Certified Information Systems Auditor (CISA) 2019: Testing & Vulnerability

Expert
  • 16 videos | 1h 4m 15s
  • Includes Assessment
  • Earns a Badge
Rating 4.8 of 61 users Rating 4.8 of 61 users (61)
This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and explores auditor responsibilities such as identifying network and host weaknesses, reporting them to stakeholders, and suggesting recommendations to improve an organization's security. Learn to distinguish between white, black, and gray box testing, and then explore the benefits of periodic scans for identifying vulnerabilities. Learn how to use pen tests, and evaluate environmental and physical security controls. Next, learn how to use Nessus, a free remote security scanning tool. This course demonstrates how to forge TCP (transmission control protocol) network traffic by using the hping3 tool in Kali Linux. This course demonstrates the OWASP (open-source web application security scanner) ZAP (zed attack proxy) tool to identify web app vulnerabilities. You will learn how to secure traffic by using IPSec (internet security protocol), configure a cloud-based jump box, and about honey pots. Next, learn to secure assets with physical controls and the eavesdropping risk of drones. Finally, learners will be able to identify different types of fire suppression systems.

WHAT YOU WILL LEARN

  • Discover the subject areas covered in this course
    Distinguish between white, gray, and black-box testing
    Recall the benefits of periodic vulnerability scans and awareness of cves
    Use the free nessus tool to execute a vulnerability scan
    Compare baseline and current network scans to identify changes
    Describe the pen test procedure from reconnaissance to exploiting vulnerabilities
    Forge network traffic using hping3 in kali linux
    Use owasp zap to scan a web site for vulnerabilities
  • Analyze ipsec network traffic
    Configure a cloud-based jump box to allow access to internal hosts
    Recognize where honeypots can be used to monitor malicious traffic
    Consider potential business process risks related to heating, ventilation, and air conditioning
    Describe methods of securing assets using physical controls
    Describe how drones can present eavesdropping and other risks
    Identify different types of fire suppression
    Differentiate between vulnerability and penetration testing, describe the purpose of a jump box, list physical security examples, and perform a non-credentialed vulnerability scan

IN THIS COURSE

  • 2m 44s
  • 4m 12s
    In this video, you will learn how to distinguish between white, gray, and black-box testing. FREE ACCESS
  • Locked
    3.  Vulnerability Scanning
    3m 36s
    After completing this video, you will be able to recall the benefits of periodic vulnerability scans and awareness of CVEs. FREE ACCESS
  • Locked
    4.  Performing a Vulnerability Scan
    6m 12s
    In this video, find out how to use the free Nessus tool to conduct a vulnerability scan. FREE ACCESS
  • Locked
    5.  Network Scan Comparison
    2m 32s
    In this video, you will learn how to compare baseline and current network scans to identify changes. FREE ACCESS
  • Locked
    6.  Penetration Testing
    3m 31s
    Upon completion of this video, you will be able to describe the pen test procedure from reconnaissance to exploitation of vulnerabilities. FREE ACCESS
  • Locked
    7.  Packet Forgery
    3m 38s
    During this video, you will learn how to create network traffic using hping3 in Kali Linux. FREE ACCESS
  • Locked
    8.  Web Application Vulnerability Scan
    3m 40s
    In this video, find out how to use OWASP ZAP to scan a web site for vulnerabilities. FREE ACCESS
  • Locked
    9.  IPsec Network Traffic
    5m 26s
    Learn how to analyze IPsec network traffic. FREE ACCESS
  • Locked
    10.  Jump Boxes
    5m 2s
    During this video, you will learn how to configure a cloud-based jump box to allow access to internal hosts. FREE ACCESS
  • Locked
    11.  Honeypots
    3m 41s
    After completing this video, you will be able to recognize where honeypots can be used to monitor malicious traffic. FREE ACCESS
  • Locked
    12.  HVAC
    3m 6s
    In this video, learn how to consider potential risks to your business processes related to heating, ventilation, and air conditioning. FREE ACCESS
  • Locked
    13.  Physical Security
    5m 9s
    After completing this video, you will be able to describe methods of securing assets using physical controls. FREE ACCESS
  • Locked
    14.  Drones and Proximity Security
    5m 26s
    Upon completion of this video, you will be able to describe how drones can present risks such as eavesdropping. FREE ACCESS
  • Locked
    15.  Fire Suppression Systems
    2m 38s
    In this video, learn how to identify different types of fire suppression systems. FREE ACCESS
  • Locked
    16.  Exercise: Host and Network Weaknesses
    3m 40s
    Find out how to differentiate between vulnerability and penetration testing, describe the purpose of a jump box, list physical security examples, and perform a non-credentialed vulnerability scan. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Certified in Cybersecurity (CC): Core Security Principles & Risk Management
Rating 4.7 of 266 users Rating 4.7 of 266 users (266)
Course Certified in Cybersecurity (CC): Security Governance, Policies, & Controls
Rating 4.6 of 123 users Rating 4.6 of 123 users (123)
Course CCSP 2022: Operational Controls & Standards
Rating 4.5 of 84 users Rating 4.5 of 84 users (84)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Certified Information Systems Auditor (CISA) 2019: BCP & Network Security
Rating 4.7 of 37 users Rating 4.7 of 37 users (37)
Course CISM 2022: Data Privacy
Rating 4.9 of 13 users Rating 4.9 of 13 users (13)
Course Certified Information Systems Auditor (CISA) 2019: IAM & Data Classification
Rating 4.4 of 96 users Rating 4.4 of 96 users (96)