Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It is composed of an insulated wire that runs through the middle of each cable; a second wire that surrounds the insulation of the inner wire like a sheath; and the outer insulation which wraps the second wire. Coaxial cable has a greater transmissio






2. An independent audit of the control structure of a service organization; such as a service bureau; with the objective of providing assurances to the users of the service organization that the internal control structure is adequate; effective and soun






3. The risk to earnings or capital arising from an obligor's failure to meet the terms of any contract with the bank or otherwise to perform as agreed. Internet banking provides the opportunity for banks to expand their geographic range. Customers can r






4. Parallel simulation involves the IS auditor writing a program to replicate those application processes that are critical to an audit opinion and using this program to reprocess application system data. The results produced are compared with the resul






5. A storage facility located away from the building housing the primary information processing facility (IPF); used for storage of computer media such as offline backup data and storage files






6. Is the risk to earnings or capital arising from changes in the value of portfolios of financial instruments. Price risk arises from market making; dealing and position taking in interest rate; foreign exchange; equity and commodities markets. Banks m






7. A file of semipermanent information that is used frequently for processing data or for more than one purpose






8. A financial system that establishes the means for transferring money between suppliers and users of funds; ordinarily by exchanging debits or credits between banks or financial institutions.






9. An implementation of DNS intended to secure responses provided by the server such that different responses are given to internal vs. external users






10. A program that translates programming language (source code) into machine executable instructions (object code)






11. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v






12. The forms used to record data that have been captured. A source document may be a piece of paper; a turnaround document or an image displayed for online data input.






13. The area of the system that the intrusion detection system is meant to monitor and protect






14. A version of the Windows operating system that supports preemptive multitasking






15. A row or record consisting of a set of attribute value pairs (column or field) in a relational data structure






16. A form of modulation in which data signals are pulsed directly on the transmission medium without frequency division and usually utilize a transceiver. In baseband the entire bandwidth of the transmission medium (e.g.; coaxial cable) is utilized for






17. A private network that is configured within a public network. For years; common carriers have built VPNs that appear as private national or international networks to the customer; but physically share backbone trunks with other customers. VPNs enjoy






18. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th






19. A level of comfort short of a guarantee but considered adequate given the costs of the control and the likely benefits achieved






20. Members of the operations area that are responsible for the collection; logging and submission of input for the various user groups






21. Door and entry locks that are activated by such biometric features as voice; eye retina; fingerprint or signature






22. The main memory of the computer's central processing unit






23. A sampling technique that estimates the amount of overstatement in an account balance






24. A trusted third party that serves authentication infrastructures or organizations and registers entities and issues them certificates






25. Error control deviations (compliance testing) or misstatements (substantive testing)






26. An integrated set of computer programs designed to serve a particular function that has specific input; processing and output activities (e.g.; general ledger; manufacturing resource planning; human resource management)






27. A hierarchical database that is distributed across the Internet that allows names to be resolved into IP addresses (and vice versa) to locate services such as web and e-mail servers






28. The central database that stores and organizes data






29. A mathematical expression used to calculate budget amounts based on actual results; other budget amounts and statistics. With budget formulas; budgets using complex equations; calculations and allocations can be automatically created.






30. Editing ensures that data conform to predetermined criteria and enable early identification of potential errors.






31. A phase of an SDLC methodology that researches the feasibility and adequacy of resources for the development or acquisition of a system solution to a user need






32. A discussion document which sets out an ''Enterprise Governance Model'' focusing strongly on both the enterprise business goals and the information technology enablers which facilitate good enterprise governance; published by the Information Systems






33. Program narratives provide a detailed explanation of program flowcharts; including control points and any external input.






34. Asoftware testing technique whereby the internal workings of the item being tested are not known by the tester. For example - in a black box test on a software design the tester only knows the inputs and what the expected outcomes should be and not h






35. A manual or automated log of all updates to data files and databases






36. A system development technique that enables users and developers to reach agreement on system requirements. Prototyping uses programmed simulation techniques to represent a model of the final system to the user for advisement and critique. The emphas






37. A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source






38. The processing of a group of transactions at the same time. Transactions are collected and processed against the master files at a specified time.






39. Compares data to predefined reasonability limits or occurrence rates established for the data.






40. The person responsible for implementing; monitoring and enforcing security rules established and authorized by management






41. Tests of specified amount fields against stipulated high or low limits of acceptability. When both high and low values are used; the test may be called a range check.






42. Used to electronically input; read and interpret information directly from a source document; requires the source document to have specially-coded magnetic ink typeset






43. A security technique that verifies an individual's identity by analyzing a unique physical attribute; such as a handprint






44. The range between the highest and lowest transmittable frequencies. It equates to the transmission capacity of an electronic line and is expressed in bytes per second or Hertz (cycles per second).






45. A connection-based Internet protocol that supports reliable data transfer connections. Packet data is verified using checksums and retransmitted if it is missing or corrupted. The application plays no part in validating the transfer.






46. A platform-independent XML-based formatted protocol enabling applications to communicate with each other over the Internet. Use of this protocol may provide a significant security risk to web application operations; since use of SOAP piggybacks onto






47. Checks that data are entered correctly






48. A transmission signal that varies continuously in amplitude and time and is generated in wave formation. Analog signals are used in telecommunications.






49. A biometric device that is used to authenticate a user through palm scans






50. In vulnerability analysis; gaining information by performing standard system status queries and inspecting system attributes