Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A response; in which the system (automatically or in concert with the user) blocks or otherwise affects the progress of a detected attack. The response takes one of three forms--amending the environment; collecting more information or striking back a






2. The ability of end users to design and implement their own information system utilizing computer software products






3. A sampling technique used to estimate the average or total value of a population based on a sample; a statistical model used to project a quantitative characteristic; such as a dollar amount






4. Is the risk to earnings or capital arising from violations of; or nonconformance with; laws; rules; regulations; prescribed practices or ethical standards. Banks are subject to various forms of legal risk. This can include the risk that assets will t






5. The primary language used by both application programmers and end users in accessing relational databases






6. An attack strategy in which the attacker intercepts the communications stream between two parts of the victim system and then replaces the traffic between the two components with the intruder's own; eventually assuming control of the communication






7. The computer's primary working memory. Each byte of memory can be accessed randomly regardless of adjacent bytes.






8. Specifies the length of the file's record and the sequence and size of its fields. A file layout also will specify the type of data contained within each field. For example; alphanumeric; zoned decimal; packed and binary are types of data.






9. A numbering system that uses a base of 16 and uses 16 digits: 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; A; B; C; D; E and F. Programmers use hexadecimal numbers as a convenient way of representing binary numbers.






10. A piece of information; a digitized form of signature; that provides sender authenticity; message integrity and nonrepudiation. A digital signature is generated using the sender's private key or applying a one-way hash function.






11. Special system software features and utilities that allow the user to perform complex system maintenance. Use of these exits often permits the user to operate outside of the security access control system.






12. A complex set of software programs that control the organization; storage and retrieval of data in a database. It also controls the security and integrity of the database.






13. An automated detail report of computer system activity






14. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v






15. An approach to system development where the basic unit of attention is an object; which represents an encapsulation of both data (an object's attributes) and functionality (an object's methods). Objects usually are created using a general template ca






16. The process of feeding test data into two systems; the modified system and an alternative system (possibly the original system) and comparing results






17. A cipher technique whereby different cryptographic keys are used to encrypt and decrypt a message (see public key cryptosystems)






18. A program that translates programming language (source code) into machine executable instructions (object code)






19. A discussion document which sets out an ''Enterprise Governance Model'' focusing strongly on both the enterprise business goals and the information technology enablers which facilitate good enterprise governance; published by the Information Systems






20. A document that confirms the client's and the IS auditor's acceptance of a review assignment






21. A group of budgets linked together at different levels such that the budgeting authority of a lower-level budget is controlled by an upper-level budget.






22. Any yearly accounting period without regard to its relationship to a calendar year.






23. Range checks ensure that data fall within a predetermined range (also see limit checks).






24. Diligence which a person; who possesses a special skill; would exercise under a given set of circumstances






25. The main memory of the computer's central processing unit






26. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).






27. A public key cryptosystem developed by R. Rivest; A. Shamir and L. Adleman. The RSA has two different keys; the public encryption key and the secret decryption key. The strength of the RSA depends on the difficulty of the prime number factorization.






28. A device that forwards packets between LAN devices or segments. LANs that use switches are called switched LANs.






29. Promulgated through the World Wide Web Consortium; XML is a web-based application development technique that allows designers to create their own customized tags; thus; enabling the definition; transmission; validation and interpretation of data betw






30. A trusted third party that serves authentication infrastructures or organizations and registers entities and issues them certificates






31. A destructive computer program that spreads from computer to computer using a range of methods; including infecting floppy disks and other programs. Viruses typically attach themselves to a program and modify it so that the virus code runs when the p






32. Memory reserved to temporarily hold data. Buffers are used to offset differences between the operating speeds of different devices; such as a printer and a computer. In a program; buffers are reserved areas of RAM that hold data while they are being






33. A debit or credit to a general ledger account. See also manual journal entry.






34. The Internet standards setting organization with affiliates internationally from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet.






35. A protocol originally developed by Netscape Communications to provide a high level of security for its browser software. It has become accepted widely as a means of securing Internet message exchanges. It ensures confidentiality of the data in transm






36. Unauthorized electronic exits; or doorways; out of an authorized computer program into a set of malicious instructions or programs






37. A proxy service that connects programs running on internal networks to services on exterior networks by creating two connections; one from the requesting client and another to the destination service






38. The process of actually entering transactions into computerized or manual files. Such transactions might immediately update the master files or may result in memo posting; in which the transactions are accumulated over a period of time; then applied






39. A sampling technique that estimates the amount of overstatement in an account balance






40. Software that is being used and executed to support normal and authorized organizational operations. Such software is to be distinguished from test software; which is being developed or modified; but has not yet been authorized for use by management.






41. Universal Description; Discovery and Integration






42. A popular network protocol and cabling scheme that uses a bus topology and CSMA/CD (carrier sense multiple access/collision detection) to prevent network failures or collisions when two devices try to access the network at the same time






43. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th






44. Controls over the business processes that are supported by the ERP






45. A method of user authentication. Challenge response authentication is carried out through use of the Challenge Handshake Authentication Protocol (CHAP). When a user tries to log into the server; the server sends the user a ''challenge;'' which is a r






46. Programs that provide assurance that the software being audited is the correct version of the software; by providing a meaningful listing of any discrepancies between the two versions of the program






47. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.






48. An evaluation of any part of a project to perform maintenance on an application system (e.g.; project management; test plans; user acceptance testing procedures)






49. A collection of computer programs used in the design; processing and control of all applications. The programs and processing routines that control the computer hardware; including the operating system and utility programs. Refers to the operating sy






50. 1) The set of management statements that documents an organization's philosophy of protecting its computing and information assets 2) The set of security rules enforced by the system's security features







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests