Glossary of Terms Flashcards

Question 1

Q

Abend

Answer

A

An abnormal end to a computer job; termination of a task prior to its completion because of an
error condition that cannot be resolved by recovery facilities while the task is executing

Question 2

Q

Acceptable

interruption window

Answer

A

The maximum period of time that a system can be unavailable before compromising the
achievement of the enterprise’s business objectives

Question 3

Q

Acceptable User Policy (AUP)

Answer

A

A policy that establishes an agreement between users and the enterprise and defines for all parties’ the ranges of use that are approved before gaining access to a network or the Internet.

Question 4

Q

Access Control

Answer

A

The processes, rules and deployment mechanisms that control access to information systems,
resources and physical access to premises

Question 5

Q

Access Control Lists (ACL)

Answer

A

An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals
Scope Note: Also referred to as access control tables

Question 6

Q

Access control table

Answer

A

An internal computerized table of access rules regarding the levels of computer access permitted to
logon IDs and computer terminals

Question 7

Q

Access method

Answer

A

The technique used for selecting records in a file, one at a time, for processing, retrieval or storage
The access method is related to, but distinct from, the file organization, which determines how the records are stored.

Question 8

Q

Access Path

Answer

A

The logical route that an end user takes to access computerized information

Scope Note: Typically includes a route through the operating system, telecommunications software, selected application software and the access control system

Question 9

Q

Access Rights

Answer

A

The permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy

Question 10

Q

Access Servers

Answer

A

Provides centralized access control for managing remote access dial‐up services

Question 11

Q

Accountability

Answer

A

The ability to map a given activity or event back to the responsible party

Question 12

Q

Accountability of

governance

Answer

A

Governance ensures that enterprise objectives are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritization and decision making; and monitoring performance, compliance and progress against plans.

In most enterprises, governance is the responsibility of the board of directors under the leadership of the
chairperson.

Scope Note: COBIT 5 Perspective

Question 13

Q

Accountable party

Answer

A

The individual, group or entity that is ultimately responsible for a subject matter, process or scope
Scope Note: Within the IT Assurance Framework (ITAF), the term “management” is equivalent to “accountable party.”

Question 14

Q

Acknowledgement (ACK)

Answer

A

A flag set in a packet to indicate to the sender that the previous packet sent was accepted correctly by the receiver without errors, or that the receiver is now ready to accept a transmission.

Question 15

Q

Active recovery site

Mirrored

Answer

A

A recovery strategy that involves two active sites, each capable of taking over the other’s workload in the event of a disaster

Scope Note: Each site will have enough idle processing power to restore data from the other site and to accommodate the excess workload in the event of a disaster.

Question 16

Q

Active Response

Answer

A

A response in which the system either automatically, or in concert with the user, blocks or otherwise affects the
progress of a detected attack.

Scope Note: Takes one of three forms: amending the environment, collecting more information or striking back against the user

Question 17

Q

Activity

Answer

A

The main actions taken to operate the COBIT process

Question 18

Q

Address

Answer

A

Within computer storage, the code used to designate the location of a specific piece of data

Question 19

Q

Address Space

Answer

A

The number of distinct locations that may be referred to with the machine address.

Scope Note: For most binary machines, it is equal to 2n, where n is the number of bits in the machine address.

Question 20

Q

Addressing

Answer

A

The method used to identify the location of a participant in a network

Question 21

Q

Adjusting period

Answer

A

The calendar can contain “real” accounting periods and/or adjusting accounting periods. The “real” accounting periods must not overlap and cannot have any gaps between them. Adjusting accounting periods can overlap with other accounting periods.

Question 22

Q

Administrative control

Answer

A

The rules, procedures and practices dealing with operational effectiveness, efficiency and adherence
to regulations and management policies

Question 23

Q

Advanced Encryption Standard (AES)

Answer

A

A public algorithm that supports keys from 128 bits to 256 bits in size

Question 24

Q

Advanced Persistent Threat (APT)

Answer

A

An adversary that possesses sophisticated levels of expertise and significant resources which allow it to createopportunities to achieve its objectives using multiple attack vectors (NIST SP800‐61)

Scope Note: The APT:

pursues its objectives repeatedly over an extended period of time
adapts to defenders’ efforts to resist it
is determined to maintain the level of interaction needed to execute its objectives

Question 25

Q

Adversary

Answer

A

A threat actor / agent

Question 26

Q

Adware

Answer

A

A software package that automatically plays, displays or downloads advertising material to a computer after the
software is installed on it or while the application is being used

Question 27

Q

Alert Situation

Answer

A

The point in an emergency procedure when the elapsed time passes a threshold and the interruption is not resolved. The enterprise entering into an alert situation initiates a series of escalation steps

Question 28

Q

Alignment

Answer

A

A state where the enablers of governance and management of enterprise IT support the goals and strategies of the enterprise

Question 29

Q

Allocation Entry

Answer

A

A recurring journal entry used to allocate revenues or costs

Scope Note: For example, an allocation entry could be defined to allocate costs to each department based on head count.

Question 30

Q

Alpha

Answer

A

The use of alphabetic characters or an alphabetic character string

Question 31

Q

Alternate Facilities

Answer

A

Locations and infrastructures from which emergency or backup processes are executed, when the main premises are unavailable or destroyed.

Scope Note: Includes other buildings, offices or data processing centers

Question 32

Q

Alternate Process

Answer

A

Automatic or manual process designed and established to continue critical business processes from
point‐of‐failure to return‐to‐normal

Question 33

Q

Alternate Routing

Answer

A

A service that allows the option of having an alternate route to complete a call when the marked destination is not available.

Scope Note: In signaling, alternative routing is the process of allocating substitute routes for a given signaling traffic stream in case of failure(s) affecting the normal signaling links or routes of that traffic stream.

Question 34

Q

ASCII

Answer

A

American Standard Code
for Information
Interchange

Question 35

Q

Amortization

Answer

A

The process of cost allocation that assigns the original cost of an intangible asset to the periods
benefited; calculated in the same way as depreciation

Question 36

Q

Analog

Answer

A

A transmission signal that varies continuously in amplitude and time and is generated in wave formation
Scope Note: Analog signals are used in telecommunications

Question 37

Q

Analytical technique

Answer

A

The examination of ratios, trends, and changes in balances and other values between periods to obtain a broad understanding of the enterprise’s financial or operational position and to identify areas that may require further or closer investigation.

Scope Note: Often used when planning the assurance assignment

Question 38

Q

Anomaly

Answer

A

Unusual or statistically rare

Question 39

Q

Anomaly Detection

Answer

A

Detection on the basis of whether the system activity matches that defined as abnormal

Question 40

Q

Anonymity

Answer

A

The quality or state of not being named or identified

Question 41

Q

Anti-malware

Answer

A

A technology widely used to prevent, detect and remove many categories of malware, including computer viruses, worms, Trojans, keyloggers, malicious browser plug‐ins, adware and spyware

Question 42

Q

Antivirus software

Answer

A

An application software deployed at multiple points in an IT architecture It is designed to detect and potentially eliminate virus code before damage is done and repair or quarantine files that have already been infected

Question 43

Q

Appearance

Answer

A

The act of giving the idea or impression of being or doing something

Question 44

Q

Appearance of Independence

Answer

A

Behavior adequate to meet the situations occurring during audit work (interviews, meetings, reporting, etc.)

Scope Note: An IS auditor should be aware that appearance of independence depends on the perceptions of others and can be influenced by improper actions or associations.

Question 45

Q

Applet

Answer

A

A program written in a portable, platform‐independent computer language, such as Java, JavaScript or Visual Basic.

Scope Note: An applet is usually embedded in an HyperText Markup Language (HTML) page downloaded from webservers and then executed by a browser on client machines to run any web‐ based application (e.g., generate web page input forms, run audio/video programs, etc.). Applets can only perform a restricted set of operations, thus preventing, or at least minimizing, the possible security compromise of the host computers. However, applets expose the user’s
machine to risk if not properly controlled by the browser, which should not allow an applet to access a machine’s information without prior authorization of the user.

Question 46

Q

Application

Answer

A

A computer program or set of programs that performs the processing of records for a specific function

Scope Note: Contrasts with systems programs, such as an operating system or network control program, and with utility programs, such as copy or sort

Question 47

Q

Application acquisition

review

Answer

A

An evaluation of an application system being acquired or evaluated, that considers such matters as: appropriate
controls are designed into the system; the application will process information in a complete, accurate and reliable manner; the application will function as intended; the application will function in compliance with any applicable statutory provisions; the system is acquired in compliance with the established system acquisition process

Question 48

Q

Application architecture

Answer

A

Description of the logical grouping of capabilities that manage the objects necessary to process information and support the enterprise’s objectives.

Scope Note: COBIT 5 perspective

Question 49

Q

Application benchmarking

Answer

A

The process of establishing the effective design and operation of automated controls within an
application.

Question 50

Q

Application controls

Answer

A

The policies, procedures and activities designed to provide reasonable assurance that objectives
relevant to a given automated solution (application) are achieved

Question 51

Q

Application development

review

Answer

A

An evaluation of an application system under development that considers matters such as: appropriate controls are designed into the system; the application will process information in a complete, accurate and reliable manner; the application will function as intended; the application will function in compliance with any applicable statutory
provisions; the system is developed in
compliance with the established system development life cycle process

Question 52

Q

Application

implementation review

Answer

A

An evaluation of any part of an implementation project

Scope Note: Examples include project management, test plans and user acceptance testing (UAT) procedures.

Question 53

Q

Application layer

Answer

A

In the Open Systems Interconnection (OSI) communications model, the application layer provides services for an application program to ensure that effective communication with another application program in a network is possible.

Scope Note: The application layer is not the application that is doing the communication; a service layer that provides these services.

Question 54

Q

Application maintenance

review

Answer

A

An evaluation of any part of a project to perform maintenance on an application system.

Scope Note: Examples include project management, test plans and user acceptance testing (UAT) procedures.

Question 55

Q

Application or managed service provider (ASP/MSP)

Answer

A

A third party that delivers and manages applications and computer services, including security services to multiple users via the Internet or a private network.

Question 56

Q

Application Programme

Answer

A

A program that processes business data through activities such as data entry, update or query
Scope Note: Contrasts with systems programs, such as an operating system or network control program, and with utility programs such as copy or sort.

Question 57

Q

Application Programming Interface (API)

Answer

A

A set of routines, protocols and tools referred to as “building blocks” used in business application software
development.

Scope Note: A good API makes it easier to develop a program by providing all the building blocks related to functional characteristics of an operating system that applications need to specify, for example, when interfacing with the operating system (e.g., provided by Microsoft Windows, different versions of UNIX). A programmer utilizes these APIs in developing applications that can operate effectively and efficiently on the platform chosen.

Question 58

Q

Application proxy

Answer

A

A service that connects programs running on internal networks to services on exterior networks by creating two connections, one from the requesting client and another to the destination service.

Question 59

Q

Application security

Answer

A

Refers to the security aspects supported by the application, primarily with regard to the roles or
responsibilities and audit trails within the applications

Question 60

Q

Application Service Provider (ASP)

Answer

A

Also known as managed service provider (MSP), it deploys, hosts and manages access to a packaged application to multiple parties from a centrally managed facility.

Scope Note: The applications are delivered over networks on a subscription basis.

Question 61

Q

Application software

tracing and mapping

Answer

A

Specialized tools that can be used to analyze the flow of data through the processing logic of the application software and document the logic, paths, control conditions and processing sequences

Scope Note: Both the command language or job control statements and programming language can be analyzed. This technique includes program/system: mapping, tracing, snapshots, parallel simulations and code comparisons.

Question 62

Q

Application System

Answer

A

An integrated set of computer programs designed to serve a particular function that has specific input, processing and output activities

Scope Note: Examples include general ledger, manufacturing resource planning and human resource (HR) management.

Question 63

Q

Architecture

Answer

A

Description of the fundamental underlying design of the components of the business system, or of
one element of the business system (e.g., technology), the relationships among them, and the manner in which they support enterprise objectives

Question 64

Q

Architecture Board

Answer

A

A group of stakeholders and experts who are accountable for guidance on enterprise‐architecture‐ related matters and decisions, and for setting architectural policies and standards.

Scope Note: COBIT 5 perspective

Answer 65

A

The area of the central processing unit (CPU) that performs mathematical and analytical operations

Answer 66

A

Advanced computer systems that can simulate human capabilities, such as analysis, based on a
predetermined set of rules.

Answer 67

A

Representing 128 characters, the American Standard Code for Information Interchange (ASCII) code
normally uses 7 bits. However, some variations of the ASCII code set allow 8 bits. This 8‐bit ASCII code allows 256 characters to be represented.

Answer 68

A

A program that takes as input a program written in assembly language and translates it into machine
code or machine language

Answer 69

A

A low‐level computer programming language which uses symbolic code and produces machine
instructions

Answer 70

A

Any formal declaration or set of declarations about the subject matter made by management.

Scope Note: Assertions should usually be in writing and commonly contain a list of specific attributes about the subject matter or about a process involving the subject matter.

Answer 71

A

A broad review of the different aspects of a company or function that includes elements not covered by a structured assurance initiative.

Scope Note: May include opportunities for reducing the costs of poor quality, employee perceptions on quality
aspects, proposals to senior management on policy, goals, etc.

Answer 72

A

Something of either tangible or intangible value that is worth protecting, including people,
information, infrastructure, finances and reputation

Answer 73

A

Pursuant to an accountable relationship between two or more parties, an IT audit and assurance professional is
engaged to issue a written communication expressing a conclusion about the subject matters for which the
accountable party is responsible. Assurance refers to a number of related activities designed to provide the reader or user of the report with a level of assurance or comfort over the subject matter.

Scope Note: Assurance engagements could include support for audited financial statements, reviews of controls, compliance with required standards and practices, and compliance with agreements, licenses, legislation and regulation.

Answer 74

A

An objective examination of evidence for the purpose of providing an assessment on risk management, control or
governance processes for the enterprise.
Scope Note: Examples may include financial, performance, ccoommpplliiaannccee and system security engagements

Answer 75

A

An objective examination of evidence for the purpose of providing an assessment on risk management, control or governance processes for the enterprise.

Scope Note: Examples may include financial, performance, compliance and system security engagements.

Answer 76

A

A cipher technique in which different cryptographic keys are used to encrypt and decrypt a message
Scope Note: See Public key encryption.

Answer 77

A

A high‐bandwidth low‐delay switching and multiplexing technology that allows integration of real‐ time voice and video as well as data. It is a data link layer protocol.

Scope Note: ATM is a protocol‐independent transport mechanism. It allows high‐speed data transfer rates at up to 155 Mbit/s.
The acronym ATM should not be confused with the alternate usage for ATM, which refers to an automated teller machine.

Answer 78

A

Character‐at‐a‐time transmission

Answer 79

A

An actual occurrence of an adverse event

Answer 80

A

A method used to deliver the exploit. Unless the attacker is personally performing the attack, an attack mechanism may involve a payload, or container, that delivers the exploit to the target.

Answer 81

A

A path or route used by the adversary to gain access to the target (asset)
Scope Note: There are two types of attack vectors: ingress and egress (also known as data exfiltration)

Answer 82

A

Reduction of signal strength during transmission

Answer 83

A

An engagement in which an IS auditor is engaged to either examine management’s assertion regarding a particular subject matter or the subject matter directly

Scope Note: The IS auditor’s report consists of an opinion on one of the following: The subject matter. These reportsrelate directly to the subject matter itself rather than to an assertion.

In certain situations management will not be able
to make an assertion over the subject of the engagement. An example of this situation is when IT services are outsourced to third party.

Management will not ordinarily be able to make an assertion over the controls that the third party is responsible for. Hence, an IS auditor would have to report directly on the subject matter rather than
on an assertion.

Answer 84

A

Way of thinking, behaving, feeling, etc

Answer 85

A

Method to select a portion of a population based on the presence or absence of a certain
characteristic

Answer 86

A

Formal inspection and verification to check whether a standard or set of guidelines is being followed, records are accurate, or efficiency and effectiveness targets are being met.

Scope Note: May be carried out by internal or external groups

Answer 87

A

Performance measurement of service delivery including cost, timeliness and quality against agreed
service levels

Answer 88

A

A statement of the position within the enterprise, including lines of reporting and the rights of
access

Answer 89

A

A document approved by those charged with governance that defines the purpose, authority and responsibility of the
internal audit activity
Scope Note: The charter should:
‐ Establish the internal audit funtion’s position within the enterprise
‐ Authorise access to records, personnel and physical properties relevant to the performance of IS audit and assurance engagements.
Define the scope of audit function’s activities

Answer 90

A

A specific audit assignment or review activity, such as an audit, control self‐assessment review, fraud examination or consultancy.

Scope Note: An audit engagement may include multiple tasks or activities designed to accomplish a specific set of related objectives.

Answer 91

A

The information used to support the audit opinion

Answer 92

A

Expert or decision support systems that can be used to assist IS auditors in the decision‐making process by automating the knowledge of experts in the field

Scope Note: This technique includes automated risk analysis, systems software and control objectives software packages.

Answer 93

A

The specific goal(s) of an audit

Scope Note: These often center on substantiating the existence of internal controls to minimize business risk.

Answer 94

A

A plan containing the nature, timing and extent of audit procedures to be performed by engagement team members in order to obtain sufficient appropriate audit evidence to form an opinion.

Scope Note: Includes the areas to be audited, the type of work planned, the high‐level objectives and scope of the work, and topics such as budget, resource allocation, schedule dates, type of report and its intended audience and other general aspects of the work.

A high‐level description of the audit work to be performed in a certain period of time

Answer 95

A

A step‐by‐step set of audit procedures and instructions that should be performed to complete an
audit

Answer 96

A

The roles, scope and objectives documented in the service level agreement (SLA) between
management and audit

Answer 97

A

The risk of reaching an incorrect conclusion based upon audit findings.

Scope Note: The three components of audit risk are:
‐ Control risk
‐ Detection risk
‐ Inherent risk

Answer 98

A

The application of audit procedures to less than 100 percent of the items within a population to
obtain audit evidence about a particular characteristic of the population

Answer 99

A

Risk relevant to the area under review:
‐ Business risk (customer capability to pay, credit worthiness, market factors, etc.)
‐ Contract risk (liability, price, type, penalties, etc.)
‐ Country risk (political, environment, security, etc.)
‐ Project risk (resources, skill set, methodology, product stability, etc.)
‐ Technology risk (solution, architecture, hardware and software infrastructure network, delivery channels, etc.)

Scope Note: See inherent risk

Answer 100

A

A visible trail of evidence enabling one to trace information contained in statements or reports back
to the original input source

Answer 101

A

An inventory of audit areas that is compiled and maintained to identify areas for audit during the audit planning process.

Scope Note: Traditionally, the list includes all financial and key operational systems as well as other units that would be audited as part of the overall cycle of planned work. The audit universe serves as the source from which the annual audit schedule is prepared. The universe will be periodically revised to reflect changes in the overall risk profile.

Answer 102

A

The level to which transactions can be traced and audited through a system

Answer 103

A

Subjects, units or systems that are capable of being defined and evaluated.

Scope Note: Auditable units may include:
‐Policies, procedures and practices
‐Cost centers, profit centers and investment centers
‐General ledger account balances
‐Information systems (manual and computerized)
‐Major contracts and programs
‐Organizational units, such as product or service lines
‐Functions, such as information technology (IT), purchasing, marketing, production, finance, accounting and human
resources (HR)
‐Transaction systems for activities, such as sales, collection, purchasing, disbursement, inventory and cost accounting,
production, treasury, payroll, and capital assets
‐Financial statements
‐Laws and regulations

Answer 104

A

A formal statement expressed by the IS audit or assurance professional that describes the scope of the audit, the procedures used to produce the report and whether or not the findings support that the audit criteria have been met.

Scope Note: The types of opinions are:
‐ Unqualified opinion: Notes no exceptions or none of the exceptions noted aggregate to a significant deficiency
‐ Qualified opinion: Notes exceptions aggregated to a significant deficiency (but not a material weakness)
‐ Adverse opinion: Notes one or more significant deficiencies aggregating to a material weakness

Answer 105

A

The act of verifying identity (i.e., user, system)

Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data

The act of verifying the identity of a user and the user’s eligibility to access computerized information

Scope Note: Assurance: Authentication is designed to protect against fraudulent logon activity. It can also refer to the verification of the correctness of a piece of data.

Answer 106

A

Undisputed Authourship

Answer 107

A

Controls that have been programmed and embedded within an application

Answer 108

A

Ensuring timely and reliable access to and use of information

Answer 109

A

Being acquainted with, mindful of, conscious of and well informed on a specific subject, which
implies knowing and understanding a subject and acting accordingly

Answer 110

A

A means of regaining access to a compromised system by installing software or configuring existing
software to enable remote access under attacker‐defined conditions

Answer 111

A

The main communication channel of a digital network. The part of the network that handles the majority of the traffic.

Answer 112

A

Files, equipment, data and procedures available for use in the event of a failure or loss, if the originals are destroyed or out of service.

Answer 113

A

An Alternative facility to continue IS/IT operations when the primary data processing centre is unavailable.

Answer 114

A

A card (or other devices) that is presented or displayed to obtain access to an otherwise restricted facility as a symbol of authority.

Answer 115

A

A coherent set of performance measures organised into four categories.

Answer 116

A

4x Categories: 
financial measures
customer business processes
internal business processes
learning perspectives
growth perspectives

Answer 117

A

The range between the highest and lowest transmittable frequencies. measured in bytes per second or Hertz (cycles) per second.

Answer 118

A

A printed machine-readable code that consists of parallel bars of varied width and spacing.

Answer 119

A

Base58 Encoding is a binary‐to ‐text encoding process that converts long bit sequences into alphanumeric text

Answer 120

A

Base64 Encoding is a binary

‐to ‐text encoding process that converts long bit sequences into alphanumeric text

Answer 121

A

A standardised body of data created for testing purposes.

Answer 122

A

A form of modulation in which data signals are pulsed directly on the transmission medium without frequency division and usually utilises a transceiver.

Answer 123

A

The existing description of the fundamental underlying design of the components of the business system before entering a cycle of architecture review and design (Cobit 5 perspective)

Answer 124

A

A System that is heavily fortified against attack.

Answer 125

A

Correctness checks built into data processing systems and applied to batches of input data, particularly in the data preparation stage.

Answer 126

A

Sequence control, which involves numbering the records in a batch consecutively so that the presence of each record can be confirmed; and control total, which is a total of the values in selected fields within the transactions.

Answer 127

A

The processing of a group of transactions at the same time.

Answer 128

A

The rate of transmission for telecommunications data, expressed in bits per second (bps)

Answer 129

A

A systematic approach to comparing enterprise performance against peers and competitors in an effort to learn the best ways of conducting business.

Answer 130

A

In business an outcomes whose nature and value (expressed in various ways) are considered advantageous by an enterprise.

Answer 131

A

One of the objectives of governance. The bring about of new benefits for the enterprise, the maintenance and extension of existing forms of benefits, and the elimination of those initiatives and assets that are not creating sufficient value.

Answer 132

A

A code whose representation is a 1 or 0

Answer 133

A

Doors and entry locks that are activated by such biometric features as voice, eye, retina or fingerprint.

Answer 134

A

A security technique that verifies an individuals identity by analyzing a unique physical attribute.

Answer 135

A

Bit‐stream backups, also referred to as mirror image backups, involve the backup of all areas of a computer hard disk drive or other types of storage media. This is an exact replicate of all sectors.

Answer 136

A

A testing approach that focuses on the functionality of the application or product. It does not require knowledge of the code.

Answer 137

A

A distributed, protected journaling and ledger system. Use of blockchain technologies can enable anything from digital Blockchain currency (e.g. Bitcoin) to any other value‐bearning transaction.

Answer 138

A

A public algorithm that operates on plain text in blocks (strings or groups) of bits.

Answer 139

A

A term derived from “robot network;” is a large automated and distributed network of previously compromised computers that can be simultaneously controlled to launch large‐scale attacks such as
a denial‐of‐service attack on selected victims

Answer 140

A

Logical and Physical controls used to define the perimeter between the organisation and the outside world.

Answer 141

A

Datalink Layer device designed to connect two local area networks or create two separate network segments (either LAN or WAN) to reduce collision domains.

Answer 142

A

An enterprise policy used to permit partial or full integration of user‐owned mobile devices for business purposes.

Answer 143

A

Multiple channels are formed by dividing the transmission medium into discrete frequency segments.
Scope Note: Broadband generally requires the use of a modem.

Answer 144

A

A method to distribute information to multiple recipients simultaneously.

Answer 145

A

A device that performs the function of a both a bridge and a router. (Datalink and network)

Answer 146

A

A computer program that enables the user to retrieve information that has been made publicly available on the Internet; also, that permits multimedia (graphics) applications on the World Wide Web

Answer 147

A

A class of algorithms that repeatedly try all possible combinations until a solution is found.

Answer 148

A

Repeatedly trying all possible combinations of passwords or encryption keys until the correct one is found.

Answer 149

A

Estimated cost and revenue amounts for a given range of periods and set of books.
cope Note: There can be multiple budget versions for the same set of books.

Answer 150

A

A mathematical expression used to calculate budget amounts based on actual results, other budget amounts and statistics.

Answer 151

A

A group of budgets linked together at different levels such that the budgeting authority of a lower‐ level budget is controlled by an upper‐level budget

Answer 152

A

An entity (department, cost center, division or other group) responsible for entering and maintaining budget data

Answer 153

A

Memory reserved to temporarily hold data to offset differences between the operating speeds of different devices, such as a printer and a computer

Answer 154

A

Occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold.

Answer 155

A

A data recovery strategy that includes a recovery from complete backups that are physically shipped offsite once a week.

Answer 156

A

Common Path or channel between hardware devices. Either between components on a computer, or between external computers on a communcations network.

Answer 157

A

All devices (nodes) are linked along one communication line where transmissions are received by all attached nodes.

Answer 158

A

A tool for managing organizational strategy that uses weighted measures for the areas of financial performance (lag) indicators, internal operations, customer measurements, learning and growth
(lead) indicators, combined to rate the enterprise

Answer 159

A

Documentation of the rationale for making a business investment, used both to support a business decision on whether to proceed with the investment and as an operational tool to support
management of the investment through its full economic life cycle

Answer 160

A

Preventing, mitigating and recovering from disruption

Answer 161

A

A plan used by an enterprise to respond to disruption of critical business processes. Depends on the contingency plan for restoration of critical systems.

Answer 162

A

The policies, procedures, practices and organizational structures designed to provide reasonable assurance that the business objectives will be achieved and undesired events will be prevented or detected

Answer 163

A

A process of identifying resources critical to the operation of a business process

Answer 164

A

An activity that an enterprise does, or needs to do, to achieve its objectives

Answer 165

A

The translation of the enterprise’s mission from a statement of intention into performance targets and results

Answer 166

A

The translation of the enterprise’s mission from a statement of intention into performance targets and results.

Answer 167

A

Evaluating the criticality and sensitivity of information assets.
An exercise that determines the impact of losing the support of any resource to an enterprise, establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and the supporting system

Answer 168

A

Any event, whether anticipated (i.e., public service strike) or unanticipated (i.e., blackout) that disrupts the normal course of business operations at an enterprise

Answer 169

A

A holistic and business‐oriented model that supports enterprise governance and management information security, and provides a common language for information security professionals and
business management

Answer 170

A

A further development of the business goals into tactical targets and desired results and outcomes

Answer 171

A

An inter‐related set of cross‐functional activities or events that result in the delivery of a specific product or service to a customer.

Answer 172

A

The policies, procedures, practices and organizational structures designed to provide reasonable assurance that a business process will achieve its objectives.

Answer 173

A

Controls over the business processes that are supported by the enterprise resource planning system (ERP)

Answer 174

A

The individual responsible for identifying process requirements, approving process design and managing process performance

Answer 175

A

The thorough analysis and significant redesign of business processes and management systems to establish a better performing structure, more responsive to the customer base and market
conditions, while yielding material cost savings

Answer 176

A

A probable situation with uncertain frequency and magnitude of loss (or gain)

Answer 177

A

An application service provider (ASP) that also provides outsourcing of business processes such as payment processing, sales order processing and application development

Answer 178

A

The individual accountable for delivering the benefits and value of an IT‐enabled business investment program to the enterprise

Answer 179

A

Transactions in which the acquirer is an enterprise or an individual operating in the ambits of his/her professional activity. In this case, laws and regulations related to consumer protection are not applicable.

Answer 180

A

Selling processes in which the involved parties are the enterprise, which offers goods or services, and a consumer. In this case there is comprehensive legislation that protects the consume

Answer 181

A

Refers to the processes by which enterprises conduct business electronically with their customers and/or public at large using the Internet as the enabling technology

Answer 182

A

The Committee on the Financial Aspects of Corporate Governance, set up in May 1991 by the UK Financial Reporting Council, the London Stock Exchange and the UK accountancy profession, was chaired by Sir Adrian Cadbury and produced a report on the subject commonly known in the UK as
the Cadbury Report.

Brainscape's Knowledge GenomeTM

Glossary of Terms Flashcards

Brainscape's Knowledge Genome^TM