SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A deficiency in the design or operation of a control procedure. Control weaknesses can potentially result in risks relevant to the area of activity not being reduced to an acceptable level (relevant risks are those that threaten achievement of the ob
Coverage
File
Test generators
Control weakness
2. An ASP that also provides outsourcing of business processes such as payment processing; sales order processing and application development
TCP (transmission control protocol)
BSP (business service provider)
Filtering router
Assembly language
3. The accuracy and completeness of information as well as to its validity in accordance with business values and expectations
General computer controls
Integrity
Partitioned file
Downloading
4. These controls exist to detect and report when errors; omissions and unauthorized uses or entries occur.
Production software
Detective controls
Open systems
Function point analysis
5. An evaluation of any part of an implementation project (e.g.; project management; test plans; user acceptance testing procedures)
Extensible Markup Language (XML)
Application proxy
Computer server
Application implementation review
6. A collection of related information treated as a unit. Separate fields within the record are used for processing of the information.
Operating system
Record
Central office (CO)
Source code
7. Specialized security checker that tests user's passwords; searching for passwords that are easy to guess by repeatedly trying words from specially crafted dictionaries. Failing that; many password crackers can brute force all possible combinations in
Password cracker
X.25
Program narratives
Hardware
8. The process of transmitting messages in convenient pieces that can be reassembled at the destination
Adjusting period
Check digit verification (self-checking digit)
Packet switching
Teleprocessing
9. Those policies and procedures implemented to achieve a related control objective
Data Encryption Standard (DES)
Bus
Controls (Control procedures)
Protection domain
10. A language used to control run routines in connection with performing tasks on a computer
Piggy backing
Computer-aided software engineering (CASE)
Promiscuous mode
Job control language (JCL)
11. Used to ensure that input data agree with predetermined criteria stored in a table
Table look-ups
Salami technique
Librarian
Interface testing
12. First; it denotes the planning and management of resources in an enterprise. Second; it denotes a software system that can be used to manage whole business processes; integrating purchasing; inventory; personnel; customer service; shipping; financial
Enterprise resource planning
Generalized audit software
Application maintenance review
Wiretapping
13. A high level description of the audit work to be performed in a certain period of time (ordinarily a year). It includes the areas to be audited; the type of work planned; the high level objectives and scope of the work; and topics such as budget; res
Full duplex
Open systems
Trojan horse
Audit plan
14. A testing technique that is used to test program logic within a particular program or module. The purpose of the test is to ensure that the program meets system development guidelines and does not abnormally end during processing.
Cohesion
Edit controls
Request for proposal (RFP)
Unit testing
15. An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing
Abend
Multiplexor
Business impact analysis (BIA)
Systems acquisition process
16. A sampling technique that estimates the amount of overstatement in an account balance
Default password
Bar code
Certificate authority (CA)
Monetary unit sampling
17. Files; equipment; data and procedures available for use in the event of a failure or loss; if the originals are destroyed or out of service
Sniff
Local loop
Audit program
Backup
18. The potential loss to an area due to the occurrence of an adverse event
Exposure
Recovery point objective (RPO)—
Test data
Split data systems
19. An IS backup facility that has the necessary electrical and physical components of a computer facility; but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the user
Service provider
Application layer
Cold site
Credentialed analysis
20. Analysis that is performed on a continuous basis; with results gained in time to alter the run-time system
Teleprocessing
Challenge/response token
Real-time analysis
Discovery sampling
21. A standardized body of data created for testing purposes. Users normally establish the data. Base case validates production application systems and tests the ongoing accurate operation of the system.
HTTPS (hyper text transfer protocol secure)
Risk assessment
Decentralization
Bar case
22. A piece of information; in a digitized form; used by an encryption algorithm to convert the plaintext to the ciphertext
Circuit-switched network
Terms of reference
Encryption key
Production programs
23. In vulnerability analysis; gaining information by performing checks that affects the normal operation of the system; even crashing the system
Components (as in component-based development)
Useful audit evidence
Modem (modulator-demodulator)
Intrusive monitoring
24. An international consortium founded in 1994 of affiliates from public and private organizations involved with the Internet and the web. The W3C's primary mission is to promulgate open standards to further enhance the economic growth of Internet web s
Ethernet
World Wide Web Consortium (W3C)
Enterprise governance
Polymorphism (objects)
25. The practice of eavesdropping on information being transmitted over telecommunications links
Exception reports
Cathode ray tube (CRT)
Dial-back
Wiretapping
26. Program flowcharts show the sequence of instructions in a single program or subroutine. The symbols used should be the internationally accepted standard. Program flowcharts should be updated when necessary.
Residual risk
RFC (request for comments)
Program flowcharts
Business-to-consumer e-commerce (B2C)
27. Control Objectives for Information and related Technology; the international set of IT control objectives published by ISACF;® 2000; 1998; 1996
Application programming interface (API)
COBIT
Anonymity
Master file
28. The Internet standards setting organization with affiliates internationally from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet.
Recovery point objective (RPO)—
Promiscuous mode
e-commerce
Internet Engineering Task Force (IETF)
29. Used in data encryption; it uses an encryption key; as a public key; to encrypt the plaintext to the ciphertext. It uses the different decryption key; as a secret key; to decrypt the ciphertext to the corresponding plaintext. In contrast to a private
Audit risk
Control Objectives for Enterprise Governance
Public key cryptosystem
liquidity risk
30. An organized assembly of resources and procedures required to collect; process and distribute data for use in decision making
Management information system (MIS)
Request for proposal (RFP)
ACK (acknowledgement)
Real-time processing
31. A utility program that combines several separately compiled modules into one; resolving internal references between them
Security testing
Link editor (linkage editor)
Computer-aided software engineering (CASE)
Tuple
32. The possibility of an act or event occurring that would have an adverse effect on the organization and its information systems
ISP (Internet service provider)
Base case
UDP (User Datagram Protocol)
Risk
33. The process of distributing computer processing to different locations within an organization
Dry-pipe fire extinguisher system
Reasonable assurance
Packet switching
Decentralization
34. A networking device that can send (route) data packets from one local area network (LAN) or wide area network (WAN) to another; based on addressing at the network layer (Layer 3) in the OSI model. Networks connected by routers can use different or si
Router
BSP (business service provider)
Executable code
Geographic disk mirroring
35. An entity that may be given responsibility for performing some of the administrative tasks necessary in the registration of subjects; such as confirming the subject's identity; validating that the subject is entitled to have the attributes requested
Registration authority (RA)
Fault tolerance
Noise
Rotating standby
36. A router that is configured to control network access by comparing the attributes of the incoming or outgoing packets to a set of rules
Artificial intelligence
Dial-back
Filtering router
Remote procedure calls (RPCs)
37. The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all the others. The beauty of replication is th
Hot site
Cold site
Extensible Markup Language (XML)
Database replication
38. A methodology that enables organisations to develop strategically important systems faster; while reducing development costs and maintaining quality by using a series of proven application development techniques; within a well-defined methodology.
Rapid application development
Monitoring policy
Consumer
Active response
39. In intrusion detection; an error that occurs when an attack is misdiagnosed as a normal activity
False negative
Data-oriented systems development
Cryptography
Access rights
40. An exchange rate; which can be used optionally to perform foreign currency conversion. The corporate exchange rate is generally a standard market rate determined by senior financial management for use throughout the organization.
Active recovery site (mirrored)
Corporate exchange rate
Certificate Revocation List
IEEE (Institute of Electrical and Electronics Engineers)--Pronounced I-triple-E
41. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame
Operational audit
Frame relay
End-user computing
Reasonable assurance
42. Point at which terminals are given access to a network
Population
Strategic risk
Public key
Node
43. A flag set in a packet to indicate to the sender that the previous packet sent was accepted correctly by the receiver without errors; or that the receiver is now ready to accept a transmission
ACK (acknowledgement)
Dynamic analysis
browser
Electronic vaulting
44. Inheritance refers to database structures that have a strict hierarchy (no multiple inheritance). Inheritance can initiate other objects irrespective of the class hierarchy; thus there is no strict hierarchy of objects.
Hyperlink
Anomaly detection
Inheritance (objects)
Appearance
45. A data transmission service requiring the establishment of a circuit-switched connection before data can be transferred from source data terminal equipment (DTE) to a sink DTE. A circuit-switched data transmission service uses a connection network.
Sampling risk
Circuit-switched network
Console log
Optical character recognition
46. The entire set of data from which a sample is selected and about which the IS auditor wishes to draw conclusions
Intrusion
TCP (transmission control protocol)
Single point of failure
Population
47. Use of the Internet as a remote delivery channel for banking services. Services include the traditional ones; such as opening an account or transferring funds to different accounts; and new banking services; such as electronic bill presentment and pa
Internet banking
Bridge
world wide web (WWW)
Dumb terminal
48. Members of the operations area that are responsible for the collection; logging and submission of input for the various user groups
Control group
Rounding down
Electronic funds transfer (EFT)
IP (Internet protocol)
49. Detects errors in the input portion of information that is sent to the computer for processing. The controls may be manual or automated and allow the user to edit data errors before processing.
Polymorphism (objects)
Edit controls
Dumb terminal
Inherent risk
50. Computer programs provided by a computer hardware manufacturer or software vendor and used in running the system. This technique can be used to examine processing activities; to test programs; system activities and operational procedures; to evaluate
Ciphertext
Utility software
Program evaluation and review technique (PERT)
Asymmetric key (public key)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests