CISA Exam Essentials: Key Concepts and Definitions, Exams of Business Statistics

A concise overview of key concepts related to the cisa (certified information systems auditor) exam. It covers topics such as source code, object code, risk management (inherent, control, detection, and audit risk), and various testing methodologies (compliance, substantive, regression, sociability, parallel, white box, and black box). Additionally, it includes definitions and explanations of network components like routers, switches, hubs, and bridges, as well as database concepts such as primary and foreign keys, referential integrity, and normalization. The document also touches on the osi model and its layers, providing a foundational understanding of network communication. Useful for students and professionals preparing for the cisa exam or seeking a quick reference guide to essential it audit and security concepts. (449 characters)

Typology: Exams

2024/2025

Available from 05/24/2025

locaz-turus-1
locaz-turus-1 🇺🇸

5

(1)

13K documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CISA EXAM
Chapter 1 correct answer
Source code correct answer uncompiled, archive code
Object code correct answer compiled code that is distributed and put into production; not able to be
read by humans
Inherent risk correct answer the risk that an error could occur assuming no compensating control exist
Control risk correct answer the risk that an error exists that would not be prevented by internal controls
Detection risk correct answer the risk that an error exists, but is not detected. The risk that an IS auditor
may use an inadequate test procedure and conclude that no material error exists when in fact errors do
exist.
Audit risk correct answer the overall level of risk; the level of risk the auditor is prepared to accept.
Compliance testing correct answer determines if controls are being applied in a manner that complies
with mgmt's policies and procedures
Substantive testing correct answer evaluates the integrity of individual transactions, data, and other
information.
Regression testing correct answer used to retest earlier program abends that occurred during the initial
testing phase.
Sociability testing correct answer to ensure the application works as expected in the specified
environment where other applications run concurrently. Includes testing of interfaces with other
systems.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download CISA Exam Essentials: Key Concepts and Definitions and more Exams Business Statistics in PDF only on Docsity!

CISA EXAM

Chapter 1 correct answer Source code correct answer uncompiled, archive code Object code correct answer compiled code that is distributed and put into production; not able to be read by humans Inherent risk correct answer the risk that an error could occur assuming no compensating control exist Control risk correct answer the risk that an error exists that would not be prevented by internal controls Detection risk correct answer the risk that an error exists, but is not detected. The risk that an IS auditor may use an inadequate test procedure and conclude that no material error exists when in fact errors do exist. Audit risk correct answer the overall level of risk; the level of risk the auditor is prepared to accept. Compliance testing correct answer determines if controls are being applied in a manner that complies with mgmt's policies and procedures Substantive testing correct answer evaluates the integrity of individual transactions, data, and other information. Regression testing correct answer used to retest earlier program abends that occurred during the initial testing phase. Sociability testing correct answer to ensure the application works as expected in the specified environment where other applications run concurrently. Includes testing of interfaces with other systems.

Parallel testing correct answer Feeding test data into two systems and comparing the results. White box testing correct answer test the software's program logic. Black box testing correct answer Testing the functional operating effectiveness without regard to internal program structure. Redundancy check correct answer detects transmission errors by appending calculated bits onto the end of each segment of data. Variable sampling correct answer used to estimate the average or total value of a population. Discovery sampling correct answer used to determine the probability of finding an attribute in a population. Attribute sampling correct answer selecting items from a population based on a common attribute. Used for compliance testing. Chapter 2 correct answer Steering Committee correct answer Appointed by senior management. Serves as a general review board for projects and acquisitions... not involved in routine operations. The committee should include representatives from senior management, user management, and the IS department. Escalates issues to senior management. Request for Proposal (RFP) correct answer A document distributed to software vendors requesting their submission of a proposal to develop or provide a software product. RFP should include: Project Overview, Key Requirements and Constraints, Scope Limitations, Vendor questionnaire, customer references, demonstrations, etc. Quality Assurance correct answer Check to verify policies are followed.

Layer 2 - Data link layer correct answer The data link layer provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer. The addressing scheme is physical which means that the addresses (MAC address) are hard-coded into the network cards at the time of manufacture. The addressing scheme is flat. Note: The best known example of this is Ethernet. Layer 1 - Physical layer correct answer The physical layer defines all electrical and physical specifications for devices. This includes the layout of pins, voltages, and cable specifications. Hubs and repeaters are physical-layer devices. Metadata correct answer is literally "data about data." This term refers to information about data itself -- perhaps the origin, size, formatting or other characteristics of a data item. Primary key correct answer Every database table should have one or more columns designated as the primary key. The value this key holds should be unique for each record in the database (e.g. Social Security number). Foreign key correct answer These keys are used to create relationships between tables. Referential integrity constraints correct answer ensure that a change in a primary key of one table is automatically updated in a matching foreign key of other tables. This is done using triggers. Normalization correct answer The elimination of redundant data. Tuple correct answer row in a table Dangling Tuple correct answer row in a table that has lost referential integrity DDL - Data Definition Language correct answer used for setup an removal phases, defines db structure DML- Data Manipulation Language correct answer used to insert, retrieve and modify data

Normalization correct answer The elimination of redundant data Modulation correct answer Converting digital signal to analog. Protocol analyzers correct answer are network diagnostic tools that monitor and record network information from packets traveling in the link to which the analyzer is attached. REPEATER correct answer Physical layer device that extends the network range or connects two separate network segments together Layer 1 Routers correct answer are physical devices that join multiple wired or wireless networks together. Technically, a wired or wireless router is a Layer 3 gateway, meaning that the wired/wireless router connects networks (as gateways do), and that the router operates at the network layer of the OSI model. A network switch correct answer is a small hardware device that joins multiple computers together within one local area network (LAN). Technically, network switches operate at layer two (Data Link Layer

  • Layer 2) of the OSI model. Network switches appear nearly identical to network hubs, but a switch... correct answer generally contains more "intelligence" (and a slightly higher price tag) than a hub. Unlike hubs, network switches are capable of inspecting data packets as they are received, determining the source and destination device of that packet, and forwarding it appropriately. By delivering each message only to the connected device it was intended for, a network switch conserves network bandwidth and offers generally better performance than a hub. A hub correct answer is a device that connects two segments of a single LAN. A hub is a repeater. It provides transparent connectivity to users on all segments of the same LAN. It is a level 1 device. Passive hubs correct answer do not amplify the electrical signal of incoming packets before broadcasting them out to the network. Active hubs, on the other hand, do perform this amplification, as does a different type of dedicated network device called a repeater. Some people use the terms concentrator when referring to a passive hub and multiport repeater when referring to an active hub.

Asymmetric Key Algorithms correct answer In an asymmetric key algorithm (e.g., RSA), there are two separate keys: a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables him to perform decryption. (PKI) Certificate Authority (CA) correct answer issues and manages security credentials and public keys for message encryption. This includes revocation and suspension and issuance and distribution of the subscriber certificate. Generation and distribution of the CA public key is also part of the CA key life cycle management process and, as such, cannot be delegated. Registration Authority (RA) correct answer verifies user requests for a digital cert. and tells the CA to issue it. Establishing a link between the requesting entity and its public key is a function of a registration authority. A public key infrastructure consists of correct answer • A certificate authority (CA) that issues and verifies digital certificate. A certificate includes the public key or information about the public key

  • A registration authority (RA) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor
  • One or more directories where the certificates (with their public keys) are held
  • A certificate management system Identification correct answer the process of identifying a user (e.g. unique user name). Authentication correct answer the process of identification verification. Authorization correct answer the process of determining whether a valid identifier is authorized to access a service. Hashing correct answer works one way. By applying a hashing algorithm to a message, a message hash/digest is created. If the same hashing algorithm is applied to the message digest, it will not result in the original message. As such, hashing is irreversible, while encryption is reversible. This is the basic difference between hashing and encryption. Hashing creates an output that is smaller than the original message, and encryption creates an output of the same length as the original message. Hashing is used to verify the integrity of the message and does not address security. The same hashing algorithm is used at the sending and receiving ends to generate and verify the massage hash/digest. Encryption will not necessarily use the same algorithm at the sending and receiving end to encrypt and decrypt.

Encapsulation or tunneling correct answer is a technique used to carry the traffic of one protocol over a network that does not support that protocol directly. The original packet is wrapped in another packet. Secure Sockets Layer (SSL) correct answer a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message (PKI). S/HTTP correct answer An extension to the HTTP protocol to support sending data securely over the World Wide Web. Whereas SSL is designed to establish a secure connection between two computers, S- HTTP is designed to send individual messages securely. IP Security (IPSec) correct answer a set of protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPNs). Operates at the network layer. IPsec supports two encryption modes correct answer • Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched.

  • The more secure Tunnel mode encrypts both the header and the payload. On the receiving side, an IPSec-compliant device decrypts each packet. SSH correct answer Secure Shell is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels (Application Layer). S/MIME correct answer Secure e-mail protocol that supports encryption of messages. Secure Electronic Transaction (SET) correct answer is a standard that will enable secure credit card transactions on the Internet. SET has been endorsed by virtually all the major players in the electronic commerce arena (PKI, Application Layer). A digital certificate correct answer is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority. It contains your

created for the session, allowing packets to flow freely without the need for inspecting individual packets. Operates at the session layer of the OSI model. ADV of circuit-level gateway correct answer • speed of connection

  • support for protocols
  • maintenance DISADV of circuit-level gateway correct answer • Security of this firewall depends heavily on the trustworthiness of the hosts, as individual packets aren't analyzed after the connection is made.
  • Limited logging correct answer A stateful inspection firewall correct answer is a type of circuit level gateway that captures data packets at the network layer then reviews these packets at the upper layers of the OSI model. To beef up packet filtering security, stateful inspection packet filtering, or stateful packet filtering (SPF) was introduced. Essentially, SPF performs the same as a packet filter, but with a couple of added measures. First, it looks at more details from each packet to determine what is contained within the packet rather than simply who and where it is from (or allegedly from). Second, it monitors communications between the two devices and compares the traffic not only to the rules it has been given, but also to the previous communications. If any communication seems out of context or out of the ordinary based on previous traffic the packet is rejected. An application gateway correct answer is essentially another sort of proxy server. The internal client first establishes a connection with the application gateway. The application gateway determines if the connection should be allowed or not and then establishes a connection with the destination computer. All communications go through two connections- client to application gateway and application gateway to destination. The application gateway monitors all traffic against its rules before deciding whether or not to forward it. As with the other proxy server types, the application gateway is the only address seen by the outside world so the internal network is protected. ADV of Application Gateway correct answer • An application-level gateway is the best way to protect against hacking because it can define with detail rules that describe the type of user or connection that is or is not permitted. It analyzes in detail each package, not only in layers one through four of the OSI model but also layers five through seven, which means that it reviews the commands of each higher level protocol (HTTP, FTP, SNMP, etc.)
  • It hides the design of the internal network
  • It can be used to implement strong authentication. DISADV of Application Gateway correct answer • It reduces network performance.
  • It must be tailored to specific applications. For a remote access server correct answer there is a device (server) that asks for a username and password before entering the network. This is good when accessing private networks, but it can be mapped or scanned from the Internet creating security exposure. A proxy server correct answer is generally put in place to boost performance of the network, but can act as a sort of firewall as well. Proxy servers also hide your internal addresses as well so that all communications appear to originate from the proxy server itself. A proxy server will cache pages that have been requested. If User A goes to Yahoo.com the proxy server actually sends the request to Yahoo.com and retrieves the web page. If User B then connects to Yahoo.com the proxy server just sends the information it already retrieved for User A so it is returned much faster than having to get it from Yahoo.com again. You can configure a proxy server to block access to certain web sites and filter certain port traffic to protect your internal network. Proxy servers correct answer can provide protection based on the IP address and ports. However, an individual is needed who really knows how to do this, and applications can use different ports for the different sections of the program. Port scanning correct answer works when there is a very specific task to complete, but not when trying to control what comes from the Internet (or when all the ports available need to be controlled). For example, the port for Ping (echo request) could be blocked and the IP addresses would be available for the application and browsing, but would not respond to Ping. Firewall Architectures correct answer Screening router correct answer is the most basic type of firewall architecture deployed. An external router is placed between the untrusted networks and a security policy is implemented using ACLs. Very weak security with little protection (but better than nothing).

RSA keys correct answer are large numbers that are suitable only for short messages, such as the creation of a digital signature. The RSA asymmetric key transport algorithm is based on factoring prime numbers. Can be used to securely transport symmetric keys. Biometric Order of Effectiveness correct answer 1. Palm

  1. Hand Geometry
  2. Iris
  3. Retina
  4. Fingerprint
  5. Face Active Monitors correct answer Look for virus like actions, can't distinguish between user and virus requests Integrity CRC Checkers (Cyclic Redundancy Checkers) correct answer Validate Integrity of program when run, by comparing CRC to database original CRC value Behavior Blockers correct answer Looks for patterns of behaviors that are virus-like and flags them, there are a lot of false positives with this type of AV Immunizers correct answer append sections to files, continuously checks files for changes and reports the changes

Chapter 5 correct answer Alternative Routing correct answer The method of routing traffic via an alternative medium such as copper cable or fiber optics. This involves use of different networks, circuits or end points should the normal network be unavailable. Diverse Routing correct answer The method of routing traffic through split or duplicate cable facilities. Critical correct answer only can be replaced by identical capabilities, can't be replaced by manual methods, very high cost of interruption Vital correct answer can be performed manually for a short time period, slightly lower costs of interruption (5 days of less functional restoration) Sensitive correct answer can be performed manually at a tolerable cost for an extended period of time, requiring additional staff Non-sensitive correct answer can be interrupted for an extended period of time at little or no cost to the computer and require little or no catching up when restored Fault Tolerant Servers correct answer Provide for fail-safe redundancy through mirrored images of the primary server Recovery Point Object correct answer amount of acceptable data loss allowed (4 hours of lost data, means that backups should be run every 4 hours) Recovery Time Object correct answer acceptable down time Chapter 6 correct answer Feasibility correct answer Used to determine if the project should get the go-ahead. The feasibility study will produce a project plan and budget estimates for the future stages of development.

Emergency Action Team correct answer first responders at the emergency Emergency Management Team correct answer responsible for coordinating the activities of all other recovery teams. Disaster overseers. Transportation team correct answer Serves as the facilities team to locate a recovery site; and is resp. for transporting the employees to the recovery site. Relocation team correct answer Coordinates the process of moving from the hot site to a new location. Rapid Application Development (RAD) correct answer RAD does NOT support the planning or analysis required to define the information needs of the enterprise as a whole. RAD provides the means for developing systems faster, cheaper, and with a higher quality. Four RAD stages. Four RAD Stages correct answer 1. Concept definition (defines business functions and determines system scope)

  1. Functional design (models data and processes for the system)
  2. Development (construction of the database and application)
  3. Final user testing and training Post Implementation Review correct answer Performed after the system has stabilized in production. The IS auditor should perform the following functions -
  4. Determine if the systems objectives and requirements were achieved. This includes user satisfaction with the system.
  5. Determine if cost benefits are being reported to management.
  6. Review change requests for the new system.
  7. Review controls built into the system to ensure they are operating according to design.
  8. Review error logs.
  9. Review input and output control balances to verify that the system is processing data accurately.
  10. Review Access Control configuration.

Computer-Aided Software Engineering (CASE) correct answer 1. Upper CASE

  1. Middle CASE
  2. Lower CASE Upper CASE correct answer used to determine program requirements Middle CASE correct answer used for detailed designs Lower CASE correct answer used for program code generation Compability Maturity Model (CMM) correct answer five maturity levels attainable by software organizations. Initial, Repeatable, Defined, Managed, and Optimizing Initial correct answer ad hoc...based on individual effort. Repeatable correct answer successfully applied processes can be repeated on other projects. Defined correct answer lessons learned from the "repeatable" phase provide the impetus to develop a standard software process across the organization. Managed correct answer the org. can develop and apply quantitative managed control over its software development process. Optimizing correct answer the org. uses continuous process improvement strategies. ISO 9126 Quality Attributes correct answer Functionality, Reliability, Usability, Efficiency, Maintainability,, Portability Functionality correct answer the existence of a set of functions.

A redundancy check correct answer detects transmission errors by appending calculated bits onto the end of each segment of data. This is an error detection methods but not an error correction method. Forward error control correct answer involves transmitting additional redundant information with each character or frame to facilitate detection and correction of errors. In feedback error control, only enough additional information is transmitted so the receiver can identify that an error has occurred. A reasonableness check correct answer compares data to predefined reasonability limits or occurrence rates established for the data. Checksum correct answer A checksum is a form of redundancy check, a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space (telecommunications) or time (storage). It works by adding up the basic components of a message, typically the bytes, and storing the resulting value. Later, anyone can perform the same operation on the data, compare the result to the authentic checksum and (assuming that the sums match) conclude that the message was probably not corrupted. Database commits correct answer Commits ensure that data are saved to a disk. Database Rollbacks correct answer ensure that the already completed processing is reversed back, and that the data already processed are not saved to the disk in the event of the failure of the completion of the transaction processing. Clerical control procedures correct answer Used to MANUALLY sum and compare inputs and outputs (which is more susceptible to error than an automated process). Electronic Data Interchange (EDI) correct answer The electronic transmission of transactions between two organizations. Provides fewer opportunities for review and authorization since there is les human intervention. Batch Controls and Balancing correct answer group input transactions to provide control totals. Can be based on total monetary amount, total items, or hash totals. Batch registers correct answer manual recording and comparison of batch totals.

Control accounts correct answer reconciliation between initial and master files containing batch totals. Computer agreement correct answer batch header data is input and compared with calculated totals. Automated Online Auditing Techniques correct answer Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM) correct answer Embedding specially written audit software in the host system so the applications systems are audited on a selective basis. Snapshots correct answer Taking pictures of the processing path. Audit hooks correct answer Embedding hooks in application systems to function as red flags to induce auditors to act before an error gets out of hand. Integrated Test Facility correct answer Dummy facilities are set up and included in the production files. Test transactions are then processed with live transactions during regular process runs. Continuous and Intermittent Simulation (CIS) correct answer A simulator decides whether transactions meet certain criteria and audits transactions as applicable. IT Balanced Scorecard correct answer A process management technique used to assess IT functions and processes. Goes beyond financial evaluation and addresses user satisfaction, internal processes, and the ability to innovate.