SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A popular local area network operating system developed by the Novell Corp.
Information engineering
SMTP (Simple Mail Transport Protocol)
Netware
Intrusion detection
2. A computer program that enables the user to retrieve information that has been made publicly available on the Internet; also; that permits multimedia (graphics) applications on the World Wide Web
Extended Binary-coded Decimal Interchange Code (EBCDIC)
Echo checks
browser
Ring topology
3. One who obtains products or services from a bank to be used primarily for personal; family or household purposes.
Capacity stress testing
Preventive controls
Consumer
False positive
4. A proxy service that connects programs running on internal networks to services on exterior networks by creating two connections; one from the requesting client and another to the destination service
Application proxy
Run-to-run totals
Reasonableness check
implementation life cycle review
5. A group of budgets linked together at different levels such that the budgeting authority of a lower-level budget is controlled by an upper-level budget.
Telnet
Privacy
Budget hierarchy
Checkpoint restart procedures
6. The method or communication mode of routing data over the communication network (also see half duplex and full duplex)
Untrustworthy host
Audit sampling
Duplex routing
Risk assessment
7. To record details of information or events in an organized record-keeping system; usually sequenced in the order they occurred
Log
Manual journal entry
Variable sampling
FTP (file transfer protocol)
8. The computer's primary working memory. Each byte of memory can be accessed randomly regardless of adjacent bytes.
Spoofing
Random access memory (RAM)
Partitioned file
Data leakage
9. Compares data to predefined reasonability limits or occurrence rates established for the data.
Microwave transmission
Reasonableness check
Adjusting period
Database administrator (DBA)
10. These controls are designed to correct errors; omissions and unauthorized uses and intrusions; once they are detected.
Dial-back
Corrective controls
Audit evidence
Antivirus software
11. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur
Benchmark
Gateway
Tcpdump
Residual risk
12. A multiuser; multitasking operating system that is used widely as the master control program in workstations and especially servers
Client-server
UNIX
Packet filtering
Corporate exchange rate
13. A piece of information; in a digitized form; used to recover the plaintext from the corresponding ciphertext by decryption
Card swipes
Decision support systems (DSS)
Mapping
Decryption key
14. A protocol for accessing a secure web server; whereby all data transferred is encrypted
Repudiation
Operator console
HTTPS (hyper text transfer protocol secure)
Audit authority
15. A sub-network of the Internet through which information is exchanged by text; graphics; audio and video.
Private key cryptosystems
Independent attitude
Librarian
world wide web (WWW)
16. The process of electronically inputting source documents by taking an image of the document; thereby eliminating the need for key entry
Image processing
System flowcharts
Hacker
Population
17. A computer network connecting different remote locations that may range from short distances; such as a floor or building; to extremely long transmissions that encompass a large region or several countries
Intrusive monitoring
Telecommunications
Privilege
Wide area network (WAN)
18. The machine language code that is generally referred to as the object or load module
Executable code
Mapping
Batch control
Local loop
19. A communications channel over which data can be sent and received simultaneously
Controls (Control procedures)
Circular routing
world wide web (WWW)
Full duplex
20. Confidentiality concerns the protection of sensitive information from unauthorized disclosure
IT governance
Application programming interface (API)
COCO
Confidentiality
21. Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective; a bank focuses on the sensitivity of the value of its assets; liabilities and revenues to changes in interest rates. Internet banking may attra
Central processing unit (CPU)
Interest rate risk
Continuous auditing approach
Harden
22. Detection on the basis of whether the system activity matched that defined as abnormal
Anomaly detection
Application
Application programming interface (API)
Checkpoint restart procedures
23. The outward impression of being self-governing and free from conflict of interest and undue influence
Client-server
Credentialed analysis
Independent appearance
Format checking
24. Software used to administer logical security. It usually includes authentication of users; access granting according to predefined rules; monitoring and reporting functions.
Active response
Independent appearance
Security software
Fiber optic cable
25. Recovery strategy that involves two active sites; each capable of taking over the other's workload in the event of a disaster. Each site will have enough idle processing power to restore data from the other site and to accommodate the excess workload
Bus topology
Dynamic analysis
RFC (request for comments)
Active recovery site (mirrored)
26. Applications that detect; prevent and possibly remove all known viruses from files located in a microcomputer hard drive
Internal penetrators
File server
Antivirus software
Data structure
27. Estimated cost and revenue amounts for a given range of periods and set of books. There can be multiple budget versions for the same set of books.
Rotating standby
Anomaly
Budget
Requirements definition
28. Diagramming data that are to be exchanged electronically; including how it is to be used and what business management systems need it. It is a preliminary step for developing an applications link. (Also see application tracing and mapping.)
Field
Mapping
Batch control
Nonrepudiation
29. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.
HTTP (hyper text transfer protocol)
Personal identification number (PIN)
Anomaly
Feasibility study
30. A denial-of-service (DoS) assault from multiple sources; see DoS
Tape management system (TMS)
Audit expert systems
Error risk
DDoS (distributed denial-of-service) attack
31. A database structured in a tree/root or parent/child relationship. Each parent can have many children; but each child may have only one parent.
Trusted processes
Audit trail
Hierarchical database
PPTP (point-to-point tunneling protocol)
32. Individuals and departments responsible for the storage and safeguarding of computerized information. This typically is within the IS organization.
Data custodian
Outsourcing
Information engineering
Address space
33. Used in data encryption; it uses a secret key to encrypt the plaintext to the ciphertext. It also uses the same key to decrypt the ciphertext to the corresponding plaintext. In this case; the key is symmetric such that the encryption key is equivalen
Access control table
Outsourcing
Private key cryptosystems
General computer controls
34. A public end-to-end digital telecommunications network with signaling; switching and transport capabilities supporting a wide range of service accessed by standardized interfaces with integrated customer control. The standard allows transmission of d
Vulnerability analysis
Test data
Reciprocal agreement
Integrated services digital network (ISDN)
35. An attack capturing sensitive pieces of information; such as passwords; passing through the network
Encapsulation (objects)
Monetary unit sampling
Sniffing
Brouters
36. Processing is achieved by entering information into the computer via a video display terminal. The computer immediately accepts or rejects the information; as it is entered.
Online data processing
Default deny policy
Web page
Fraud risk
37. An Internet standard that allows a network to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. The server; providing the NAT service; changes the source address of outgoing packets from the internal
IPSec (Internet protocol security)
NAT (Network Address Translation)
Client-server
Symmetric key encryption
38. A set of communications protocols that encompasses media access; packet transport; session communications; file transfer; electronic mail; terminal emulation; remote file access and network management. TCP/IP provides the basis for the Internet.
Object orientation
Check digit
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Network
39. A fail-over process in which there are two nodes (as in idle standby but without priority). The node that enters the cluster first owns the resource group; and the second will join as a standby node.
Digital signature
Rotating standby
Control perimeter
Concurrent access
40. A networking device that can send (route) data packets from one local area network (LAN) or wide area network (WAN) to another; based on addressing at the network layer (Layer 3) in the OSI model. Networks connected by routers can use different or si
Recovery testing
Router
Assembler
Token ring topology
41. Modern expression for organizational development stemming from IS/IT impacts. The ultimate goal of BPR is to yield a better performing structure; more responsive to the customer base and market conditions; while yielding material cost savings. To ree
TCP (transmission control protocol)
Security administrator
Business process reengineering (BPR)
Service user
42. The exchange of money via telecommunications. EFT refers to any financial transaction that originates at a terminal and transfers a sum of money from one account to another.
Idle standby
Multiplexor
Electronic funds transfer (EFT)
Distributed data processing network
43. A fully operational offsite data processing facility equipped with both hardware and system software to be used in the event of a disaster
Assembler
ICMP (internet control message protocol)
Audit objective
Hot site
44. A stored collection of related data needed by organizations and individuals to meet their information processing and retrieval requirements
Completeness check
End-user computing
Database
Production programs
45. Processes certified as supporting a security goal
Duplex routing
Penetration testing
Trusted processes
Segregation/separation of duties
46. To the basic border firewall; add a host that resides on an untrusted network where the firewall cannot protect it. That host is minimally configured and carefully managed to be as secure as possible. The firewall is configured to require incoming an
Smart card
Application security
Untrustworthy host
Monitoring policy
47. The area of the central processing unit (CPU) that executes software; allocates internal memory and transfers operations between the arithmetic-logic; internal storage and output sections of the computer
Run-to-run totals
Cathode ray tube (CRT)
Control section
Enterprise governance
48. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th
Decryption key
Checkpoint restart procedures
Central office (CO)
Database replication
49. Used to electronically input; read and interpret information directly from a source document; requires the source document to have specially-coded magnetic ink typeset
Topology
Unit testing
Magnetic ink character recognition (MICR)
Filtering router
50. The risk that activities will include deliberate circumvention of controls with the intent to conceal the perpetuation of irregularities. The unauthorized use of assets or services and abetting or helping to conceal.
Fraud risk
Control risk
Data communications
Switch
