SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An international standard that defines information confidentiality; integrity and availability controls
Network administrator
Data Encryption Standard (DES)
ISO17799
Risk
2. A protected; generally computer-encrypted string of characters that authenticate a computer user to the computer system
Online data processing
Password
Continuous auditing approach
Normalization
3. To the basic border firewall; add a host that resides on an untrusted network where the firewall cannot protect it. That host is minimally configured and carefully managed to be as secure as possible. The firewall is configured to require incoming an
Baseband
Untrustworthy host
Detective controls
Concurrent access
4. The process of determining what types of activities are permitted. Ordinarily; authorisation is in the context of authentication: once you have authenticated a user; he/she may be authorised to perform different types of access or activity
Asynchronous transmission
Authorization
Corrective controls
Application layer
5. Memory reserved to temporarily hold data. Buffers are used to offset differences between the operating speeds of different devices; such as a printer and a computer. In a program; buffers are reserved areas of RAM that hold data while they are being
Buffer
World Wide Web Consortium (W3C)
Whitebox testing
Node
6. Information generated by an encryption algorithm to protect the plaintext. The ciphertext is unintelligible to the unauthorized reader.
Cadbury
Ciphertext
Intrusive monitoring
Audit sampling
7. Emergency processing agreements between two or more organizations with similar equipment or applications. Typically; participants promise to provide processing time to each other when an emergency arises.
Risk assessment
Reciprocal agreement
Port
Cathode ray tube (CRT)
8. A data recovery strategy that takes a set of physically disparate disks and synchronously mirrors them over high performance communication lines. Any write to a disk on one side will result in a write on the other. The local write will not return unt
Tcpdump
Geographic disk mirroring
Access control table
Half duplex
9. The entire set of data from which a sample is selected and about which the IS auditor wishes to draw conclusions
Population
Extended Binary-coded Decimal Interchange Code (EBCDIC)
Port
Firmware
10. Range checks ensure that data fall within a predetermined range (also see limit checks).
Unit testing
Range check
Magnetic card reader
Private key cryptosystems
11. The boundary that defines the area of security concern and security policy coverage
Rootkit
Security perimeter
Filtering router
Performance testing
12. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame
Control risk
Trojan horse
Distributed data processing network
Frame relay
13. A condition in which each of an organization's regional locations maintains its own financial and operational data while sharing processing with an organizationwide; centralized database. This permits easy sharing of data while maintaining a certain
Split data systems
Professional competence
Recovery testing
Privilege
14. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).
Fourth generation language (4GL)
Application programming
Baud rate
Prototyping
15. A testing technique that is used to test program logic within a particular program or module. The purpose of the test is to ensure that the program meets system development guidelines and does not abnormally end during processing.
File
Statistical sampling
Unit testing
Due care
16. A trusted third party that serves authentication infrastructures or organizations and registers entities and issues them certificates
Certificate authority (CA)
Reciprocal agreement
Information processing facility (IPF)
Monitoring policy
17. A standardized body of data created for testing purposes. Users normally establish the data. Base cases validate production application systems and test the ongoing accurate operation of the system.
Password
Simple fail-over
Dumb terminal
Base case
18. The process of electronically inputting source documents by taking an image of the document; thereby eliminating the need for key entry
Audit responsibility
Certificate authority (CA)
Full duplex
Image processing
19. An input device that reads characters and images that are printed or painted on a paper form into the computer.
X.500
Outsourcing
Executable code
Optical scanner
20. Authorized users of a computer system who overstep their legitimate access rights. This category is divided into masqueraders and clandestine users.
Universal Description; Discovery and Integration (UDDI)
Production programs
X.500
Internal penetrators
21. A system software tool that logs; monitors and directs computer tape usage
Due care
Business risk
PPTP (point-to-point tunneling protocol)
Tape management system (TMS)
22. The use of software packages that aid in the development of all phases of an information system. System analysis; design programming and documentation are provided. Changes introduced in one CASE chart will update all other related charts automatical
Output analyzer
Computer-aided software engineering (CASE)
Due care
Latency
23. A computerized technique of blocking out the display of sensitive information; such as passwords; on a computer terminal or report
Masking
Output analyzer
Attitude
Idle standby
24. The person responsible for implementing; monitoring and enforcing security rules established and authorized by management
Network hop
Independent attitude
Security administrator
Value-added network (VAN)
25. To configure a computer or other network device to resist attacks
Man-in-the-middle attack
Encapsulation (objects)
System narratives
Harden
26. Is an electronic pathway that may be displayed in the form of highlighted text; graphics or a button that connects one web page with another web page address.
Hyperlink
Comparison program
Protocol stack
E-mail/interpersonal messaging
27. Special system software features and utilities that allow the user to perform complex system maintenance. Use of these exits often permits the user to operate outside of the security access control system.
False positive
System exit
Application maintenance review
Circuit-switched network
28. English-like; user friendly; nonprocedural computer languages used to program and/or read and process computer files
Fourth generation language (4GL)
Single point of failure
Reliable audit evidence
Business process reengineering (BPR)
29. Analysis of information that occurs on a noncontinuous basis; also known as interval-based analysis
World Wide Web Consortium (W3C)
Brouters
Monitor
Static analysis
30. Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes
Real-time processing
Object orientation
Data leakage
Threat
31. Consists of one or more web pages that may originate at one or more web server computers. A person can view the pages of a website in any order; as he or she would a magazine.
Web site
Bulk data transfer
Certificate Revocation List
Bandwidth
32. A special terminal used by computer operations personnel to control computer and systems operations functions. These terminals typically provide a high level of computer access and should be properly secured.
Hypertext
Numeric check
Operator console
Audit plan
33. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems
Data structure
False positive
Risk
Anonymity
34. A server that acts on behalf of a user. Typical proxies accept a connection from a user; make a decision as to whether or not the user or client IP address is permitted to use the proxy; perhaps perform additional authentication; and complete a conne
Proxy server
Indexed sequential file
Nonrepudiable trnasactions
Node
35. The purpose is to provide usable data rather than a function. The focus of the development is to provide ad hoc reporting for users by developing a suitable accessible database of information.
Voice mail
Data-oriented systems development
Tape management system (TMS)
Security management
36. The application of audit procedures to less than 100 percent of the items within a population to obtain audit evidence about a particular characteristic of the population
Fourth generation language (4GL)
ASCII (American Standard Code for Information Interchange)
Application development review
Audit sampling
37. A packet (encapsulated with a frame containing information); which is transmitted in a packet-switching network from source to destination
Shell
Buffer
Uploading
Datagram
38. A technique of reading a computer file while bypassing the internal file/data set label. This process could result in bypassing of the security access control system.
Reliable audit evidence
RS-232 interface
Bypass label processing (BLP)
Broadband
39. The assurance that a party cannot later deny originating data; that it is the provision of proof of the integrity and origin of the data which can be verified by a third party. Nonrepudiation may be provided by a digital signature.
Concurrent access
Port
Middleware
Nonrepudiation
40. An audit designed to determine the accuracy of financial records and information
Operating system audit trails
Computer-assisted audit technique (CAATs)
HTTPS (hyper text transfer protocol secure)
Financial audit
41. Data unit that is routed from source to destination in a packet-switched network. A packet contains both routing information and data. Transmission control protocol/Internet protocol (TCP/IP) is such a packet-switched network.
Shell
ICMP (internet control message protocol)
Packet
Performance testing
42. A set of metrics designed to measure the extent to which performance objectives are being achieved on an on-going basis. They can include service level agreements; critical success factors; customer satisfaction ratings; internal or external benchmar
Security policy
Concurrent access
Performance indicators
X.500
43. Unusual or statistically rare
Audit sampling
Ethernet
Anomaly
Console log
44. Controls over the acquisition; implementation; delivery and support of IS systems and services. They are made up of application controls plus those general controls not included in pervasive controls.
Detailed IS ontrols
Vaccine
Online data processing
Sequential file
45. Risks that could impact the organization's ability to perform business or provide a service. They can be financial; regulatory or control oriented.
Business risk
Card swipes
Point-of-sale systems (POS)
Application controls
46. An audit designed to determine the accuracy of financial records; as well as evaluate the internal controls of a function or department
Business risk
Optical character recognition
Centralized data processing
Comprehensive audit
47. The level of trust with which a system object is imbued
ISP (Internet service provider)
Spool (simultaneous peripheral operations online)
Privilege
Console log
48. An exchange rate; which can be used optionally to perform foreign currency conversion. The corporate exchange rate is generally a standard market rate determined by senior financial management for use throughout the organization.
Active response
Vulnerability analysis
Test generators
Corporate exchange rate
49. A point in a routine at which sufficient information can be stored to permit restarting the computation from that point. NOTE: seems to pertain to recover - shutting down database after all records have been committed for example
Record
Checkpoint restart procedures
Hacker
Security management
50. A private network that is configured within a public network. For years; common carriers have built VPNs that appear as private national or international networks to the customer; but physically share backbone trunks with other customers. VPNs enjoy
Web Services Description Language (WSDL)
Virtual private network (VPN)
Internet Engineering Task Force (IETF)
Repository
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests