Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The dynamic; integrated processes; effected by the governing body; management and all other staff; that are designed to provide reasonable assurance regarding the achievement of the following general objectives: Effectiveness; efficiency and economy






2. A disk access method that stores data sequentially; while also maintaining an index of key fields to all the records in the file for direct access capability






3. Programs and supporting documentation that enable and facilitate use of the computer. Software controls the operation of the hardware.






4. A recurring journal entry used to allocate revenues or costs. For example; an allocation entry could be defined to allocate costs to each department based on headcount.






5. The router at the extreme edge of the network under control; usually connected to an ISP or other service provider; also known as border router






6. The interface between the user and the system






7. A version of the Windows operating system that supports preemptive multitasking






8. An attack capturing sensitive pieces of information; such as passwords; passing through the network






9. The roles; scope and objectives documented in the service level agreement between management and audit






10. Point at which terminals are given access to a network






11. The act of capturing network packets; including those not necessarily destined for the computer running the sniffing software






12. The objectives of management that are used as the framework for developing and implementing controls (control procedures).






13. Hardware devices; such as asynchronous and synchronous transmissions; that convert between two different types of transmission






14. The transfer of service from an incapacitated primary component to its backup component






15. A named collection of related records






16. A pair of small; insulated wires that are twisted around each other to minimize interference from other wires in the cable. This is a low-capacity transmission medium.






17. An implementation of DNS intended to secure responses provided by the server such that different responses are given to internal vs. external users






18. Audit evidence is reliable if; in the IS auditor's opinion; it is valid; factual; objective and supportable.






19. A methodology that enables organisations to develop strategically important systems faster; while reducing development costs and maintaining quality by using a series of proven application development techniques; within a well-defined methodology.






20. The risk that the IS auditor's substantive procedures will not detect an error which could be material; individually or in combination with other errors






21. A network monitoring and data acquisition tool that performs filter translation; packet acquisition and packet display






22. The boundary that defines the area of security concern and security policy coverage






23. Asoftware testing technique whereby the internal workings of the item being tested are not known by the tester. For example - in a black box test on a software design the tester only knows the inputs and what the expected outcomes should be and not h






24. A viewable screen displaying information; presented through a web browser in a single view sometimes requiring the user to scroll to review the entire page. A bank web page may display the bank's logo; provide information about bank products and serv






25. A display terminal without processing capability. Dumb terminals are dependent upon the main computer for processing. All entered data are accepted without further editing or validation.






26. The policies; procedures; practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected.






27. The password used to gain access when a system is first installed on a computer or network device. There is a large list published on the Internet and maintained at several locations. Failure to change these after the installation leaves the system v






28. A protocol for accessing a secure web server; whereby all data transferred is encrypted






29. Encapsulation is the technique used by layered protocols in which a lower layer protocol accepts a message from a higher layer protocol and places it in the data portion of a frame in the lower layer.






30. A technique used to determine the size of a development task; based on the number of function points. Function points are factors such as inputs; outputs; inquiries and logical internal sites.






31. The relationships among files in a database and among data items within each file






32. Criteria Of Control; published by the Canadian Institute of Chartered Accountants in 1995






33. A computer program or series of programs designed to perform certain automated functions. These functions include reading computer files; selecting data; manipulating data; sorting data; summarizing data; performing calculations; selecting samples an






34. A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser.






35. Audit evidence is useful if it assists the IS auditors in meeting their audit objectives.






36. Applications that detect; prevent and possibly remove all known viruses from files located in a microcomputer hard drive






37. Performance measurement of service delivery including cost; timeliness and quality against agreed service levels






38. The current and prospective effect on earnings and capital arising from negative public opinion. This affects the bank's ability to establish new relationships or services or continue servicing existing relationships. Reputation risk may expose the b






39. An engagement where management does not make a written assertion about the effectiveness of their control procedures; and the IS auditor provides an opinion about subject matter directly; such as the effectiveness of the control procedures






40. A program that takes as input a program written in assembly language and translates it into machine code or relocatable code






41. A common connection point for devices in a network; hubs commonly are used to connect segments of a LAN. A hub contains multiple ports. When a packet arrives at one port; it is copied to the other ports so that all segments of the LAN can see all pac






42. A procedure designed to ensure that no fields are missing from a record






43. A document that has been approved by the IETF becomes an RFC and is assigned a unique number once published. If it gains enough interest; it may evolve into an Internet standard.






44. A test that has been designed to evaluate the performance of a system. In a benchmark test; a system is subjected to a known workload and the performance of the system against this workload is measured. Typically; the purpose is to compare the measur






45. A document distributed to software vendors requesting them to submit a proposal to develop or provide a software product






46. A test to check the system's ability to recover after a software or hardware failure






47. The technique used for selecting records in a file; one at a time; for processing; retrieval or storage. The access method is related to; but distinct from; the file organization that determines how the records are stored.






48. The Internet standards setting organization with affiliates internationally from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet.






49. The denial by one of the parties to a transaction or participation in all or part of that transaction or of the content of communications related to that transaction.






50. A computer program or set of programs that perform the processing of records for a specific function







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests