SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Testing an application with large quantities of data to evaluate its performance during peak periods. It also is called volume testing.
Run-to-run totals
Capacity stress testing
Systems acquisition process
Node
2. Wiring devices that may be inserted into communication links for use with analysis probes; LAN analyzers and intrusion detection security systems
Taps
Parallel simulation
Application acquisition review
Permanent virtual circuit (PVC)
3. A complex set of software programs that control the organization; storage and retrieval of data in a database. It also controls the security and integrity of the database.
Analog
Database management system (DBMS)
Electronic signature
Production programs
4. A system that authentically distributes users' public keys using certificates
Public key infrastructure
Central processing unit (CPU)
Evidence
Protocol stack
5. A top-down technique of designing programs and systems. It makes programs more readable; more reliable and more easily maintained.
Administrative controls
Full duplex
Structured programming
Binary code
6. A deficiency in the design or operation of a control procedure. Control weaknesses can potentially result in risks relevant to the area of activity not being reduced to an acceptable level (relevant risks are those that threaten achievement of the ob
Control weakness
Rounding down
Public key infrastructure
Range check
7. Emergency processing agreements between two or more organizations with similar equipment or applications. Typically; participants promise to provide processing time to each other when an emergency arises.
Reciprocal agreement
Remote job entry (RJE)
Diskless workstations
Record
8. A sampling technique that estimates the amount of overstatement in an account balance
Information engineering
Monetary unit sampling
Uninterruptible power supply (UPS)
Spoofing
9. An attack capturing sensitive pieces of information; such as passwords; passing through the network
Offline files
Sniffing
Monetary unit sampling
Compiler
10. This approach allows IS auditors to monitor system reliability on a continuous basis and to gather selective audit evidence through the computer.
Uploading
Packet switching
Operating system
Continuous auditing approach
11. A private network that is configured within a public network. For years; common carriers have built VPNs that appear as private national or international networks to the customer; but physically share backbone trunks with other customers. VPNs enjoy
Cold site
Virtual private network (VPN)
Proxy server
Business process reengineering (BPR)
12. Character-at-a-time transmission
Exception reports
X.25
Data integrity
Asynchronous transmission
13. The list of rules and/or guidance that is used to analyze event data
Rulebase
Local loop
Test data
Electronic data interchange (EDI)
14. The act of giving the idea or impression of being or doing something
Baseband
Systems development life cycle (SDLC)
Compensating control
Appearance
15. The process of transmitting messages in convenient pieces that can be reassembled at the destination
Format checking
Integrated services digital network (ISDN)
Packet switching
Service provider
16. The area of the system that the intrusion detection system is meant to monitor and protect
Protection domain
Access control
TCP (transmission control protocol)
Trojan horse
17. The process of taking an unencrypted message (plaintext); applying a mathematical function to it (encryption algorithm with a key) and producing an encrypted message (ciphertext)
Packet switching
Encryption
browser
Dumb terminal
18. A group of budgets linked together at different levels such that the budgeting authority of a lower-level budget is controlled by an upper-level budget.
Black box testing
Budget hierarchy
Database administrator (DBA)
Worm
19. A system software tool that logs; monitors and directs computer tape usage
Variable sampling
Tape management system (TMS)
Nonrepudiable trnasactions
World Wide Web Consortium (W3C)
20. The act of connecting to the computer. It typically requires entry of a user ID and password into a computer terminal.
Middleware
Sufficient audit evidence
Logon
Pervasive IS controls
21. A file format in which the file is divided into multiple subfiles and a directory is established to locate each subfile
Internal control
Console log
ISP (Internet service provider)
Partitioned file
22. A document which defines the IS audit function's responsibility; authority and accountability
Audit charter
Repudiation
End-user computing
Penetration testing
23. A layer within the International Organization for Standardization (ISO)/Open Systems Interconnection (OSI) model. It is used in information transfers between users through application programs and other devices. In this layer various protocols are ne
Application layer
Application programming interface (API)
Hexadecimal
Dial-in access controls
24. An evaluation of any part of a project to perform maintenance on an application system (e.g.; project management; test plans; user acceptance testing procedures)
Hypertext
Benchmark
Certificate authority (CA)
Application maintenance review
25. Control Objectives for Information and related Technology; the international set of IT control objectives published by ISACF;® 2000; 1998; 1996
Public key cryptosystem
Limit check
COBIT
Certificate Revocation List
26. The property that data meet with a priority expectation of quality and that the data can be relied upon
Anomaly detection
Record; screen and report layouts
Virtual private network (VPN)
Data integrity
27. Also known as ''automated remote journaling of redo logs.'' A data recovery strategy that is similar to electronic vaulting; except that instead of transmitting several transaction batches daily; the archive logs are shipped as they are created.'
Database
Transaction protection
LDAP (Lightweight Directory Access Protocol)
Inheritance (objects)
28. An evaluation of any part of an implementation project (e.g.; project management; test plans; user acceptance testing procedures)
Signatures
Artificial intelligence
Application implementation review
DoS (denial-of-service) attack
29. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.
Anonymous File Transfer Protocol (FTP)
price risk
HTTP (hyper text transfer protocol)
Third-party review
30. A type of LAN ring topology in which a frame containing a specific format; called the token; is passed from one station to the next around the ring. When a station receives the token; it is allowed to transmit. The station can send as many frames as
Token ring topology
Engagement letter
Security testing
Access control table
31. The processing of a group of transactions at the same time. Transactions are collected and processed against the master files at a specified time.
Terms of reference
Useful audit evidence
Due care
Batch processing
32. An eight-bit code representing 256 characters; used in most large computer systems
Masking
File
Pervasive IS controls
Extended Binary-coded Decimal Interchange Code (EBCDIC)
33. Group of people responsible for a project; whose terms of reference may include the development; acquisition; implementation or maintenance of an application system. The team members may include line management; operational line staff; external contr
Fail-safe
Data security
Project team
Default deny policy
34. A language used to control run routines in connection with performing tasks on a computer
Integrity
Biometrics
Job control language (JCL)
Reverse engineering
35. A protocol for packet-switching networks
Attribute sampling
X.25
Top-level management
Interface testing
36. A security technique that verifies an individual's identity by analyzing a unique physical attribute; such as a handprint
Statistical sampling
Substantive testing
Exposure
Biometrics
37. The potential loss to an area due to the occurrence of an adverse event
Exposure
Logoff
Anonymity
Screening routers
38. Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective; a bank focuses on the sensitivity of the value of its assets; liabilities and revenues to changes in interest rates. Internet banking may attra
Budget formula
Logs/Log file
Transaction protection
Interest rate risk
39. A hardware/software package that is used to connect networks with different protocols. The gateway has its own processor and memory and can perform protocol and bandwidth conversions.
Statistical sampling
Application programming
Gateway
Production programs
40. Specifies the length of the file's record and the sequence and size of its fields. A file layout also will specify the type of data contained within each field. For example; alphanumeric; zoned decimal; packed and binary are types of data.
Segregation/separation of duties
Database specifications
Computer server
File layout
41. Promulgated through the World Wide Web Consortium; XML is a web-based application development technique that allows designers to create their own customized tags; thus; enabling the definition; transmission; validation and interpretation of data betw
Middleware
Hyperlink
Extensible Markup Language (XML)
Rapid application development
42. Patterns indicating misuse of a system
Signatures
Log
Quick ship
Hash total
43. Programs that provide assurance that the software being audited is the correct version of the software; by providing a meaningful listing of any discrepancies between the two versions of the program
Synchronous transmission
Due professional care
Spanning port
Source code compare programs
44. Error control deviations (compliance testing) or misstatements (substantive testing)
Reverse engineering
Application implementation review
Nonrepudiation
Error
45. A program that processes actions upon business data; such as data entry; update or query. It contrasts with systems program; such as an operating system or network control program; and with utility programs; such as copy or sort.
Assembler
Backup
Database specifications
Application program
46. Audit evidence is relevant if it pertains to the audit objectives and has a logical relationship to the findings and conclusions it is used to support.
Format checking
Wide area network (WAN)
Relevant audit evidence
Echo checks
47. The area of the central processing unit that performs mathematical and analytical operations
Arithmetic-logic unit (ALU)
Application system
Protocol
Due care
48. An approach to system development where the basic unit of attention is an object; which represents an encapsulation of both data (an object's attributes) and functionality (an object's methods). Objects usually are created using a general template ca
False positive
Object orientation
Intrusion detection
Memory dump
49. To apply a variable; alternating current (AC) field for the purpose of demagnetizing magnetic recording media. The process involves increasing the AC field gradually from zero to some maximum value and back to zero; which leaves a very low residue of
Teleprocessing
Controls (Control procedures)
Trusted processes
Degauss
50. A data recovery strategy that allows organizations to recover data within hours after a disaster. It includes recovery of data from an offsite storage media that mirrors data via a communication link. Typically used for batch/journal updates to criti
Interest rate risk
Electronic vaulting
Source code
Honey pot
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests