Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
50 Cards in this Set
- Front
- Back
|
trest
|
test
|
|
|
"Abend"
|
"An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing"
|
|
|
"Access control"
|
"The process that limits and controls access to resources of a computer system; a logical or physical control designed to protect against unauthorized entry or use. Access control can be defined by the system (mandatory access control# or MAC) or defined by the user who owns the object (discretionary access control# or DAC)."
|
|
|
"Access control table"
|
"An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals"
|
|
|
"Access method"
|
"The technique used for selecting records in a file# one at a time# for processing# retrieval or storage. The access method is related to# but distinct from# the file organization that determines how the records are stored."
|
|
|
"Access path"
|
"The logical route an end user takes to access computerized information. Typically# it includes a route through the operating system# telecommunications software# selected application software and the access control system."
|
|
|
"Access rights"
|
"Also called permissions or privileges# these are the rights granted to users by the administrator or supervisor. Access rights determine the actions users can perform (e.g.# read# write# execute# create and delete) on files in shared volumes or file shares on the server."
|
|
|
"Accountability"
|
"The ability to map a given activity or event back to the responsible party"
|
|
|
"ACK (acknowledgement)"
|
"A flag set in a packet to indicate to the sender that the previous packet sent was accepted correctly by the receiver without errors# or that the receiver is now ready to accept a transmission"
|
|
|
"Active recovery site (mirrored)"
|
"Recovery strategy that involves two active sites# each capable of taking over the other’s workload in the event of a disaster. Each site will have enough idle processing power to restore data from the other site and to accommodate the excess workload in the event of a disaster."
|
|
|
"Active response"
|
"A response# in which the system (automatically or in concert with the user) blocks or otherwise affects the progress of a detected attack. The response takes one of three forms--amending the environment# collecting more information or striking back against the user."
|
|
|
"Address"
|
"The code used to designate the location of a specific piece of data within computer storage"
|
|
|
"Address space"
|
"The number of distinct locations that may be referred to with the machine address. For most binary machines# it is equal to 2n# where n is the number of bits in the machine address."
|
|
|
"Addressing"
|
"The method used to identify the location of a participant in a network. Ideally# addressing specifies where the participant is located rather than who they are (name) or how to get there (routing)."
|
|
|
"adjusting period"
|
"The calendar can contain “real” accounting periods and/or adjusting accounting periods. The “real” accounting periods must not overlap# and cannot have any gaps between “real” accounting periods. Adjusting accounting periods can overlap with other accounting periods. For example# a period called DEC-93 can be defined that includes 01-DEC-1993 through 31-DEC-1993. An adjusting period called DEC31-93 can also be defined that includes only one day: 31-DEC-1993 through 31-DEC-1993."
|
|
|
"Administrative controls"
|
"The actions/controls dealing with operational effectiveness# efficiency and adherence to regulations and management policies"
|
|
|
"allocation entry"
|
"A recurring journal entry used to allocate revenues or costs. For example# an allocation entry could be defined to allocate costs to each department based on headcount."
|
|
|
"Alpha"
|
"The use of alphabetic characters or an alphabetic character string"
|
|
|
"Analog"
|
"A transmission signal that varies continuously in amplitude and time and is generated in wave formation. Analog signals are used in telecommunications."
|
|
|
"Anomaly"
|
"Unusual or statistically rare"
|
|
|
"Anomaly detection"
|
"Detection on the basis of whether the system activity matched that defined as abnormal"
|
|
|
"Anonymity"
|
"The quality or state of not being named or identified"
|
|
|
"Anonymous File Transfer Protocol (FTP)"
|
"A method for downloading public files using the File Transfer Protocol (FTP). Anonymous FTP is called anonymous because users do not need to identify themselves before accessing files from a particular server. In general# users enter the word anonymous when the host prompts for a username; anything can be entered for the password# such as the user's e-mail address or simply the word guest. In many cases# an anonymous FTP site will not even prompt users for a name and password."
|
|
|
"Antivirus software"
|
"Applications that detect# prevent and possibly remove all known viruses from files located in a microcomputer hard drive"
|
|
|
"Appearance"
|
"The act of giving the idea or impression of being or doing something"
|
|
|
"Appearance of independence"
|
"Behavior adequate to meet the situations occurring during audit work (interviews# meetings# reporting# etc.). The IS auditor should be aware that appearance of independence depends upon the perceptions of others and can be influenced by improper actions or associations."
|
|
|
"Applet"
|
"A program written in a portable# platform independent computer language# such as Java. It is usually embedded in an HTML page and then executed by a browser. Applets can only perform a restricted set of operations# thus preventing# or at least minimizing# the possible security compromise of the host computers."
|
|
|
"application"
|
"A computer program or set of programs that perform the processing of records for a specific function"
|
|
|
"Application acquisition review"
|
"An evaluation of an application system being acquired or evaluated# which considers such matters as: appropriate controls are designed into the system; the application will process information in a complete# accurate and reliable manner; the application will function as intended; the application will function in compliance with any applicable statutory provisions; the system is acquired in compliance with the established system acquisition process."
|
|
|
"Application controls"
|
"Refer to the transactions and data relating to each computer-based application system and are therefore specific to each such application. The objectives of application controls# which may be manual# or programmed# are to ensure the completeness and accuracy of the records and the validity of the entries made therein resulting from both manual and programmed processing. Examples of application controls include data input validation# agreement of batch totals and encryption of data transmitted."
|
|
|
"Application development review"
|
"An evaluation of an application system under development which considers matters such as: appropriate controls are designed into the system; the application will process information in a complete# accurate and reliable manner; the application will function as intended; the application will function in compliance with any applicable statutory provisions; the system is developed in compliance with the established systems development life cycle process"
|
|
|
"Application implementation review"
|
"An evaluation of any part of an implementation project (e.g.# project management# test plans# user acceptance testing procedures)"
|
|
|
"Application layer"
|
"A layer within the International Organization for Standardization (ISO)/Open Systems Interconnection (OSI) model. It is used in information transfers between users through application programs and other devices. In this layer various protocols are needed. Some of them are specific to certain applications and others are more general for network services."
|
|
|
"Application maintenance review"
|
"An evaluation of any part of a project to perform maintenance on an application system (e.g.# project management# test plans# user acceptance testing procedures)"
|
|
|
"Application program"
|
"A program that processes actions upon business data# such as data entry# update or query. It contrasts with systems program# such as an operating system or network control program# and with utility programs# such as copy or sort."
|
|
|
"Application programming"
|
"The act or function of developing and maintaining applications programs in production"
|
|
|
"Application programming interface (API)"
|
"A set of routines# protocols and tools referred to as ""building blocks"" used in business application software development. A good API makes it easier to develop a program by providing all the building blocks related to functional characteristics of an operating system# which applications need to specify when# for example# interfacing with an operating system (e.g.# provided by MS-Windows# different versions of UNIX). A programmer would utilize these APIs in developing applications that can operate effectively and efficiently on the platform chosen."
|
|
|
"Application proxy"
|
"A proxy service that connects programs running on internal networks to services on exterior networks by creating two connections# one from the requesting client and another to the destination service"
|
|
|
"application security"
|
"Refers to the security aspects supported by the ERP# primarily with regard to the roles or responsibilities and audit trails within the applications"
|
|
|
"Application software tracing and mapping"
|
"Specialized tools that can be used to analyze the flow of data# through the processing logic of the application software# and document the logic# paths# control conditions and processing sequences. Both the command language or job control statements and programming language can be analyzed. This technique includes program/system: mapping# tracing# snapshots# parallel simulations and code comparisons."
|
|
|
"Application system"
|
"An integrated set of computer programs designed to serve a particular function that has specific input# processing and output activities (e.g.# general ledger# manufacturing resource planning# human resource management)"
|
|
|
"Arithmetic-logic unit (ALU)"
|
"The area of the central processing unit that performs mathematical and analytical operations"
|
|
|
"Artificial intelligence"
|
"Advanced computer systems that can simulate human capabilities# such as analysis# based on a predetermined set of rules"
|
|
|
"ASCII"
|
"(American Standard Code for Information Interchange) An eight-digit/seven-bit code representing 128 characters; used in most small computers"
|
|
|
"ASP/MSP (application or managed service provider)"
|
"A third party that delivers and manages applications and computer services# including security services to multiple users via the Internet or a private network"
|
|
|
"Assembler"
|
"A program that takes as input a program written in assembly language and translates it into machine code or relocatable code"
|
|
|
"Assembly language"
|
"A low-level computer programming language which uses symbolic code and produces machine instructions"
|
|
|
"Asymmetric key (public key)"
|
"A cipher technique whereby different cryptographic keys are used to encrypt and decrypt a message (see public key cryptosystems)"
|
|
|
"Asynchronous Transfer Mode (ATM)"
|
"ATM is a high-bandwidth low-delay switching and multiplexing technology. It is a data link layer protocol. This means that it is a protocol-independent transport mechanism. ATM allows integration of real-time voice and video as well as data. ATM allows very high speed data transfer rates at up to 155 Mbit/s."
|
|
|
"Asynchronous transmission"
|
"Character-at-a-time transmission"
|
