Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

50 Cards in this Set

  • Front
  • Back
"ICMP (internet control message protocol)"
"A set of protocols that allow systems to communicate information about the state of services on other systems. It is used# for example# in determining whether systems are up# maximum packet sizes on links# whether a destination host/network/port is available. Hackers typically (abuse) use ICMP to determine information about the remote site."
"Idle standby"
"A fail-over process in which the primary node owns the resource group. The backup node runs idle# only supervising the primary node. In case of a primary node outage# the backup node takes over. The nodes are prioritized# which means the surviving node with the highest priority will acquire the resource group. A higher priority node joining the cluster will thus cause a short service interruption."
"IDS (intrusion detection system)"
"An intrusion detection system (IDS) inspects network activity to identify suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system"
"(Institute of Electrical and Electronics Engineers)--Pronounced I-triple-E# IEEE is an organization composed of engineers# scientists and students. The IEEE is best known for developing standards for the computer and electronics industry."
"Image processing"
"The process of electronically inputting source documents by taking an image of the document# thereby eliminating the need for key entry"
"implementation life cycle review"
"Refers to the controls that support the process of transformation of the organisation’s legacy information systems into the ERP applications. This would largely cover all aspects of systems implementation and configuration# such as change management"
"Incremental testing"
"Deliberately testing only the value-added functionality of a software component"
"Self-governance and freedom from conflict of interest and undue influence. The IS auditor should be free to make his/her own decisions# not influenced by the organization being audited and its people (managers and employers)."
"Independent appearance"
"The outward impression of being self-governing and free from conflict of interest and undue influence"
"Independent attitude"
"Impartial point of view which allows the IS auditor to act objectively and with fairness"
"Indexed sequential access method (ISAM)"
"A disk access method that stores data sequentially# while also maintaining an index of key fields to all the records in the file for direct access capability"
"Indexed sequential file"
"A file format in which records are organized and can be accessed# according to a preestablished key that is part of the record"
"Information engineering"
"Data-oriented development techniques that work on the premise that data are at the center of information processing and that certain data relationships are significant to a business and must be represented in the data structure of its systems"
"Information processing facility (IPF)"
"The computer room and support areas"
"Inherent risk"
"The susceptibility of an audit area to error which could be material# individually or in combination with other errors# assuming that there are no related internal controls"
"Inheritance (objects)"
"Inheritance refers to database structures that have a strict hierarchy (no multiple inheritance). Inheritance can initiate other objects irrespective of the class hierarchy# thus there is no strict hierarchy of objects."
"Initial program load (IPL)"
"The initialization procedure that causes an operating system to be loaded into storage at the beginning of a workday or after a system malfunction"
"Input controls"
"Techniques and procedures used to verify# validate and edit data# to ensure that only correct data are entered into the computer"
"Integrated services digital network (ISDN)"
"A public end-to-end digital telecommunications network with signaling# switching and transport capabilities supporting a wide range of service accessed by standardized interfaces with integrated customer control. The standard allows transmission of digital voice# video and data over 64 Kpbs lines."
"Integrated test facilities (ITF)"
"Test data are processed in production systems. The data usually represent a set of fictitious entities such as departments# customers and products. Output reports are verified to confirm the correctness of the processing."
"The accuracy and completeness of information as well as to its validity in accordance with business values and expectations"
"Intelligent terminal"
"A terminal with built-in processing capability. It has no disk or tape storage but has memory. The terminal interacts with the user by editing and validating data as they are entered prior to final processing."
"interest rate risk"
"Is the risk to earnings or capital arising from movements in interest rates. From an economic perspective# a bank focuses on the sensitivity of the value of its assets# liabilities and revenues to changes in interest rates. Internet banking may attract deposits# loans and other relationships from a larger pool of possible customers than other forms of marketing. Greater access to customers who primarily seek the best rate or term reinforces the need for managers to maintain appropriate asset/liability management systems# which should include the ability to react quickly to changing market conditions."
"Interface testing"
"A testing technique that is used to evaluate output from one application# while the information is sent as input to another application"
"Internal control"
"The policies# procedures# practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected."
"Internal control structure"
"The dynamic# integrated processes# effected by the governing body# management and all other staff# that are designed to provide reasonable assurance regarding the achievement of the following general objectives: Effectiveness# efficiency and economy of operations Reliability of management Compliance with applicable laws# regulations and internal policies Management’s strategies for achieving these general objectives are affected by the design and operation of the following components: Control environment Information system Control procedures"
"Internal penetrators"
"Authorized users of a computer system who overstep their legitimate access rights. This category is divided into masqueraders and clandestine users."
"Internal storage"
"The main memory of the computer’s central processing unit"
"1) Two or more networks connected by a router 2) The world’s largest network using TCP/IP protocols to link government# university and commercial institutions"
"Internet banking"
"Use of the Internet as a remote delivery channel for banking services. Services include the traditional ones# such as opening an account or transferring funds to different accounts# and new banking services# such as electronic bill presentment and payment (allowing customers to receive and pay bills on a bank’s web site)."
"Internet Engineering Task Force (IETF)"
"The Internet standards setting organization with affiliates internationally from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet."
"Internet Inter-ORB Protocol (IIOP)"
"A protocol developed by the object management group (OMG) to implement Common Object Request Broker Architecture (CORBA) solutions over the World Wide Web. CORBA enables modules of network-based programs to communicate with one another. These modules or program parts# such as tables# arrays# and more complex program subelements# are referred to as objects. Use of IIOP in this process enables browsers and servers to exchange both simple and complex objects. This significantly differs from HTTP# which only supports the transmission of text."
"Internet packet (IP) spoofing"
"An attack using packets with the spoofed source Internet packet (IP) addresses. This technique exploits applications that use authentication based on IP addresses. This technique also may enable an unauthorized user to gain root access on the target system."
"A private network that uses the infrastructure and standards of the Internet and World Wide Web# but is isolated from the public Internet by firewall barriers."
"Any intentional violation of the security policy of a system"
"Intrusion detection"
"The process of monitoring the events occurring in a computer system or network# detecting signs of security problems"
"Intrusive monitoring"
"In vulnerability analysis# gaining information by performing checks that affects the normal operation of the system# even crashing the system"
"IP (Internet protocol)"
"Specifies the format of packets and the addressing scheme"
"IPSec (Internet protocol security)"
"A set of protocols developed by the IETF to support the secure exchange of packets"
"Intentional violations of established management policy or regulatory requirements. Deliberate misstatements or omissions of information concerning the area under audit or the organization as a whole; gross negligence or unintentional illegal acts."
"An international standard that defines information confidentiality# integrity and availability controls"
"ISP (Internet service provider)"
"A third party that provides organizations with a variety of Internet# and Internet-related services"
"IT governance"
"A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes"
"Job control language (JCL)"
"A language used to control run routines in connection with performing tasks on a computer"
"journal entry"
"A debit or credit to a general ledger account. See also manual journal entry."
"Judgment sampling"
"Any sample that is selected subjectively or in such a manner that the sample selection process is not random or the sampling results are not evaluated mathematically"
"L2F (Layer 2 forwarding)"
"A tunnelling protocol developed by Cisco Systems to support the creation of VPNs"
"L2TP (Layer 2 tunneling protocol)"
"An extension to PPP to facilitate the creation of VPNs. L2TP merges the best features of PPTP (from Microsoft) and L2F (from Cisco)."
"The time it takes a system and network delay to respond. System latency is the time a system takes to retrieve data. Network latency is the time it takes for a packet to travel from source to the final destination."
"LDAP (Lightweight Directory Access Protocol)"
"A set of protocols for accessing information directories. It is based on the X.500 standard# but is significantly simpler."