs. L2TP merges the best features of PPTP (from Microsoft) and L2F (from Cisco).






13. A program that processes actions upon business data; such as data entry; update or query. It contrasts with systems program; such as an operating system or network control program; and with utility programs; such as copy or sort.






14. Software used to administer logical security. It usually includes authentication of users; access granting according to predefined rules; monitoring and reporting functions.






15. A protocol used for transmitting data between two ends of a connection






16. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction






17. A protocol for packet-switching networks






18. Refers to a sprinkler system that does not have water in the pipes during idle usage; unlike a fully charged fire extinguisher system that has water in the pipes at all times. The dry-pipe system is activated at the time of the fire alarm; and water






19. A fail-over process; in which all nodes run the same resource group (there can be no IP or MAC addresses in a concurrent resource group) and access the external storage concurrently






20. Those controls that seek to maintain confidentiality; integrity and availability of information






21. A project management technique used in the planning and control of system projects






22. A sampling technique that estimates the amount of overstatement in an account balance






23. An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals






24. A piece of information; a digitized form of signature; that provides sender authenticity; message integrity and nonrepudiation. A digital signature is generated using the sender's private key or applying a one-way hash function.






25. Connects a terminal or computer to a communications network via a telephone line. Modems turn digital pulses from the computer into frequencies within the audio range of the telephone system. When acting in the receiver capacity; a modem decodes inco






26. A language; which enables electronic documents that present information that can be connected together by links instead of being presented sequentially; as is the case with normal text.






27. Modern expression for organizational development stemming from IS/IT impacts. The ultimate goal of BPR is to yield a better performing structure; more responsive to the customer base and market conditions; while yielding material cost savings. To ree






28. The transfer of service from an incapacitated primary component to its backup component






29. A device for sending and receiving computerized data over transmission lines






30. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame






31. To record details of information or events in an organized record-keeping system; usually sequenced in the order they occurred






32. The ability to exercise judgement; express opinions and present recommendations with impartiality






33. A private network that uses the infrastructure and standards of the Internet and World Wide Web; but is isolated from the public Internet by firewall barriers.






34. Machine-readable instructions produced from a compiler or assembler program that has accepted and translated the source code






35. Records of system events generated by a specialized operating system mechanism






36. The number of distinct locations that may be referred to with the machine address. For most binary machines; it is equal to 2n; where n is the number of bits in the machine address.






37. The process of monitoring the events occurring in a computer system or network; detecting signs of security problems






38. Use of the Internet as a remote delivery channel for banking services. Services include the traditional ones; such as opening an account or transferring funds to different accounts; and new banking services; such as electronic bill presentment and pa






39. Cooperating packages of executable software that make their services available through defined interfaces. Components used in developing systems may be commercial off-the-shelf software (COTS) or may be purposely built. However; the goal of component






40. A deficiency in the design or operation of a control procedure. Control weaknesses can potentially result in risks relevant to the area of activity not being reduced to an acceptable level (relevant risks are those that threaten achievement of the ob






41. A certificate identifying a public key to its subscriber; corresponding to a private key held by that subscriber. It is a unique code that typically is used to allow the authenticity and integrity of communicated data to be verified.






42. Wiring devices that may be inserted into communication links for use with analysis probes; LAN analyzers and intrusion detection security systems






43. The interface between the user and the system






44. A technique used to recover the original plaintext from the ciphertext such that it is intelligible to the reader. The decryption is a reverse process of the encryption.






45. An individual using a terminal; PC or an application can access a network to send an unstructured message to another individual or group of people.






46. In broadband; multiple channels are formed by dividing the transmission medium into discrete frequency segments. It generally requires the use of a modem.






47. An auditing concept regarding the importance of an item of information with regard to its impact or effect on the functioning of the entity being audited. An expression of the relative significance or importance of a particular matter in the context






48. A document distributed to software vendors requesting them to submit a proposal to develop or provide a software product






49. The physical layout of how computers are linked together. Examples include ring; star and bus.






50. A phase of an SDLC methodology where the affected user groups define the requirements of the system for meeting the defined needs