Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A device for sending and receiving computerized data over transmission lines






2. A technique used to recover the original plaintext from the ciphertext such that it is intelligible to the reader. The decryption is a reverse process of the encryption.






3. An input device that reads characters and images that are printed or painted on a paper form into the computer.






4. A data dictionary is a database that contains the name; type; range of values; source and authorization for access for each data element in a database. It also indicates which application programs use that data so that when a data structure is contem






5. The specific information subject to the IS auditor's report and related procedures which can include things such as the design or operation of internal controls and compliance with privacy practices or standards or specified laws and regulations.






6. The traditional Internet service protocol widely used for many years on UNIX-based operating systems and supported by the Internet Engineering Task Force (IETF) that allows a program on one computer to execute a program on another (e.g.; server). The






7. The susceptibility of an audit area to error which could be material; individually or in combination with other errors; assuming that there are no related internal controls






8. The information an auditor gathers in the course of performing an IS audit. Evidence is relevant if it pertains to the audit objectives and has a logical relationship to the findings and conclusions it is used to support.






9. A protocol used to transmit data securely between two end points to create a VPN






10. The risk that the IS auditor's substantive procedures will not detect an error which could be material; individually or in combination with other errors






11. These are the requirements for establishing a database application. They include field definitions; field requirements and reporting requirements for the individual information in the database.






12. The router at the extreme edge of the network under control; usually connected to an ISP or other service provider; also known as border router






13. A phase of an SDLC methodology where the affected user groups define the requirements of the system for meeting the defined needs






14. A discussion document which sets out an ''Enterprise Governance Model'' focusing strongly on both the enterprise business goals and the information technology enablers which facilitate good enterprise governance; published by the Information Systems






15. The process of converting an analog telecommunications signal into a digital computer signal






16. A mathematical expression used to calculate budget amounts based on actual results; other budget amounts and statistics. With budget formulas; budgets using complex equations; calculations and allocations can be automatically created.






17. Parallel simulation involves the IS auditor writing a program to replicate those application processes that are critical to an audit opinion and using this program to reprocess application system data. The results produced are compared with the resul






18. Provides short-term backup power from batteries for a computer system when the electrical power fails or drops to an unacceptable voltage level






19. The area of the system that the intrusion detection system is meant to monitor and protect






20. A telecommunications carrier's facilities in a local area in which service is provided where local service is switched to long distance






21. Refer to the transactions and data relating to each computer-based application system and are therefore specific to each such application. The objectives of application controls; which may be manual; or programmed; are to ensure the completeness and






22. Emergency processing agreements between two or more organizations with similar equipment or applications. Typically; participants promise to provide processing time to each other when an emergency arises.






23. A computer program or set of programs that perform the processing of records for a specific function






24. Memory reserved to temporarily hold data. Buffers are used to offset differences between the operating speeds of different devices; such as a printer and a computer. In a program; buffers are reserved areas of RAM that hold data while they are being






25. A financial system that establishes the means for transferring money between suppliers and users of funds; ordinarily by exchanging debits or credits between banks or financial institutions.






26. A group of items that is waiting to be serviced or processed






27. Devices that perform the functions of both bridges and routers; are called brouters. Naturally; they operate at both the data link and the network layers. A brouter connects same data link type LAN segments as well as different data link ones; which






28. A high level description of the audit work to be performed in a certain period of time (ordinarily a year). It includes the areas to be audited; the type of work planned; the high level objectives and scope of the work; and topics such as budget; res






29. A level of comfort short of a guarantee but considered adequate given the costs of the control and the likely benefits achieved






30. Any information collection mechanism utilized by an intrusion detection system






31. A manual or automated log of all updates to data files and databases






32. The objectives of management that are used as the framework for developing and implementing controls (control procedures).






33. A data transmission service requiring the establishment of a circuit-switched connection before data can be transferred from source data terminal equipment (DTE) to a sink DTE. A circuit-switched data transmission service uses a connection network.






34. A deficiency in the design or operation of a control procedure. Control weaknesses can potentially result in risks relevant to the area of activity not being reduced to an acceptable level (relevant risks are those that threaten achievement of the ob






35. Refers to a sprinkler system that does not have water in the pipes during idle usage; unlike a fully charged fire extinguisher system that has water in the pipes at all times. The dry-pipe system is activated at the time of the fire alarm; and water






36. 1) The set of management statements that documents an organization's philosophy of protecting its computing and information assets 2) The set of security rules enforced by the system's security features






37. A third party that provides organizations with a variety of Internet; and Internet-related services






38. The forms used to record data that have been captured. A source document may be a piece of paper; a turnaround document or an image displayed for online data input.






39. First; it denotes the planning and management of resources in an enterprise. Second; it denotes a software system that can be used to manage whole business processes; integrating purchasing; inventory; personnel; customer service; shipping; financial






40. A document which defines the IS audit function's responsibility; authority and accountability






41. Analysis that is performed in real time or in continuous form






42. A process to authenticate (or certify) a party's digital signature; carried out by trusted third parties.






43. The portion of a security policy that states the general process that will be performed to accomplish a security goal






44. Universal Description; Discovery and Integration






45. Expert systems are the most prevalent type of computer systems that arise from the research of artificial intelligence. An expert system has a built in hierarchy of rules; which are acquired from human experts in the appropriate field. Once input is






46. A certificate issued by one certification authority to a second certification authority so that users of the first certification authority are able to obtain the public key of the second certification authority and verify the certificates it has crea






47. Programmed checking of data validity in accordance with predetermined criteria






48. An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rate






49. Measure of interconnectivity among software program modules' structure. Coupling depends on the interface complexity between modules. This can be defined as the point at which entry or reference is made to a module; and what data passes across the in






50. Tests of detailed activities and transactions; or analytical review tests; designed to obtain audit evidence on the completeness; accuracy or existence of those activities or transactions during the audit period







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests