SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The relationships among files in a database and among data items within each file
Data structure
Trust
Terminal
Wide area network (WAN)
2. A series of steps to complete an audit objective
Optical character recognition
Appearance
Audit program
Internal control structure
3. Risks that could impact the organization's ability to perform business or provide a service. They can be financial; regulatory or control oriented.
e-commerce
Posting
Business risk
Security testing
4. Analysis of the security state of a system or its compromise on the basis of information collected at intervals
Trap door
Input controls
Record
Vulnerability analysis
5. These controls are designed to correct errors; omissions and unauthorized uses and intrusions; once they are detected.
PPTP (point-to-point tunneling protocol)
Shell
Corrective controls
Central processing unit (CPU)
6. The dynamic; integrated processes; effected by the governing body; management and all other staff; that are designed to provide reasonable assurance regarding the achievement of the following general objectives: Effectiveness; efficiency and economy
Internal control structure
Dry-pipe fire extinguisher system
Wide area network (WAN)
Firewall
7. A device that is used to authenticate a user; typically in addition to a username and password. It is usually a credit card-sized device that displays a pseudo random number that changes every few minutes.
Access control table
Token
Program narratives
ISO17799
8. Controlling access to a network by analyzing the contents of the incoming and outgoing packets and either letting them pass or denying them based on a list of rules. Differs from packet filtering in that it is the data in the packet that are analyzed
Pervasive IS controls
Operating system
Content filtering
Regression testing
9. A technique of reading a computer file while bypassing the internal file/data set label. This process could result in bypassing of the security access control system.
Bypass label processing (BLP)
Tape management system (TMS)
Exception reports
COSO
10. A discussion document which sets out an ''Enterprise Governance Model'' focusing strongly on both the enterprise business goals and the information technology enablers which facilitate good enterprise governance; published by the Information Systems
SYN (synchronize)
Audit sampling
Data leakage
Control Objectives for Enterprise Governance
11. A router that is configured to control network access by comparing the attributes of the incoming or outgoing packets to a set of rules
Antivirus software
Recovery testing
Filtering router
Coupling
12. Software packages that sequentially dial telephone numbers; recording any numbers that answer
Waterfall development
War dialler
Bridge
Record; screen and report layouts
13. Refers to the controls that support the process of transformation of the organisation's legacy information systems into the ERP applications. This would largely cover all aspects of systems implementation and configuration; such as change management
Operational audit
Cluster controller
Encryption key
implementation life cycle review
14. A type of password (i.e.; a secret number assigned to an individual) that; in conjunction with some means of identifying the individual; serves to verify the authenticity of the individual. PINs have been adopted by financial institutions as the prim
Parallel simulation
Information processing facility (IPF)
Personal identification number (PIN)
Anomaly detection
15. The amount of time allowed for the recovery of a business function or resource after a disaster occurs
Structured programming
Card swipes
Recovery time objective (RTO)
Rotating standby
16. An ASP that also provides outsourcing of business processes such as payment processing; sales order processing and application development
Trojan horse
Screening routers
File
BSP (business service provider)
17. A program that processes actions upon business data; such as data entry; update or query. It contrasts with systems program; such as an operating system or network control program; and with utility programs; such as copy or sort.
Outsourcing
Hacker
Brouters
Application program
18. The calendar can contain 'real' accounting periods and/or adjusting accounting periods. The 'real' accounting periods must not overlap; and cannot have any gaps between 'real' accounting periods. Adjusting accounting periods can overlap with other ac
Structured Query Language (SQL)
Error
Adjusting period
Optical character recognition
19. An exception report is generated by a program that identifies transactions or data that appear to be incorrect. These items may be outside a predetermined range or may not conform to specified criteria.
Integrated services digital network (ISDN)
Protection domain
Exception reports
Monetary unit sampling
20. An individual who attempts to gain unauthorized access to a computer system
Service user
Risk
Hacker
Comparison program
21. Hardware devices; such as asynchronous and synchronous transmissions; that convert between two different types of transmission
Internet
Risk
Privacy
Protocol converter
22. The central database that stores and organizes data
Extensible Markup Language (XML)
Repository
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Corrective controls
23. A phone number that represents the area in which the communications provider or Internet service provider (ISP) provides service
Point-of-presence (POP)
Business-to-consumer e-commerce (B2C)
Audit evidence
Software
24. Information generated by an encryption algorithm to protect the plaintext. The ciphertext is unintelligible to the unauthorized reader.
RFC (request for comments)
TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
Ciphertext
Computer-assisted audit technique (CAATs)
25. A type of LAN architecture in which the cable forms a loop; with stations attached at intervals around the loop. Signals transmitted around the ring take the form of messages. Each station receives the messages and each station determines; on the bas
Ring topology
Application proxy
Hash total
Limit check
26. A point in a routine at which sufficient information can be stored to permit restarting the computation from that point. NOTE: seems to pertain to recover - shutting down database after all records have been committed for example
Checkpoint restart procedures
Format checking
Real-time analysis
General computer controls
27. A destructive computer program that spreads from computer to computer using a range of methods; including infecting floppy disks and other programs. Viruses typically attach themselves to a program and modify it so that the virus code runs when the p
Virus
RADIUS
Computationally greedy
Business-to-consumer e-commerce (B2C)
28. Any automated audit technique; such as generalized audit software; test data generators; computerized audit programs and specialized audit utilities
Computer-assisted audit technique (CAATs)
Fscal year
Source lines of code (SLOC)
Object code
29. An extension to PPP to facilitate the creation of VPNs. L2TP merges the best features of PPTP (from Microsoft) and L2F (from Cisco).
Decision support systems (DSS)
Embedded audit module
L2TP (Layer 2 tunneling protocol)
Integrity
30. Diligence which a person; who possesses a special skill; would exercise under a given set of circumstances
Due professional care
Telecommunications
Ciphertext
Audit sampling
31. Any information collection mechanism utilized by an intrusion detection system
Corporate governance
Real-time processing
Monitor
Hash function
32. These are the requirements for establishing a database application. They include field definitions; field requirements and reporting requirements for the individual information in the database.
Dial-in access controls
Validity check
Database specifications
Private key
33. Refer to the transactions and data relating to each computer-based application system and are therefore specific to each such application. The objectives of application controls; which may be manual; or programmed; are to ensure the completeness and
Confidentiality
Web Services Description Language (WSDL)
Interest rate risk
Application controls
34. A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source
Terms of reference
Audit trail
Embedded audit module
Open systems
35. A programmed edit or routine that detects transposition and transcription errors by calculating and checking the check digit
Application security
Check digit verification (self-checking digit)
Business risk
Combined Code on Corporate Governance
36. The exchange of money via telecommunications. EFT refers to any financial transaction that originates at a terminal and transfers a sum of money from one account to another.
Business process reengineering (BPR)
Combined Code on Corporate Governance
Electronic funds transfer (EFT)
Source documents
37. Another term for an application programmer interface (API). It refers to the interfaces that allow programmers to access lower- or higher-level services by providing an intermediary layer that includes function calls to the services.
Middleware
Variable sampling
Real-time processing
Coaxial cable
38. Any intentional violation of the security policy of a system
e-commerce
Symmetric key encryption
Intrusion
Audit evidence
39. A consortium with more than 700 affiliates from the software industry. Its purpose is to provide a common framework for developing applications using object-oriented programming techniques. For example; OMG is known principally for promulgating the C
Payment system
Logical access controls
Applet
Object Management Group (OMG)
40. A collection of computer programs used in the design; processing and control of all applications. The programs and processing routines that control the computer hardware; including the operating system and utility programs. Refers to the operating sy
ASCII (American Standard Code for Information Interchange)
Database management system (DBMS)
System software
Smart card
41. An edit check designed to ensure the data in a particular field is numeric
DNS (domain name system)
Challenge/response token
Protocol converter
Numeric check
42. The total of any numeric data field on a document or computer file. This total is checked against a control total of the same field to facilitate accuracy of processing.
Hash total
Internal storage
Firewall
Virus
43. An integrated set of computer programs designed to serve a particular function that has specific input; processing and output activities (e.g.; general ledger; manufacturing resource planning; human resource management)
Password
Application system
Base case
Decryption key
44. Confidentiality concerns the protection of sensitive information from unauthorized disclosure
Source lines of code (SLOC)
Confidentiality
Risk
Operating system
45. Audit evidence is sufficient if it is adequate; convincing and would lead another IS auditor to form the same conclusions.
Sufficient audit evidence
End-user computing
Wide area network (WAN)
PPP (point-to-point protocol)
46. Detection on the basis of whether the system activity matched that defined as abnormal
Enterprise governance
Coupling
Anomaly detection
Recovery point objective (RPO)—
47. A protocol originally developed by Netscape Communications to provide a high level of security for its browser software. It has become accepted widely as a means of securing Internet message exchanges. It ensures confidentiality of the data in transm
Console log
Scure socket layer (SSL)
Spoofing
L2F (Layer 2 forwarding)
48. Used to ensure that input data agree with predetermined criteria stored in a table
System flowcharts
Intrusion detection
Table look-ups
Security software
49. The boundary defining the scope of control authority for an entity. For example; if a system is within the control perimeter; the right and ability exists to control it in response to an attack.
Point-of-sale systems (POS)
Control perimeter
Incremental testing
Test data
50. A type of LAN ring topology in which a frame containing a specific format; called the token; is passed from one station to the next around the ring. When a station receives the token; it is allowed to transmit. The station can send as many frames as
Asynchronous Transfer Mode (ATM)
Function point analysis
Token ring topology
COSO
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests