CISA Glossary Flashcards

Question

Application *

Answer 1

A computer program or set of programs that perform the processing of records for a specific function. Contrasts with systems programs, such as an operating system or network control program, and with utility programs, such as copy or sort.

Answer 2

The policies, procedures and activities designed to provide reasonable assurance that objectives relevant to a given automated solution (application) are achieved (application). Note: The lowest level of control, usually governing system use or internal program controls. Application controls are easily subverted if higher-level controls governing the operating environment are missing or ineffective. Higher controls include general controls, pervasive controls, and detailed controls.

Answer 3

In the Open Systems Interconnection (OSI) communications model, the application layer provides services for an application program to ensure that effective communication woth another application program in a network is possible. The application layer is not the application that is doing the communication; there is a service layer that provides these services. Anew: the highest layer of the OSI model is layer 7. The Application layer runs problem-solving software for the user. This layer provides the interface between the user and the computer program.

Answer 4

A program that processes business data through activities such as data entry, update or query. Contrasts with system programs, such as an operating system or network contorl program, and with utility programs such as copy or sort.

Answer 5

The act or function of developing and maintaining applications programs in production.

Answer 6

"A set of routines, protocols and tools referred to as ""building blocks"" used in business application software development. A good API makes it easier to develop a program by providing all of the building blocks related to functional characteristics of an operating system that applications need to specify, for example, when interfacing with the operating system (e.g., provided by Microsoft Windows, different versions of UNIX). A programer utilizes these APIs in developing applications that can operate effectively and efficiently on the platform chosen."

Answer 7

See software as a service (SaaS).

Answer 8

Specialized tools that can be used to analyze the flow of data through the processing logic of the application software and document the logic, paths, contorl conditions and processing sequence. Both the command language or job contorl statements and programming language can be analyzed. This technique includes program/system: mapping, tracing, snapshots, parallel simulations and code comparisons.

Answer 9

Advanced computer systems that can simulate human capabilities, such as analysis, based on a predetermined set of rules. Anew: An attempt to simulate human reasoning by using a computer program with a knowledge database and abstract procedures to measure cause-and-effect relationships.

Answer 10

The area of the central processing unit that performs mathematical and analytical operations.

Answer 11

Representing 128 characters, the American Standard Code for Information Interchange (ASCII) code normally uses 7 bits. However, some variations of the ASCII code set allow 8 bits. This 8-bit ASCII code allows 256 characters to be represented.

Answer 12

A program that takes as input a program written in assembly language and translates it into machine code or machine language.

Answer 13

A less formal process used to determine value or relevance to the intended use. Assessments may be internal or external. The results of an assessment are of low to moderate value. The results are used for internal purposes only. See audit and independent audit to compare the differences.

Answer 14

Anything of value. May be tangible or intangible in the form of information, skilled people, money, physical goods, products, resources, recipes, or procedures.

Answer 15

A promise with supporting evidence given in a declaration or activity designed to instil confidence.

Answer 16

A cipher technique in which different cryptographic keys are used to encrypt and decrypt a message (see also public key encryption). Anew: an encryption system using two different keys. Both keys are mathematically related. Asymmetric-key encryption is not time sensitive. The private key is kept secret by the sender, and the public key is freely distributed to anyone who desires to communicate with the owner. Also known as public-key cryptography.

Answer 17

A high-bandwidth low-delay switching and multiplexing technology that allows integration of real-time voice and video as well as data. It is a data link layer protocol. ATM is a protocol-independent transport mechanism. It allows high-speed data transfer rates up to 155 Mbit/sec. The acronym ATM should not be confused with the alternate usage for ATM, which refers to an Automated Teller Machine.

Answer 18

A process used for database transaction integrity to ensure that the entire transaction is correctly processed or all the changes are backed out of the database. Anew: if an error or interruption occurs, all changes made up to that point are backed out.

Answer 19

An affirmation by the signer that all statements are true and correct. The purpose is to certify that a declaration is genuine.

Answer 20

In computer programming, an attribute is equivalent to a column in a database table. The attribute refers to a specific characteristic of a database entry.

Answer 21

An audit technique used to select items from a population for audit testing purposes based on selecting all those items that have certain attributes or characteristics (such as all items over a certain size). Anew: a technique used to estimate the rate of occurrence for a particular attribute within the subject population. In compliance testing, attribute sampling answers the question, "How many?"

Answer 22

The most detailed level of access control, which matches the combined security of subject (user or program), object (data), and context of usage (need or purpose) to determine whether a request should be approved or denied. ABAC is used in mandatory access control, which also requires a centralized control approach.

Answer 23

A formal and systematic process of collecting evidence to test or confirm a statement or to confirm a record of transaction. Also see internal audit and independent audit.

Answer 24

A formal document issued by management to designate audit responsibility, authority, and accountability. The absence of a formal audit charter document would indicate a control weakness.

Answer 25

A committee of the board of directors composed of financially literate executives. The purpose of the audit committee is to challenge the assertions of management by using internal and external auditors.

Answer 26

The information used to support the audit opinion. Anew: aamples collected by the auditor to prove or disprove the audit findings. Every audit must use relevant evidence of dependable quality in sufficient quantity to generate a score of success or failure.

Answer 27

The specific goal(s) of an audit. These often center on substantiating the existence of internal controls to minimize business risk. The audit objective(s) is the reason for the audit.

Answer 28

Detailed project plan containing a list of objectives, specific tasks in proper sequence, skills matrix, written copy of data collection procedures, written audit test procedures, and the forecast illustrating scope time and cost estimates. The audit plan is an essential document to be archived with the resulting audit report for proving integrity of the corresponding results.

Answer 29

A step-by-step set of audit procedures and instructions that should be performed to complete an audit.

Answer 30

The probability that information or financial reports may contain material errors and that the auditor may not detect an error that has occured. Anew: the possibility that material errors may exist that the auditor is unable to detect.

Answer 31

The boundaries and limitations of the individual audit. Normally, particular systems or functions that will be reviewed during the audit.

Answer 32

The target to be audited. The audit subject may be a particular system, process, procedure, or department function.

Answer 33

A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source. Anew: evidence that can be reassembled in chronological order to retrace a transaction or series of transactions.

Answer 34

The persons and organization being audited.

Answer 35

The mandatory examination procedures to be executed during an audit to ensure consistency of findings. The auditing standard specifies a minimum level of performance. Any deviations must be well documented, with justification as to why the standard was not followed.

Answer 36

The person(s) performing the audit by gathering evidence, testing, and reporting the findings. Auditors should not be related to the subject of the audit, to prevent bias. Also see independence.

Answer 37

An overall score generated by the sufficient collection of evidence, effective testing, observations, and findings from the test results. It's actually a score based on the relevance of the test results rather than an opinion.

Answer 38

The act of verifying the identity of a user and the user's eligibility to access computerized information. Authentication is designed to protect against fraudulous logon activity. It can also refer to the verification of the correctness of a piece of data. Anew: the process of verifying a user's identity. The user's claim will be tested against a known reference. If a match occurs, the user is authenticated and allowed to proceed. A mismatch will deny the request.

Answer 39

Used in the IPsec protocol to provide integrity, authentication, and non-repudiation by means of encryption. The authentication header contains the security associations (SAs), which are used for covert tunnelling mode. The AH works with the encapsulated security protocol to both hide the internal IP address and encrypt the data payload.

Answer 40

Microsoft's technique for software developers to digitally sign downloadable ActiveX applets. The authenticode design fails to provide any security from poorly written programs and does not protect the user from malicious programs designed to intentionally cause harm.

Answer 41

The granting of a right or authority.

Answer 42

A term that refers to the accessibility and proper functioning of a system at the time frame required by the user.

Answer 43

The main communication channel of a digital network. The part of a network that handles the major traffic. Employs the highest-speed transmission paths in the network and may also run the longest distances. Smaller networks are attached to the backbone, and networks that connect directly to the end user or customer are called "access networks". A backbone can span a geographical area of any size from a single building to an office complex to an entire country. Or, it can be as small as a backplane in a single cabinet.

Answer 44

A hidden software-access mechanism that will bypass normal security controls to grant access into a program. A root kit is the most powerful type of backdoor because it creates covert access paths into the system. Also see trapdoor.

Answer 45

Files, equipment, data and procedures available for use in the event of a failure or loss, if the originals are destroyed or out of service.

Answer 46

The culmination of software, hardware, procedures, and data files that will permit timely recovery from a failure or disaster.

Answer 47

A card or other device that is presented or displayed to obtain access to an otherwise restricted facility, as a symbol of authority (e.g. police) or as a simple means of identification. Also used in advertising and publicity.

Answer 48

Developed by Robert S. Kaplan and David P. Norton as a coherent set of performance measures organized into four categories that includes traditional financial measures, but adds customer, internal business process, and learning and growth perspectives. Anew: a management tool that aligns individual activities to the higher-level business objectives.

Answer 49

The range between the highest and the lowest transmittable frequencies. It equeates to the transmission capacity of an electronic line and is expressed in bytes per second or Hertz (cycles per second).

Answer 50

A printed machine-readable code that consists of parrallel bars of varied width and spacing.

Answer 51

A standardized body of data created for testing purposes. Users normally establish the data. Base cases validate production application systems and test the ongoing accurate operation of the system.

Answer 52

A form of modulation in which data signals are pulsed directly on the transmission medium without frequency division and usually utilize a transceiver. The entire bandwidth of the transmission medium (e.g., coaxial cable) is utilized for a single channel. Anew: a single channel for data transmission. Coax cable is an example of a baseband technology.

Answer 53

An agreed-upon reference point. Also see software baseline.

Answer 54

A gateway host fully exposed to an external connection such as the Internet. Bastion hosts are special-purpose systems designed with their own protection to withstand normal (average) attacks. Examples include a proxy server or firewall. If compromised, the bastion will be shut down.

Answer 55

Correctness checks built into data processing systems and applied to batches of input data, particularly in the data preparation stage. There are two main forms of batch controls: sequence control, which involves consecutively numbering the records in a batch so that the presence of each record can be confirmed, and control total, which is a total of the values in selected fields within the transaction. Anew: used to ensure the accuracy and correct formatting of input data. The batch controls include sequence numbering and run-to-run totals. The batch count will count the number of all the items to ensure that each transaction is processed. Batch totals can be used to verify the values within the transactions.

Answer 56

The processing of a group of transactions at the same time. Transactions are collected and processed against the master files at a specified time.

Answer 57

A method often employed by antispam software to filter spam based on probabilities. The messag eheader and every word or number are each considered a token and given a probability score. Then the entire message is given a spam probability score. A message with a high score will be flagged as spam and discarded, returned to its sender or put in a spam directory for further review by the independent recipient.

Answer 58

A temporary record of work in progress. This database journal file contains the original data before a new transaction is written. A copy of the original data is retained in this "before" journal file in case the transaction fails. If the transaction fails, the change is discarded and the original data is kept. Related to the ACID principle and after-image transaction journal.

Answer 59

A systematic approach to comparing enterprise performance against peers and competitors in an effort to learn the best ways of conducting business. Examples include benchmarking of quality, logistic efficiency and various other metrics. Anew: a test to evaluate performance against a known workload or industry accepted standard. Using the Capability Maturity Model (CMM) is a form of benchmarking.

Answer 60

Refers to evidence that specifically proves or disproves a particular point. The best evidence is both independent and objective. The worst evidence is subjective or circumstantial evidence.

Answer 61

A code whose representation is limited to 0 and 1.

Answer 62

Management isn't a policy; management is the enforcement/ overseeing of the policy concerning the intended use of biometric data with corresponding standards and procedures. Management includes identifying how data is collected, stored, protected, transmitted, used, and disposed of.

Answer 63

Special acquisition device used to create unique minutiae data representing an individual user. Sensors convert physical attributes into electrical signals, which are recorded as attribute scores for each individual user.

Answer 64

A combined assembly of hardware and software that uses biometric templates, acquisition sensors, a biometric template generator, an encrypted database of biometric template data, and a complete matcher to determine whether an individual is actually a legitimate authorized user.

Answer 65

Minutiae data created by the biometric system's acquisition sensor, it represents unique characteristics of the legitimate authorized user that are trustworthy enough to be used for authentication.

Answer 66

The system sensor that acquires a biometric image and converts it into biometric minutiae for digital storage or comparison.

Answer 67

Compares a biometric image template just acquired by the sensor to the biometric minutiae already stored inside the biometrics database. A match between the two templates will authenticate the individual, allowing access through the physical door or barrier.

Answer 68

A security technique that verifies an individual's identity by analyzing a unique physical attribute, such as a handprint. Anew: a technical process to verify a user's identity based on unique physical characteristics.

Answer 69

A special bit-by-bit backup of physical media, which records all the contents, including deleted files and current contents of swap space or slack space. Also known as physical backup. Bitstream backups are used in forensic analysis and may be used in electronic discovery. Also see logical backup.

Answer 70

A testing approach thatfocuses on the functionality of the application or product and does not require knowledge of the code of intervals. Anew: tests the functionality of compiled software by comparing the input and output, without understanding the internal process that creates the output. The internal logic is hidden from the tester. The term black box refers to the software being in non-readable machine format (compiled code). Almost all commercially available software is tested by using the black-box technique.

Answer 71

The complete failure of electrical power.

Answer 72

The initial loading of software to start a computer. Also see initial program load (IPL).

Answer 73

Remote-controlled robot network created from compromised computers owned by unsuspecting users. Unsuspecting victims may even be located behind a firewall on a corporate network. This bot-net operates a distributed attack against other systems or delivers email spam messages against other systems. Bot-nets are known to be as large as hundreds of thousands or even millions of systems.

Answer 74

A device that connects two similar networks together. Anew: a network device or software process that connects similar networks together. Network switching is based on a bridging process to join users into logical network segments. A standard bridge will forward all data packets to the other users in the subnet. A bridge operates at the OSI Data-Link layer (layer 2).

Answer 75

Multiple channels are formed by dividing the transmission medium into discrete frequency segments. Broadband generally requires the use of a modem. Anew: aultiple communication channels that are multiplexed over a single cable. DSL is an example of broadband transmitted on a different frequency and sharing the same physical wire with the voice telephone circuit.

Answer 76

A network transmission by one computer to all computers on the network. Ethernet uses broadcast technology to transmit data packets, which are seen by all the computers on the network.

Answer 77

Devices that perform the functions of both bridge and a router. A brouter operates at both the data link and the network layers. It connects same data link type local area network (LAN) segments as well as different data link ones, which is a significant advantage. Like a bridge, it forwards packets based on the data link layer address to a different network of the same type. Also, whenever required, it processes and forwards messages to a different data link type network based on the network protocol address. When connecting same data link type networks, it is as fast as a bridge and is able to connect different data link type networks.

Answer 78

Low voltage for an extended period of time.

Answer 79

An attempt to overpower the system or to try every possible combination until access is granted.

Answer 80

Memory reserved to temporarily hold data to offset differences between the operating speeds of different devices, such as a printer and a computer. In a program, buffers are reserved areas of random access memory (RAM) that hold data while they are being processed. Anew: a temporary memory location used to stage data before or after processing.

Answer 81

Common path or channel between hardware devices. Can be located between computers internal to a computer or between external computers in a communications network. Anew: a shared connection used in common by other devices. Examples include the power bus and the computer data bus.

Answer 82

All devices (nodes) are linked along one communication line where transmissions are received by all attached nodes. This architecture is reliable in very small networks, as well as easy to use and understand. This configuration requires the least amount of cable to connect the computers together and, therefore, is less expensive than other cabling arrangements. It is also easy to extend, and two cables can be easily joined with a computer to make a longer cable for more computers to join the network. A repeater can also be used to extend a bus configuration.

Answer 83

An early type of networking in which all the computers were connected on a single cable in a linear fashion.

Answer 84

Documentation of the rationale for making a business investment, used both to support a business decision on whther to proceed with the investment and as an operational tool to support management of the investment through its full economic life cycle.

Answer 85

A specific manager with the authority of a vice president or director assigned to lead planning and exercises. Usually this person reports to the chief executive officer (CEO), chief operating officer (COO), or holds a leadership position in the program management office. Unlike departmental managers, the BC manager has authority across departmental boundaries.

Answer 86

A plan used by an organization to respond to disruption of critical business processes. Depends on the contingency plan for restoration of critical systems. Anew: an organizational plan to continue core revenue-generating operations following a crisis or disaster. The objective of business continuity planning is to ensure uninterrupted revenue for business survival.

Answer 87

A process to determine the impact of losing the support of any resource. The BIA assessment study will establish the escalation of that loss over time. It is predicated on the fact that senior management, when provided reliable data to document the potential impact of a lost resource, can make the appropriate decision. Anew: the process of determining the actual steps to produce the desired product or service, as in use by the organization. The intention is to provide management with accurate information about how the business processes are performed.

Answer 88

Business performance can be measured by a variety of indicators, including return on investment (ROI), gross profit margin (GPM), capital gains, market share, production cost, and debt ratio.

Answer 89

The thorough analysis and significant redesign of business processes and management systems to establish a better performing structure, more responsive to the customer base and market conditions, while yielding material cost savings. Anew: the process of streamlining existing operations in an effort to improve efficiency and reduce cost. Benefits may be derived by eliminating unnecessary steps as the organization has progressed through the learning curve, or by expanding capability for more work.

Answer 90

A probable situation with uncertain frequency and magnitude of loss (or gain). Anew: the inherent potential for harm in the business or industry itself, as the organization attempts to fulfil its objectives. Business risks may be regulatory, contractual, or financial.

Answer 91

A technique of reading a computer file while bypassing the internal file/data set label. This process could result in bypassing of the security access control system. Anew: an attempt to circumvent mandatory access controls by bypassing the electronic security control label. Examples include writing data to a read-only file, or accessing a file that would be off-limits because of its higher security rating.

Answer 92

See pseudo-code.

Answer 93

A physical collection of network cables contained inside the building.

Answer 94

A high-speed buffer used to temporarily stage data before or after processing.

Answer 95

Rows of data used with search attributes to find all matching records within the database. For example, searching the database to find the name of every hotel in Grapevine, Texas.

Answer 96

CMM for software, from the Software Engineering Institute (SEI), is a model used by many organizations to identify best practices useful in helping them assess and increase the maturity of their software development processess. Anew: developed by the Software Engineering Institute to benchmark the maturity of systems and management processes. Maturity levels range from 0 to 5. Level 5 is completely documented and optimized for continuous improvement.

Answer 97

The process of continuously monitoring utilization in the environment against existing resource capacity. The objective is to ensure optimum use and expansion of services before an outage occurs.

Answer 98

Testing an application with large quantities of data to evaluate its performance during peak periods. Also called volume testing.

Answer 99

Computer hardware that houses the electronic circuits that contorl/direct all operations of the computer system.

Answer 100

A written assurance or official record representing that an event has or has not occurred. Certificates can be stored as electronic records or physical documents, signed by the party providing a declaration of authenticity.

Answer 101

A trusted third party that serves authentication infrastructures or organizations and registers entities and issues them certificates. Anew: the trusted issuer of digital certificates using public- and private-key pairs. The certificate authority is responsible for verifying the authenticity of the user's identity.

Answer 102

An instrument for checking the continued validity of the certificates for which the certification authority (CA) has responsibility. The CRL details digital certificates that are no longer valid. The time gap between two updates is very critical and is also a risk in digital certification. Anew: a list maintained by the certificate authority, of certificates that are revoked or expired.

Answer 103

A comprehensive technical evaluation process to establish compliance to a minimum requirement.

Answer 104

A detailed set of procedures specifying how the certificate authority governs its operation. It provides an understanding of the value and set certificate authority's value trustworthiness of certificates issued by a given certificate authority (CA).

Answer 105

Refers to the mandatory security and integrity requirements used in the evidence life cycle. The custodian of evidence must prove that the evidence has been kept secure with a high degree of integrity and has not been tampered with.

Answer 106

A management review process to ensure awareness and control of changes in the IT environment. A change control board provides separation of duties.

Answer 107

A formal review of proposed changes using a systematic methodology.

Answer 108

"A holistic and proactive approach to managing the transition from a current to a desired organizational state, focusing specifically on the critical human or ""soft"" elements of change."

Answer 109

Interfaces at the physical layer of the open systems interconnection (OSI) reference model, data terminal equipment (DTE) to data circuit terminating equipment (DCE), for switched carrier networks.

Answer 110

A numeric value, which has been calculated mathematically, is added to data to ensure that original data have not been altered or that an incorrect, but valid match has occurred. Check digit control is effective in detecting transposition and transcription errors.

Answer 111

A list of items that is used to verify the completeness of a task or goal. Used in quality assurance (and, in general, in information systems audit) to check process compliance, code standardization and error prevention, and other items for which consistency processes or standards have been defined.

Answer 112

"A mathematical value that is assigned to a file and used to ""test"" the ffile at a later date to verify that the data contained in the file have not been maliciously changed. A cryptographic checksum is created by performing a complicated series of mathematical operations (known as a cryptographic algorithm) that translates the data in the file into a fixed string of digits called a hash value, which is then used as the checksum. Without knowing which cryptographic algorithm was used to create the hash value, it is highly unlikely that an authorized person would be able to change data without inadvertently changing the corrosponding checksum. Cryptographic checksums are used in data transmission and data storage. Cryptographic checksums are also known as message authentication codes, integrity check-values, modification detection codes or message integrity codes."

Answer 113

Information generated by an encryption algorithm to protect the plaintext and that is unintelligible to the unauthorized reader. Anew: an encrypted message displayed in unreadable text that appears as gibberish. The message is displayed in cipher form.

Answer 114

All communications are transmitted over a dedicated circuit such as a T1 leased line telephone circuit. Circuit switching is the opposite of packet switching.

Answer 115

Refers to a proxy firewall. No data packets are forwarded between the internal and external network, except by the proxy application. The proxy application is required to complete the data transmission circuit.

Answer 116

Data is ranked somewhere in a protection scheme (aka protection plan) that has been clearly identified to the users and includes handling procedures on how the information should be controlled. Also see unclassified information.

Answer 117

A message that is completely readable to a human. The message can be clearly read.

Answer 118

A person or organization with the authority to request an audit. The auditor's report of findings is presented to the client at the conclusion of the audit. The client may be internal or external to the auditee.

Answer 119

A group of computers connected by a communication network, in which the client is the requesting machine and the server is the supplying machine the supplying machine. Software is specialized at both ends. Processing may take place on either the client or the server, but it is transparenct to the user.

Answer 120

Software containing methods and programming of a proprietary design, which remains the property of the software creator. Most commercial software is closed system. Closed systems can exchange data to other programs by using a specific application programming interface (API). Microsoft Windows is an example of a closed system containing proprietary design.

Answer 121

A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications and services) that can be rapidly provisioned nd released with minimal management effort or service provider interaction. Anew: application software hosted by remote vendor and offered across the Internet to subscribers. Cloud computing is a variation of the application service provider (ASP) and software as a service (SaaS) models. Security issues are a major concern because specific details of the communications network, network servers, internal software application, and vendor's operation may not be known by the user. Auditors need to remain aware that cloud computing may cut operating expense, bypass IT controls, fuel an individual's political agenda, circumvent management, or violate data control requirements.

Answer 122

Composed of an insulated wirre that runs through the middle of each cable, a second wire that surrounds the insulation of the inner wire like a sheath, and the outer insulation which wraps the second wire. Has a greater transmission capacity that standard twisted-pair cables, but has a limited range of effective distance.

Answer 123

The extent to which a system unit--subroutine, program, module, component, subsystem--performs a single dedicated function. Generally, the more cohesive are units, the easier it is to maintain and enhance a system because it is easier to determine where and how to apply a change.

Answer 124

An IS backup facility that has the necessary electrical and physical components of a computer facility, but does not have the facility that physical components of the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event the users have to move from their main computing location to the alternative computer facility. Anew: a physical location that can be used for disaster recovery of non-critical processes. The cold site is no more than a building with basic utility service. The entire computing environment must be shipped in and then assembled. The cold site will be ready for production use in weeks or months.

Answer 125

A voluntary association of governments (members) engaged in regulating the integrity of financial transactions worldwide. COSO is based on London's banking system for investment, stock trading, and transaction controls. COSO represents the foundation of auditing laws and audit controls worldwide. ISACA represents a narrow derivative of IT-specific controls attempting to implement an IT-only portion of the COSO control model. COSO controls are used in conjunction with those of the International Organization for Standardization (ISO) and the Organization for Economic Cooperation and Development (OECD), which specify the details and interpretation of laws each country needs to adopt in support of world trade.

Answer 126

An international standard (ISO 15408) for testing criteria of computer security controls. All ISO member countries are expected to use the Common Criteria standard with testing performed by an ISO 17025-certified laboratory testing facility. Common Criteria is currently in use by Canada, France, Germany, the Netherlands, the United Kingdom, and the United States.

Answer 127

A computer embedded in a communications system that generally performs basic tasks of classifying network traffic and enforcing network polic functions. An example is the message data processor of a digital divide network (DDN) switching center. More advanced communications processors may perform additional functions.

Answer 128

A program for the examination of data, using logical or conditional tests to determine or to identify similarities or differences.

Answer 129

An internal control that reduces the risk of an existing or potential control weakness resulting in errors and omissions. Anew: an internal control that reduces the potential for loss by error or omission. Supervisory review and audit trails are compensating controls for a lack of separation of duties.

Answer 130

An automated process used by software developers to convert human-readable computer programs into executable machine language. Compiled computer software runs faster than interpreted program scripts. Compiled computer programs cannot be read by humans.

Answer 131

A program that translates programming languge (source code) into machine executable instructions (object code).

Answer 132

A network topology in which devices are connected with many redundant interconnections between network nodes (primarily used for backbone networks).

Answer 133

A procedure designed to ensure that no fields are missing from a record.

Answer 134

A type of audit that determines whether internal controls are present and functioning effectively.

Answer 135

Tests of control designed to obtain audit evidence on both the effectiveness of the controls and their operation during the audit period. Anew: the testing of internal controls to determine whether they are functioning correctly.

Answer 136

Cooperating packages of executable software that make their services available through defined interfaces. Components used in developing systems may be commercial off-the-shelf software (COTS) or may be purposely built. However, the goal of component-based development is to ultimately use as many predeveloped, pretested components as possible.

Answer 137

A group of people integrated at the organization with clear lines of reporting and responsibilities for standby support in case of an information systems emergency. This group will act as an efficient corrective control, and should also act as a single point of contact for all incidents and issues related to information systems.

Answer 138

An audit designed to determine the accuracy of financial records as well as to evaluate the internal controls of a function or department.

Answer 139

Physical access to the computer's primary input/output terminal, usually the video display and keyboard. Access to the computer console is a security risk that must be controlled.

Answer 140

The application of the scientific method to digital media to establish factual information for judicial review. This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities. As a discipline, it combines elements of law and computer science to collect and analyze data from information systems (e.g., personal computers, networks, wireless communications and digital storage devices) in a way that is admissible as evidence in a court of law.

Answer 141

Verifies that the control number follows sequentially and that any control numbers out of sequence are rejected or noted on an exception report for further research.

Answer 142

The use of software packages that aid in the development of all phases of an information system. System analysis, design programming and documentation are provided. Changes introduced in one CASE chart will update all other related charts automatically. CASE can be installed on a microcomputer for easy access.

Answer 143

Any automated audit technique, such as generalized audit software (GAS), test data generators, computerized audit programs and specialized audit utilities. Anew: the family of automated test software using a computerized audit procedure with specialized utilities.

Answer 144

Refers to a class of controls used in a database management system (DBMS) to ensure that transactions are processed in an atomic, consistent, isolated and durable manner (ACID). This implies that only serial and reciverable schedules are permitted, and that committed transactions are not discarded when undoing aborted transactions.

Answer 145

The quantified probability of error. A confidence coefficient of 95 percent is considered a high level of confidence in IS auditing.

Answer 146

The protection of information held in secret for the benefit of authorized users.

Answer 147

The control of changes to a set of configuration items over a system life cycle. Anew: an administrative process of being able to prove the documented design as built, by verifying the correct version of all the individual components used in final construction. The three elements of configuration management are control, accounting, and reporting.

Answer 148

An automated detail report of computer system activity.

Answer 149

An early software project estimation technique used to forecast the time and effort required to develop a software program based on size and complexity.

Answer 150

Process of developing advance arrangements and procedures that enable an enterprise tto rrespond to an event that could occur of arrangements an o espond occur by chance or unforeseen circumstances.

Answer 151

"Preventing, mitigating and recovering from disruption. The terms ""business resumption planning,"" ""disaster recovery planning"" and ""contingency planning"" also may be used in this context; they all concentrate on the recovery aspects of continuity."

Answer 152

Pre-emptive activities designed to ensure the continuous operation of core processes, utilities, and lifeline services. Vendors involved in lifeline medical services, power utilities, communications, national infrastructure supply-chains, or food and water are expected to provide their services without interruption regardless of whether they generate revenue or not.

Answer 153

This approach allows IS auditors to monitor system reliability on a continuous basis and to gather selective audit evidence through the computer.

Answer 154

The goals of continuous improvement (Kaizen) include the elimination of waste, defined as "activities that add cost, but do not add value;" just-in-time delivery; production load leveling of amounts and types; standardized work; paced moving lines; right-sized equipment. A closer definition of the Japanese usage of Kaizen is "to take it apart and put back together in a better way." What is taken apart is usually a process, system, product or service. Kaizen is a daily activity whose purpose goes beyond improvement. It is also a process that, when done correctly, humanizes the workplace, eliminates hard work (both mental and physical), and teaches people how to do rapid experiments using the scientific method and how to learn to see and eliminate waste in business processes.

Answer 155

Any system utility or special software not required in the specific performance of a person's job duties. A tightly controlled software policy prevents any excuses for violating separation of duties. Examples of contraband software include password crackers, network discovery tools, CAAT software, traffic generators, disk-wiping utilities, or known hacking software. Violations should be grounds for immediate termination following the conclusion of an investigation.

Answer 156

The power to regulate or restrict activities. IS controls are used as a safeguard to prevent loss, error, or omission.

Answer 157

A space designed to protect assets by using sufficient physical and technical controls to prevent unauthorized access or compromise. The computer room is a control environment.

Answer 158

Members of the operations area that are responsible for the collection, logging and submission of input for the various user groups.

Answer 159

A statement of the desired result or purpose to be achieved by implementing control procedures in a particular process.

Answer 160

The risk that a material error exists that would not be prevented or detected on a timely basis by the system of internal controls. Anew: the risk that errors may be introduced, or not identified and corrected in a timely manner. The risk of losing control.

Answer 161

The area of the central processing unit (CPU) that executes sofwtare, allocates internal memory and transfers operations between the arithmetic-logic, internal storage and output sections of the computer.

Answer 162

A formal review executed by the user to assess the effectiveness of controls. The purpose of the control self-assessment is to induce ownership by the user and to facilitate improvement.

Answer 163

A message kept in the web browser for the purpose of identifying users and possibly preparing customized web pages for them. The first time a cookie is set, a user may be required to go through a registration process. Subsequent to this, whenever the cookie's message is sent to the server, a customized view based on that user's preferences can be produced. The browser's implementation of cookie's has, however, brought several security concerns, allowing breaches of security and the theft of personal information (e.g., user passwords that validate the user's identity and enable restricted web services).

Answer 164

The system by which enterprises are directed and controlled. The board of directors are responsible for the governance of their organization. It consists of the leadership and organizational structures and processes that ensure the organization sustains and extends strategies and objectives.

Answer 165

Designed to correct errors, omissions and unauthorized uses and intrusions, once they are detected. Anew: a control designed to minimize the impact of an error by repairing the condition or executing an alternative procedure. Examples of corrective controls include data restoration from tape backup, hot sites, and automated fail-over systems.

Answer 166

The capital expense of an asset may be measured as total ownership cost (TOC). The cost of the asset is the cumulative total expense based on purchase price, delivery cost, implementation cost, and effective downtime.

Answer 167

Any process that directly reduces a threat or vulnerability.

Answer 168

Measure of interconnectivity among structure of software programs. Coupling depends on the interface complexity between modules. This can be defined as the point at which entry or reference is made to a module, and what data pass across the interface. In application software design, it is preferable to strive for the lowest possible coupling between modules. Simple connectivity among modules results in software that is easier to understand and maintain, and less prone to a ripple or domino effect caused when errors occur at one location and propagate through the system.

Answer 169

A malicious computer attacker who attempts to break into a system. Synonymous with the term malicious hacker.

Answer 170

A special diagnostic file created when a computer system crashes. The contents represent the data being processed at the time of the crash, including contents of the memory registers and tasks running when the crash occurred. Crash dump files vary according to the operating system. Contents of this file are extremely valuable in forensic analysis.

Answer 171

Systems whose incapacity or destruction would have a debilitating effect on the economic security of an enterprise, community or nation.

Answer 172

The path of execution that accomplishes the minimum, yet most important objectives of the project. The critical path is the longest single route through a network diagram and the shortest time to accomplish the main objectives. Critical path items represent mandatory tasks that, if not accomplished, would wreck the project.

Answer 173

A process that must occur perfectly every single time in order to be successful. To fail a critical success factor would be a show stopper. Anew: The most important issue or action for management to achieve control over and within its IT processes.

Answer 174

Very common programming technique that allows one program, such as a shopping cart, to drive another website. The shopping cart sends a transaction approval message to a different website, which provides access or a file to download. XSS creates a serious vulnerability unless strong cryptographic controls are used to authenticate that the request is actually valid. Static passwords will not protect against XSS attacks.

Answer 175

In biometrics, crossover error rate refers to adjusting sensitivity of the system to specifically favour either speed or increased accuracy. The most common error in biometrics is false rejection (type 1 error, aka. FRR), which poses little risk to an organization's security requirements. The greater risk of breach occurs when an illegitimate user is accepted in error (type 2 error, aka FAR, or false acceptance rate). The crossover rate indicates the level of favouritism protecting against either FRR or FAR. Also see equal error rate. Note that ISACA may confuse the terminology of CER and EER in documentation and on exam questions. These are definitely different settings.

Answer 176

The implementation of a computer program using a cryptographic algorithm and keys to encrypt and decrypt messages.

Answer 177

The theories and methods of converting readable text into undecipherable gibberish and later reversing the process to create readable text. The purpose of cryptography

Answer 178

See white-box testing.

Answer 179

A way to identify, acquire and retain customers. CRM is also an industry term for software solutions that help an organization manage customer relationships in an organized manner.

Answer 180

A simple error-detection process whereby the contents are divided by a number prior to transmission. After transmission, the process is rerun to determine whether an error occurred. A value of zero indicates that the transmission was successful.

Answer 181

A process of ranking information based on its value or requirements for secrecy.

Answer 182

The transfer of data between seperate computer processing sites/devices using telephone lines, microwave and/or satellite links.

Answer 183

Individual(s) and department(s) responsible for the stprage and safeguarding of computerized information. This typically is within the IS organization. Anew: the individual charged with protecting data from a loss of availability, loss of integrity, or loss of confidentiality. The data custodian implements controls appropriate to the desires of the data owner and data classification.

Answer 184

A database that contains the name, type, range of values, source and authorization for access for each data element in a database. It also indicates which application programs use those data so that when a data structure is contemplated, a list of the affected programs can be generated. May be a stand-alone information system used for management or documentation purposes, or it may control the operation of a database. Anew: a standardized reference listing of all the programmer's data descriptions and files used in a computer program.

Answer 185

Changing data with malicious intent before or during input into the system.

Answer 186

An algorithm for encoding binary data. It is a secret key cryptosystem published by the National Bureau of Standards (NBS), the predecessor of the US National Institute of Standards and Technology (NIST). DES was defined as a Federal Information Processing Standard (FIPS) in 1976 and has been used commonly for data encryption in the forms of software and hardware implementation (See private key cryptosystems). Anew: A cryptographic symmetric-key algorithm implemented by the U.S. government from 1972 to 1993. The DES standard was modified to use a triple process of encryption and decryption in an attempt to improve confidentiality (triple DES). DES was replaced by the Advanced Encryption Standard (AES). DES is commonly used in older devices.

Answer 187

Procedures to ensure the appropriateness and accuracy of information.

Answer 188

Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes.

Answer 189

A group of data selected from a data warehouse for analysis. The data selected is of particular interest to a group of people.

Answer 190

The process of analyzing volumes of data to determine correlations that may be useful.

Answer 191

Individual(s), normally a manager or director, who has responsibility for the integrity, accurate reporting and use of computerized data. Anew: the individual or executive responsible for the integrity of information. The duties of the owner include specifying appropriate controls, identifying authorized users, and appointing a custodian.

Answer 192

See records management.

Answer 193

Those controls that seek to maintain confidentiality, integrity and availability of information.

Answer 194

A set of related data files.

Answer 195

the relationships among files in a database and among data within each file.

Answer 196

The transmit-and-receive protocol between networked devices. Data-Link operates on OSI layer 2.

Answer 197

A data collection designed around relevant information in a known format. The database and the program methods operate separately from each other.

Answer 198

Focuses on providing ad hoc reporting for users by developing a suitable accessible database of information and to provide useable data rather than a function.

Answer 199

A stored collection of related data needed by organizations and individuals to meet their information processing and retrieval requirements. Anew: a collection of persistence data items that are maintained in a grouping.

Answer 200

An individual or department responsible for tthe security and information classification of the shared data stored on a database he classification shared stored on system This responsibility includes the design, definition and maintenance of the database.

Answer 201

A software system that controls the organization, storage and retrieval of data in a database.

Answer 202

The process of creating and managing duplicate versions of a database. Replication not only copies a database but also synchronizes a set of replicas so that changes made to one replica are reflected in all of the others.

Answer 203

The data structure and design of the database that represents a logical layout or schema.

Answer 204

These are the requirements for establishing a database application. They include field definitions, field requirements, and reporting requirements for the individual information in the database.

Answer 205

The process of distributing computer processing to different locations within an organization.

Answer 206

An interactive system that provides the user with easy access to decision models and data, to support semistructured decision- making tasks. Anew: a database information system with scenario models designed to convey important facts and details to aid the decision process.

Answer 207

A technique used to recover the original plaintext from the ciphertext so that it is intelligible to the reader. The decryption is a reverse process of the encryption. Anew: the process of reversing encryption to convert unintelligible cipher-text into human-readable clear text.

Answer 208

A piece of information used to recover the plaintext from the corrosponding ciphertext by decryption.

Answer 209

The address of a router used to communicate with systems located on a different subnet or different network.

Answer 210

A process of building layers of defensive controls for protective assurance. Also known as a layered defense strategy.

Answer 211

To sharpen the details of an average population by using a stratified mean (for example, demographics) to further define the data into small units.

Answer 212

The application of variable levels of alternating current for the purpose of demagnetizing magnetic recording media.

Answer 213

Computer files remain on the hard disk after deletion. To conserve processing, space occupied by deleted files is simply marked as eligible for overwriting. Deleted files that have not been overwritten may be recovered by using a simple recovery utility or forensic analysis. Use of an overwriting utility or physical destruction is necessary to prevent unauthorized disclosure of deleted files.

Answer 214

See screened subnet.

Answer 215

An attack designed to prevent the user from accessing the computer system.

Answer 216

Lower-level controls placed on specific procedures.

Answer 217

The risk that material errors or misstatements that have occured will not be detected by the IS auditor. Anew: the risk that an auditor will not be able to detect material error conditions (faults) that exist.

Answer 218

Exists to detect and report when errors, omissions and unauthorized ues of entries occur. Anew: a control designed to report items of concern including errors, omissions, and unauthorized access.

Answer 219

Used as a control over dial-up telecommunications lines. The telecommunications link established through dial-up into the computer from a remote location is interrupted so the computer can dial back to the caller. The link is permitted only if the caller is from a valid phone number or telecommunications channel.

Answer 220

Prevents unauthorized access from remote users who attempt to access a secured environment. Ranges from a dial-back control to remote user authentication.

Answer 221

An attack used to discover system passwords by loading all the words found in a language dictionary into a password-cracking utility. The password-cracking utility will encrypt each word by using the same method as the operating system. Matching encrypted passwords are identified, and the originating word is displayed to the attacker as the unencrypted password.

Answer 222

A file backup method that copies every file that has been added or changed since the last full backup. A differential backup does not set the final archive bit flag.

Answer 223

An encrypted computer file containing unique information about the identity of the individual and the issuer of the certificate. Digital certificates are used to verify the authenticity of a remote system. Digital certificates are required to enable Secure Shell (SSH) and Secure Sockets Layer (SSL).

Answer 224

Uses encryption and/or digital certificates to enforce licensing of electronic files (music, movies, e-books, and so forth). DRM is used to help prevent bootlegging of illegal copies. The electronic file contains a special DRM interface that uses the vendor's public key to unlock the product for authorized users. Depending on the vendor's implementation, DRM may or may not use digital certificates as part of the protection mechanism.

Answer 225

A piece of information, a digitized form of signature, that provides sender authenticity, message integrity and non-repudiation. A digital signature is generated using the sender\s private key or applying a one-way hash function. Anew: an encrypted hash of an electronic file. The subject file is processed by using a hash algorithm such as MD5 or SHA-256. The resulting hash output file is encrypted with the sender's private key. This encrypted hash file is known as a digital signature that is related to both the sender and the subject file. The signature is verified by using the sender's public key to decrypt the hash.

Answer 226

A set of human, physical, technical and procedural resources to recover, within a defined time and cost, an activity interrupted by an emergency or disaster. Anew: a set of procedures for providing an emergency response following a disaster. The objective is to rebuild the organization to a state equal to that prior to the disaster. Disaster recovery does not provide for losses of market share and revenue. Business continuity is the next step above disaster recovery.

Answer 227

The time gap during which the business can accept the non-availability of IT facilities.

Answer 228

A form of attribute sampling that is used to determine a specified probability of finding at least one example of an occurrence (attribute) in a population. Anew: the process of searching 100 percent of the available records for specific attributes to determine the probability of occurrence. Used when the likelihood of evidence is low or extreme accuracy is required. The intention is to discover whether a particular situation has occurred. Common examples include fraud, forensic investigations, and identifying correlations from unexpected events.

Answer 229

A means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to another subject. Anew: a type of access control in which a person of authority decides to grant or revoke access for an individual. The decision may be based on need or desire.

Answer 230

See bitstream imaging.

Answer 231

See mirrored.

Answer 232

The orderly connection of multiple disk drives in a storage array. Strings of individual disks are connected for use in RAID subsystems.

Answer 233

A workstation or PC on a network that does not have its own disk, but instead stores files on a network file server.

Answer 234

The manner in which hardware and software assets are authorized for retirement without the loss of data records. Data must be archived according to legal commitments and regulations. No one in the organization should profit from the disposal process.

Answer 235

A system of computers connected together by a communication network. Each computer processes its data and the network supports the system as a whole. Such a network enhances communication among the linked computers and allows access to shared files.

Answer 236

A particularly vicious form of denial-of-service attack that is launched concurrently from multiple systems.

Answer 237

The method of routing traffic through split cable facilities or duplicate cable facilities. This can be accomplished with different and/or duplicate cable sheaths. If different cable sheaths are used, the cable may be in the same conduit and, therefore, subject to the same interruptions as the cable it is backing up. The communication service subscriber can duplicate the facilities by having alternate routes, although the entrance to and from the customer premises may be in the same conduit. The subscriber can obtain diverse routing and alternate routing from the local carrier, including dual entrance facilities. However, acquiring this type of access is time-consuming and costly. Most carriers provide facilities for alternate and diverse routing, although the majority of services are transmitted over terrestrial media. These cable facilities are usually located in the ground or basement. Ground-based facilities are at great risk due to the aging infrastructures of cities. In addition, cable-based facilities usually share room with mechanical and electrical systems that can impose great risks due to human error and disastrous events.

Answer 238

A kingdom or political territory of direct influence.

Answer 239

A hierarchical database that is distributed across the internet that allows names to be resolved into IP addresses (and vice versa) to locate services such as web and email servers. Anew: an Internet protocol that looks up the server's IP address by using the server hostname, such as www.firebrand.co.uk . The Internet domain names and IP addresses are loaded into a server running the domain name service.

Answer 240

Corrupts the table of an Internet server's DNS, replacing an Internet address with the address of another vagrant or scoundrel address. If a web user looks for the page with that address, the request is redirected by the scoundrel entry in the table to a different address. Cache poisining differs from another form of DNS poisining in which the attacker spoofs valid email accounts and floods the "n" boxes of administrative and technical contacts. Cache poisining is related to URL poisining or location poisining, in which an internet user behavior is tracked by adding an identification number to the location line of the browser that can be recorded as the user visits successive pages on the site. It is also called DNS cache poisining or cache poisining.

Answer 241

The act of transferring computerized information from one computer to another computer.

Answer 242

A resource or system being unavailable to the user for any reason whatsoever. Downtime may be the result of a planned outage for maintenance or backups, or an unplanned outage due to a failure.

Answer 243

A report that identifies the elapsed time when a computer is not operating correctly because of machine failure.

Answer 244

A type of fire-suppression system in which the pipes remain dry until seconds after the release is required. Most dry-pipe systems utilize compressed gas to minimize the chance of leakage due to corrosion or freezing conditions.

Answer 245

Refers to a sprinkler system that does not have water in the pipes during idle usage, unlike a fully charged fire extinguisher system that has water in the pipes at all times. The dry-pipe system is activated at the time of the fire.

Answer 246

The level of care that a normal, prudent individual would give in the same situation.

Answer 247

A display terminal without processing capability. Dumb terminals are dependent on the main computer for processing. All entered data are accepted without further editing or processing.

Answer 248

The process of digging through trash in a dumpster to recover evidence or improperly disposed-of records. The same process is frequently used by government agents and law enforcement to gather evidence; therefore, it's legal unless the person is trespassing. Trespassing is unnecessary if the refuse is going to be unloaded at the public waste dump. A hacker or investigator can pick through the trash after it's unloaded at the dump or recycler.

Answer 249

The method or communication mode of routing data over the communication network.

Answer 250

A protocol used by networked computers (clients) to obtain IP addresses and other parameters such as the default gateway, subnet mask and IP addresses of domain name system (DNS) servers from a DHCP server. The DHCP server ensures that all IP addresses are unique (e.g., no IP adress is assigned to a second client while the first client's assignment is valid [it's lease has not expired]). Thus, IP address poll management is done by the server and not by a human network administrator.

Answer 251

Detects line errors by retransmitting data back to the sending device for comparison with the original transmission.

Answer 252

Detects errors in the input portion of information that is sent to the computer for processing. May be manual or automated, and allow the user to edit data errors before processing.

Answer 253

Ensures that data conform to predetermined criteria and enable early identification of potential errors.

Answer 254

Magnetic waves of interference generated by electricity.

Answer 255

The electronic transmission of transactions (information) between two organizations. EDI promotes a more efficient paperless environment. EDI transmissions can replace the use of standard documents, including invoices or purchase orders. Anew: used for e-commerce between two organizations for communicating purchases and payment. EDI mapping converts the names of data elements (data fields) between two trading organizations. Traditional EDI transmits data through a value-added network (VAN) operated by a service provider. Web-based EDI transmits data across the Internet.

Answer 256

The process of searching electronic records to gather evidence. The legal discovery process allows another party the right to investigate records for the purpose of compiling evidence relevant to their claim. Electronic discovery may include recovery of deleted files and the search of standing data on offline media, including backup tapes. Persons accused of obstructing the discovery process face serious criminal charges.

Answer 257

The exchange of money via telecommunications. EFT refers to any financial transaction that originates at a terminal and transfers a sum of money from one account to another.

Answer 258

A process of transmitting data to a remote backup site. This ensures that the most recent files are available in the event of a disaster. A common implementation is to transmit live data files to a remote server.

Answer 259

A new type of encryption using specific points on a three-dimensional random curve as the encryption key.

Answer 260

An individual using a terminal, PC or an application can access a network to send an unstructured message to another individual or group of people.

Answer 261

Integral part of an application system that is designed to identify and report specific transactions or other information based on predetermined criteria. Identification of reportable items occurs as part of real-time processing. Reporting may be real-time online or may use store and forward methods. Also known a sintegrated test facility or continuous auditing module.

Answer 262

Provides organizational control for evacuation and rescue assistance during an emergency, crisis, or disaster. The focus of emergency management is to preserve life regardless of the disruption it will create to the business, disruption to the economy, or inconvenience to an individual's objective. Saving lives or preservation of life is always the exclusive top priority.

Answer 263

Senior executives with full delegation of authority to make decisions on behalf of the entire organization without additional delays or approval by other executives. During business continuity events or disaster recovery, this team will make the best possible decisions necessary for the survival of the organization.

Answer 264

Alternate command post that houses the emergency management team (EMT) during business continuity events or disaster recovery.

Answer 265

A switch that shuts off computer room power in an emergency. The national fire protection act requires an emergency power disconnect to protect human life from electrocution. The EPO switch is located near the exit door.

Answer 266

The technique used by layered protocols in which a lower-layer protocol accepts a message from a higher-layer protocol and places it in the data portion of a frame in the lower layer.

Answer 267

The process of taking an unencrypted message (plaintext), applying a mathematical function to it (encryption algorithm with a key) and producing an encrypted message (ciphertext). Anew: the process of converting human-readable clear text into decipherable gibberish. The objective is to hide the contents of the file from other people.

Answer 268

A mathematical transformation procedure used to encrypt and decrypt files.

Answer 269

A piece of information, in a digitized form, used by an encryption algorithm to convert the plaintext to the ciphertext. Anew: a unique randomizer used by the encryption algorithm to ensure confidentiality. Strength of symmetric-key encryption and the PKI private key is based on the absolute secrecy of the secret/private key. Secrecy is dependent on limiting use of the key, isolating the key, and regular rotation (changing the key). Also see key wrapping.

Answer 270

A description of the anticipated final outcome. The end state explains the attributes of the finished product.

Answer 271

The ability of end users to design and implement their own information system utilizing computer software products.

Answer 272

A packaged business software system that allows an organization to automate and integrate the majority of its business processes, share common data and practices across the entire organization, and produce and access information in a real-time environment. Example sof ERP include SAP, Oracle Financials and J.D. Edwards. Anew: an integrated database used for planning resource requirements of multiple departments.

Answer 273

A diagram of data elements and their relationship to other data. The ERD specifies data names and data attributes to be used by the software program being developed. The ERD is created in the requirements and design phase to build a database schema.

Answer 274

A setting used in biometrics, when adjusting sensitivity of the system, that creates a 50/50 compromise between the false acceptance rate (FAR), authorized user is refused, and authorized user is refused) and the false rejection rate (FRR, illegitimate user is accepted ). Also see the opposing definition of crossover error rate (CER). Note that some ISACA documents and exam questions may mistakenly confuse EER and CER as synonyms. EER and CER are very different settings.

Answer 275

A person, agency or organization that is authorized to act on behalf of another to create a legal relationship with a third party in regards to an escrow agreement; the custodian of an asset according to an escrow agreement. As it relates to a cryptographic key, an escrow agent is the agency or organization charged with the responsibility for safeguarding the key components of the unique key.

Answer 276

A legal arrangement whereby an asset (often money, but sometimes other property such as art, a deed of title, web site, software source code or a cryptographic key) is delivered to a third party (called an escrow agent) to be held in trust or otherwise pending a contingency or the fullfillment of a condition or conditions in a contract. Upon the occurence of the escrow agreement, the escrow agent will deliver the asset to the proper recipient; otherwise the escrow agent is bound by his/her fiduciary duty to maintain the escrow account. Source code escrow menas deposit of the source code for the software into an account held by an escrow agent. Escrow is typically requested by a party licensing sofwtare (e.g., license or buyer) to ensure maintenance of the software. The sofwtare source code is released by the escrow agent to the licensee if the licensor (e.g., seller or contractor) file sfor bankruptcy or otherwise fails to maintain and update the software as promised in the software license agreement.

Answer 277

A popular network protocol and cabling scheme that uses a bus topology and carrier sense multiple access/collision detection (CSMA/CD) to prevent network failures or collisions when two devices try to access the network at the same time.

Answer 278

Discipline of following forthright and honest conduct without impropriety, deceit, or conflicting agenda.

Answer 279

The information an auditor gathers in the course of performing an IS audit; relevant if it pertains to the audit objectives and has a logical relationship to the findings and conclusions it is used to support. Anew: a collection of verifiable information that is used to prove or disprove a point. The best evidence is both independent and objective.

Answer 280

The timely disclosure of evidence relevant to the situation. Evidence timing in computer systems also refers to the time window in which data is available before being lost or overwritten during normal processing.

Answer 281

See iterative development.

Answer 282

An exception report is generated by a program that identifies transactions or data that appear to be incorrect. Exception reports may be outside a predetermined range or may not conform to specified criteria. Anew: a report identifying data and transactions that may be incorrect and may warrant additional attention. Exception reports can be manual or automated.

Answer 283

The exclusive-OR operator returns a value of TRUE only if just one of its operands is TRUE. The XOR operation is a Boolean operation that produces a 0 if its two Boolean inputs are the same (0 and 0 or 1 and 1) and it produces a 1 if its two inputs are different (1 and 0). In contrast, an inclusive-OR operator returns a value of TRUE if either or both of its operands are TRUE.

Answer 284

The machine language code that is generally referred to as the object or load module.

Answer 285

An individual with a significant amount of direct experience, or special training with direct experience, and the ability to deduce a correct conclusion when everyone else would form an incorrect conclusion.

Answer 286

The most prevalent type of computer system that arises from the research of artificial intelligence. An expert system has a built in hierarchy of rules, which are acquired from human experts in the appropriate field. Once input is provided, the system should be able to define the nature of the problem and provide recommendations to solve the problem. Anew: specialized computer database software used to provide a recommendation based on the knowledge recorded from an expert. Expert systems possess between 50,000 and 100,000 discrete points of information. The system uses an inference engine to identify possible conditions relating to the problem and their meaning.

Answer 287

The potential loss to an area due to the occurrence of an adverse event. Anew: the adverse consequence that will occur if a potential threat becomes reality.

Answer 288

A 8-bit code representing 256 characters; used in most large computer systems.

Answer 289

A newer security protocol used in wireless networks with automatic encryption-key generation and authentication. EAP is a component of the new 802.11i standard known as Robust Security Network (RSN). EAP replaces the seriously insecure method of using a pre-shared encryption key in the outdated Wired Equivalent Privacy (WEP) protocol.

Answer 290

Promulgated through the World Wide Web Consortium, XML is a web-based application development technique that allows designers to create their own customized tags, thus, enabling the definition, transmission, validation and interpretation of data between applications and organizations. Anew: a universal program architecture designed to share information between different programming languages. XML uses three underlying programming specifications: SOAP (originally called Simple Object Access Protocol) is used to define APIs; Web Services Description Language (WSDL) identifies the format to use; and Universal Description, Discovery, and Integration protocol (UDDI) acts as an online directory of available web services.

Answer 291

An audit performed by an external party, including business partners. External audits may be biased if the auditor is related to the auditee through a trading partner relationship (client, vendor, and subcontractor). Also see independent audit.

Answer 292

A private network that resides on the Internet and allows a company to securely share business information with customers, suppliers or other businesses as well as to execute electronic transactions. Different from an Intranet in that it is located beyond the company's firewall. Therefore, an extranet relies on the use os securely issued digital certificates (or alternative methods of user authentication) and ecnryption of messages. A virtual private network (VPN) and tunneling are often used to implement extranets, to ensure security and privacy.

Answer 293

An error in the collection of biometric data that prevents the information from being recorded.

Answer 294

A plan of action or set of procedures to be performed if a system implementation, upgrade or modification does not work as intended. May involve restoring the system to its state prior to the implementation or change. Fallback procedures are needed to ensure that normal business processes continue in the event of failure and should always be considered in system migration or implementation.

Answer 295

An error condition in biometrics that grants an unwanted user with permission to access the system by mistake. This is a less common error since falsely granting access to an unauthorized person is supposed to be rare.

Answer 296

Also called false acceptance, occurs when an unauthorized person is identified as an authorized person by the biometric system.

Answer 297

Occurs when an unauthorized person manages to enroll into the biometric system. Enrollment is the initial process of acquiring a biometric feature and saving it as a personal reference on a smart card, a PC or in a central database.

Answer 298

Generating an alert by mistake or error.

Answer 299

Used in biometrics, false rejection means to reject access to an authorized user by mistake. This is the most common type of biometric authentication error.

Answer 300

A system that can continue to operate after a single failure condition has occurred. RAID systems are designed to be tolerant of individual disk failures. The success of the fault-tolerant system depends on the system being able to identify that the fault has occurred.

Answer 301

A phase of a system development life cycle (SDLC) methodology that researches the feasibility and adequacy of resources for the development or acquisition of a system solution to a user need. Anew: an initial study to determine the benefits that will be derived from a new system and the payback schedule for the investment required.

Answer 302

Glass fibers that transmit binary signals over a telecommunications network. Fiber-optic systems have low transmission losses as compared to twisted-pair cables. They do not radiate energy or conduct electricity. They are free from corruption and lightning-induced interference, and they reduce the risk of wiretaps.

Answer 303

An individual data element in a computer record. Examples include employee name, customer address, account number, product unit price and product quantity in stock.

Answer 304

A named collection of related records.

Answer 305

A table used by the operating system to keep track of where every file is located on the disk. Since a file is often fragmented and thus subdivided into many sectors within the disk, the information stored in the FAT is used when loading or updating the contents of the file.

Answer 306

Specifies the length of the file record and the sequence and size of its fields. Also will specify the type of data contained within each field; for example, alphanumeric, zoned decimal, packed and binary.

Answer 307

A high-capacity disk storage device or a computer that stores data centrally for network users and manages access to that data. File servers can be dedicated so that no process other than network management can be executed while the network is available; file servers can be nondedicated so that standard user applications can run while the network is available.

Answer 308

A protocol used to transfer file sover a TCP/IP network (Internet, UNIX, etc.)

Answer 309

An audit designed to determine the accuracy of financial records and information. Anew: a review of financial records to determine their accuracy.

Answer 310

A fire-suppression system using water or chemicals to extinguish a fire in the data processing facility.

Answer 311

A system or combination of systems that enforces a boundary between two or more networks, typically forming a barrier between a secure and an open environment such as the Internet. Anew: according to The American Heritage Dictionary, a fireproof wall used as a barrier to prevent the spread of fire. In information systems, the term refers to a combination of hardware and software used to restrict access between public and private networks.

Answer 312

Memory chips with embedded program code that hold their content when power is turned off. Anew: the solid-state memory chips on a circuit board containing a read-only program designed to operate the hardware.

Answer 313

A systematic diagram that details the procedures for data manipulation and data transformation in a computer program. The program flowchart is developed during SDLC design in phase 2.

Answer 314

A value that represents a reference to a tuple (a row in a table) containing the matching candidate key value. The problem of ensuring that the database does not include any invalid foreign key values is known as the referential integrity problem. The constraint that values of a given foreign key must match values of the corresponding candidate key is known as a referential constraint. The relation (table) that contains the foreign key is referred to as the referencing relation and the relation that contains the corresponding candidate key as the referenced relation or target relation. (In the relational theory it would be a candidate key, but in real database management systems (DBMSs) implementations it is always the primary key). Anew: data in the database is stored in separate tables to improve speed. A foreign key is the link between data in different database tables. When the links are valid, the database has referential integrity.

Answer 315

Documented in writing and authorized by management.

Answer 316

The application of an edit, using a predefined field definition to a submitted information stream; a test to ensure that data conform to a predefined format.

Answer 317

High-level, user-friendly, nonprocedural computer languages used to program and/or read and process computer files. Anew: an English-like programming language with integrated database support. 4GL programming tools allow the forms and database to be generated by using a drag-and-drop functionality. The 4GL does not create the data transformation procedures necessary for business functionality.

Answer 318

A packet-switched wide-area-network (WAN) technology that provides faster performance than older packet-switched WAN technologies. Best suited for data and image transfers. Because of its variable-length packet architecture, it is not the most efficient technology for real-time voice and video. In a frame-relay network, end nodes establish a connection via a permanent virtual circuit (PVC).

Answer 319

The process of copying every file that exists onto backup media such as a tape cartridge. The full backup is used in combination with incremental or differential backup strategies to restore the most recent copy of data. The ability to restore files from a full backup is used to calculate the recovery point objective (RPO). Files that cannot be restored are lost.

Answer 320

A technique used to determine the size of a development task, based on the number of function points. Function points are factors such as inputs, outputs, inquiries and logical internal sites. Anew: a software estimation method used to forecast development, based on the number of system inputs, number of outputs, and complexity. FPA is used in the SDLC feasibility study to calculate resources and time required. FPA can be used as a baseline to measure the progress of software development.

Answer 321

Tests run during software development to determine the integrity of specific program functions.

Answer 322

Reducing the detail in an average by using an unstratified mean to roll the details into a larger lump-sum value.

Answer 323

A device (router, firewall) on a network that serves as an entrance to another network. Anew: a device running software to transfer data between two networking protocols. The gateway is an OSI layer 7 application. Examples include a mainframe gateway converting TCP/IP to 3,270 sessions.

Answer 324

Higher-level policies, standards, and procedures used across the entire organization to govern everyone's behavior.

Answer 325

Multipurpose audit software that can be used for general processes such as record selection, matching, recalculation and reporting.

Answer 326

A well-recognized set of agreed-upon procedures for auditing financial records and information systems.

Answer 327

A tool used to integrate, convert, analyze and produce information regarding the surface of the earth. GIS data exists as maps, tridimensional virtual models, lists and tables.

Answer 328

Ensures that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives. Conditions can include the cost of capital, foreign exchange rates, etc. Options can include shifting manufacturing to other locations, sub-contracting portions of the enterprise to third parties, selecting a product mix from many available choices, etc.

Answer 329

A list of recommendations to follow in the absence of an existing standard.

Answer 330

An individual who attempts to gain unauthorized access to a computer system. Anew: a malicious attacker of a computer system. A secondary meaning in computer programming is a programmer able to generate usable applications where none existed previously.

Answer 331

A chlorine-based gas previously used in fire-suppression systems. Production of gaseous Halon 1301 has been banned since 1994 because of the damaging effects of chlorine products on the earth's ozone. Halon is still used on aircraft because of the severity of fires while in flight. Computer room halon has been replaced by FM-200, NAF-S-3, and other products.

Answer 332

Used in biometrics to verify a user's identity based on the unique three-dimensional geometry of the human user's hand. Common examples include checking wrinkle patterns, measuring joints, and analyzing blood-vessel patterns.

Answer 333

The physical components of a computer system.

Answer 334

A mathematical value generated from the original message file for verifying integrity. The sender runs their original message through a hash algorithm to produce a unique hash value. The sender sends their message and hash file to the recipient. The recipient reruns the same hash process and compares the sender's hash file against the hash generated by the recipient. The purpose of a hash file is to determine whether any changes have occurred to the original message file. Matching hash files indicate that no changes occurred; different hash values indicate that the message has been altered.

Answer 335

A hashed message file is used to verify message integrity (to prove no changes occurred) and is also encrypted to provide authentication of the sender. The more common hashing algorithms with encryption are MD5 and SHA-1 (also known as SHA-160). Newer HMAC versions include SHA-256 and SHA-512. The format is [HMAC name] dash [output size]. SHA-512 means SHA algorithm with 512 output size.

Answer 336

The total of any numeric data field in a document or computer file. This total is checked against a control total of the same field to facilitate accuracy of processing.

Answer 337

The mathematical formula used to reduce the contents of any size message file into a smaller output file representing a unique value that is very difficult to duplicate. The hash algorithm creates a unique output file that can be used like a tamper seal. If the source message is altered, the hashing algorithm generates a different hash value when regenerated by the recipient. Both sender and recipient must use the same hash algorithm.

Answer 338

A service offered via phone/Internet by an organization to its clients or employees that provides information, assistance, and troubleshooting advice regarding software, hardware, or networks. A help desk is staffed by people that can either resolve the problem on their own or escalate the problem to specialized personnel. A help desk is often equipped with dedicated customer relationship management (CRM) software that logs the problems and tracks them until they are solved.

Answer 339

A method often employed by antispam software to filter spam using criteria established in a centralized rule database. Every email message is given a rank, based on its header and contents, which is then matched against preset thresholds. A message that surpasses the threshold will be flagged as spam and discarded, returned to its sender or put in a spam directory for further review by the intended recipient.

Answer 340

Programmed rules inside the database used to evaluate data by sorting for possible correlations. Used in expert systems, decision support systems, email spam filters, and many common business applications. Antivirus software and intrusion detection and prevention systems use heuristics to determine which requests to accept or discard.

Answer 341

A database structured in a tree/root or parent/child relationship. Each parent can have many children, but each child may have only one parent.

Answer 342

A fake network created to entice a hacker to attack. The purpose is for the attack to generate an alarm signalling the early warning of a hacker's presence.

Answer 343

A specially configured server, also known as a decoy server, designed to attract and monitor intruders in an manner such that their actions do not affect production systems. Anew: an individual system set up to entice a hacker and generate an early warning alarm of the hacker's presence.

Answer 344

Software that is installed on an individual host for the purpose of monitoring activity on that specific host.

Answer 345

Automated software discovery of all the active hosts on a network.

Answer 346

A fully operational offsite data processing facility equipped with both hardware and system software to be used in the event of a disaster. Anew: an alternate processing facility that is fully equipped with all the necessary computer equipment and capable of commencing operation as soon as the latest data files have been loaded. Hot sites are capable of being in full operation within minutes or hours.

Answer 347

See network hub.

Answer 348

A combination of using in-house workers and outsourcing selected processes.

Answer 349

A language designed for the creation of web pages with hypertext and other information to be displayed in a web browser. HTML is used to structure information --denoting certain text as headings, paragraphs, lists and so on-- and can be used to describe, to some degree, the appearance and semantics of a document.

Answer 350

The process of determining a user's identity based on their claim of identity. The identity claimed by the user must be verified with an authentication process before access is granted.

Answer 351

The process of electronically inputting source documents by taking an image of the document, thereby eliminating the need for key entry.

Answer 352

See inoculation.

Answer 353

The level of damage that will occur.

Answer 354

A review of the possible consequences of a risk.

Answer 355

"A security concept related to Windows NT that allows a server application to temporarily ""be"" the client in terms off access to secure objects. Impersonation has three possible levels: identification, letting the server inspect the client's identity; impersonation, letting the server act on behalf of the client; and delegation, the same as impersonation but extended to remote systems to which the server connects (through the preservation of credentials). Impersonation by imitating or copying the identification, behaviour or actions of another may also be used in social engineering to obtain otherwise unauthorized physical access."

Answer 356

Any event that is not part of the standard operation of a service and that causes, or may cause, an interruption to, or a reduction in, the quality of that service. Anew: any disruptive event, especially those that may cause harm.

Answer 357

ICS is the internationally recognized, government mandated standard for crisis command during disaster recovery and business continuity events.

Answer 358

Under the international Incident Command System (ICS), the incident commander is the first person to arrive on the scene regardless of training or experience. Even a four-year-old child calling 911 for help is the initial incident commander until relieved by a more qualified person. The incident commander directs the emergency response activities.

Answer 359

The systematic process of responding to an incident in order to determine its significance and impact. Proper incident handling will prevent negligent activities that could destroy meaningful evidence. A computer incident always has the potential of being a cybercrime scene.

Answer 360

The process of backing up only the files that have changed since the last backup was run. An incremental backup uses the file archive bit flag to signal files that should be copied to the backup tape.

Answer 361

An IS auditor's self-governance and freedom from conflict of interest and undue influence. The IS auditor should be free to make his/her own decisions, not influenced by the organization being audited and its people (managers and employees). Anew: independence in an audit refers to the auditor not being related to the audit subject. The desire is for the auditor to be objective and free of conflict because they are not related to the audit subject.

Answer 362

Independent audits are conducted by an auditor who is not related to the auditee. These audits therefore represent a high value of assurance that can be used for external purposes, including regulatory licensing.

Answer 363

A disk access method that stores data sequentially while also maintaining an index of key fields to all the records in the file for direct access capability.

Answer 364

Data that has a value.

Answer 365

The computer room and support areas. Anew: the building that houses the data center.

Answer 366

The set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risk is managed appropriately and verifying that the enterprise's resources are used responsibly.

Answer 367

The risk level or exposure without taking into account the actions that management has taken or might take (e.g., implementing controls). Anew: The risk that a material error could occur, assuming that there are no related internal controls to prevent them, or the natural or built-in risk that always exists.

Answer 368

Computer systems are susceptible to compromise while the system is loading and before the security control front end becomes active. Computer software is vulnerable to configuration changes during the initial program loading. A system in IPL mode is in supervisory mode.

Answer 369

A technique used by antivirus software to replace the original end-of-file (EOF) marker with a new EOF marker generated by the antivirus program. Anything attempting to attach itself to the new EOF marker indicates a virus attack.

Answer 370

Techniques and procedures used to verify, validate and edit data to ensure that only correct data are entered into the computer.

Answer 371

An online mechanism or a form of real-time communication between two or more people based on typed text and multimedia data. The text is conveyed via computers or another electronic device (e.g., cell phone or handheld device) connected over a network, such as the internet.

Answer 372

A type of audit that combines financial records review with an assessment of internal IS controls.

Answer 373

An advanced software development tool used for writing programs. The IDE provides built-in functions for capturing the software design, commands, and macros for creating program code and debugging testing.

Answer 374

A public end-to-end, digital telecommunications network with signaling, switching, and transport capabilities supporting a wide range of service accessed by standardized interfaces with integrated customer control. The standard allows transmission of digital voice, video and data over 64Kbps lines.

Answer 375

A testing methodology where test data are processed in production systems. The data usually represent a set of fictitious entities such as departments, customers or products. Output reports are verified to confirm the correctness of the processing.

Answer 376

Unbiased honesty by a person dealing with other people or in the records of transactions. Anew: guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity.

Answer 377

A specification of physical characteristics, electrical signals, format, and procedures used to communicate between systems.

Answer 378

A testing technique that is used to evaluate output from one application while the information is sent as input to another application.

Answer 379

Internal audits are used to help the auditee improve their score. Reports from internal audits may be used only for internal purposes. The reports contain a known bias, which reduces their corresponding value of representations to low or moderate.

Answer 380

The policies, procedures, practices and organizational structures designed to provide reasonable assurance that business objectives will be achieved and undesired events will be prevented or detected and corrected.

Answer 381

A voluntary organization of 160 governments (members) participating in world trade. The objective is to create a universal standard of measurement adopted by each member country. The United States membership is represented by the American National Standards Institute (ANSI) while the United Kingdom is represented by British Standards (BS). Each country cooperates to create the proper conversion of proprietary standards into one worldwide ISO standard to be followed by everyone. ISO measurement standards are used in conjunction with Committee of Sponsoring Organizations (COSO) controls over financial transactions and Organization for Economic Cooperation and Development (OECD) standards for the creation and interpretation of laws within individual countries.

Answer 382

Two or more networks connected by a router; the world's largest network using Transmission Control protocol/Internet Protocol (TCP/IP) to link government, university and commercial institutions. Anew: the shared public communications network.

Answer 383

An organization with international affiliates as network industry representatives that sets Internet standards. This includes all network industry developers and researchers concerned with the evolution and planned growth of the internet.

Answer 384

The equivalent to OSI layer 3, the Networking layer, in the TCP/IP model.

Answer 385

An attack using packets with the spoofed source Internet packet (IP) addresses. This technique exploits applications that use authentication based on IP adressess. This technique also may enable an unauthorized user to gain root access on the target system.

Answer 386

The de facto communications protocol and addressing standard used on the Internet. IP is implemented with TCP for connection-oriented data transmission or UDP for connectionless transmission.

Answer 387

A set of protocols developed by the IETF to support the secure exchange of packets. Anew: a security-based implementation of the Internet Protocol. IPsec offers encryption during data transmission or the tunnelling of encrypted packets through network routing with an ISP.

Answer 388

A protocol for sharing a public key.

Answer 389

The ability for hardware and software systems from different manufacturers to communicate with each other.

Answer 390

A private internal business network.

Answer 391

A technical system designed to alert personnel to activity that may indicate the presence of a hacker. An intrusion detection system is a type of network hacker alarm. The IDS term has been officially updated by the government to intrusion detection and prevention systems (IDPS). Preprogrammed response procedures activate stored commands to modify the IDPS to block an attack before it can penetrate (prevention activity).

Answer 392

See intrusion detection and prevention system (IDPS) for updated terminology.

Answer 393

A type of biometric technique that uses the unique characteristics found in the iris of the human eye.

Answer 394

Intentional violation of an established management policy or regulatory requirement. It may consist of deliberate misstatements or omission of information concerning the area under audit or the organization as a whole; gross negligence or unintentional illegal acts.

Answer 395

Having no significant bearing on the final outcome. Irrelevant, or trivial, information will not change the results.

Answer 396

A committee composed of business executives for the purpose of conveying current business priorities and objectives to IT management. The steering committee provides governance for major projects and the IT budget.

Answer 397

A clearly stated process of leadership to lead and control the performance expected from the IT function. The focus of IT governance is control over the technology environment.

Answer 398

A model that integrates a set of guidelines, policies and methods that represent the organizational approach to IT governance. Per COBIT, IT governance is the responsibility of the board of directors and executive management. It is an integral part of institutional governance, and consists of the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategy and objectives.

Answer 399

Any event that is not part of the ordinary operation of a service that causes, or may cause, an interruption to, or a reduction in, the quality of that service.

Answer 400

The set of hardware, software and facilities that integrates an enterprise's IT assets. Specifically, the equipment (including servers, routers, switches and cabling), software, services and products used in storing, processing, transmitting and displaying all forms of information for the organization's users.

Answer 401

An executive-management-level committee that assists in the delivery of the IT strategy, oversees day-to-day management of IT service delivery and IT projects and focuses on implementation aspects service delivery and projects.

Answer 402

The progressive development of software through a succession of multiple versions.

Answer 403

A very portable object-oriented programming language created by Sun Microsystems. Java can run on cellular phones, iPods, and most computing devices. Java has very good security mechanisms.

Answer 404

An internal processing environment for running a Java program inside of another Java program session, also known as a virtual machine. The partitioning of resources creates a secure environment to protect the rest of the computer system from harm.

Answer 405

Two or more obligators (persons or organizations) bind themselves without actual partnership or corporate designation in a specific venture with the risk, liability, and potential profits shared between the parties. All parties participating in the venture share a communal liability for the failure of the other party.

Answer 406

A process of scheduling the minimum amount of inventory to arrive shortly before it is required in the manufacturing process. The objective is to reduce inventory on hand. The opposite of JIT is stockpiling inventory. JIT practices create a quandary with business continuity plans.

Answer 407

The safe process of exchanging keys to be used in a cryptographic system for encryption and decryption.

Answer 408

The KGI identifies a specific goal to be reached. KPI (historical score) is used together with KGI (goal) in planning and forecasting.

Answer 409

A measure that determines how well the process is performing in enabling the goal to be reached. A lead indicator of whether a goal will likely be reached or not, and a good indicator of capabilities, practices and skills. It measures the activity goal, which is an action that the process owner must take to achieve effective process performance. Anew: a historical score of business process performance. Unfortunately, the score may indicate that a failure has occurred before corrective action can be taken.

Answer 410

Encryption keys must be stored and transmitted in a different encrypted format to protect them from harm. A user should not have direct access to encryption keys. Encryption keys are re-encrypted with a different algorithm that uses a different key to obscure the original key. This key wrapping technique protects the real key from harm. It's extremely difficult to tell where the wrapping stops and the key inside begins.

Answer 411

Changing the normal function of keys on the keyboard to execute different commands.

Answer 412

A database of information derived from the knowledge of individuals who perform the related tasks. Knowledge-base systems are used for decision support systems.

Answer 413

A dedicated communications line between two locations, such as a T1 circuit. Also known as a circuit-switched connection. This type of connection is charged by distance covered regardless of volume of data transmitted.

Answer 414

Granting only the minimum access necessary to perform the job function or role. Least privilege is implemented to improve confidentiality.

Answer 415

Used in business continuity and disaster recovery planning to identify potential violations that must be avoided or that require special handling to minimize penalties. Examples include mandatory government filings, required legal disclosures, specific performance, and contract breaches. Also see lost work in process (LWIP).

Answer 416

A best practice for recording the analysis of problems and improvements that worked. The purpose is to avoid repeating mistakes while improving the technique used.

Answer 417

The individual responsible for the safeguard and maintenance of all program and data files.

Answer 418

A contract that establishes the terms and conditions under which a piece of software is being licensed (i.e., made legally available for use) from the software developer (owner) to the user.

Answer 419

A series of stages that characterize the course of existence of an organizational investment (e.g., product, project, program).

Answer 420

Tests specified amount fields against stipulated high or low limits of acceptability Tests specified against stipulated high acceptability. When both high and low values are used, the test may be called a range check.

Answer 421

Any notation for representing a value within programming language source code (e.g., a string literal); a chunk of input data that is represented "as is" in compressed data.

Answer 422

Communication network that serves several users within a specified geographic area. A personal computer LAN functions as a distributed processing system in which each computer in the network does its own processing and manages some of its data. Shared data are stored in a file server that acts as a remote disk drive for all users in the network. Anew: a computer network with boundaries that match the physical building.

Answer 423

To record details of information or events in an organized record-keeping system, usually sequenced in the order in which they occurred.

Answer 424

A programmed function inside of a computer software application designed to damage the system or data files on the occurrence of a particular event, date, or time. Logic bombs are extremely difficult to locate.

Answer 425

Electronic access to a system without being physically present.

Answer 426

The policies, procedures, organizational structure and electronic access controls designed to restrict access to computer software and data files.

Answer 427

The process of copying current data files for records retention (safe keeping). Logical backup will ignore deleted files and temporary system data in swap space. Also see bitstream imaging.

Answer 428

The act of connecting to the computer, who typically requires entry of a user ID and password into a computer terminal.

Answer 429

Work tasks and data processing that were lost by a disaster, disruption, or failure. All work since the last backup is lost and must be re-created. LWIP may cause a violation of a legal deadline (LD). LWIP needs to be calculated by the organization when planning their recovery point objective (RPO) and recovery time objective (RTO).

Answer 430

A unique serial number burned into the network interface card by the manufacturer. The Media Access Control (MAC) address operates in the Data-Link layer (layer 2) of the OSI model. The MAC address is used to tie the TCP/IP address to a particular computer.

Answer 431

A large-scale, traditional, multiuser, multiprocessor system designed with excellent internal controls.

Answer 432

A new generation of software or a major design change resulting in a new version. Major releases tend to occur in 12- to 24-month intervals.

Answer 433

Short for malicious software Designed to infiltrate, damage or obtain information from a computer system without the owner\s consent. Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware and adware. Spyware is generally used for marketing purposes and, as such, is not really malicious although it is generally unwanted. Spyware can, however, be used to gather information for identity theft or other clearly illicit purposes. Anew: a family classification of computer programs designed to intentionally cause malicious damage.

Answer 434

An organized assembly of resources and procedures required to collect, process and distribute data for use in decision making.

Answer 435

A committee or reporting hierarchy to convey questionable situations involving management to the highest level of authority, often the board of directors.

Answer 436

A means of restricting access to data based on varying degrees of security requirements for information contained in the objects and the corresponding security clearance of users or programs acting on their behalf. Anew: an access control system, based on rules that require the user to have an explicit level of access that matches the appropriate security label. The only way to increase access is by a formal promotion of the user ID to the next security level.

Answer 437

A physical location between doorway barriers that is designed to trap an unauthorized individual between the closed doors. Fully caged turnstiles can provide a mantrap to capture potential intruders.

Answer 438

The process of manually verifying that records match.

Answer 439

A computer database designed to schedule the requirements of manufacturing design, purchasing, scheduling, and the manufacturing production process.

Answer 440

Diagramming data that is to be exchanged electronically, including how they are to be used and what business management systems need them.Mapping is a preliminary step for developing an applications link. (See Application tracing and mapping)

Answer 441

A computerized technique of blocking out the display of sensitive information, such as passwords, on a computer terminal or report.

Answer 442

Pretending to possess an identity under false pretence.

Answer 443

A file of semi permanent information that is used frequently for processing data or for more than one purpose.

Answer 444

An auditing concept regarding the importance of an item of information with regard to its impact or effect on the functioning of the entity being audited. An expression of the relative significance or importance of a particular matter in the context of the organization as a whole. Anew: materiality applies to evidence. Evidence is materially significant if it will have enough bearing to change the final outcome.

Answer 445

In business, indicates the degree of reliability or dependency that the business can place on a process achieving the desired degree reliability dependency place process achieving goals or objectives.

Answer 446

See Capability Maturity Model (CMM).

Answer 447

The longest period of downtime that an organization can survive from a specific outage involving a system, process, or resource.

Answer 448

Synonym for maximum acceptable outage (MAO), used as a negative connotation.

Answer 449

Applied to the hardware at the factory and cannot be modified, MAC is a unique, 48-bit, hard-coded address of a physical layer device, such as an Ethernet local area network (LAN) or a wireless network card.

Answer 450

The deterioration of the media on which data are digitally stored due to exposure to oxygen and moisture. Tapes deteriorating in a warm, humid environment are an example of media oxidation. Proper environmental controls should prevent, or significantly slow, this process.

Answer 451

Connection of redundant links.

Answer 452

A hash file of a fixed length created by a source file of any length. The purpose of the message digest is to indicate whether the source file has changed.

Answer 453

The alteration of a message to change its contents.

Answer 454

A telecommunications methodology that controls traffic in which a complete message is sent to a concentration point and stored until the communications path is established.

Answer 455

A systematic process of procedures to generate a desired outcome.

Answer 456

A type of limited-area network in which the boundary is equal to the city's metropolitan area.

Answer 457

Another term for an application programmer interface (API). It refers to the interfaces that allow programmers to access lower- or higher-level services by providing an intermediary layer that includes function calls to the services. Anew: all software programs, interfaces, and utilities that operate invisibly between the user and their data. Middleware performs an intermediary service to create an invisible workflow connecting various programs. Examples include the database application running on your server, SQL/ODBC drivers, print formatting utilities, communication gateways, operating system, and all device drivers.

Answer 458

A terminal element that marks the completion of a work package or phase. Typically marked by a high-level event such as project completion, receipt, endorsement or signing of a previously-defined deliverable or a high-level review meeting at which the appropriate level of project completion is determined and agreed to. A milestone is associated with some sort of decision that outlines the future of a project and, for an outsourced project, may have a payment to the contractor associated with it.

Answer 459

Small corrective update issued by the software developer to fix problems found in a major version previously released. Also known as a software patch or minor software release. Also see major software release.

Answer 460

A special template of biometric data converted into a count of specific characteristics that is unique to each user.

Answer 461

Duplicate or redundant components operating in parallel.

Answer 462

An application that is vital to the operation of the organization. The term is very popular for describing the applications required to run the day-to-day business.

Answer 463

The use of a mobile/temporary facility to serve as a business resumption location. The facility can usually be delivered to any site and can house information technology and staff.

Answer 464

The process of converting a digital computer signal into an analog telecommunications signal.

Answer 465

A sampling technique that estimates the amount of overstatement in an account balance.

Answer 466

To transmit data across the network to several specific stations concurrently.

Answer 467

Using multiple processors.

Answer 468

Running multiple tasks concurrently in a time-sharing mode by allocating a specific amount of resources.

Answer 469

Running several instances of a program concurrently for multiple users.

Answer 470

An overlay setting used to parse the IP address into two distinct portions representing the unique network address and unique host address. Without this setting, the computer will be confused and unable to communicate on the network.

Answer 471

A system of interconnected computers and the communication equipment used to connect them.

Answer 472

Responsible for planning, implementing and maintaining the telecommunications infrastructure; also may be responsible for voice networks. For smaller organizations, the network administrator may also maintain a local area network (LAN) and assist end users.

Answer 473

Utilize dedicated storage devices that centralize storage of data. NAS devices generally do not provide traditional file/print or application services.

Answer 474

A hardware or software device that is watching the communications traffic flowing across the network to other systems.

Answer 475

A method of sharing disk systems across the network by using remote procedure calls. NFS was invented by Sun Microsystems to share hard disks with multiple users across the network.

Answer 476

An OSI layer 1 device designed to relay electrical transmissions and receive signals between computers.