Information Systems Auditing: expert CISA 2023
Expertise:
Technology:
- 15 Courses | 13h 4m 53s
- 5 Books | 23h 52m
- 15 Courses | 13h 53m 42s
- 5 Books | 52h 41m
- 19 Courses | 24h 53m 11s
Explore the auditing of information systems, a preventative measure that protects an organization's hardware, data, and other IS assets.
GETTING STARTED
Certified Information Systems Auditor (CISA) 2019: Information System Auditing
-
1m 44s
-
3m 17s
COURSES INCLUDED
IS Auditing
Auditing information systems requires professionals to understand and plan an effective auditing process. Explore the audit function, including best practices for organizing, planning, and resourcing audit activities.
14 videos |
46m
Assessment
Badge
IS Controls
Auditing information systems is key to a successful risk management strategy. Explore the audit function and effective information systems controls frameworks, including COBIT5 and risk analysis.
8 videos |
28m
Assessment
Badge
Performing an Audit
Auditing information systems (ISs) requires a good audit plan and effective execution of that plan. Explore the practical knowledge required for performing an IS audit.
6 videos |
22m
Assessment
Badge
Control Self-assessment (CSA) & Finalizing an Audit
A successful information system audit requires proper assessment and reporting. Explore best practices for finalizing an audit, compiling results, and effectively communicating pertinent outcomes.
19 videos |
58m
Assessment
Badge
Governance, Strategy, Value, & Policies
Information system (IS) audits determine if the organization has an effective governance framework. Explore governance best practices, including IS governance, responsible IT governance committees, and enterprise architecture.
14 videos |
47m
Assessment
Badge
Risk & IT Management
Information system audits examine network infrastructure management controls to determine compliancy. Explore best practices for risk and IT management, including change management, financial management, and human resources management.
9 videos |
39m
Assessment
Badge
IT Governance & Management
IS auditors require skills to assess an organization's overall structure and division of responsibilities. Explore best practices for IT organizational structure, including segregation of duties and contractual commitments.
18 videos |
1h 18m
Assessment
Badge
Benefits, Practices, & Business Application Systems
IS auditing professionals must ensure that IS implementation meets organizational objectives and strategic goals. Explore best practices for IS development, project management, and business application systems best practices.
10 videos |
1h 4m
Assessment
Badge
Development, Maintenance, & Auditing
It's important to ensure your IS implementation meets organizational objectives and strategic goals. Explore IS maintenance practices, system development activities, and application controls auditing.
14 videos |
1h 11m
Assessment
Badge
Information Systems Operations Management
Ensuring your organization has an effective governance framework in place includes managing risks and resources. Explore best practices for IS operations, change management, and IT asset management.
10 videos |
51m
Assessment
Badge
Information Systems Maintenance & Service Management
An effective IS audit should include all aspects of an organization. Explore best practices for IS architecture, software, network infrastructure, and operations auditing activities.
15 videos |
1h 15m
Assessment
Badge
Information Security Management
A key component IS auditing professionals evaluate is an organization's IS management activities. Discover key IS management elements, roles, responsibilities and risk factors, and information security control design best practices.
14 videos |
53m
Assessment
Badge
Protection of Information Assets
A key component IS auditing professionals evaluate is an organization's logical access practices. Explore best practices for identification, authentication, authorization, and confidential information handling activities.
8 videos |
25m
Assessment
Badge
Network Infrastructure Security
IS auditing demands that an organization's policies and procedures protect the confidentiality, integrity, and availability of information assets. Explore network infrastructure security, including LAN, client-server, and wireless security.
12 videos |
53m
Assessment
Badge
Information Asset Security
It is vital that an organization's policies protect all information assets. Explore IS security best practices, including environmental and physical access controls.
20 videos |
1h 8m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Certified Information Systems Auditor (CISA) 2019: Information System Auditing
Discover keys to conducting a successful audit, its driving processes, and its underlying IT solutions in this 15-video course. Examine controls and audit reporting while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how information systems (IS) auditing shows whether IT solutions meet business objectives efficiently and effectively; the expectations of conduct for CISA-certified individuals; and how auditing standards provide guidance for conducting efficient audits. Learn about various types of documentation when preparing an IS audit; how to identify client needs that map to business objectives; and different categories of security controls, including internal business process controls, IT controls, and sampling types. You will learn about control objectives required to secure organizational assets along with the controls themselves; planning for audit funding, personnel, and related items; scheduling audit phases; and how to report serious discoveries, including fraud or serious IT vulnerabilities. Finally, see how to generate audit reports, including existing controls which have passed or failed communication with stakeholders after audit recommendations are reported; and how IS auditing identifies weak security controls.
15 videos |
56m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: IT Management Frameworks
Explore how IT management frameworks provide a structured approach to managing and auditing IT assets and how risk assessments often drive the IS audit in this 11-video course, helping learners prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 11-video course include: how IT governance provides a structured approach to ensuring IT solutions are aligned with business goals, including outsourced tasks; how Control Objectives for Information and Related Technologies (COBIT) can ensure business objectives are met by aligning appropriate IT processes; and how Information Technology Infrastructure Library (ITIL) practices can streamline IT service delivery. Learn how International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards can result in proper IT governance; how risk management can improve business operations; how to map various risk treatments to threats; and how the Business Model for Information Security (BMIS) encompasses information security planning, implementation, and management. Finally, learn how the Information Technology Assurance Framework (ITAF) is an assurance that an audit is done properly; the purpose of IT balanced scorecards; and how to map common framework characteristics to IS audits.
11 videos |
37m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Data Privacy & Risk
In this 14-video course, discover how identifying IT asset risks and applying appropriate data privacy standards helps keep sensitive data from unauthorized entities, while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered course include: how the CIA triad (confidentiality, integrity, and availability) enhances IT security; understanding examples of personally identifiable information (PII) and protected health information (PHI); how General Data Protection Regulation (GDPR) assures data privacy; and how to align data protection policies with GDPR. Then learn how Payment Card Industry Data Security Standard (PCI DSS) protects cardholder information; how to identify network devices with insufficient antimalware protection with the free Spiceworks tool; and how Hypertext Transfer Protocol Secure Health Insurance Portability and Accountability Act (HIPAA) protects sensitive medical information. Next, learn how Federal Risk and Authorization Management Program (FedRAMP) standards secure US Government information systems; how to determine the annualized loss expectancy (ALE) value with an online ALE calculator; and how to scan a network by using Network Mapper (Nmap) to determine which devices are present. Finally, map IT solutions to data privacy requirements.
14 videos |
46m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: IAM & Data Classification
Explore how multifactor authentication (MFA) and role-based access control lessen risks of system compromise and privilege abuse, and how data classification uses tags to organize data, while preparing for the ISACA Certified Information Systems Auditor (CISA) exam in this 16-video course. Key concepts covered include: authentication categories and how authorization follows; how to create Active Directory (AD) users and groups on-premises; and how to create Azure AD users and groups. Learn how MFA enhances security; how to enable MFA for Azure AD users; how to assign built-in Azure roles to AD groups; and how to assign built-in Amazon Web Services (AWS) policies. Next, study the role of identity federation across organizations, including single sign-on (SSO), and learn how resource tagging aids in tracking and granting permissions. Learn to configure shared folder and New Technology File System (NTFS) Windows file system permission, as well as standard Linux file system permissions. Finally, learn to classify Windows Server files with metadata; to use resource and AD attributes to conditionally grant file system permissions; and to create and manage authentication accounts and data tags.
16 videos |
1h 12m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Performance & Management
Efficient delivery of IT systems includes cost reduction and optimized system performance. In this 15-video course, discover how a structured approach for implementing changes and patches can reduce security incidents and downtime, in preparation for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how performance is related to service level agreements (SLAs), and differences between SLAs and operational level agreements; how to establish a baseline of normal performance and monitor performance metrics in Windows and Linux environments; and how to monitor performance metrics in a cloud computing environment. Next, learn how to configure cloud-based alerting; about enterprise change and configuration management procedures and terms such as content management system (CMS), configuration management database (CMDB), and configuration item (CI); and enterprise vulnerability management procedures. Learn how to configure which administrators can manage Group Policy Objects (GPOs); how to configure application deployment centrally with System Center Configuration Manager (SCCM); configure Windows patch deployment centrally with SCCM; how to configure Ubuntu Linux to check for updates; and how to tweak IT system performance and implement controlled changes centrally.
15 videos |
1h 7m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: PKI & Data Protection
Explore how public key infrastructure (PKI) provides a hierarchy of digital security certificates used to secure data and authenticate users and devices and how data are protected with encryption and file integrity verification, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 16-video course include: how cryptography protects data; distinguishing between asymmetric and symmetric encryption; steps in the PKI certificate lifecycle; and how to deploy a private Microsoft CA (certificate authority). Next, learn about configuring customized PKI certificate templates; how Transport Layer Security (TLS) and Internet Protocol Security (IPsec) secure network communications; disabling SSLv3 (secure sockets layer) on clients and servers; and configuring an Internet Information Services (IIS) website with a PKI certificate. Then learn about client PKI certificates for website access; how to protect data at rest with Windows Encrypting File System (EFS); and how to protect data at rest with Windows BitLocker. Finally, learn to use SHA-256 (secure hash algorithm) hashing to verify file integrity; and work with PKI certificates to secure data in transit and at rest.
16 videos |
1h 1m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Virtualization & Cloud
Explore how virtualization provides efficient hardware usage and security boundaries and how cloud computing tracks pooled IT resource usage and charges fees accordingly, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts in this 14-video course include: when to use various virtualization technologies; how to distinguish differences between Type 1 and Type 2 hypervisors; how to install Microsoft Hyper-V hypervisor; and how to configure a Hyper-V virtual network switch. Learn how to create a virtual machine (VM) hosted on Hyper-V; how to secure virtualized environments through dedicated management interfaces, patching, and changing default configurations; and to understand the National Institute of Standards and Technology (NIST) standard characteristics of cloud computing. Next, learn about map cloud service offerings to business needs; cloud-based security solutions such as the Azure Security Center, distributed denial-of-service (DDoS) mitigation, and Azure network security groups; and how to deploy a Windows VM and a Linux VM in the Azure cloud. Finally, learn to identify cloud services that require endpoint security and to map security solutions to use of virtualization and cloud computing.
14 videos |
1h 8m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Digital Asset Protection
Security technicians must determine which security controls most effectively protect assets at a reasonable cost. Explore IT maturity models, and endpoint, Internet of Things (IoT), and mobile device security in this 15-video course. Key concepts covered here include: how IT maturity models provide assessments as to whether technology effectively meets business needs; how to map security hardware and software to the Open Systems Interconnection model (OSI model); and how to enable requirements for complex passwords and user account intruder detection. Next, learn to configure endpoint antimalware policy settings centrally with System Center Configuration Manager (SCCM); how to determine when data loss prevention (DLP) solutions are needed for data privacy; and why IoT devices are generally considered unsecure. Learn to use the shodan.io site to locate vulnerable IoT devices; use techniques such as network isolation and changing default settings to harden IoT and mobile devices; and manually harden an Android smartphone. Finally, learn how to configure SCCM policies to ensure mobile device security compliance and compare OSI Layer 3 and Layer 7 security solutions. This course helps learners prepare for the ISACA Certified Information Systems Auditor (CISA) certification exam.
15 videos |
1h 5m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Data Storage & Malware
Explore the variety of methods through which stored data can be secured and made highly available, despite realization of malware threats, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 16-video course include: distinguishing between data and information how they are secured; how to define the relationship between big data and the value of data analytics; and listing methods of securing a storage area network (SAN). Next, learn to enable password authentication for Internet Small Computer Systems Interface (iSCSI) target access; to recognize common security options available with cloud storage; and to ensure that decommissioned storage media do not contain retrievable data artifacts. You will learn how to deploy Structured Query Language (SQL) Database in the Azure cloud; how to implement a database replication strategy; how to protect data with the Windows backup feature; and how to protect data by backing it up to the cloud. Finally, learn how to identify the various forms of social engineering and the related security risks, and how to implement controls that provide data availability.
16 videos |
1h 5m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: BCP & Network Security
This course addresses why and how organizations must have a Disaster Recovery Plan (DRP), for resiliency in the face of malicious attacks, as well as natural and man-made disasters. The DRP is part of the overall Business Continuity Plan (BCP), which ensures the ongoing functionality of business processes. In this course, you will learn a variety of disaster planning strategies, as well as network security configurations order when planning for business disruptions. Learners will explore the auditing process, and what IS auditors need to consider as the audit objective and the audit scope, and which may include reviewing business continuity plans within the organization. This course identifies common redundant array of independent disks (RAID)-level characteristics, and you will learn how to configure RAID 5 in Windows Server 2016. You will learn how to configure Microsoft Azure cloud computing and SQL database georedundancy. Finally, the course explores numerous network security topics, such as wired and wireless network security and network threat mitigation through configuration of firewalls. This course helps learners prepare for the ISACA Certified Information Systems Auditor (CISA) certification exam.
16 videos |
1h 8m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: System Design & Analysis
This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and you will explore systems planning, testing, integration, and delivery to ensure timely delivery of system changes or entire new solutions for security planning. First, you will explore IT system planning, including the system development life cycle, and learn how technicians can evaluate IT solutions to align with business needs. You will examine how IT solutions will require a feasibility analysis to determine whether those solutions can be used or if a new IT solution must be built. You will see that testing and continuous delivery ensures and maintain the stability and security of the solution. This course covers QA (quality assurance) and why QA needs to be adapted for different organizations, based on compliance with laws and regulations relevant to their business. Finally, this course examines IT solution deployment, including continuous integration and delivery, infrastructure deployment, system migration and data conversion, and how to perform a cloud migration assessment.
16 videos |
58m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Testing & Vulnerability
This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and explores auditor responsibilities such as identifying network and host weaknesses, reporting them to stakeholders, and suggesting recommendations to improve an organization's security. Learn to distinguish between white, black, and gray box testing, and then explore the benefits of periodic scans for identifying vulnerabilities. Learn how to use pen tests, and evaluate environmental and physical security controls. Next, learn how to use Nessus, a free remote security scanning tool. This course demonstrates how to forge TCP (transmission control protocol) network traffic by using the hping3 tool in Kali Linux. This course demonstrates the OWASP (open-source web application security scanner) ZAP (zed attack proxy) tool to identify web app vulnerabilities. You will learn how to secure traffic by using IPSec (internet security protocol), configure a cloud-based jump box, and about honey pots. Next, learn to secure assets with physical controls and the eavesdropping risk of drones. Finally, learners will be able to identify different types of fire suppression systems.
16 videos |
1h 4m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Digital Evidence Gathering
This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, a professional certification that allows information system (IS) auditors to properly follow the IS audit process in risk management. You will learn how to identify assets and threats, hardening IT computing environments, performing IT forensics, and auditing tasks. This course explores the importance of gathering, handling, and storing digital evidence to ensure its admissible in a court of law. Because chain-of-custody laws vary around the world, it is important to know how the evidence was gathered, where it was stored, and who had access to the evidence. Learners will explore digital forensics, chain of custody, order of volatility, and hard disk imaging. You will see a list of common digital forensic hardware and software, and IT component collection as evidence. Finally, this course demonstrates how to use tools in Kali Linux, such as the autopsy forensic browser tool to view user data, and how to retrieve data from an image.
10 videos |
34m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Continuous Monitoring
This course explores the importance of continuously monitoring business processes, and the applicable supporting IT solutions. You will learn how information system (IS) auditing can identify and assist in continuous process improvement. In this course, learners will acquire knowledge of the skills necessary to audit monitoring solutions and business processes. You will explore how to establish baselines to easily detect anomalies. Then learn how to set a baseline for specific systems, like a web server, its normal performance, and the server's normal pattern of network. This course will list various sampling types, such as attribute, variables, and statistical and discovery sampling, which play a role in the audit process. You will learn how to filter logs and enable centralized log collection. Next, explore how to work with optimal settings for packet capturing placement, and for intrusion detection and intrusion prevention systems. This course covers new malware variance, new hardware and software vulnerabilities, as well as other events that impact processes or IT infrastructure, such as the flooding of a data center. This course helps learners prepare for the ISACA Certified Information Systems Auditor (CISA) certification exam.
11 videos |
47m
Assessment
Badge
Certified Information Systems Auditor (CISA) 2019: Scenario-Based Practice
This course explores how to apply the information systems (IS) audit process to ensure adequate risk mitigation for audit planning, security control selection, travelling user vulnerability mitigation, Wi-Fi hardening, and proper PKI (public key infrastructure) key implementation. Learn the importance of having a ISACA CISA (Certified Information Systems Auditor) certification, which indicates you are a professional with the skills necessary as an IT security analyst in performing an IS audit. An IS auditor must have knowledge of the type of business being audited, and need to be able to identify the security posture of an organization within a given specific scenario that falls within the audit scope. When auditing a business, you first look at the type of business, its use of technology, and related security. This course uses real-world business scenarios that include, for example, a marketing company and a financial institution. These scenarios cover how to identify audit planning errors, security control cost effectiveness, determining Wi-Fi weaknesses, determining how keys should be used, and compensating control selection.
8 videos |
21m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
CISA 2022: Information Systems Auditing
Successful organizations implement information systems (IS) auditing, controls, monitoring, and assessments of their IT and business systems. In this course, you will discover the keys to conducting a successful audit. First, you will be introduced to information systems auditing, beginning with an explanation of why we audit. Then you will examine the Information Systems Audit and Control Association (ISACA) code of professional ethics and review IS auditing procedures and ISACA auditing standards. Next, you will explore business procedures and controls, risk-based auditing, and other types of audits. Finally, you will investigate auditing project management, audit planning, audit scheduling, urgent incident discovery, and audit reporting. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
14 videos |
1h 34m
Assessment
Badge
CISA 2022: Auditing, Data Analysis, & Controls
Successful information systems (IS) auditing requires many components and controls, beginning with the nature of a business, its driving processes, and underlying IT solutions. In this course, you will discover auditing, data analysis, and control, beginning with audit findings remediation follow-up, sampling methods, and audit evidence gathering. Then you will explore data analytics and systems auditing, the role of the data analyst, and auditing quality assurance. Next, you will focus on organizational documentation and stakeholder needs. Finally, you will learn about network diagrams, types of security controls, and control objectives and controls. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
13 videos |
1h 12m
Assessment
Badge
CISA 2022: IT Management Frameworks, Regulations, & Standards
IT management frameworks provide a structured approach to managing and auditing IT assets. Regulations and standards are put in place to ensure that organizations have guidelines to follow for how they deal with information systems. In this course, you will explore IT management frameworks, regulations, and standards, beginning with an overview of IT and data governance, and standards, policies, and procedures. Then you will learn about Control Objectives for Information and Related Technologies (COBIT), IT Infrastructure Library (ITIL), and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards. Next, you will discover risk management and risk treatment. Finally, you will dig into IT maturity models, the Business Model for Information Security (BMIS), the Information Technology Assurance Framework (ITAF), and IT balanced scorecards. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
16 videos |
1h 28m
Assessment
Badge
CISA 2022: IT Resources & Monitoring
CISA 2022: Technology resources, service level management, monitoring, and quality management all play crucial roles in information systems management and represent key areas of focus for information system (IS) auditing. In this course, you will explore IT resources and monitoring, beginning with a review of common technology components, IT resource management, service-level management, and service-level agreements. Then you will learn about performance baselines, Windows and Linux performance monitoring, and cloud-based performance monitoring and alerts. Finally, you will discover key aspects of quality management, IT quality management frameworks, and quality management best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
14 videos |
1h 14m
Assessment
Badge
CISA 2022: Projects, Development, & Testing
Project governance, management, system development, and testing play key roles in information systems. In this course, you will begin by exploring project governance and management, project governance best practices, business cases, and feasibility studies. Then, you will dig into system development methodologies and control identification and design. Finally, you will learn about testing methodologies, beginning with an overview of software testing, unit testing, regression testing, acceptance testing, integration testing, performance testing, and fuzzing. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
14 videos |
1h 26m
Assessment
Badge
CISA 2022: Information Systems Management
Effective IT management provides a structured approach to managing and auditing IT assets. It also provides a foundation for auditing, an important feature for information system (IS) auditors. In this course, you will discover key facets of information systems management, beginning with system interfaces and end-user computing. Then you will examine change management, configuration management, and vulnerability management. Finally, you will explore group policy configuration delegation, Microsoft Configuration Manager configuration management, Microsoft Configuration Manager patch deployment, and job scheduling. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
11 videos |
55m
Assessment
Badge
CISA 2022: Information Systems Development & Implementation
Systems planning, testing, integration, and delivery are key elements of ensuring the timely delivery of system changes or entirely novel solutions. In this course, you will explore the phases of the system development life cycle (SDLC) and IT project management. Next, you will examine continuous integration and delivery (CI/CD) and process improvement, including advantages and common methodologies. Then you will discover infrastructure deployment, system migration and data conversion, and cloud migration assessments. Finally, you will learn about the post-implementation review process and post-implementation activities and best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
13 videos |
1h 9m
Assessment
Badge
CISA 2022: Data Privacy
Any IT environment requires a firm understanding of data privacy. Privacy laws and regulations, combined with industry practices, form the basis for effective information protection. In this course, you'll explore data privacy, beginning with the CIA Triad, personally identifiable information (PII), and Protected Health Information (PHI). You will learn about the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), compliance with GDPR and PCI DSS, the Health Insurance Portability and Accountability Act (HIPAA), and Federal Risk and Authorization Management Program (FedRAMP). Finally, you'll dig into assets and risks, annualized loss expectancy (ALE), and network inventories. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
14 videos |
1h 22m
Assessment
Badge
CISA 2022: IAM & Data Classification
Identity and access management (IAM) and data classification play key roles in the protection of access via authentication and authorization. In this course, you'll explore IAM and data classification principles, beginning with authentication and authorization, on-premises IAM, cloud-based IAM, and multi-factor authentication (MFA). Then you'll learn about Azure MFA, Azure Role-based Access Control (RBAC), Amazon Web Services (AWS) RBAC, and Microsoft Entra ID delegated administration. Finally, you'll dig into identify federation, data tagging, file system permissions, File Server Resource Manager (FSRM), and Dynamic Access Control. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
16 videos |
1h 49m
Assessment
Badge
CISA 2022: Securing Networks & IT Assets
In any enterprise information technology environment, network and IT assets must be secured in order to preserve the integrity and legal standing of the organization. In this course, you will discover key aspects of securing networks and IT assets, beginning with network attacks, network threat mitigation, firewalls, and security monitoring and testing. Then you will explore the identification of plaintext network traffic, implementation of a packet filtering firewall, and implementation of a content filtering firewall. Finally, you will learn about physical asset protection, focusing on heating, ventilation, and air conditioning (HVAC) systems, physical security, drones and proximity security, and fire suppression systems. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
13 videos |
1h 44m
Assessment
Badge
CISA 2022: Protecting Information Assets
Information is a primary asset of most organizations today. It has a real value and, if compromised, could have real implications for the enterprise. In this course, you will explore considerations for protecting information assets, beginning with cryptography, asymmetric and symmetric encryption, Windows Encrypting File System, and Windows BitLocker. Then, you will learn about file integrity, the public key infrastructure (PKI) hierarchy, the PKI certificate life cycle, and private certificate authorities (CAs). Finally, you will discover certificate templates, manual certificate issuance, securing network traffic, disabling SSLv3, enabling an HTTPS website, and client Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
16 videos |
1h 24m
Assessment
Badge
CISA 2022: Protecting Digital Assets
Digital asset protection is a key concern for the modern enterprise. As most organizations rely heavily on information systems in their day-to-day operations, protecting these valuable assets is of paramount importance. In this course, you'll learn about digital asset protection principles, beginning with organizational security policies, security and the OSI model, password security, and endpoint security. Then, you'll explore data loss prevention (DLP), Internet of Things (IoT) devices, IoT device vulnerability, and IoT security. Finally, you'll dig into mobile device access control, mobile device hardening, mobile device policies, and malicious app store apps. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
14 videos |
1h 24m
Assessment
Badge
CISA 2022: Virtualization & Cloud Computing
Virtualization is such an important technology today that it is rather surprising that a little more than a decade ago, it was not given much consideration as a practical way of providing cloud-based services. Today, it is difficult to imagine life without virtualization. In this course, you will explore virtualization and cloud computing, beginning with an overview of virtualization technologies, hypervisors, and virtual network switches. Then you will dig into creating a virtual machine and hardening a virtualized environment. Next, you will investigate cloud computing, common cloud service offerings, and cloud security. Finally, you will learn about Windows cloud-based virtual machines, Linux cloud-based virtual machines, and cloud endpoint security. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
14 videos |
1h 21m
Assessment
Badge
CISA 2022: Data Storage & Malware
Data storage and malware get their fair share of attention when considering data, information, and privacy. Rightly so, as they represent key concerns for the security-minded information technology manager. In this course, explore data storage and malware, beginning with an overview of data vs. information, big data and data analytics, and storage area network (SAN) security. Next, learn how to secure an iSCSI SAN and about cloud storage security, storage media disposal, database security, and database availability. Finally, examine data backup and restore strategies, cloud-based data backups, social engineering, and security awareness training. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
17 videos |
1h 50m
Assessment
Badge
CISA 2022: Business Continuity
Downtime has disastrous results, beginning with lost revenues but hardly ending there. Reputation, trust, and confidence all rely on enterprises being able to continue operating in the event of a disaster, natural or otherwise. In this course, you'll explore aspects of business continuity, beginning with high availability, business continuity, and business impact analysis (BIA), disaster recovery plans (DRPs), and business continuity plans (BCPs). Then you'll dig into incident response plans (IRPs), alternate recovery sites, and Redundant Arrays of Independent Disks (RAID). Finally, you'll learn about RAID configuration and data replication across regions. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
10 videos |
59m
Assessment
Badge
CISA 2022: System Development & Vulnerability Testing
Systems development and vulnerability testing often go hand in hand to ensure the timely delivery of system changes or entire new solutions. In this course, you'll learn about system development and vulnerability testing, beginning with secure coding, security testing types, vulnerability scanning, and how to perform a vulnerability scan. Then you'll explore comparing network scans, penetration testing, packet forgery, and web application vulnerability scans. Finally, you'll dig into IPsec network traffic, jump boxes, and honeypots. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
13 videos |
1h 12m
Assessment
Badge
CISA 2022: Digital Evidence Gathering
When conducting an audit, the collection of evidence is imperative in order to properly and completely evaluate an information system. Appropriate care must be taken when gathering, handling, and storing digital evidence so that it remains admissible in a court of law. In this course, you'll explore the principles of digital evidence gathering, beginning with digital forensics, digital forensics hardware, and digital forensics software. Then, you'll dig into order of volatility, chain of custody, and forensic data browsing. Finally, you'll learn about forensic file recovery and hard disk imaging. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
10 videos |
54m
Assessment
Badge
CISA 2022: Continuous Monitoring
Enterprise systems have continuous monitoring needs, of both business processes and supporting IT solutions. Information systems (IS) auditing can identify where improvements can be made. In this course, you will explore continuous monitoring, beginning with an overview of continuous monitoring, business processes, and sampling types. Then you will discover how to filter Windows logs and forward Linux logs. Next, you will focus on packet capturing placement and analysis. Finally, you will dig into security information and event management (SIEM), intrusion detection systems (IDSs), and intrusion prevention systems (IPSs). This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
11 videos |
1h 6m
Assessment
Badge
CISA 2022: Auditing Scenarios
IT technicians and managers are responsible for the safety of IT processing systems and sensitive data. Information system audit processes, if applied effectively, can ensure adequate risk mitigation. In this course, you will explore auditing scenarios, beginning with IT key performance indicators (KPIs), audit planning, and security control cost-effectiveness. Then, you'll learn how to determine Wi-Fi weakness and secure traveling users. Finally, you'll dig into key usage and compensating control selection. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).
9 videos |
39m
Assessment
Badge
SHOW MORE
FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.BOOKS INCLUDED
Book
Fundamentals of Information Risk Management Auditing: An Introduction for Managers and AuditorsProviding insight into information risk management auditing for those considering a career in information risk management, and an introduction for non-specialists, such as those managing technical specialists, this book discusses the risks and controls that you may encounter when performing an audit of information risk, together with suggested mitigation approaches based on those risks and controls.
1h 32m
By Christopher Wright
Book
Auditor's Guide to Information Systems AuditingEmphasizing the practical implementation of principles and techniques through the use of realistic case studies, this book was written for those who need to gain a working knowledge of the risks and control opportunities within an IP environment.
6h 41m
By Richard E. Cascarino
Book
Understanding and Conducting Information Systems AuditingFeaturing examples that are globally applicable, this accessible, non-technical guide covers all major standards and presents information systems as a management tool with practical applications.
4h 13m
By Arif Ahmed, Veena Hingarh
Book
The Basics of IT Audit: Purposes, Processes, and Practical InformationIT auditing occurs in some form in virtually every organization, private or public, large or small. Packed with specific examples, this book gives insight into the auditing process and explains regulations and standards such as the ISO-27000, series program, CoBIT, ITIL, Sarbanes-Oxley, and HIPPA.
5h 8m
By Stephen D. Gantz
Book
Data Analytics for Internal AuditorsProviding a reference guide for IT and Internal Auditors as well as Fraud Examiners, this book presents information written from the practitioner's viewpoint covering not only the need and the theory, but a practical hands-on approach to conducting data analytics.
6h 18m
By Richard E. Cascarino
SHOW MORE
FREE ACCESS
BOOKS INCLUDED
Book
CISA Certified Information Systems Auditor All-in-One Exam Guide, Third EditionCovering all five exam domains developed by the Information Systems Audit and Control Association (ISACA), this effective self-study system features learning objectives at the beginning of each chapter, in-depth explanations of each topic, and accurate practice questions.
15h 12m
By Peter H. Gregory
Book
CISA: Certified Information Systems Auditor Study Guide, Fourth EditionIncluding chapter summary highlights and review questions to help you gauge your understanding of the material, this complete resource provides guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples.
14h 18m
By Allen Keele, Brian T. O'Hara, David Cannon
Book
IT Auditing: Using Controls to Protect Information Assets, Third EditionFully updated to cover leading-edge tools and technologies, this in-depth resource explains, step by step, how to implement a successful, enterprise-wide IT audit program.
12h 17m
By Brian Wrozek, Chris Davis, Mike Kegerreis, Mike Schiller
Book
Understanding and Conducting Information Systems AuditingFeaturing examples that are globally applicable, this accessible, non-technical guide covers all major standards and presents information systems as a management tool with practical applications.
4h 13m
By Arif Ahmed, Veena Hingarh
Book
Auditor's Guide to Information Systems AuditingEmphasizing the practical implementation of principles and techniques through the use of realistic case studies, this book was written for those who need to gain a working knowledge of the risks and control opportunities within an IP environment.
6h 41m
By Richard E. Cascarino
SHOW MORE
FREE ACCESS