SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The potential loss to an area due to the occurrence of an adverse event
Exposure
Message switching
Accountability
Uploading
2. Used to enable remote access to a server computer. Commands typed are run on the remote server.
Discovery sampling
Application programming
Telnet
Encapsulation (objects)
3. The act or function of developing and maintaining applications programs in production
Reliable audit evidence
Application programming
Analog
Outsourcing
4. A system software tool that logs; monitors and directs computer tape usage
Business process reengineering (BPR)
Tape management system (TMS)
Embedded audit module
Capacity stress testing
5. A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source
Reasonableness check
Audit trail
Service user
Batch control
6. The susceptibility of an audit area to error which could be material; individually or in combination with other errors; assuming that there are no related internal controls
Coaxial cable
Service bureau
Inherent risk
Record; screen and report layouts
7. The name given to a class of algorithms that repeatedly try all possible combinations until a solution is found
Brute force
Materiality
Independent appearance
Pervasive IS controls
8. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame
World Wide Web Consortium (W3C)
Range check
L2F (Layer 2 forwarding)
Frame relay
9. Polymorphism refers to database structures that send the same command to different child objects that can produce different results depending on their family hierarchical tree structure.
Downtime report
Master file
Rulebase
Polymorphism (objects)
10. General controls which are designed to manage and monitor the IS environment and which; therefore; affect all IS-related activities
Spoofing
DDoS (distributed denial-of-service) attack
Adjusting period
Pervasive IS controls
11. A sub-network of the Internet through which information is exchanged by text; graphics; audio and video.
Fail-over
Partitioned file
world wide web (WWW)
Audit responsibility
12. Refers to the controls that support the process of transformation of the organisation's legacy information systems into the ERP applications. This would largely cover all aspects of systems implementation and configuration; such as change management
Vulnerabilities
Passive response
Components (as in component-based development)
implementation life cycle review
13. Weaknesses in systems that can be exploited in ways that violate security policy
Universal Description; Discovery and Integration (UDDI)
Vulnerabilities
Indexed sequential access method (ISAM)
Parallel simulation
14. Verifies that the control number follows sequentially and any control numbers out of sequence are rejected or noted on an exception report for further research
Surge suppressor
Computer sequence checking
Data dictionary
Utility programs
15. The systems development phase in which systems specifications and conceptual designs are developed; based on end-user needs and requirements
Systems analysis
Sniff
Modulation
Web site
16. Programmed checking of data validity in accordance with predetermined criteria
Expert systems
Internet Engineering Task Force (IETF)
Baseband
Validity check
17. A resource whose loss will result in the loss of service or production
Password
Cryptography
Indexed sequential access method (ISAM)
Single point of failure
18. A complex set of software programs that control the organization; storage and retrieval of data in a database. It also controls the security and integrity of the database.
Cluster controller
Budget organization
Database management system (DBMS)
Evidence
19. A special terminal used by computer operations personnel to control computer and systems operations functions. These terminals typically provide a high level of computer access and should be properly secured.
Internet packet (IP) spoofing
Reliable audit evidence
Modulation
Operator console
20. An eight-bit code representing 256 characters; used in most large computer systems
Security software
Extended Binary-coded Decimal Interchange Code (EBCDIC)
Hot site
Brute force
21. An evaluation of any part of an implementation project (e.g.; project management; test plans; user acceptance testing procedures)
Edit controls
Materiality
Geographic disk mirroring
Application implementation review
22. Specialized system software used to perform particular computerized functions and routines that are frequently required during normal processing. Examples include sorting; backing up and erasing data.
implementation life cycle review
Executable code
Utility programs
vulnerability
23. Any intentional violation of the security policy of a system
Intrusion
False negative
Credentialed analysis
Regression testing
24. A specially configured server; designed to attract intruders so that their actions do not affect production systems; also known as a decoy server
Telecommunications
Automated teller machine (ATM)
Honey pot
Universal Description; Discovery and Integration (UDDI)
25. The amount of time allowed for the recovery of a business function or resource after a disaster occurs
PPTP (point-to-point tunneling protocol)
Reasonable assurance
Data flow
Recovery time objective (RTO)
26. English-like; user friendly; nonprocedural computer languages used to program and/or read and process computer files
Project sponsor
Hexadecimal
Real-time analysis
Fourth generation language (4GL)
27. The proportion of known attacks detected by an intrusion detection system
Audit program
Network administrator
Coverage
Non-intrusive monitoring
28. Individuals; normally managers or directors; who have responsibility for the integrity; accurate reporting and use of computerized data
HTTP (hyper text transfer protocol)
price risk
System flowcharts
Data owner
29. Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective; a bank focuses on the sensitivity of the value of its assets; liabilities and revenues to changes in interest rates. Internet banking may attra
Non-intrusive monitoring
Interest rate risk
Source documents
Control group
30. A printed machine-readable code that consists of parallel bars of varied width and spacing
Distributed data processing network
Bar code
Hub
Budget organization
31. Diagramming data that are to be exchanged electronically; including how it is to be used and what business management systems need it. It is a preliminary step for developing an applications link. (Also see application tracing and mapping.)
Mapping
Waterfall development
Piggy backing
Intranet
32. The rules outlining the way in which information is captured and interpreted
Surge suppressor
Financial audit
Monitoring policy
Bandwidth
33. A testing technique that is used to test program logic within a particular program or module. The purpose of the test is to ensure that the program meets system development guidelines and does not abnormally end during processing.
Online data processing
Windows NT
False positive
Unit testing
34. A protocol for packet-switching networks
Wiretapping
X.25
Teleprocessing
Audit trail
35. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display
Cross-certification
Record; screen and report layouts
Tcpdump
Base case
36. Use of the Internet as a remote delivery channel for banking services. Services include the traditional ones; such as opening an account or transferring funds to different accounts; and new banking services; such as electronic bill presentment and pa
Judgment sampling
Internet banking
Variable sampling
Rapid application development
37. Is the risk to earnings or capital arising from violations of; or nonconformance with; laws; rules; regulations; prescribed practices or ethical standards. Banks are subject to various forms of legal risk. This can include the risk that assets will t
ICMP (internet control message protocol)
legal risk
Ciphertext
Biometrics
38. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th
Audit plan
Anomaly detection
Partitioned file
Database replication
39. A device for sending and receiving computerized data over transmission lines
Batch control
Fscal year
Terminal
Audit responsibility
40. A method of computer fraud involving a computer code that instructs the computer to remove small amounts of money from an authorized computer transaction by rounding down to the nearest whole value denomination and rerouting the rounded off amount to
Data integrity
Detective controls
Rounding down
Split data systems
41. A platform-independent XML-based formatted protocol enabling applications to communicate with each other over the Internet. Use of this protocol may provide a significant security risk to web application operations; since use of SOAP piggybacks onto
Simple Object Access Protocol (SOAP)
Systems acquisition process
liquidity risk
Indexed sequential file
42. The processing of a group of transactions at the same time. Transactions are collected and processed against the master files at a specified time.
Attribute sampling
Threat
Batch processing
Exposure
43. Identified by one central processor and databases that form a distributed processing configuration
Vulnerabilities
Reverse engineering
Content filtering
Centralized data processing
44. Generally; the assumption that an entity will behave substantially as expected. Trust may apply only for a specific function. The key role of this term in an authentication framework is to describe the relationship between an authenticating entity an
Interface testing
Application software tracing and mapping
Protocol
Trust
45. A permanent connection between hosts in a packet switched network
Intrusion
Permanent virtual circuit (PVC)
Noise
Unit testing
46. The Committee on the Financial Aspects of Corporate Governance; set up in May 1991 by the UK Financial Reporting Council; the London Stock Exchange and the UK accountancy profession; was chaired by Sir Adrian Cadbury and produced a report on the subj
Salami technique
Piggy backing
Anonymity
Cadbury
47. To configure a computer or other network device to resist attacks
Audit authority
Harden
Whitebox testing
Computer server
48. A program written in a portable; platform independent computer language; such as Java. It is usually embedded in an HTML page and then executed by a browser. Applets can only perform a restricted set of operations; thus preventing; or at least minimi
DDoS (distributed denial-of-service) attack
Object code
Sequential file
Applet
49. Cooperating packages of executable software that make their services available through defined interfaces. Components used in developing systems may be commercial off-the-shelf software (COTS) or may be purposely built. However; the goal of component
Hash function
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Broadband
Components (as in component-based development)
50. An input device that reads characters and images that are printed or painted on a paper form into the computer.
Optical scanner
Field
Audit sampling
virtual organizations
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests