Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The systems development phase in which systems specifications and conceptual designs are developed; based on end-user needs and requirements






2. A storage facility located away from the building housing the primary information processing facility (IPF); used for storage of computer media such as offline backup data and storage files






3. Any situation or event that has the potential to harm a system






4. A discussion document which sets out an ''Enterprise Governance Model'' focusing strongly on both the enterprise business goals and the information technology enablers which facilitate good enterprise governance; published by the Information Systems






5. The time it takes a system and network delay to respond. System latency is the time a system takes to retrieve data. Network latency is the time it takes for a packet to travel from source to the final destination.






6. The roles; scope and objectives documented in the service level agreement between management and audit






7. Connects a terminal or computer to a communications network via a telephone line. Modems turn digital pulses from the computer into frequencies within the audio range of the telephone system. When acting in the receiver capacity; a modem decodes inco






8. The physical layout of how computers are linked together. Examples include ring; star and bus.






9. Is an electronic pathway that may be displayed in the form of highlighted text; graphics or a button that connects one web page with another web page address.






10. Wiring devices that may be inserted into communication links for use with analysis probes; LAN analyzers and intrusion detection security systems






11. Availability relates to information being available when required by the business process now and in the future. It also concerns the safeguarding of necessary resources and associated capabilities.






12. Refers to the processes by which organisations conduct business electronically with their customers and or public at large using the Internet as the enabling technology.






13. The ability of end users to design and implement their own information system utilizing computer software products






14. A multiuser; multitasking operating system that is used widely as the master control program in workstations and especially servers






15. The use of software packages that aid in the development of all phases of an information system. System analysis; design programming and documentation are provided. Changes introduced in one CASE chart will update all other related charts automatical






16. The highest level of management in the organization; responsible for direction and control of the organization as a whole (such as director; general manager; partner; chief officer and executive manager).






17. An approach used to plan; design; develop; test and implement an application system or a major modification to an application system. Typical phases include the feasibility study; requirements study; requirements definition; detailed design; programm






18. Glass fibers that transmit binary signals over a telecommunications network. Fiber optic systems have low transmission losses as compared to twisted-pair cables. They do not radiate energy or conduct electricity. They are free from corruption and lig






19. Standard that defines how global directories should be structured. X.500 directories are hierarchical with different levels for each category of information; such as country; state and city.






20. The risk to earnings or capital arising from an obligor's failure to meet the terms of any contract with the bank or otherwise to perform as agreed. Internet banking provides the opportunity for banks to expand their geographic range. Customers can r






21. First; it denotes the planning and management of resources in an enterprise. Second; it denotes a software system that can be used to manage whole business processes; integrating purchasing; inventory; personnel; customer service; shipping; financial






22. Controls; other than application controls; which relate to the environment within which computer-based application systems are developed; maintained and operated; and which are therefore applicable to all applications. The objectives of general contr






23. In intrusion detection; an error that occurs when an attack is misdiagnosed as a normal activity






24. Universal Description; Discovery and Integration






25. Controls over the acquisition; implementation; delivery and support of IS systems and services. They are made up of application controls plus those general controls not included in pervasive controls.






26. A set of protocols developed by the IETF to support the secure exchange of packets






27. A complex set of software programs that control the organization; storage and retrieval of data in a database. It also controls the security and integrity of the database.






28. Computer file storage media not physically connected to the computer; typically tapes or tape cartridges used for backup purposes






29. In a passive assault; intruders attempt to learn some characteristic of the data being transmitted. They may be able to read the contents of the data so the privacy of the data is violated. Alternatively; although the content of the data itself may r






30. A program for the examination of data; using logical or conditional tests to determine or to identify similarities or differences






31. A popular network protocol and cabling scheme that uses a bus topology and CSMA/CD (carrier sense multiple access/collision detection) to prevent network failures or collisions when two devices try to access the network at the same time






32. Individuals; normally managers or directors; who have responsibility for the integrity; accurate reporting and use of computerized data






33. Self-governance and freedom from conflict of interest and undue influence. The IS auditor should be free to make his/her own decisions; not influenced by the organization being audited and its people (managers and employers).






34. An audit designed to determine the accuracy of financial records and information






35. A standardized body of data created for testing purposes. Users normally establish the data. Base case validates production application systems and tests the ongoing accurate operation of the system.






36. A permanent connection between hosts in a packet switched network






37. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.






38. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).






39. Range checks ensure that data fall within a predetermined range (also see limit checks).






40. Is the risk to earnings or capital arising from violations of; or nonconformance with; laws; rules; regulations; prescribed practices or ethical standards. Banks are subject to various forms of legal risk. This can include the risk that assets will t






41. A communications channel over which data can be sent and received simultaneously






42. Refers to the security aspects supported by the ERP; primarily with regard to the roles or responsibilities and audit trails within the applications






43. The assurance that a party cannot later deny originating data; that it is the provision of proof of the integrity and origin of the data which can be verified by a third party. Nonrepudiation may be provided by a digital signature.






44. A language used to control run routines in connection with performing tasks on a computer






45. An international standard that defines information confidentiality; integrity and availability controls






46. Comparing the system's performance to other equivalent systems using well defined benchmarks






47. Detection on the basis of whether the system activity matches that defined as bad






48. Also known as traditional development; it is a very procedure-focused development cycle with formal sign-off at the completion of each level.






49. The proportion of known attacks detected by an intrusion detection system






50. The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests