Download CISA IT Audit and Security Glossary and more Exams Business Administration in PDF only on Docsity!
ISACA® CISA® - Glossary (EN) Acceptable use policy correct answer A policy that establishes an agreement between users and the enterprise and defines for all parties' the ranges of use that are approved before gaining access to a network or the Internet. Access control correct answer The processes, rules and deployment mechanisms that control access to information systems, resources and physical access to premises. Access control list (ACL) correct answer An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals. Scope Note: Also referred to as access control tables. Access path correct answer The logical route that an end user takes to access computerized information. Scope Note: Typically includes a route through the operating system, telecommunications software, selected application software and the access control system Access rights correct answer The permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy. Adware correct answer A software package that automatically plays, displays or downloads advertising material to a computer after the software is installed on it or while the application is being used. Scope Note: In most cases, this is done without any notification to the user or without the user's consent. The term adware may also refer to software that displays advertisements, whether or not it does so with the user's consent; such programs display advertisements as an alternative to shareware registration fees. These are classified as adware in the sense of
advertising supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a specific service. Alternative routing correct answer A service that allows the option of having an alternate route to complete a call when the marked destination is not available. Scope Note: In signaling, alternative routing is the process of allocating substitute routes for a given signaling traffic stream in case of failure(s) affecting the normal signaling links or routes of that traffic stream. Antivirus software correct answer An application software deployed at multiple points in an IT architecture. It is designed to detect and potentially eliminate virus code before damage is done and repair or quarantine files that have already been infected Application correct answer A computer program or set of programs that performs the processing of records for a specific function. Scope Note: Contrasts with systems programs, such as an operating system or network control program, and with utility programs, such as copy or sort. Application controls correct answer The policies, procedures and activities designed to provide reasonable assurance that objectives relevant to a given automated solution (application) are achieved. Application programming interface (API) correct answer A set of routines, protocols and tools referred to as "building blocks" used in business application software development. Scope Note: A good API makes it easier to develop a program by providing all the building blocks related to functional characteristics of an operating system that applications need to
Scope Note: Includes the areas to be audited, the type of work planned, the high-level objectives and scope of the work, and topics such as budget, resource allocation, schedule dates, type of report and its intended audience and other general aspects of the work.
- A high-level description of the audit work to be performed in a certain period of time. Audit program correct answer A step-by-step set of audit procedures and instructions that should be performed to complete an audit. Audit risk correct answer The probability that information or financial reports may contain material errors and that the auditor may not detect an error that has occurred. Audit trail correct answer A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source. Authentication correct answer 1. The act of verifying identity (i.e., user, system). Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data.
- The act of verifying the identity of a user and the user's eligibility to access computerized information. Scope Note: Assurance: Authentication is designed to protect against fraudulent logon activity. It can also refer to the verification of the correctness of a piece of data. Backbone correct answer The main communication channel of a digital network. The part of a network that handles the major traffic.
Scope Note: Employs the highest-speed transmission paths in the network and may also run the longest distances. Smaller networks are attached to the backbone, and networks that connect directly to the end user or customer are called "access networks." A backbone can span a geographic area of any size from a single building to an office complex to an entire country. Or, it can be as small as a backplane in a single cabinet. Backup correct answer Files, equipment, data and procedures available for use in the event of a failure or loss, if the originals are destroyed or out of service. Balanced scorecard (BSC) correct answer Developed by Robert S. Kaplan and David P. Norton as a coherent set of performance measures organized into four categories that includes traditional financial measures, but adds customer, internal business process, and learning and growth perspectives. Bandwidth correct answer The range between the highest and lowest transmittable frequencies. It equates to the transmission capacity of an electronic line and is expressed in bytes per second or Hertz (cycles per second). Batch control correct answer Correctness checks built into data processing systems and applied to batches of input data, particularly in the data preparation stage. Scope Note: There are two main forms of batch controls: sequence control, which involves numbering the records in a batch consecutively so that the presence of each record can be confirmed; and control total, which is a total of the values in selected fields within the transactions. Batch processing correct answer The processing of a group of transactions at the same time. Scope Note: Transactions are collected and processed against the master files at a specified time.
Scope Note: In a program, buffers are reserved areas of random access memory (RAM) that hold data while they are being processed. Bus configuration correct answer All devices (nodes) are linked along one communication line where transmissions are received by all attached nodes. Scope Note: This architecture is reliable in very small networks, as well as easy to use and understand. This configuration requires the least amount of cable to connect the computers together and, therefore, is less expensive than other cabling arrangements. It is also easy to extend, and two cables can be easily joined with a connector to make a longer cable for more computers to join the network. A repeater can also be used to extend a bus configuration. Business case correct answer Documentation of the rationale for making a business investment, used both to support a business decision on whether to proceed with the investment and as an operational tool to support management of the investment through its full economic life cycle. Business continuity plan (BCP) correct answer A plan used by an enterprise to respond to disruption of critical business processes. Depends on the contingency plan for restoration of critical systems. Business impact analysis (BIA) correct answer A process to determine the impact of losing the support of any resource. Scope Note: The BIA assessment study will establish the escalation of that loss over time. It is predicated on the fact that senior management, when provided reliable data to document the potential impact of a lost resource, can make the appropriate decision. Business process reengineering (BPR) correct answer The thorough analysis and significant redesign of business processes and management systems to establish a better performing structure, more responsive to the customer base and market conditions, while yielding material cost savings.
Capability Maturity Model (CMM) correct answer 1. Contains the essential elements of effective processes for one or more disciplines. Scope Note: It also describes an evolutionary improvement path from ad hoc, immature processes to disciplined, mature processes with improved quality and effectiveness.
- CMM for software, from the Software Engineering Institute (SEI), is a model used by many enterprises to identify best practices useful in helping them assess and increase the maturity of their software development processes. Scope Note: CMM ranks software development enterprises according to a hierarchy of five process maturity levels. Each level ranks the development environment according to its capability of producing quality software. A set of standards is associated with each of the five levels. The standards for level one describe the most immature or chaotic processes and the standards for level five describe the most mature or quality processes. A maturity model that indicates the degree of reliability or dependency the business can place on a process achieving the desired goals or objectives. A collection of instructions that an enterprise can follow to gain better control over its software development process. Capacity stress testing correct answer Testing an application with large quantities of data to evaluate its performance during peak periods. Also called volume testing. Card swipe correct answer A physical control technique that uses a secured card or ID to gain access to a highly sensitive location. Scope Note: If built correctly, card swipes act as a preventive control over physical access to those sensitive locations. After a card has been swiped, the application attached to the physical
Challenge/response token correct answer A method of user authentication that is carried out through use of the Challenge Handshake Authentication Protocol (CHAP). Scope Note: When a user tries to log into the server using CHAP, the server sends the user a "challenge," which is a random value. The user enters a password, which is used as an encryption key to encrypt the "challenge" and return it to the server. The server is aware of the password. It, therefore, encrypts the "challenge" value and compares it with the value received from the user. If the values match, the user is authenticated. The challenge/response activity continues throughout the session and this protects the session from password sniffing attacks. In addition, CHAP is not vulnerable to "man-in-the-middle" attacks because the challenge value is a random value that changes on each access attempt. Change management correct answer A holistic and proactive approach to managing the transition from a current to a desired organizational state, focusing specifically on the critical human or "soft" elements of change. Scope Note: Includes activities such as culture change (values, beliefs and attitudes), development of reward systems (measures and appropriate incentives), organizational design, stakeholder management, human resources (HR) policies and procedures, executive coaching, change leadership training, team building and communication planning and execution. Check digit correct answer A numeric value, which has been calculated mathematically, is added to data to ensure that original data have not been altered or that an incorrect, but valid match has occurred. Scope Note: Check digit control is effective in detecting transposition and transcription errors. Checkpoint restart procedures correct answer A point in a routine at which sufficient information can be stored to permit restarting the computation from that point. Checksum correct answer A mathematical value that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.
Scope Note: A cryptographic checksum is created by performing a complicated series of mathematical operations (known as a cryptographic algorithm) that translates the data in the file into a fixed string of digits called a hash value, which is then used as the checksum. Without knowing which cryptographic algorithm was used to create the hash value, it is highly unlikely that an unauthorized person would be able to change data without inadvertently changing the corresponding checksum. Cryptographic checksums are used in data transmission and data storage. Cryptographic checksums are also known as message authentication codes, integrity check-values, modification detection codes or message integrity codes. Circuit-switched network correct answer A data transmission service requiring the establishment of a circuit-switched connection before data can be transferred from source data terminal equipment (DTE) to a sink DTE. Scope Note: A circuit-switched data transmission service uses a connection network. Circular routing correct answer In open systems architecture, circular routing is the logical path of a message in a communication network based on a series of gates at the physical network layer in the open systems interconnection (OSI) model. Client-server correct answer A group of computers connected by a communication network, in which the client is the requesting machine and the server is the supplying machine. Scope Note: Software is specialized at both ends. Processing may take place on either the client or the server, but it is transparent to the user. Cluster controller correct answer A communication terminal control hardware unit that controls a number of computer terminals. Scope Note: All messages are buffered by the controller and then transmitted to the receiver.
Compliance testing correct answer Tests of control designed to obtain audit evidence on both the effectiveness of the controls and their operation during the audit period. Comprehensive audit correct answer An audit designed to determine the accuracy of financial records as well as to evaluate the internal controls of a function or department. Computer emergency response team (CERT) correct answer A group of people integrated at the enterprise with clear lines of reporting and responsibilities for standby support in case of an information systems emergency. This group will act as an efficient corrective control, and should also act as a single point of contact for all incidents and issues related to information systems. Computer forensics correct answer The application of the scientific method to digital media to establish factual information for judicial review. Scope Note: This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities. As a discipline, it combines elements of law and computer science to collect and analyze data from information systems (e.g., personal computers, networks, wireless communication and digital storage devices) in a way that is admissible as evidence in a court of law. Computer sequence checking correct answer Verifies that the control number follows sequentially and that any control numbers out of sequence are rejected or noted on an exception report for further research. Computer-aided software engineering (CASE) correct answer The use of software packages that aid in the development of all phases of an information system. Scope Note: System analysis, design programming and documentation are provided. Changes introduced in one CASE chart will update all other related charts automatically. CASE can be installed on a microcomputer for easy access.
Computer-assisted audit technique (CAAT) correct answer Any automated audit technique, such as generalized audit software (GAS), test data generators, computerized audit programs and specialized audit utilities. Concurrency control correct answer Refers to a class of controls used in a database management system (DBMS) to ensure that transactions are processed in an atomic, consistent, isolated and durable manner (ACID). This implies that only serial and recoverable schedules are permitted, and that committed transactions are not discarded when undoing aborted transactions. Configuration management correct answer The control of changes to a set of configuration items over a system life cycle. Console log correct answer An automated detail report of computer system activity. Contingency planning correct answer Process of developing advance arrangements and procedures that enable an enterprise to respond to an event that could occur by chance or unforeseen circumstances. Continuity correct answer Preventing, mitigating and recovering from disruption. Scope Note: The terms "business resumption planning," "disaster recovery planning" and "contingency planning" also may be used in this context; they all concentrate on the recovery aspects of continuity. Continuous auditing approach correct answer This approach allows IS auditors to monitor system reliability on a continuous basis and to gather selective audit evidence through the computer. Continuous improvement correct answer The goals of continuous improvement (Kaizen) include the elimination of waste, defined as "activities that add cost, but do not add value;"
Corporate governance correct answer The system by which enterprises are directed and controlled. The board of directors is responsible for the governance of their enterprise. It consists of the leadership and organizational structures and processes that ensure the enterprise sustains and extends strategies and objectives. Corrective control correct answer Designed to correct errors, omissions and unauthorized uses and intrusions, once they are detected. Coupling correct answer Measure of interconnectivity among structure of software programs. Coupling depends on the interface complexity between modules. This can be defined as the point at which entry or reference is made to a module, and what data pass across the interface. Scope Note: In application software design, it is preferable to strive for the lowest possible coupling between modules. Simple connectivity among modules results in software that is easier to understand and maintain and is less prone to a ripple or domino effect caused when errors occur at one location and propagate through the system. Critical infrastructure correct answer Systems whose incapacity or destruction would have a debilitating effect on the economic security of an enterprise, community or nation. Critical success factor (CSF) correct answer The most important issue or action for management to achieve control over and within its IT processes Customer relationship management (CRM) correct answer A way to identify, acquire and retain customers. CCRRMM is also an industry term for software solutions that help an enterprise manage customer relationships in an organized manner. Data custodian correct answer The individual(s) and department(s) responsible for the storage and safeguarding of computerized data.
Data dictionary correct answer A database that contains the name, type, range of values, source and authorization for access for each data element in a database. It also indicates which application programs use those data so that when a data structure is contemplated, a list of the affected programs can be generated. Scope Note: May be a stand-alone information system used for management or documentation purposes, or it may control the operation of a database. Data diddling correct answer Changing data with malicious intent before or during input into the system. Data Encryption Standard (DES) correct answer An algorithm for encoding binary data. Scope Note: It is a secret key cryptosystem published by the National Bureau of Standards (NBS), the predecessor of the US National Institute of Standards and Technology (NIST). DES and its variants has been replaced by the Advanced Encryption Standard (AES). Data leakage correct answer Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes. Data owner correct answer The individual(s), normally a manager or director, who has responsibility for the integrity, accurate reporting and use of computerized data. Data structure correct answer The relationships among files in a database and among data items within each file. Database correct answer A stored collection of related data needed by enterprises and individuals to meet their information processing and retrieval requirements.
The decryption is a reverse process of the encryption. Degauss correct answer The application of variable levels of alternating current for the purpose of demagnetizing magnetic recording media. Scope Note: The process involves increasing the alternating current field gradually from zero to some maximum value and back to zero, leaving a very low residue of magnetic induction on the media. Degauss loosely means to erase. Demodulation correct answer The process of converting an analog telecommunications signal into a digital computer signal. Dial-back correct answer Used as a control over dial-up telecommunications lines. The telecommunications link established through dial-up into the computer from a remote location is interrupted so the computer can dial back to the caller. The link is permitted only if the caller is calling from a valid phone number or telecommunications channel. Dial-in access control correct answer Prevents unauthorized access from remote users who attempt to access a secured environment. Ranges from a dial-back control to remote user authentication. Digital signature correct answer A piece of information, a digitized form of signature, that provides sender authenticity, message integrity and non-repudiation A digital signature is generated using the sender's private key or applying a one-way hash function. Disaster recovery plan (DRP) correct answer A set of human, physical, technical and procedural resources to recover, within a defined time and cost, an activity interrupted by an emergency or disaster.
Discovery sampling correct answer A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population. Distributed data processing network correct answer A system of computers connected together by a communication network. Scope Note: Each computer processes its data and the network supports the system as a whole. Such a network enhances communication among the linked computers and allows access to shared files. Diverse routing correct answer The method of routing traffic through split cable facilities or duplicate cable facilities. Scope Note: This can be accomplished with different and/or duplicate cable sheaths. If different cable sheaths are used, the cable may be in the same conduit and, therefore, subject to the same interruptions as the cable it is backing up. The communication service subscriber can duplicate the facilities by having alternate routes, although the entrance to and from the customer premises may be in the same conduit. The subscriber can obtain diverse routing and alternate routing from the local carrier, including dual entrance facilities. However, acquiring this type of access is time-consuming and costly. Most carriers provide facilities for alternate and diverse routing, although the majority of services are transmitted over terrestrial media. These cable facilities are usually located in the ground or basement. Ground-based facilities are at great risk due to the aging infrastructures of cities. In addition, cable-based facilities usually share room with mechanical and electrical systems that can impose great risk due to human error and disastrous events. Domain name system (DNS) poisoning correct answer Corrupts the table of an Internet server's DNS, replacing an Internet address with the address of another vagrant or scoundrel address. Scope Note: If a web user looks for the page with that address, the request is redirected by the scoundrel entry in the table to a different address. Cache poisoning differs from another form
