SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The objectives of management that are used as the framework for developing and implementing controls (control procedures).
Artificial intelligence
Logs/Log file
Control objective
Public key infrastructure
2. A layer within the International Organization for Standardization (ISO)/Open Systems Interconnection (OSI) model. It is used in information transfers between users through application programs and other devices. In this layer various protocols are ne
Spanning port
Range check
Partitioned file
Application layer
3. Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective; a bank focuses on the sensitivity of the value of its assets; liabilities and revenues to changes in interest rates. Internet banking may attra
Interest rate risk
RS-232 interface
Source lines of code (SLOC)
Mapping
4. An individual data element in a computer record. Examples include employee name; customer address; account number; product unit price and product quantity in stock.
Trap door
Attitude
Security management
Field
5. Defined by ISACA as the processes by which organisations conduct business electronically with their customers; suppliers and other external business partners; using the Internet as an enabling technology. It therefore encompasses both business-to-bus
Data dictionary
Direct reporting engagement
Degauss
e-commerce
6. A data dictionary is a database that contains the name; type; range of values; source and authorization for access for each data element in a database. It also indicates which application programs use that data so that when a data structure is contem
Data dictionary
Control Objectives for Enterprise Governance
Control perimeter
Simple fail-over
7. A certificate issued by one certification authority to a second certification authority so that users of the first certification authority are able to obtain the public key of the second certification authority and verify the certificates it has crea
Validity check
Cryptography
Cross-certification
Cadbury
8. Analysis that is performed on a continuous basis; with results gained in time to alter the run-time system
Real-time analysis
Active recovery site (mirrored)
Trusted systems
Electronic vaulting
9. Commonly it is the network segment between the Internet and a private network. It allows access to services from the Internet and the internal private network; while denying access from the Internet directly to the private network.
Intrusive monitoring
Regression testing
Control objective
DMZ (demilitarized zone)
10. In vulnerability analysis; passive monitoring approaches in which passwords or other access credentials are required. This sort of check usually involves accessing a system data object.
Credentialed analysis
Application layer
Message switching
Hacker
11. Allows the network interface to capture all network traffic irrespective of the hardware device to which the packet is addressed
Hash function
Dial-back
Node
Promiscuous mode
12. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction
Initial program load (IPL)
Signatures
Control section
Base case
13. A basic control that prevents or detects errors and irregularities by assigning responsibility for initiating transactions; recording transactions and custody of assets to separate individuals. Commonly used in large IT organizations so that no singl
Segregation/separation of duties
Confidentiality
Audit evidence
Proxy server
14. A trusted third party that serves authentication infrastructures or organizations and registers entities and issues them certificates
liquidity risk
Certificate authority (CA)
Registration authority (RA)
UNIX
15. The main memory of the computer's central processing unit
Fiber optic cable
Internal storage
implementation life cycle review
Artificial intelligence
16. A group of items that is waiting to be serviced or processed
Queue
Extensible Markup Language (XML)
Trap door
Credit risk
17. The use of alphabetic characters or an alphabetic character string
Packet switching
Alpha
Detective controls
Image processing
18. One who obtains products or services from a bank to be used primarily for personal; family or household purposes.
Consumer
Program narratives
Segregation/separation of duties
Object orientation
19. The process of electronically inputting source documents by taking an image of the document; thereby eliminating the need for key entry
Range check
Image processing
Internal control
Hot site
20. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems
Third-party review
Risk
Numeric check
Software
21. In open systems architecture; circular routing is the logical path of a message in a communications network based on a series of gates at the physical network layer in the open systems interconnection (OSI) model.
ASCII (American Standard Code for Information Interchange)
Population
Circular routing
Foreign exchange risk
22. Test data are processed in production systems. The data usually represent a set of fictitious entities such as departments; customers and products. Output reports are verified to confirm the correctness of the processing.
Public key cryptosystem
Echo checks
Circuit-switched network
Integrated test facilities (ITF)
23. A financial system that establishes the means for transferring money between suppliers and users of funds; ordinarily by exchanging debits or credits between banks or financial institutions.
Internal penetrators
Comparison program
Electronic cash
Payment system
24. The rules by which a network operates and controls the flow and priority of transmissions
Data Encryption Standard (DES)
Protocol
Central processing unit (CPU)
Geographic disk mirroring
25. Software packages that sequentially dial telephone numbers; recording any numbers that answer
Control risk
Reputational risk
War dialler
Preventive controls
26. A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population
Plaintext
Password
Discovery sampling
TCP (transmission control protocol)
27. A private network that uses the infrastructure and standards of the Internet and World Wide Web; but is isolated from the public Internet by firewall barriers.
Run-to-run totals
Credit risk
HTTPS (hyper text transfer protocol secure)
Intranet
28. Expert systems are the most prevalent type of computer systems that arise from the research of artificial intelligence. An expert system has a built in hierarchy of rules; which are acquired from human experts in the appropriate field. Once input is
Intrusion detection
Value-added network (VAN)
Continuity
Expert systems
29. A communications channel that can handle only one signal at a time. The two stations must alternate their transmissions.
Due professional care
Half duplex
Buffer
Value-added network (VAN)
30. Criteria Of Control; published by the Canadian Institute of Chartered Accountants in 1995
Journal entry
COCO
Middleware
Control section
31. A version of the Windows operating system that supports preemptive multitasking
ISO17799
Windows NT
Data owner
Authorization
32. A protocol originally developed by Netscape Communications to provide a high level of security for its browser software. It has become accepted widely as a means of securing Internet message exchanges. It ensures confidentiality of the data in transm
Scure socket layer (SSL)
Librarian
Proxy server
Downloading
33. A debit or credit to a general ledger account. See also manual journal entry.
Concurrent access
Dial-back
Journal entry
Internet Engineering Task Force (IETF)
34. A cipher technique whereby different cryptographic keys are used to encrypt and decrypt a message (see public key cryptosystems)
Integrity
Binary code
System testing
Asymmetric key (public key)
35. A device used for combining several lower-speed channels into a higher-speed channel
Multiplexor
Extended Binary-coded Decimal Interchange Code (EBCDIC)
virtual organizations
legal risk
36. The risk of giving an incorrect audit opinion
Audit risk
Function point analysis
Reasonableness check
Taps
37. In a passive assault; intruders attempt to learn some characteristic of the data being transmitted. They may be able to read the contents of the data so the privacy of the data is violated. Alternatively; although the content of the data itself may r
Procedure
Useful audit evidence
Passive assault
HTTPS (hyper text transfer protocol secure)
38. The computer's primary working memory. Each byte of memory can be accessed randomly regardless of adjacent bytes.
Message switching
Function point analysis
Random access memory (RAM)
e-commerce
39. Programs that are used to process live or actual data that were received as input into the production environment.
Production programs
Reputational risk
Masqueraders
Program evaluation and review technique (PERT)
40. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display
Salami technique
Tcpdump
Reputational risk
Variable sampling
41. The current and prospective effect on earnings and capital arising from negative public opinion. This affects the bank's ability to establish new relationships or services or continue servicing existing relationships. Reputation risk may expose the b
Auditability
Batch processing
Data Encryption Standard (DES)
Reputational risk
42. An international standard that defines information confidentiality; integrity and availability controls
Data integrity
Hub
Cleartext
ISO17799
43. To configure a computer or other network device to resist attacks
Access control table
Mutual takeover
Harden
Vulnerabilities
44. The traditional Internet service protocol widely used for many years on UNIX-based operating systems and supported by the Internet Engineering Task Force (IETF) that allows a program on one computer to execute a program on another (e.g.; server). The
Blackbox testing
Cathode ray tube (CRT)
Remote procedure calls (RPCs)
Leased lines
45. Any situation or event that has the potential to harm a system
Assembler
Systems acquisition process
Audit evidence
Threat
46. A printed machine-readable code that consists of parallel bars of varied width and spacing
Bar code
Database administrator (DBA)
Inherent risk
Extensible Markup Language (XML)
47. A 24-hour; stand-alone mini-bank; located outside branch bank offices or in public places like shopping malls. Through ATMs; clients can make deposits; withdrawals; account inquiries and transfers. Typically; the ATM network is comprised of two spher
Harden
Record
Operational control
Automated teller machine (ATM)
48. The purpose is to provide usable data rather than a function. The focus of the development is to provide ad hoc reporting for users by developing a suitable accessible database of information.
Irregularities
Monitor
Data-oriented systems development
Business impact analysis (BIA)
49. This approach allows IS auditors to monitor system reliability on a continuous basis and to gather selective audit evidence through the computer.
Gateway
Web site
Continuous auditing approach
Control Objectives for Enterprise Governance
50. Making sure the modified/new system includes appropriate access controls and does not introduce any security holes that might compromise other systems
Baseband
Structured Query Language (SQL)
Security testing
Access method
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests