SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The level to which transactions can be traced and audited through a system
Interface testing
COBIT
Datagram
Auditability
2. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur
Benchmark
Diskless workstations
Degauss
X.25
3. In intrusion detection; an error that occurs when an attack is misdiagnosed as a normal activity
Exposure
Smart card
False negative
Output analyzer
4. An eight-bit code representing 256 characters; used in most large computer systems
Extended Binary-coded Decimal Interchange Code (EBCDIC)
Protocol
Foreign exchange risk
Magnetic ink character recognition (MICR)
5. Availability relates to information being available when required by the business process now and in the future. It also concerns the safeguarding of necessary resources and associated capabilities.
Asynchronous Transfer Mode (ATM)
Warm-site
DDoS (distributed denial-of-service) attack
Availability
6. The rules outlining the way in which information is captured and interpreted
Electronic data interchange (EDI)
Central office (CO)
Job control language (JCL)
Monitoring policy
7. This approach allows IS auditors to monitor system reliability on a continuous basis and to gather selective audit evidence through the computer.
Symmetric key encryption
Frame relay
Continuous auditing approach
Assembly language
8. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.
Corporate governance
Software
Test data
Corrective controls
9. 1) The process of establishing and maintaining security in a computer or network system. The stages of this process include prevention of security problems; detection of intrusions; investigation of intrusions and resolution.2) In network management;
Standing data
Security management
Data leakage
Synchronous transmission
10. In vulnerability analysis; passive monitoring approaches in which passwords or other access credentials are required. This sort of check usually involves accessing a system data object.
Substantive testing
Credentialed analysis
Check digit
Procedure
11. 1)A computer dedicated to servicing requests for resources from other computers on a network. Servers typically run network operating systems. 2)A computer that provides services to another computer (the client).
Computer server
Bus topology
Corrective controls
Downloading
12. Diligence which a person; who possesses a special skill; would exercise under a given set of circumstances
Teleprocessing
Cleartext
Web Services Description Language (WSDL)
Due professional care
13. A protocol originally developed by Netscape Communications to provide a high level of security for its browser software. It has become accepted widely as a means of securing Internet message exchanges. It ensures confidentiality of the data in transm
Private key
Audit accountability
Scure socket layer (SSL)
Black box testing
14. A terminal with built-in processing capability. It has no disk or tape storage but has memory. The terminal interacts with the user by editing and validating data as they are entered prior to final processing.
Assembler
Intelligent terminal
Check digit
Software
15. A private network that uses the infrastructure and standards of the Internet and World Wide Web; but is isolated from the public Internet by firewall barriers.
Intranet
Promiscuous mode
Circuit-switched network
Irregularities
16. Refers to the controls that support the process of transformation of the organisation's legacy information systems into the ERP applications. This would largely cover all aspects of systems implementation and configuration; such as change management
Cleartext
Repudiation
Offsite storage
implementation life cycle review
17. A type of LAN architecture in which the cable forms a loop; with stations attached at intervals around the loop. Signals transmitted around the ring take the form of messages. Each station receives the messages and each station determines; on the bas
Ring topology
Trust
LDAP (Lightweight Directory Access Protocol)
Attitude
18. A server that acts on behalf of a user. Typical proxies accept a connection from a user; make a decision as to whether or not the user or client IP address is permitted to use the proxy; perhaps perform additional authentication; and complete a conne
PPP (point-to-point protocol)
Proxy server
e-commerce
Windows NT
19. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).
Payment system
Plaintext
Logon
Baud rate
20. An evaluation of an application system being acquired or evaluated; which considers such matters as: appropriate controls are designed into the system; the application will process information in a complete; accurate and reliable manner; the applicat
Fscal year
Harden
Decryption
Application acquisition review
21. Systems for which detailed specifications of their components composition are published in a nonproprietary environment; thereby enabling competing organizations to use these standard components to build competitive systems. The advantages of using o
Filtering router
Vulnerabilities
False negative
Open systems
22. Requiring a great deal of computing power; processor intensive
Appearance
COBIT
Console log
Computationally greedy
23. Information generated by an encryption algorithm to protect the plaintext. The ciphertext is unintelligible to the unauthorized reader.
Ciphertext
Centralized data processing
Hash total
Regression testing
24. The accuracy and completeness of information as well as to its validity in accordance with business values and expectations
World Wide Web Consortium (W3C)
Active response
Components (as in component-based development)
Integrity
25. The level of trust with which a system object is imbued
Magnetic card reader
RSA
Privilege
Data communications
26. Error control deviations (compliance testing) or misstatements (substantive testing)
virtual organizations
Error
price risk
Misuse detection
27. An approach used to plan; design; develop; test and implement an application system or a major modification to an application system. Typical phases include the feasibility study; requirements study; requirements definition; detailed design; programm
Systems development life cycle (SDLC)
Public key infrastructure
Check digit verification (self-checking digit)
Internal control
28. An approach to system development where the basic unit of attention is an object; which represents an encapsulation of both data (an object's attributes) and functionality (an object's methods). Objects usually are created using a general template ca
Object orientation
Scure socket layer (SSL)
Due care
e-commerce
29. A denial-of-service (DoS) assault from multiple sources; see DoS
DDoS (distributed denial-of-service) attack
Recovery time objective (RTO)
Standing data
Waterfall development
30. A method used in the information processing facility (IPF) to determine and establish the sequence of computer job processing
Scheduling
Electronic signature
Challenge/response token
Audit plan
31. A pair of small; insulated wires that are twisted around each other to minimize interference from other wires in the cable. This is a low-capacity transmission medium.
Batch control
Twisted pairs
Decentralization
Nonrepudiable trnasactions
32. Any technique designed to provide the electronic equivalent of a handwritten signature to demonstrate the origin and integrity of specific data. Digital signatures are an example of electronic signatures.
Electronic signature
Credentialed analysis
Utility software
BSP (business service provider)
33. Processes certified as supporting a security goal
Base case
Trusted processes
Business-to-consumer e-commerce (B2C)
Computer-assisted audit technique (CAATs)
34. Any automated audit technique; such as generalized audit software; test data generators; computerized audit programs and specialized audit utilities
Blackbox testing
Computer-assisted audit technique (CAATs)
Technical infrastructure security
Coverage
35. Self-governance and freedom from conflict of interest and undue influence. The IS auditor should be free to make his/her own decisions; not influenced by the organization being audited and its people (managers and employers).
e-commerce
Database replication
Independence
Twisted pairs
36. Verifies that the control number follows sequentially and any control numbers out of sequence are rejected or noted on an exception report for further research (can be alpha or numeric and usually utilizes a key field)
Check digit
Sequence check
Asymmetric key (public key)
Embedded audit module
37. The logical language a computer understands
Hexadecimal
Nonrepudiation
ASP/MSP (application or managed service provider)
Machine language
38. Testing an application with large quantities of data to evaluate its performance during peak periods. It also is called volume testing.
Operational control
Certificate Revocation List
Operating system
Capacity stress testing
39. An evaluation of an application system under development which considers matters such as: appropriate controls are designed into the system; the application will process information in a complete; accurate and reliable manner; the application will fu
Application development review
Request for proposal (RFP)
Database management system (DBMS)
Permanent virtual circuit (PVC)
40. Formal document which defines the IS auditor's responsibility; authority and accountability for a specific assignment
Trap door
Engagement letter
PPP (point-to-point protocol)
Journal entry
41. The ability to map a given activity or event back to the responsible party
Misuse detection
Accountability
Offsite storage
Asynchronous Transfer Mode (ATM)
42. Test data are processed in production systems. The data usually represent a set of fictitious entities such as departments; customers and products. Output reports are verified to confirm the correctness of the processing.
Integrated test facilities (ITF)
Privilege
Indexed sequential access method (ISAM)
Journal entry
43. Filters out electrical surges and spikes
Standing data
Vulnerability analysis
Surge suppressor
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
44. A platform-independent XML-based formatted protocol enabling applications to communicate with each other over the Internet. Use of this protocol may provide a significant security risk to web application operations; since use of SOAP piggybacks onto
Fault tolerance
Simple Object Access Protocol (SOAP)
Log
Bandwidth
45. The transmission of job control language (JCL) and batches of transactions from a remote terminal location
PPP (point-to-point protocol)
Remote job entry (RJE)
End-user computing
Data-oriented systems development
46. Cooperating packages of executable software that make their services available through defined interfaces. Components used in developing systems may be commercial off-the-shelf software (COTS) or may be purposely built. However; the goal of component
browser
Split data systems
Application implementation review
Components (as in component-based development)
47. A type of service providing an authentication and accounting system often used for dial-up and remote access security
Materiality
RADIUS (remote authentication dial-in user service)
Compliance testing
Nonrepudiable trnasactions
48. Analysis of the security state of a system or its compromise on the basis of information collected at intervals
Broadband
Vulnerability analysis
Filtering router
Source documents
49. A program that processes actions upon business data; such as data entry; update or query. It contrasts with systems program; such as an operating system or network control program; and with utility programs; such as copy or sort.
Application program
Independence
Objectivity
Dial-in access controls
50. The logical route an end user takes to access computerized information. Typically; it includes a route through the operating system; telecommunications software; selected application software and the access control system.
Access path
Validity check
Corrective controls
Foreign exchange risk
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests