Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Verifies that the control number follows sequentially and any control numbers out of sequence are rejected or noted on an exception report for further research






2. Simulated transactions that can be used to test processing logic; computations and controls actually programmed in computer applications. Individual programs or an entire system can be tested. This technique includes Integrated Test Facilities (ITFs)






3. A program for the examination of data; using logical or conditional tests to determine or to identify similarities or differences






4. A form of modulation in which data signals are pulsed directly on the transmission medium without frequency division and usually utilize a transceiver. In baseband the entire bandwidth of the transmission medium (e.g.; coaxial cable) is utilized for






5. A display terminal without processing capability. Dumb terminals are dependent upon the main computer for processing. All entered data are accepted without further editing or validation.






6. Describes the design properties of a computer system that allow it to resist active attempts to attack or bypass it






7. The denial by one of the parties to a transaction or participation in all or part of that transaction or of the content of communications related to that transaction.






8. Impartial point of view which allows the IS auditor to act objectively and with fairness






9. Diagramming data that are to be exchanged electronically; including how it is to be used and what business management systems need it. It is a preliminary step for developing an applications link. (Also see application tracing and mapping.)






10. A set of metrics designed to measure the extent to which performance objectives are being achieved on an on-going basis. They can include service level agreements; critical success factors; customer satisfaction ratings; internal or external benchmar






11. The process of taking an unencrypted message (plaintext); applying a mathematical function to it (encryption algorithm with a key) and producing an encrypted message (ciphertext)






12. A private key cryptosystem published by the National Bureau of Standards (NBS); the predecessor of the US National Institute of Standards and Technology (NIST). DES has been used commonly for data encryption in the forms of software and hardware impl






13. It is composed of an insulated wire that runs through the middle of each cable; a second wire that surrounds the insulation of the inner wire like a sheath; and the outer insulation which wraps the second wire. Coaxial cable has a greater transmissio






14. A language used to control run routines in connection with performing tasks on a computer






15. To apply a variable; alternating current (AC) field for the purpose of demagnetizing magnetic recording media. The process involves increasing the AC field gradually from zero to some maximum value and back to zero; which leaves a very low residue of






16. The area of the central processing unit that performs mathematical and analytical operations






17. Editing ensures that data conform to predetermined criteria and enable early identification of potential errors.






18. A server that acts on behalf of a user. Typical proxies accept a connection from a user; make a decision as to whether or not the user or client IP address is permitted to use the proxy; perhaps perform additional authentication; and complete a conne






19. An entity (department; cost center; division or other group) responsible for entering and maintaining budget data.






20. Disconnecting from the computer






21. A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population






22. An evaluation of an application system under development which considers matters such as: appropriate controls are designed into the system; the application will process information in a complete; accurate and reliable manner; the application will fu






23. The primary language used by both application programmers and end users in accessing relational databases






24. An international standard that defines information confidentiality; integrity and availability controls






25. An exception report is generated by a program that identifies transactions or data that appear to be incorrect. These items may be outside a predetermined range or may not conform to specified criteria.






26. The information systems auditor (IS auditor) gathers information in the course of performing an IS audit. The information used by the IS auditor to meet audit objectives is referred to as audit evidence (evidence). Also used to describe the level of






27. Detects line errors by retransmitting data back to the sending device for comparison with the original transmission






28. An interactive system that provides the user with easy access to decision models and data; to support semistructured decision-making tasks






29. Software used to administer logical security. It usually includes authentication of users; access granting according to predefined rules; monitoring and reporting functions.






30. A phase of an SDLC methodology that researches the feasibility and adequacy of resources for the development or acquisition of a system solution to a user need






31. Files created specifically to record various actions occurring on the system to be monitored; such as failed login attempts; full disk drives and e-mail delivery failures






32. A device that forwards packets between LAN devices or segments. LANs that use switches are called switched LANs.






33. Information generated by an encryption algorithm to protect the plaintext. The ciphertext is unintelligible to the unauthorized reader.






34. Risks that could impact the organization's ability to perform business or provide a service. They can be financial; regulatory or control oriented.






35. An eight-bit code representing 256 characters; used in most large computer systems






36. In intrusion detection; an error that occurs when a normal activity is misdiagnosed as an attack






37. Compares data to predefined reasonability limits or occurrence rates established for the data.






38. Specifies the length of the file's record and the sequence and size of its fields. A file layout also will specify the type of data contained within each field. For example; alphanumeric; zoned decimal; packed and binary are types of data.






39. The ability to map a given activity or event back to the responsible party






40. One who obtains products or services from a bank to be used primarily for personal; family or household purposes.






41. Detects transmission errors by appending calculated bits onto the end of each segment of data






42. The procedures established to purchase application software; or an upgrade; including evaluation of the supplier's financial stability; track record; resources and references from existing customers






43. 1) The process of establishing and maintaining security in a computer or network system. The stages of this process include prevention of security problems; detection of intrusions; investigation of intrusions and resolution.2) In network management;






44. The transfer of service from an incapacitated primary component to its backup component






45. Techniques and procedures used to verify; validate and edit data; to ensure that only correct data are entered into the computer






46. Memory reserved to temporarily hold data. Buffers are used to offset differences between the operating speeds of different devices; such as a printer and a computer. In a program; buffers are reserved areas of RAM that hold data while they are being






47. These controls are designed to correct errors; omissions and unauthorized uses and intrusions; once they are detected.






48. A document which defines the IS audit function's responsibility; authority and accountability






49. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction






50. The ability to exercise judgement; express opinions and present recommendations with impartiality






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests