Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A deficiency in the design or operation of a control procedure. Control weaknesses can potentially result in risks relevant to the area of activity not being reduced to an acceptable level (relevant risks are those that threaten achievement of the ob






2. An ASP that also provides outsourcing of business processes such as payment processing; sales order processing and application development






3. The accuracy and completeness of information as well as to its validity in accordance with business values and expectations






4. These controls exist to detect and report when errors; omissions and unauthorized uses or entries occur.






5. An evaluation of any part of an implementation project (e.g.; project management; test plans; user acceptance testing procedures)






6. A collection of related information treated as a unit. Separate fields within the record are used for processing of the information.






7. Specialized security checker that tests user's passwords; searching for passwords that are easy to guess by repeatedly trying words from specially crafted dictionaries. Failing that; many password crackers can brute force all possible combinations in






8. The process of transmitting messages in convenient pieces that can be reassembled at the destination






9. Those policies and procedures implemented to achieve a related control objective






10. A language used to control run routines in connection with performing tasks on a computer






11. Used to ensure that input data agree with predetermined criteria stored in a table






12. First; it denotes the planning and management of resources in an enterprise. Second; it denotes a software system that can be used to manage whole business processes; integrating purchasing; inventory; personnel; customer service; shipping; financial






13. A high level description of the audit work to be performed in a certain period of time (ordinarily a year). It includes the areas to be audited; the type of work planned; the high level objectives and scope of the work; and topics such as budget; res






14. A testing technique that is used to test program logic within a particular program or module. The purpose of the test is to ensure that the program meets system development guidelines and does not abnormally end during processing.






15. An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing






16. A sampling technique that estimates the amount of overstatement in an account balance






17. Files; equipment; data and procedures available for use in the event of a failure or loss; if the originals are destroyed or out of service






18. The potential loss to an area due to the occurrence of an adverse event






19. An IS backup facility that has the necessary electrical and physical components of a computer facility; but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user






20. Analysis that is performed on a continuous basis; with results gained in time to alter the run-time system






21. A standardized body of data created for testing purposes. Users normally establish the data. Base case validates production application systems and tests the ongoing accurate operation of the system.






22. A piece of information; in a digitized form; used by an encryption algorithm to convert the plaintext to the ciphertext






23. In vulnerability analysis; gaining information by performing checks that affects the normal operation of the system; even crashing the system






24. An international consortium founded in 1994 of affiliates from public and private organizations involved with the Internet and the web. The W3C's primary mission is to promulgate open standards to further enhance the economic growth of Internet web s






25. The practice of eavesdropping on information being transmitted over telecommunications links






26. Program flowcharts show the sequence of instructions in a single program or subroutine. The symbols used should be the internationally accepted standard. Program flowcharts should be updated when necessary.






27. Control Objectives for Information and related Technology; the international set of IT control objectives published by ISACF;® 2000; 1998; 1996






28. The Internet standards setting organization with affiliates internationally from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet.






29. Used in data encryption; it uses an encryption key; as a public key; to encrypt the plaintext to the ciphertext. It uses the different decryption key; as a secret key; to decrypt the ciphertext to the corresponding plaintext. In contrast to a private






30. An organized assembly of resources and procedures required to collect; process and distribute data for use in decision making






31. A utility program that combines several separately compiled modules into one; resolving internal references between them






32. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems






33. The process of distributing computer processing to different locations within an organization






34. A networking device that can send (route) data packets from one local area network (LAN) or wide area network (WAN) to another; based on addressing at the network layer (Layer 3) in the OSI model. Networks connected by routers can use different or si






35. An entity that may be given responsibility for performing some of the administrative tasks necessary in the registration of subjects; such as confirming the subject's identity; validating that the subject is entitled to have the attributes requested






36. A router that is configured to control network access by comparing the attributes of the incoming or outgoing packets to a set of rules






37. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th






38. A methodology that enables organisations to develop strategically important systems faster; while reducing development costs and maintaining quality by using a series of proven application development techniques; within a well-defined methodology.






39. In intrusion detection; an error that occurs when an attack is misdiagnosed as a normal activity






40. An exchange rate; which can be used optionally to perform foreign currency conversion. The corporate exchange rate is generally a standard market rate determined by senior financial management for use throughout the organization.






41. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame






42. Point at which terminals are given access to a network






43. A flag set in a packet to indicate to the sender that the previous packet sent was accepted correctly by the receiver without errors; or that the receiver is now ready to accept a transmission






44. Inheritance refers to database structures that have a strict hierarchy (no multiple inheritance). Inheritance can initiate other objects irrespective of the class hierarchy; thus there is no strict hierarchy of objects.






45. A data transmission service requiring the establishment of a circuit-switched connection before data can be transferred from source data terminal equipment (DTE) to a sink DTE. A circuit-switched data transmission service uses a connection network.






46. The entire set of data from which a sample is selected and about which the IS auditor wishes to draw conclusions






47. Use of the Internet as a remote delivery channel for banking services. Services include the traditional ones; such as opening an account or transferring funds to different accounts; and new banking services; such as electronic bill presentment and pa






48. Members of the operations area that are responsible for the collection; logging and submission of input for the various user groups






49. Detects errors in the input portion of information that is sent to the computer for processing. The controls may be manual or automated and allow the user to edit data errors before processing.






50. Computer programs provided by a computer hardware manufacturer or software vendor and used in running the system. This technique can be used to examine processing activities; to test programs; system activities and operational procedures; to evaluate







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests