SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISA Certified Information Systems Auditor Vocab
Start Test
Study First
Subjects
:
certifications
,
cisa
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The dynamic; integrated processes; effected by the governing body; management and all other staff; that are designed to provide reasonable assurance regarding the achievement of the following general objectives: Effectiveness; efficiency and economy
Virus
Internal control structure
Tuple
Surge suppressor
2. A disk access method that stores data sequentially; while also maintaining an index of key fields to all the records in the file for direct access capability
DNS (domain name system)
Information engineering
Detailed IS ontrols
Indexed sequential access method (ISAM)
3. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.
Judgment sampling
Ciphertext
ISP (Internet service provider)
Software
4. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.
Performance indicators
System testing
Allocation entry
Hub
5. The router at the extreme edge of the network under control; usually connected to an ISP or other service provider; also known as border router
Trusted processes
Salami technique
Control risk
External router
6. The interface between the user and the system
Decryption key
Shell
Privacy
Independent appearance
7. A version of the Windows operating system that supports preemptive multitasking
Integrated test facilities (ITF)
Electronic funds transfer (EFT)
Windows NT
Finger
8. An attack capturing sensitive pieces of information; such as passwords; passing through the network
Verification
Nonrepudiable trnasactions
Control objective
Sniffing
9. The roles; scope and objectives documented in the service level agreement between management and audit
Remote procedure calls (RPCs)
Source code compare programs
Audit responsibility
Access path
10. Point at which terminals are given access to a network
Inheritance (objects)
Interface testing
Authorization
Node
11. The act of capturing network packets; including those not necessarily destined for the computer running the sniffing software
Input controls
Multiplexor
Sniff
Anomaly
12. The objectives of management that are used as the framework for developing and implementing controls (control procedures).
Middleware
Payment system
Database specifications
Control objective
13. Hardware devices; such as asynchronous and synchronous transmissions; that convert between two different types of transmission
Protocol converter
Source documents
Availability
Application software tracing and mapping
14. The transfer of service from an incapacitated primary component to its backup component
Fail-over
Bulk data transfer
ICMP (internet control message protocol)
Encryption key
15. A named collection of related records
Performance testing
Format checking
Business risk
File
16. A pair of small; insulated wires that are twisted around each other to minimize interference from other wires in the cable. This is a low-capacity transmission medium.
Indexed sequential access method (ISAM)
Registration authority (RA)
Logs/Log file
Twisted pairs
17. An implementation of DNS intended to secure responses provided by the server such that different responses are given to internal vs. external users
Optical character recognition
Split DNS
Project team
Decryption key
18. Audit evidence is reliable if; in the IS auditor's opinion; it is valid; factual; objective and supportable.
Format checking
Reliable audit evidence
Business process reengineering (BPR)
Dial-back
19. A methodology that enables organisations to develop strategically important systems faster; while reducing development costs and maintaining quality by using a series of proven application development techniques; within a well-defined methodology.
Appearance
Rapid application development
e-commerce
Object code
20. The risk that the IS auditor's substantive procedures will not detect an error which could be material; individually or in combination with other errors
Cluster controller
Coupling
System exit
Detection risk
21. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display
Access control table
RADIUS
Tcpdump
Dial-in access controls
22. The boundary that defines the area of security concern and security policy coverage
Security perimeter
Duplex routing
Cryptography
Manual journal entry
23. Asoftware testing technique whereby the internal workings of the item being tested are not known by the tester. For example - in a black box test on a software design the tester only knows the inputs and what the expected outcomes should be and not h
Blackbox testing
Handprint scanner
SMTP (Simple Mail Transport Protocol)
ICMP (internet control message protocol)
24. A viewable screen displaying information; presented through a web browser in a single view sometimes requiring the user to scroll to review the entire page. A bank web page may display the bank's logo; provide information about bank products and serv
Single point of failure
Web page
Dynamic analysis
Private key cryptosystems
25. A display terminal without processing capability. Dumb terminals are dependent upon the main computer for processing. All entered data are accepted without further editing or validation.
Uploading
Dumb terminal
Extensible Markup Language (XML)
Protocol stack
26. The policies; procedures; practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected.
Internal control
Production programs
Security perimeter
Structured Query Language (SQL)
27. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v
Default password
Fail-over
Bridge
Hyperlink
28. A protocol for accessing a secure web server; whereby all data transferred is encrypted
Parallel testing
Certificate authority (CA)
Audit
HTTPS (hyper text transfer protocol secure)
29. Encapsulation is the technique used by layered protocols in which a lower layer protocol accepts a message from a higher layer protocol and places it in the data portion of a frame in the lower layer.
System flowcharts
Encapsulation (objects)
Audit expert systems
Assembler
30. A technique used to determine the size of a development task; based on the number of function points. Function points are factors such as inputs; outputs; inquiries and logical internal sites.
TACACS+ (terminal access controller access control system plus)
Function point analysis
Residual risk
Fourth generation language (4GL)
31. The relationships among files in a database and among data items within each file
Data structure
Circular routing
Transaction log
Decision support systems (DSS)
32. Criteria Of Control; published by the Canadian Institute of Chartered Accountants in 1995
Filtering router
COCO
Internet Inter-ORB Protocol (IIOP)
Completeness check
33. A computer program or series of programs designed to perform certain automated functions. These functions include reading computer files; selecting data; manipulating data; sorting data; summarizing data; performing calculations; selecting samples an
Audit authority
Default password
Generalized audit software
Static analysis
34. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.
HTTP (hyper text transfer protocol)
RS-232 interface
Spool (simultaneous peripheral operations online)
Continuity
35. Audit evidence is useful if it assists the IS auditors in meeting their audit objectives.
Useful audit evidence
Security management
Reciprocal agreement
Data communications
36. Applications that detect; prevent and possibly remove all known viruses from files located in a microcomputer hard drive
Table look-ups
Antivirus software
Capacity stress testing
Online data processing
37. Performance measurement of service delivery including cost; timeliness and quality against agreed service levels
Audit accountability
Audit responsibility
Internal penetrators
Cold site
38. The current and prospective effect on earnings and capital arising from negative public opinion. This affects the bank's ability to establish new relationships or services or continue servicing existing relationships. Reputation risk may expose the b
Segregation/separation of duties
Telnet
Reputational risk
Asynchronous Transfer Mode (ATM)
39. An engagement where management does not make a written assertion about the effectiveness of their control procedures; and the IS auditor provides an opinion about subject matter directly; such as the effectiveness of the control procedures
Direct reporting engagement
Asymmetric key (public key)
Cleartext
Offline files
40. A program that takes as input a program written in assembly language and translates it into machine code or relocatable code
Nonrepudiation
Assembler
browser
price risk
41. A common connection point for devices in a network; hubs commonly are used to connect segments of a LAN. A hub contains multiple ports. When a packet arrives at one port; it is copied to the other ports so that all segments of the LAN can see all pac
Risk assessment
Hub
Feasibility study
Password
42. A procedure designed to ensure that no fields are missing from a record
Application implementation review
Completeness check
Electronic cash
Reasonable assurance
43. A document that has been approved by the IETF becomes an RFC and is assigned a unique number once published. If it gains enough interest; it may evolve into an Internet standard.
Token ring topology
RFC (request for comments)
X.25 interface
Access control
44. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur
Benchmark
Business process reengineering (BPR)
Systems analysis
Audit objective
45. A document distributed to software vendors requesting them to submit a proposal to develop or provide a software product
Request for proposal (RFP)
Baud rate
Warm-site
Decryption
46. A test to check the system's ability to recover after a software or hardware failure
Gateway
Data diddling
Recovery testing
Check digit
47. The technique used for selecting records in a file; one at a time; for processing; retrieval or storage. The access method is related to; but distinct from; the file organization that determines how the records are stored.
Run-to-run totals
browser
Packet
Access method
48. The Internet standards setting organization with affiliates internationally from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet.
Substantive testing
Object Management Group (OMG)
Security testing
Internet Engineering Task Force (IETF)
49. The denial by one of the parties to a transaction or participation in all or part of that transaction or of the content of communications related to that transaction.
File layout
Repudiation
Preventive controls
Distributed data processing network
50. A computer program or set of programs that perform the processing of records for a specific function
Warm-site
Continuous auditing approach
Application
Adjusting period
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests