SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A numbering system that uses a base of 16 and uses 16 digits: 0; 1; 2; 3; 4; 5; 6; 7; 8; 9; A; B; C; D; E and F. Programmers use hexadecimal numbers as a convenient way of representing binary numbers.
Checkpoint restart procedures
Independent attitude
Expert systems
Hexadecimal
2. In vulnerability analysis; gaining information by performing checks that affects the normal operation of the system; even crashing the system
Intrusive monitoring
Idle standby
Irregularities
Security testing
3. Audit evidence is sufficient if it is adequate; convincing and would lead another IS auditor to form the same conclusions.
Public key infrastructure
UNIX
Sufficient audit evidence
IDS (intrusion detection system)
4. Specialized security checker that tests user's passwords; searching for passwords that are easy to guess by repeatedly trying words from specially crafted dictionaries. Failing that; many password crackers can brute force all possible combinations in
Data communications
Password cracker
Router
Real-time analysis
5. The central database that stores and organizes data
Recovery time objective (RTO)
Information engineering
Abend
Repository
6. A software engineering technique whereby an existing application system code can be redesigned and coded using computer-aided software engineering (CASE) technology
Wide area network (WAN)
Reverse engineering
Synchronous transmission
Worm
7. Using telecommunications facilities for handling and processing of computerized information
Hierarchical database
Source code
Teleprocessing
Audit evidence
8. Performance measurement of service delivery including cost; timeliness and quality against agreed service levels
X.25 interface
Fail-safe
HTTP (hyper text transfer protocol)
Audit accountability
9. The level to which transactions can be traced and audited through a system
Integrated services digital network (ISDN)
Check digit
Auditability
Digital signature
10. A computerized technique of blocking out the display of sensitive information; such as passwords; on a computer terminal or report
Executable code
Virtual private network (VPN)
Masking
Operator console
11. A protocol used for transmitting data between two ends of a connection
Central office (CO)
Accountability
Passive response
PPP (point-to-point protocol)
12. To the basic border firewall; add a host that resides on an untrusted network where the firewall cannot protect it. That host is minimally configured and carefully managed to be as secure as possible. The firewall is configured to require incoming an
Scheduling
Untrustworthy host
Anonymous File Transfer Protocol (FTP)
Source code compare programs
13. Data that is not encrypted. Also known as plaintext.
Logon
Test generators
Audit
Cleartext
14. Two trading partners both share one or more secrets. No one else can read their messages. A different key (or set of keys) is needed for each pair of trading partners. Same key is used for encryption and decryption. (Also see Private Key Cryptosystem
Access method
Procedure
Preventive controls
Symmetric key encryption
15. A fail-over process in which the primary node owns the resource group. The backup node runs a non-critical application (e.g.; a development or test environment) and takes over the critical resource group but not vice versa.
Echo checks
Simple fail-over
Voice mail
Database administrator (DBA)
16. Programs that are tested and evaluated before approval into the production environment. Test programs; through a series of change control moves; migrate from the test environment to the production environment and become production programs.
Uploading
Unit testing
Statistical sampling
Test programs
17. The communication lines that provide connectivity between the telecommunications carrier's central office and the subscriber's facilities
Local loop
Exposure
Parity check
Accountability
18. A workstation or PC on a network that does not have its own disk. Instead; it stores files on a network file server.
Electronic data interchange (EDI)
Logoff
Diskless workstations
Hacker
19. These controls deal with the everyday operation of a company or organization to ensure all objectives are achieved.
Operational control
Outsourcing
Systems analysis
price risk
20. Emergency processing agreements between two or more organizations with similar equipment or applications. Typically; participants promise to provide processing time to each other when an emergency arises.
Black box testing
Access control
World Wide Web Consortium (W3C)
Reciprocal agreement
21. A computer program that enables the user to retrieve information that has been made publicly available on the Internet; also; that permits multimedia (graphics) applications on the World Wide Web
Harden
browser
DMZ (demilitarized zone)
Static analysis
22. Describes the design properties of a computer system that allow it to resist active attempts to attack or bypass it
Fail-safe
Materiality
Symmetric key encryption
Internet
23. A flag set in the initial setup packets to indicate that the communicating parties are synchronizing the sequence numbers used for the data transmission
Message switching
File
SYN (synchronize)
Middleware
24. A resource whose loss will result in the loss of service or production
Challenge/response token
Object Management Group (OMG)
Single point of failure
Information processing facility (IPF)
25. An auditing concept regarding the importance of an item of information with regard to its impact or effect on the functioning of the entity being audited. An expression of the relative significance or importance of a particular matter in the context
Materiality
Salami technique
Database specifications
COBIT
26. An entity that may be given responsibility for performing some of the administrative tasks necessary in the registration of subjects; such as confirming the subject's identity; validating that the subject is entitled to have the attributes requested
Registration authority (RA)
Biometric locks
Application development review
Source lines of code (SLOC)
27. Refers to the processes by which organisations conduct business electronically with their customers and or public at large using the Internet as the enabling technology.
Sufficient audit evidence
Source lines of code (SLOC)
Business-to-consumer e-commerce (B2C)
Data diddling
28. A file format in which records are organized and can be accessed; according to a preestablished key that is part of the record
Hash function
Monitoring policy
RADIUS (remote authentication dial-in user service)
Indexed sequential file
29. A router configured to permit or deny traffic based on a set of permission rules installed by the administrator
Object orientation
Audit
Screening routers
Monitor
30. Memory chips with embedded program code that hold their content when power is turned off
Firmware
Shell
Honey pot
Circuit-switched network
31. An exercise that determines the impact of losing the support of any resource to an organization and establishes the escalation of that loss over time; identifies the minimum resources needed to recover and prioritizes the recovery of processes and su
Control perimeter
Attitude
Rotating standby
Business impact analysis (BIA)
32. Formal document which defines the IS auditor's responsibility; authority and accountability for a specific assignment
Initial program load (IPL)
Console log
Engagement letter
IT governance
33. A type of LAN ring topology in which a frame containing a specific format; called the token; is passed from one station to the next around the ring. When a station receives the token; it is allowed to transmit. The station can send as many frames as
Incremental testing
Polymorphism (objects)
Mutual takeover
Token ring topology
34. Analysis of information that occurs on a noncontinuous basis; also known as interval-based analysis
Terms of reference
System flowcharts
Static analysis
Computer-aided software engineering (CASE)
35. The logical language a computer understands
Machine language
Alpha
Analog
Peripherals
36. The flow of data from the input (in Internet banking; ordinarily user input at his/her desktop) to output (in Internet banking; ordinarily data in a bank's central database). Data flow includes travelling through the communication lines; routers; swi
Geographic disk mirroring
Data flow
Components (as in component-based development)
vulnerability
37. A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes
Application programming interface (API)
Utility software
Password
IT governance
38. Detects transmission errors by appending calculated bits onto the end of each segment of data
Redundancy check
Integrated services digital network (ISDN)
Automated teller machine (ATM)
Normalization
39. A mathematical expression used to calculate budget amounts based on actual results; other budget amounts and statistics. With budget formulas; budgets using complex equations; calculations and allocations can be automatically created.
L2F (Layer 2 forwarding)
Application maintenance review
Tcpdump
Budget formula
40. Refer to the transactions and data relating to each computer-based application system and are therefore specific to each such application. The objectives of application controls; which may be manual; or programmed; are to ensure the completeness and
Hexadecimal
Filtering router
Recovery time objective (RTO)
Application controls
41. The process of feeding test data into two systems; the modified system and an alternative system (possibly the original system) and comparing results
Personal identification number (PIN)
Parallel testing
Continuous auditing approach
Nonrepudiation
42. A hardware/software package that is used to connect networks with different protocols. The gateway has its own processor and memory and can perform protocol and bandwidth conversions.
Gateway
Pervasive IS controls
Real-time analysis
Protocol converter
43. A condition in which each of an organization's regional locations maintains its own financial and operational data while sharing processing with an organizationwide; centralized database. This permits easy sharing of data while maintaining a certain
Split data systems
Security management
Audit
Magnetic card reader
44. A technique used to determine the size of a development task; based on the number of function points. Function points are factors such as inputs; outputs; inquiries and logical internal sites.
Centralized data processing
Record
Function point analysis
Run-to-run totals
45. Consists of one or more web pages that may originate at one or more web server computers. A person can view the pages of a website in any order; as he or she would a magazine.
Web site
Transaction
Addressing
Dial-in access controls
46. An extension to PPP to facilitate the creation of VPNs. L2TP merges the best features of PPTP (from Microsoft) and L2F (from Cisco).
L2TP (Layer 2 tunneling protocol)
Due care
Hacker
Bandwidth
47. The process of actually entering transactions into computerized or manual files. Such transactions might immediately update the master files or may result in memo posting; in which the transactions are accumulated over a period of time; then applied
Random access memory (RAM)
Computer server
Posting
Access method
48. A statement of the position within the organization; including lines of reporting and the rights of access
Active recovery site (mirrored)
Microwave transmission
Assembly language
Audit authority
49. Any sample that is selected subjectively or in such a manner that the sample selection process is not random or the sampling results are not evaluated mathematically
Diskless workstations
Judgment sampling
Utility programs
Terminal
50. The list of rules and/or guidance that is used to analyze event data
Top-level management
RFC (request for comments)
Rulebase
Message switching
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests