Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Consists of one or more web pages that may originate at one or more web server computers. A person can view the pages of a website in any order; as he or she would a magazine.






2. Systems for which detailed specifications of their components composition are published in a nonproprietary environment; thereby enabling competing organizations to use these standard components to build competitive systems. The advantages of using o






3. The process of determining what types of activities are permitted. Ordinarily; authorisation is in the context of authentication: once you have authenticated a user; he/she may be authorised to perform different types of access or activity






4. A resource whose loss will result in the loss of service or production






5. A policy whereby access is denied unless it is specifically allowed. The inverse of default allow.






6. A popular network protocol and cabling scheme that uses a bus topology and CSMA/CD (carrier sense multiple access/collision detection) to prevent network failures or collisions when two devices try to access the network at the same time






7. Special system software features and utilities that allow the user to perform complex system maintenance. Use of these exits often permits the user to operate outside of the security access control system.






8. The ability to map a given activity or event back to the responsible party






9. Comparing the system's performance to other equivalent systems using well defined benchmarks






10. Computer hardware that houses the electronic circuits that control/direct all operations of the computer system






11. The organization providing the outsourced service






12. To record details of information or events in an organized record-keeping system; usually sequenced in the order they occurred






13. Processing is achieved by entering information into the computer via a video display terminal. The computer immediately accepts or rejects the information; as it is entered.






14. The method or communication mode of routing data over the communication network (also see half duplex and full duplex)






15. It is composed of an insulated wire that runs through the middle of each cable; a second wire that surrounds the insulation of the inner wire like a sheath; and the outer insulation which wraps the second wire. Coaxial cable has a greater transmissio






16. An eight-digit/seven-bit code representing 128 characters; used in most small computers






17. The property that data meet with a priority expectation of quality and that the data can be relied upon






18. A response; in which the system (automatically or in concert with the user) blocks or otherwise affects the progress of a detected attack. The response takes one of three forms--amending the environment; collecting more information or striking back a






19. A programmed edit or routine that detects transposition and transcription errors by calculating and checking the check digit






20. A phone number that represents the area in which the communications provider or Internet service provider (ISP) provides service






21. Describes the design properties of a computer system that allow it to resist active attempts to attack or bypass it






22. A stored collection of related data needed by organizations and individuals to meet their information processing and retrieval requirements






23. A communications channel that can handle only one signal at a time. The two stations must alternate their transmissions.






24. A list of retracted certificates






25. The computer room and support areas






26. A data recovery strategy that takes a set of physically disparate disks and synchronously mirrors them over high performance communication lines. Any write to a disk on one side will result in a write on the other. The local write will not return unt






27. The transfer of data between separate computer processing sites/devices using telephone lines; microwave and/or satellite links






28. Is the risk to earnings or capital arising from a bank's inability to meet its obligations when they come due; without incurring unacceptable losses. Internet banking may increase deposit volatility from customers who maintain accounts solely on the






29. Disconnecting from the computer






30. A type of local area network (LAN) architecture in which each station is directly attached to a common communication channel. Signals transmitted over the channel take the form of messages. As each message passes along the channel; each station recei






31. Machine-readable instructions produced from a compiler or assembler program that has accepted and translated the source code






32. A statement of the position within the organization; including lines of reporting and the rights of access






33. Way of thinking; behaving; feeling; etc.






34. Promulgated through the World Wide Web Consortium; XML is a web-based application development technique that allows designers to create their own customized tags; thus; enabling the definition; transmission; validation and interpretation of data betw






35. In broadband; multiple channels are formed by dividing the transmission medium into discrete frequency segments. It generally requires the use of a modem.






36. The individual responsible for the safeguard and maintenance of all program and data files






37. Software used to create data to be used in the testing of computer programs






38. Refer to the transactions and data relating to each computer-based application system and are therefore specific to each such application. The objectives of application controls; which may be manual; or programmed; are to ensure the completeness and






39. Door and entry locks that are activated by such biometric features as voice; eye retina; fingerprint or signature






40. The range between the highest and lowest transmittable frequencies. It equates to the transmission capacity of an electronic line and is expressed in bytes per second or Hertz (cycles per second).






41. Faking the sending address of a transmission in order to gain illegal entry into a secure system






42. The systems development phase in which systems specifications and conceptual designs are developed; based on end-user needs and requirements






43. 1)A computer dedicated to servicing requests for resources from other computers on a network. Servers typically run network operating systems. 2)A computer that provides services to another computer (the client).






44. Controls over the acquisition; implementation; delivery and support of IS systems and services. They are made up of application controls plus those general controls not included in pervasive controls.






45. Programmed checking of data validity in accordance with predetermined criteria






46. Programs that are tested and evaluated before approval into the production environment. Test programs; through a series of change control moves; migrate from the test environment to the production environment and become production programs.






47. A group of computers connected by a communications network; where the client is the requesting machine and the server is the supplying machine. Software is specialized at both ends. Processing may take place on either the client or the server but it






48. An evaluation of any part of an implementation project (e.g.; project management; test plans; user acceptance testing procedures)






49. A small electronic device that contains electronic memory; and possibly an embedded integrated circuit. It can be used for a number of purposes including the storage of digital certificates or digital cash; or it can be used as a token to authenticat






50. Simulated transactions that can be used to test processing logic; computations and controls actually programmed in computer applications. Individual programs or an entire system can be tested. This technique includes Integrated Test Facilities (ITFs)