Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.






2. To apply a variable; alternating current (AC) field for the purpose of demagnetizing magnetic recording media. The process involves increasing the AC field gradually from zero to some maximum value and back to zero; which leaves a very low residue of






3. A type of local area network (LAN) architecture in which each station is directly attached to a common communication channel. Signals transmitted over the channel take the form of messages. As each message passes along the channel; each station recei






4. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.






5. An integrated set of computer programs designed to serve a particular function that has specific input; processing and output activities (e.g.; general ledger; manufacturing resource planning; human resource management)






6. An individual data element in a computer record. Examples include employee name; customer address; account number; product unit price and product quantity in stock.






7. The level of trust with which a system object is imbued






8. Analysis that is performed in real time or in continuous form






9. A series of tests designed to ensure that the modified program interacts correctly with other system components. These test procedures typically are performed by the system maintenance staff in their development library.






10. A journal entry entered at a computer terminal. Manual journal entries can include regular; statistical; inter-company and foreign currency entries






11. The forms used to record data that have been captured. A source document may be a piece of paper; a turnaround document or an image displayed for online data input.






12. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v






13. A top-down technique of designing programs and systems. It makes programs more readable; more reliable and more easily maintained.






14. A destructive computer program that spreads from computer to computer using a range of methods; including infecting floppy disks and other programs. Viruses typically attach themselves to a program and modify it so that the virus code runs when the p






15. The communication lines that provide connectivity between the telecommunications carrier's central office and the subscriber's facilities






16. The standards and benchmarks used to measure and present the subject matter and against which the IS auditor evaluates the subject matter. Criteria should be: Objective—free from bias Measurable—provide for consistent measurement Complete—include all






17. Making sure the modified/new system includes appropriate access controls and does not introduce any security holes that might compromise other systems






18. Group of people responsible for a project; whose terms of reference may include the development; acquisition; implementation or maintenance of an application system. The team members may include line management; operational line staff; external contr






19. Information generated by an encryption algorithm to protect the plaintext. The ciphertext is unintelligible to the unauthorized reader.






20. A policy whereby access is denied unless it is specifically allowed. The inverse of default allow.






21. The use of software packages that aid in the development of all phases of an information system. System analysis; design programming and documentation are provided. Changes introduced in one CASE chart will update all other related charts automatical






22. A private key cryptosystem published by the National Bureau of Standards (NBS); the predecessor of the US National Institute of Standards and Technology (NIST). DES has been used commonly for data encryption in the forms of software and hardware impl






23. The extent to which a system unit--subroutine; program; module; component; subsystem--performs a single dedicated function. Generally; the more cohesive are units; the easier it is to maintain and enhance a system; since it is easier to determine whe






24. Detects line errors by retransmitting data back to the sending device for comparison with the original transmission






25. Is the risk to earnings or capital arising from changes in the value of portfolios of financial instruments. Price risk arises from market making; dealing and position taking in interest rate; foreign exchange; equity and commodities markets. Banks m






26. Authorized users of a computer system who overstep their legitimate access rights. This category is divided into masqueraders and clandestine users.






27. The area of the central processing unit (CPU) that executes software; allocates internal memory and transfers operations between the arithmetic-logic; internal storage and output sections of the computer






28. Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective; a bank focuses on the sensitivity of the value of its assets; liabilities and revenues to changes in interest rates. Internet banking may attra






29. The act of transferring computerized information from one computer to another computer






30. Filters out electrical surges and spikes






31. A report on Internal Control--An Integrated Framework sponsored by the Committee of Sponsoring Organizations of the Treadway Commission in 1992. It provides guidance and a comprehensive framework of internal control for all organizations.'






32. Range checks ensure that data fall within a predetermined range (also see limit checks).






33. An implementation of DNS intended to secure responses provided by the server such that different responses are given to internal vs. external users






34. An audit designed to determine the accuracy of financial records and information






35. An interface between data terminal equipment (DTE) and data circuit-terminating equipment (DCE) for terminals operating in the packet mode on some public data networks






36. Machine-readable instructions produced from a compiler or assembler program that has accepted and translated the source code






37. Auxiliary computer hardware equipment used for input; output and data storage. Examples include disk drives and printers.






38. The actions/controls dealing with operational effectiveness; efficiency and adherence to regulations and management policies






39. A sampling technique used to estimate the average or total value of a population based on a sample; a statistical model used to project a quantitative characteristic; such as a dollar amount






40. Computer operating instructions which detail the step-by-step processes that are to occur so an application system can be properly executed. It also identifies how to address problems that occur during processing.






41. Specialized security checker that tests user's passwords; searching for passwords that are easy to guess by repeatedly trying words from specially crafted dictionaries. Failing that; many password crackers can brute force all possible combinations in






42. English-like; user friendly; nonprocedural computer languages used to program and/or read and process computer files






43. A communications terminal control hardware unit that controls a number of computer terminals. All messages are buffered by the controller and then transmitted to the receiver.






44. To configure a computer or other network device to resist attacks






45. The Committee on the Financial Aspects of Corporate Governance; set up in May 1991 by the UK Financial Reporting Council; the London Stock Exchange and the UK accountancy profession; was chaired by Sir Adrian Cadbury and produced a report on the subj






46. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display






47. A set of protocols for accessing information directories. It is based on the X.500 standard; but is significantly simpler.






48. Encapsulation is the technique used by layered protocols in which a lower layer protocol accepts a message from a higher layer protocol and places it in the data portion of a frame in the lower layer.






49. A layer within the International Organization for Standardization (ISO)/Open Systems Interconnection (OSI) model. It is used in information transfers between users through application programs and other devices. In this layer various protocols are ne






50. The relationships among files in a database and among data items within each file







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests