SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An XML-formatted language used to describe a web service's capabilities as collections of communication endpoints capable of exchanging messages. WSDL is the language that UDDI uses. (Also see Universal Description; Discovery and Integration (UDDI))
Web Services Description Language (WSDL)
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Operational audit
Audit risk
2. In vulnerability analysis; gaining information by performing checks that affects the normal operation of the system; even crashing the system
Intrusive monitoring
Untrustworthy host
Electronic cash
IEEE (Institute of Electrical and Electronics Engineers)--Pronounced I-triple-E
3. A computer file storage format in which one record follows another. Records can be accessed sequentially only. It is required with magnetic tape.
Address space
Network
Arithmetic-logic unit (ALU)
Sequential file
4. A layer within the International Organization for Standardization (ISO)/Open Systems Interconnection (OSI) model. It is used in information transfers between users through application programs and other devices. In this layer various protocols are ne
Compliance testing
Exception reports
Application layer
Promiscuous mode
5. Any situation or event that has the potential to harm a system
Credit risk
Threat
Link editor (linkage editor)
Rootkit
6. Commonly it is the network segment between the Internet and a private network. It allows access to services from the Internet and the internal private network; while denying access from the Internet directly to the private network.
DMZ (demilitarized zone)
Warm-site
Certificate Revocation List
Single point of failure
7. Software that is being used and executed to support normal and authorized organizational operations. Such software is to be distinguished from test software; which is being developed or modified; but has not yet been authorized for use by management.
NAT (Network Address Translation)
Adjusting period
Production software
Console log
8. Unusual or statistically rare
Trusted systems
Audit program
Anomaly
Multiplexor
9. A measurement of the point prior to an outage to which data are to be restored
Audit authority
Recovery point objective (RPO)—
Controls (Control procedures)
PPP (point-to-point protocol)
10. The risk of errors occurring in the area being audited
Control weakness
Partitioned file
Database specifications
Error risk
11. The name given to a class of algorithms that repeatedly try all possible combinations until a solution is found
Object Management Group (OMG)
Brute force
Bar case
Electronic signature
12. Point at which terminals are given access to a network
Node
Independent appearance
Virus
Performance indicators
13. Analysis of the security state of a system or its compromise on the basis of information collected at intervals
Surge suppressor
Hyperlink
Vulnerability analysis
LDAP (Lightweight Directory Access Protocol)
14. Files maintained by a system; primarily a database management system; for the purposed of reapplying changes following an error or outage recovery
World Wide Web Consortium (W3C)
Image processing
Redo logs
Sniff
15. The computer room and support areas
Computer-assisted audit technique (CAATs)
Public key infrastructure
Active response
Information processing facility (IPF)
16. A series of tests designed to ensure that the modified program interacts correctly with other system components. These test procedures typically are performed by the system maintenance staff in their development library.
System testing
Trusted processes
Comprehensive audit
Cathode ray tube (CRT)
17. The number of distinct locations that may be referred to with the machine address. For most binary machines; it is equal to 2n; where n is the number of bits in the machine address.
Run-to-run totals
Address space
Quick ship
Manual journal entry
18. An empowering method/process by which management and staff of all levels collectively identify and evaluate IS related risks and controls under the guidance of a facilitator who could be an IS auditor. The IS auditor can utilise CRSA for gathering re
Control risk self-assessment
Central processing unit (CPU)
Transaction
Voice mail
19. The act of verifying the identity of a system entity (e.g.; a user; a system; a network node) and the entity's eligibility to access computerized information. Designed to protect against fraudulent logon activity. Authentication can also refer to the
Authentication
Geographic disk mirroring
Fraud risk
Baseband
20. The logical language a computer understands
Client-server
Honey pot
Machine language
Address space
21. A document which defines the IS audit function's responsibility; authority and accountability
COCO
Bulk data transfer
Production software
Audit charter
22. Another term for an application programmer interface (API). It refers to the interfaces that allow programmers to access lower- or higher-level services by providing an intermediary layer that includes function calls to the services.
False positive
Active recovery site (mirrored)
Finger
Middleware
23. A telecommunications carrier's facilities in a local area in which service is provided where local service is switched to long distance
Memory dump
Central office (CO)
Production programs
Audit risk
24. A row or record consisting of a set of attribute value pairs (column or field) in a relational data structure
Packet filtering
Integrity
Tuple
Hash function
25. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction
Surge suppressor
Initial program load (IPL)
Finger
Systems development life cycle (SDLC)
26. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display
Tcpdump
Performance testing
Population
Bus topology
27. A set of utilities that implement a particular network protocol. For instance; in Windows machines a TCP/IP stack consists of TCP/IP software; sockets software and hardware driver software.
Protocol stack
Man-in-the-middle attack
Intelligent terminal
Indexed sequential file
28. The act of connecting to the computer. It typically requires entry of a user ID and password into a computer terminal.
Node
Web Services Description Language (WSDL)
Logon
Handprint scanner
29. An individual or department responsible for the security and information classification of the shared data stored on a database system. This responsibility includes the design; definition and maintenance of the database.
Appearance of independence
Data diddling
Database administrator (DBA)
LDAP (Lightweight Directory Access Protocol)
30. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).
Protocol stack
business process integrity
Baud rate
UNIX
31. To the basic border firewall; add a host that resides on an untrusted network where the firewall cannot protect it. That host is minimally configured and carefully managed to be as secure as possible. The firewall is configured to require incoming an
IT governance
Client-server
Incremental testing
Untrustworthy host
32. The process of electronically inputting source documents by taking an image of the document; thereby eliminating the need for key entry
Image processing
Application controls
Pervasive IS controls
Packet
33. A fail-over process in which the primary node owns the resource group. The backup node runs a non-critical application (e.g.; a development or test environment) and takes over the critical resource group but not vice versa.
Simple fail-over
Benchmark
Web site
Combined Code on Corporate Governance
34. A device that connects two similar networks together
Bridge
Hot site
Hyperlink
Internet Inter-ORB Protocol (IIOP)
35. Detection on the basis of whether the system activity matched that defined as abnormal
Token ring topology
Anomaly detection
Integrity
Interface testing
36. A device that forms a barrier between a secure and an open environment. Usually; the open environment is considered hostile. The most notable hostile environment is the Internet. In other words; a firewall enforces a boundary between two or more netw
Information engineering
Firewall
Due care
Test generators
37. A method of selecting a portion of a population; by means of mathematical calculations and probabilities; for the purpose of making scientifically and mathematically sound inferences regarding the characteristics of the entire population
Third-party review
Statistical sampling
Function point analysis
LDAP (Lightweight Directory Access Protocol)
38. Any yearly accounting period without regard to its relationship to a calendar year.
Fscal year
Multiplexing
Surge suppressor
Permanent virtual circuit (PVC)
39. Asoftware testing technique whereby the internal workings of the item being tested are not known by the tester. For example - in a black box test on a software design the tester only knows the inputs and what the expected outcomes should be and not h
Blackbox testing
Dynamic analysis
HTTPS (hyper text transfer protocol secure)
Default password
40. A phone number that represents the area in which the communications provider or Internet service provider (ISP) provides service
Point-of-presence (POP)
Waterfall development
ASCII (American Standard Code for Information Interchange)
Password cracker
41. ATM is a high-bandwidth low-delay switching and multiplexing technology. It is a data link layer protocol. This means that it is a protocol-independent transport mechanism. ATM allows integration of real-time voice and video as well as data. ATM allo
Business impact analysis (BIA)
Internet packet (IP) spoofing
Asynchronous Transfer Mode (ATM)
Passive response
42. An algorithm that maps or translates one set of bits into another (generally smaller) so that a message yields the same result every time the algorithm is executed using the same message as input. It is computationally infeasible for a message to be
Corporate governance
Extended Binary-coded Decimal Interchange Code (EBCDIC)
Hash function
RADIUS
43. A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population
Plaintext
Fourth generation language (4GL)
Discovery sampling
Sequential file
44. A statement of the position within the organization; including lines of reporting and the rights of access
Repository
Router
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Audit authority
45. Programs that are tested and evaluated before approval into the production environment. Test programs; through a series of change control moves; migrate from the test environment to the production environment and become production programs.
Test programs
Masqueraders
Repository
Sniff
46. Consists of one or more web pages that may originate at one or more web server computers. A person can view the pages of a website in any order; as he or she would a magazine.
Corrective controls
Web site
Security policy
Subject matter (Area of activity)
47. Behavior adequate to meet the situations occurring during audit work (interviews; meetings; reporting; etc.). The IS auditor should be aware that appearance of independence depends upon the perceptions of others and can be influenced by improper acti
Appearance of independence
Redundancy check
Database
L2F (Layer 2 forwarding)
48. Audit evidence is sufficient if it is adequate; convincing and would lead another IS auditor to form the same conclusions.
Sufficient audit evidence
Table look-ups
Log
Interest rate risk
49. In broadband; multiple channels are formed by dividing the transmission medium into discrete frequency segments. It generally requires the use of a modem.
Broadband
Handprint scanner
Remote job entry (RJE)
Top-level management
50. An Internet standard that allows a network to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. The server; providing the NAT service; changes the source address of outgoing packets from the internal
Manual journal entry
Value-added network (VAN)
NAT (Network Address Translation)
Business impact analysis (BIA)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests