Questions based on Information Technology and IT Audit

1. What is meant by Operating An operating system (OS) is an interface

System
2. What are the differences between
multiprocessing and multitasking
systems? Give Examples for both?
between hardware and user which is
responsible for the management and
coordination of activities and the sharing of
the resources of a computer, that acts as a
host for computing applications run o
Task is nothing but one of the module of
program. so multitasking is nothing but
many task can be done simultaneously
whereas in multiprocessing OS many CPR
ie. processors are uses to complete one
program means program is divided into
small module each module handled by
different processors

3. What is a boot processing As soon as the CPU is turned on it initializes

computer? itself and looks for ROM BIOS for the first
instruction which is the Power On Self-
Test (POST). This process checks the BIOS
chip and then the CMOS RAM. After
checking everything and detecting no power
failure it checks the hardware devices and
the storage device. Then CMOS looks
through the boot sequence of drives to find
the OS. Hence on finding the OS it is
loaded.

4. What is meant by brute force The brute force attack is a method of

attack? obtaining a user's authentication credentials.
5. What is meant by email phishing? This a type of email attack that attempts to
convince the user that email originator is
genuine.
6. What is the difference between A computer virus is a computer program
worm and Trojan? that can copy itself and infect a computer.

Trjan cannot replicate itself. They are

designed to allow a hacker remote access to
a target computer system and steal
information residing in the computer.
7. What is Denial of Service attack? This occurs when a computer connected to
internet is flooded with requests which must
be serviced and eventually the computer
crashes and is out of service.

8. What is meant by encryption? Encryption is a process of converting plain

text into secure coded form of text called
cipher text.
9. What is meant by reverse A technique used to whereby existing
engineering application is redesigned by using computer
aided software (CASE) technology.
10. What is meant by Database It is the process of eliminating redundant
normalization data from the database.
11. What is meant by SSL A network protocol used to transmit data in
encrypted from over the internet.
12. What is meant by IT risk That potential that a given threat can exploit
a vulnerability in a system to cause an
impact ( damage)
13. What is meant by CAAT? Automated software used for conducting
data analysis.
14. What is meant by batch processing The processing of a group of transaction at
the same time.
15. Which is the is the international ISACA
governing body for IT Auditing.
16. What is meant by Business Process deigned to reduce the risk arising
Continuity Planning due to disaster which may result in
disruption of operations and services of an
organization.
17. What is the difference between Detective controls- identify undesirable
detective control and preventative events after they have occurred
control.
Preventive Control- An internal control that
is used to prevent undesirable events, errors
and other occurrences than an organization
Corrective Control-Minimizes the impact of
threat discovered by detective control

18. What is meant by Spam? Spam is flooding the Internet with many
copies of the same message, in an attempt to
force the message on people who would not
otherwise choose to receive ...
19. What is meant by IP Spoofing? IP spoofing refers to the creation of Internet
 Protocol (IP) packets with a forged source
IP address ...
20. What is meant by Internal Control? Policies, procedures, practices and
organizational structures implemented to
reduce risk are referred as internal
controls.
21. Why do you need internal Internals controls are developed to provide
controls? reasonable assurance to the management
that organization business objectives will
be achieved and the risks will be prevented,
detect and corrected.